github.com/kyma-project/kyma-environment-broker@v0.0.1/resources/kcp/charts/kyma-environment-broker/templates/trial-cleanup-job.yaml (about) 1 apiVersion: batch/v1 2 kind: CronJob 3 metadata: 4 name: trial-cleanup-job 5 spec: 6 jobTemplate: 7 metadata: 8 name: trial-cleanup-job 9 annotations: 10 argocd.argoproj.io/sync-options: Prune=false 11 spec: 12 template: 13 spec: 14 serviceAccountName: {{ .Values.global.kyma_environment_broker.serviceAccountName }} 15 shareProcessNamespace: true 16 {{- with .Values.deployment.securityContext }} 17 securityContext: 18 {{ toYaml . | nindent 12 }} 19 {{- end }} 20 restartPolicy: Never 21 containers: 22 - image: "{{ .Values.global.images.container_registry.path }}/{{ .Values.global.images.kyma_environment_trial_cleanup_job.dir }}kyma-environment-trial-cleanup-job:{{ .Values.global.images.kyma_environment_trial_cleanup_job.version }}" 23 name: trial-cleanup-job 24 env: 25 {{if eq .Values.global.database.embedded.enabled true}} 26 - name: DATABASE_EMBEDDED 27 value: "true" 28 {{end}} 29 {{if eq .Values.global.database.embedded.enabled false}} 30 - name: DATABASE_EMBEDDED 31 value: "false" 32 {{end}} 33 - name: APP_DRY_RUN 34 value: "{{ .Values.trialCleanup.dryRun }}" 35 - name: APP_EXPIRATION_PERIOD 36 value: "{{ .Values.trialCleanup.expirationPeriod }}" 37 - name: APP_DATABASE_SECRET_KEY 38 valueFrom: 39 secretKeyRef: 40 name: "{{ .Values.global.database.managedGCP.encryptionSecretName }}" 41 key: secretKey 42 optional: true 43 - name: APP_DATABASE_USER 44 valueFrom: 45 secretKeyRef: 46 name: kcp-postgresql 47 key: postgresql-broker-username 48 - name: APP_DATABASE_PASSWORD 49 valueFrom: 50 secretKeyRef: 51 name: kcp-postgresql 52 key: postgresql-broker-password 53 - name: APP_DATABASE_HOST 54 valueFrom: 55 secretKeyRef: 56 name: kcp-postgresql 57 key: postgresql-serviceName 58 - name: APP_DATABASE_PORT 59 valueFrom: 60 secretKeyRef: 61 name: kcp-postgresql 62 key: postgresql-servicePort 63 - name: APP_DATABASE_NAME 64 valueFrom: 65 secretKeyRef: 66 name: kcp-postgresql 67 key: postgresql-broker-db-name 68 - name: APP_DATABASE_SSLMODE 69 valueFrom: 70 secretKeyRef: 71 name: kcp-postgresql 72 key: postgresql-sslMode 73 - name: APP_DATABASE_SSLROOTCERT 74 value: /secrets/cloudsql-sslrootcert/server-ca.pem 75 - name: APP_BROKER_URL 76 value: "http://{{ include "kyma-env-broker.fullname" . }}" 77 command: 78 - "/bin/main" 79 volumeMounts: 80 {{- if and (eq .Values.global.database.embedded.enabled false) (eq .Values.global.database.cloudsqlproxy.enabled false)}} 81 - name: cloudsql-sslrootcert 82 mountPath: /secrets/cloudsql-sslrootcert 83 readOnly: true 84 {{- end}} 85 {{- if and (eq .Values.global.database.embedded.enabled false) (eq .Values.global.database.cloudsqlproxy.enabled true)}} 86 - name: cloudsql-proxy 87 image: {{ .Values.global.images.cloudsql_proxy_image }} 88 {{- if .Values.global.database.cloudsqlproxy.workloadIdentity.enabled }} 89 command: ["/cloud_sql_proxy", 90 "-instances={{ .Values.global.database.managedGCP.instanceConnectionName }}=tcp:5432"] 91 {{- else }} 92 command: ["/cloud_sql_proxy", 93 "-instances={{ .Values.global.database.managedGCP.instanceConnectionName }}=tcp:5432", 94 "-credential_file=/secrets/cloudsql-instance-credentials/credentials.json"] 95 volumeMounts: 96 - name: cloudsql-instance-credentials 97 mountPath: /secrets/cloudsql-instance-credentials 98 readOnly: true 99 {{- end }} 100 {{- with .Values.deployment.securityContext }} 101 securityContext: 102 {{ toYaml . | nindent 16 }} 103 {{- end }} 104 {{- end}} 105 volumes: 106 {{- if and (eq .Values.global.database.embedded.enabled false) (eq .Values.global.database.cloudsqlproxy.enabled true) (eq .Values.global.database.cloudsqlproxy.workloadIdentity.enabled false)}} 107 - name: cloudsql-instance-credentials 108 secret: 109 secretName: cloudsql-instance-credentials 110 {{- end}} 111 {{- if and (eq .Values.global.database.embedded.enabled false) (eq .Values.global.database.cloudsqlproxy.enabled false)}} 112 - name: cloudsql-sslrootcert 113 secret: 114 secretName: kcp-postgresql 115 items: 116 - key: postgresql-sslRootCert 117 path: server-ca.pem 118 optional: true 119 {{- end}} 120 schedule: "{{ .Values.trialCleanup.schedule }}"