Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

firmitas: remove deployment, work carried out inside cronjob instead

Browse source 
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
This commit is contained in:
David Kirwan 2024-10-31 10:08:59 +00:00
parent e77961d36b
commit 23a07fbcaa
No known key found for this signature in database
GPG key ID: A5893AB6474AC37D
2 changed files with 29 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
roles/openshift-apps/firmitas/tasks/main.yml
View file

@ -11,4 +11,4 @@
- include_tasks: create-imagestream.yml - include_tasks: create-imagestream.yml
- include_tasks: create-buildconfig.yml - include_tasks: create-buildconfig.yml
- include_tasks: create-cronjob.yml - include_tasks: create-cronjob.yml
- include_tasks: create-deployment.yml # - include_tasks: create-deployment.yml

36
roles/openshift-apps/firmitas/templates/cronjob.yml
View file

@ -5,7 +5,7 @@ metadata:
name: "{{firmitas_application_name}}" name: "{{firmitas_application_name}}"
namespace: "{{firmitas_namespace}}" namespace: "{{firmitas_namespace}}"
spec: spec:
schedule: "*/1 * * * *" schedule: "*/2 * * * *"
timeZone: Etc/UTC timeZone: Etc/UTC
concurrencyPolicy: "Replace" concurrencyPolicy: "Replace"
startingDeadlineSeconds: 200 startingDeadlineSeconds: 200
@ -19,16 +19,35 @@ spec:
labels: labels:
parent: "cronjob-certdownloader" parent: "cronjob-certdownloader"
spec: spec:
initContainers:
- name: init-container
image: "{{ firmitas_image }}"
command: ["sh", "/etc/firmitas/download_certificates.sh"]
containers: containers:
- image: "{{ firmitas_image }}" - image: "{{ firmitas_image }}"
name: "{{ firmitas_application_name }}" name: "{{ firmitas_application_name }}"
command: ["sh", "/etc/firmitas/download_certificates.sh"] env:
restartPolicy: OnFailure - name: FIRMITAS_CONFIG
volumeMounts: value: "/tmp/firmitas/conf/myconfig.py"
- name: "{{ firmitas_application_name }}-configuration-secret-volume" command: ["firmitas"]
mountPath: "/tmp/firmitas/conf/" args: ["--conffile", "/tmp/firmitas/conf/myconfig.py"]
- name: "{{ firmitas_application_name }}-volume" securityContext:
mountPath: "/tmp/firmitas/" allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
resources:
limits:
cpu: 100m
memory: 1024Mi
requests:
cpu: 10m
memory: 256Mi
volumeMounts:
- name: "{{ firmitas_application_name }}-configuration-secret-volume"
mountPath: "/tmp/firmitas/conf/"
- name: "{{ firmitas_application_name }}-volume"
mountPath: "/tmp/firmitas/"
volumes: volumes:
- name: "{{ firmitas_application_name }}-configuration-secret-volume" - name: "{{ firmitas_application_name }}-configuration-secret-volume"
secret: secret:
@ -36,3 +55,4 @@ spec:
- name: "{{ firmitas_application_name }}-volume" - name: "{{ firmitas_application_name }}-volume"
persistentVolumeClaim: persistentVolumeClaim:
claimName: "firmitas-volume" claimName: "firmitas-volume"
terminationGracePeriodSeconds: 10