github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context-k129.yml

github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context-k129.yml (about)

     1  apiVersion: batch/v1
     2  kind: Job
     3  metadata:
     4    generation: 1
     5    labels:
     6      batch.kubernetes.io/job-name: restore-job-restore-pvc-sec-context
     7      job-name: restore-job-restore-pvc-sec-context
     8    name: restore-job-restore-pvc-sec-context
     9    ownerReferences:
    10      - controller: true
    11        kind: PerconaXtraDBClusterRestore
    12        name: restore-pvc
    13  spec:
    14    backoffLimit: 4
    15    completionMode: NonIndexed
    16    completions: 1
    17    manualSelector: false
    18    parallelism: 1
    19    podReplacementPolicy: TerminatingOrFailed
    20    selector:
    21      matchLabels: {}
    22    suspend: false
    23    template:
    24      metadata:
    25        annotations:
    26          openshift.io/scc: privileged
    27        labels:
    28          batch.kubernetes.io/job-name: restore-job-restore-pvc-sec-context
    29          job-name: restore-job-restore-pvc-sec-context
    30      spec:
    31        containers:
    32          - command:
    33              - recovery-pvc-joiner.sh
    34            env:
    35              - name: RESTORE_SRC_SERVICE
    36                value: restore-src-restore-pvc-sec-context
    37              - name: XB_USE_MEMORY
    38                value: 100MB
    39            imagePullPolicy: Always
    40            name: xtrabackup
    41            resources: {}
    42            securityContext:
    43              privileged: true
    44            terminationMessagePath: /dev/termination-log
    45            terminationMessagePolicy: File
    46            volumeMounts:
    47              - mountPath: /datadir
    48                name: datadir
    49              - mountPath: /etc/mysql/vault-keyring-secret
    50                name: vault-keyring-secret
    51              - mountPath: /etc/mysql/ssl
    52                name: ssl
    53              - mountPath: /etc/mysql/ssl-internal
    54                name: ssl-internal
    55        dnsPolicy: ClusterFirst
    56        restartPolicy: Never
    57        schedulerName: default-scheduler
    58        securityContext:
    59          fsGroup: 1001
    60          runAsUser: 1001
    61          supplementalGroups:
    62            - 1001
    63        serviceAccount: percona-xtradb-cluster-operator-workload
    64        serviceAccountName: percona-xtradb-cluster-operator-workload
    65        terminationGracePeriodSeconds: 30
    66        topologySpreadConstraints:
    67          - maxSkew: 1
    68            topologyKey: kubernetes.io/hostname
    69            whenUnsatisfiable: ScheduleAnyway
    70        volumes:
    71          - name: datadir
    72            persistentVolumeClaim:
    73              claimName: datadir-sec-context-pxc-0
    74          - name: vault-keyring-secret
    75            secret:
    76              defaultMode: 420
    77              optional: true
    78              secretName: sec-context-vault
    79          - name: ssl-internal
    80            secret:
    81              defaultMode: 420
    82              optional: true
    83              secretName: some-name-ssl-internal
    84          - name: ssl
    85            secret:
    86              defaultMode: 420
    87              optional: false
    88              secretName: some-name-ssl