firmitas: add cronjob to download certs
Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
This commit is contained in:
parent
e06aa414e5
commit
293d4d65d4
4 changed files with 51 additions and 2 deletions
15
roles/openshift-apps/firmitas/tasks/create-cronjob.yml
Normal file
15
roles/openshift-apps/firmitas/tasks/create-cronjob.yml
Normal file
|
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
# generate the templates for project to be created
|
||||||
|
- name: create the cronjob template
|
||||||
|
template:
|
||||||
|
src: "cronjob.yml"
|
||||||
|
dest: "/root/ocp4/openshift-apps/firmitas/cronjob.yml"
|
||||||
|
mode: 0770
|
||||||
|
|
||||||
|
# apply created openshift resources
|
||||||
|
- name: oc apply resources
|
||||||
|
command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/firmitas/cronjob.yml"
|
||||||
|
retries: 3
|
||||||
|
delay: 5
|
||||||
|
register: cronjob_result
|
||||||
|
until: cronjob_result.rc == 0
|
||||||
|
|
@ -10,4 +10,5 @@
|
||||||
- include_tasks: create-persistent-volume-claim.yml
|
- include_tasks: create-persistent-volume-claim.yml
|
||||||
- include_tasks: create-imagestream.yml
|
- include_tasks: create-imagestream.yml
|
||||||
- include_tasks: create-buildconfig.yml
|
- include_tasks: create-buildconfig.yml
|
||||||
|
- include_tasks: create-cronjob.yml
|
||||||
- include_tasks: create-deployment.yml
|
- include_tasks: create-deployment.yml
|
||||||
|
|
|
||||||
33
roles/openshift-apps/firmitas/templates/cronjob.yml
Normal file
33
roles/openshift-apps/firmitas/templates/cronjob.yml
Normal file
|
|
@ -0,0 +1,33 @@
|
||||||
|
---
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: CronJob
|
||||||
|
metadata:
|
||||||
|
name: "{{firmitas_application_name}}"
|
||||||
|
namespace: "{{firmitas_namespace}}"
|
||||||
|
spec:
|
||||||
|
schedule: "*/1 * * * *"
|
||||||
|
timeZone: Etc/UTC
|
||||||
|
concurrencyPolicy: "Replace"
|
||||||
|
startingDeadlineSeconds: 200
|
||||||
|
suspend: true
|
||||||
|
successfulJobsHistoryLimit: 3
|
||||||
|
failedJobsHistoryLimit: 1
|
||||||
|
jobTemplate:
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
parent: "cronjob-certdownloader"
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- image: "{{ firmitas_image }}"
|
||||||
|
name: "{{ firmitas_application_name }}"
|
||||||
|
command: ["sh", "download_certificates.sh"]
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
volumeMounts:
|
||||||
|
- name: "{{ firmitas_application_name }}-configuration-secret-volume"
|
||||||
|
mountPath: "/etc/firmitas/"
|
||||||
|
volumes:
|
||||||
|
- name: "{{ firmitas_application_name }}-configuration-secret-volume"
|
||||||
|
secret:
|
||||||
|
secretName: "{{ firmitas_application_name }}-configuration-secret"
|
||||||
|
|
@ -56,10 +56,10 @@ Variables related to probing
|
||||||
"""
|
"""
|
||||||
|
|
||||||
# The location of the X.509 standard TLS certificates
|
# The location of the X.509 standard TLS certificates
|
||||||
certloca = "/etc/firmitas/certs/" # noqa : S108
|
certloca = "/etc/firmitas/{{ (env == 'staging')|ternary('certificates/staging', 'certificates/production') }}" # noqa : S108
|
||||||
|
|
||||||
# The location of the service hostnames and maintainers map
|
# The location of the service hostnames and maintainers map
|
||||||
hostloca = "/etc/firmitas/certlist.yml" # noqa: S108
|
hostloca = "/etc/firmitas/{{ (env == 'staging')|ternary('certificates/staging/staging_certlist.txt', 'certificates/production/production_certlist.txt') }}" # noqa: S108
|
||||||
|
|
||||||
"""
|
"""
|
||||||
Variables related to logging
|
Variables related to logging
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue