-
Notifications
You must be signed in to change notification settings - Fork 35
/
Copy pathcronjob-proc-email.yaml
101 lines (101 loc) · 4.16 KB
/
cronjob-proc-email.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
{{- if .Values.cronJobEmail.enabled }}
{{- $type := "cron" -}}
{{- $action := "proc-email" -}}
{{- $Name := include "passbolt-library.fullname" . -}}
{{- $fullName := printf "%s-%s-%s" $Name $type $action -}}
apiVersion: batch/v1
kind: CronJob
metadata:
name: {{ $fullName }}
labels:
{{- include "passbolt-library.labels" . | nindent 4 }}
{{- include "passbolt-library.typelabels" (dict "action" $action "type" $type) | nindent 4 }}
spec:
schedule: {{ .Values.cronJobEmail.schedule | quote }}
concurrencyPolicy: {{ .Values.cronJobEmail.concurrencyPolicy | default "Replace" }}
jobTemplate:
spec:
template:
metadata:
labels:
{{- include "passbolt-library.typelabels" (dict "action" $action "type" $type) | nindent 12 }}
{{- with .Values.cronJobEmail.extraPodLabels }}
{{- toYaml . | nindent 12 }}
{{- end }}
spec:
{{- include "passbolt.pullSecrets" ( dict "images" (list .Values.imagePullSecrets ) "global" .Values.global) | nindent 10 }}
serviceAccountName: {{ $Name }}-sa-common
restartPolicy: OnFailure
securityContext:
runAsUser: 33
fsGroup: 33
containers:
- name: proc-email
image: {{ include "passbolt.image" (dict "imageRoot" .Values.app.image "global" .Values.global) }}
imagePullPolicy: {{ .Values.app.image.pullPolicy }}
command:
- "/bin/bash"
args:
- "-c"
- |
sleep 10
echo "Sending emails" \
&& bin/cron \
&& touch /tmp/pod/success
env:
- name: DATASOURCES_DEFAULT_HOST
value: {{ include "passbolt.databaseServiceName" . }}
{{- with .Values.passboltEnv.extraEnv }}
{{- toYaml . | nindent 16 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ default (printf "%s-cm-env" $Name) .Values.passboltEnv.configMapName }}
- secretRef:
name: {{ default (printf "%s-sec-env" $Name) .Values.passboltEnv.secretName }}
{{- with .Values.passboltEnv.extraEnvFrom }}
{{- toYaml . | nindent 16 }}
{{- end }}
volumeMounts:
- name: vol-success
mountPath: /tmp/pod
- name: sec-gpg
mountPath: {{ .Values.gpgPath }}
readOnly: true
{{- if .Values.app.cache.redis.sentinelProxy.enabled }}
- name: redisproxy
image: {{ include "passbolt.image" (dict "imageRoot" .Values.app.cache.redis.sentinelProxy.image "global" .Values.global) }}
imagePullPolicy: {{ .Values.app.cache.redis.sentinelProxy.pullPolicy }}
command:
- "/bin/bash"
args:
- "-c"
- |
haproxy -f /usr/local/etc/haproxy/haproxy.cfg &
REDIS_PROXY_PID=$?
while true; do if [ -f "/tmp/pod/success" ]; then kill $REDIS_PROXY_PID; sleep 5; exit 0; fi; done
volumeMounts:
- name: vol-success
mountPath: /tmp/pod
- mountPath: "/usr/local/etc/haproxy/haproxy.cfg"
subPath: haproxy.cfg
name: sec-redis-proxy
readOnly: true
resources:
{{- toYaml .Values.redisProxyResources | nindent 16 }}
{{- end }}
{{- if .Values.app.extraContainers }}
{{- toYaml .Values.app.extraContainers | nindent 12 }}
{{- end }}
volumes:
- name: vol-success
emptyDir: {}
- name: sec-gpg
secret:
secretName: {{ include "passbolt.gpg.secretName" ( dict "name" $Name "Values" $.Values ) }}
{{- if .Values.app.cache.redis.sentinelProxy.enabled }}
- name: sec-redis-proxy
secret:
secretName: {{ $Name }}-sec-redis-proxy
{{- end -}}
{{- end -}}