github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context-k127.yml

github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context-k127.yml (about)

     1  apiVersion: batch/v1
     2  kind: Job
     3  metadata:
     4    generation: 1
     5    labels:
     6      batch.kubernetes.io/job-name: restore-job-restore-pvc-sec-context
     7      job-name: restore-job-restore-pvc-sec-context
     8    name: restore-job-restore-pvc-sec-context
     9    ownerReferences:
    10      - controller: true
    11        kind: PerconaXtraDBClusterRestore
    12        name: restore-pvc
    13  spec:
    14    backoffLimit: 4
    15    completionMode: NonIndexed
    16    completions: 1
    17    parallelism: 1
    18    selector:
    19      matchLabels: {}
    20    suspend: false
    21    template:
    22      metadata:
    23        annotations:
    24          openshift.io/scc: privileged
    25        labels:
    26          batch.kubernetes.io/job-name: restore-job-restore-pvc-sec-context
    27          job-name: restore-job-restore-pvc-sec-context
    28      spec:
    29        containers:
    30          - command:
    31              - recovery-pvc-joiner.sh
    32            env:
    33              - name: RESTORE_SRC_SERVICE
    34                value: restore-src-restore-pvc-sec-context
    35              - name: XB_USE_MEMORY
    36                value: 100MB
    37            imagePullPolicy: Always
    38            name: xtrabackup
    39            resources: {}
    40            securityContext:
    41              privileged: true
    42            terminationMessagePath: /dev/termination-log
    43            terminationMessagePolicy: File
    44            volumeMounts:
    45              - mountPath: /datadir
    46                name: datadir
    47              - mountPath: /etc/mysql/vault-keyring-secret
    48                name: vault-keyring-secret
    49              - mountPath: /etc/mysql/ssl
    50                name: ssl
    51              - mountPath: /etc/mysql/ssl-internal
    52                name: ssl-internal
    53        dnsPolicy: ClusterFirst
    54        restartPolicy: Never
    55        schedulerName: default-scheduler
    56        securityContext:
    57          fsGroup: 1001
    58          runAsUser: 1001
    59          supplementalGroups:
    60            - 1001
    61        serviceAccount: percona-xtradb-cluster-operator-workload
    62        serviceAccountName: percona-xtradb-cluster-operator-workload
    63        terminationGracePeriodSeconds: 30
    64        topologySpreadConstraints:
    65          - maxSkew: 1
    66            topologyKey: kubernetes.io/hostname
    67            whenUnsatisfiable: ScheduleAnyway
    68        volumes:
    69          - name: datadir
    70            persistentVolumeClaim:
    71              claimName: datadir-sec-context-pxc-0
    72          - name: vault-keyring-secret
    73            secret:
    74              defaultMode: 420
    75              optional: true
    76              secretName: sec-context-vault
    77          - name: ssl-internal
    78            secret:
    79              defaultMode: 420
    80              optional: true
    81              secretName: some-name-ssl-internal
    82          - name: ssl
    83            secret:
    84              defaultMode: 420
    85              optional: false
    86              secretName: some-name-ssl