github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context.yml

github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context.yml (about)

     1  apiVersion: batch/v1
     2  kind: Job
     3  metadata:
     4    generation: 1
     5    labels:
     6      job-name: restore-job-restore-pvc-sec-context
     7    name: restore-job-restore-pvc-sec-context
     8    ownerReferences:
     9      - controller: true
    10        kind: PerconaXtraDBClusterRestore
    11        name: restore-pvc
    12  spec:
    13    backoffLimit: 4
    14    completionMode: NonIndexed
    15    completions: 1
    16    parallelism: 1
    17    selector:
    18      matchLabels: {}
    19    suspend: false
    20    template:
    21      metadata:
    22        annotations:
    23          openshift.io/scc: privileged
    24        labels:
    25          job-name: restore-job-restore-pvc-sec-context
    26      spec:
    27        containers:
    28          - command:
    29              - recovery-pvc-joiner.sh
    30            env:
    31              - name: RESTORE_SRC_SERVICE
    32                value: restore-src-restore-pvc-sec-context
    33              - name: XB_USE_MEMORY
    34                value: 100MB
    35            imagePullPolicy: Always
    36            name: xtrabackup
    37            resources: {}
    38            securityContext:
    39              privileged: true
    40            terminationMessagePath: /dev/termination-log
    41            terminationMessagePolicy: File
    42            volumeMounts:
    43              - mountPath: /datadir
    44                name: datadir
    45              - mountPath: /etc/mysql/vault-keyring-secret
    46                name: vault-keyring-secret
    47              - mountPath: /etc/mysql/ssl
    48                name: ssl
    49              - mountPath: /etc/mysql/ssl-internal
    50                name: ssl-internal
    51        dnsPolicy: ClusterFirst
    52        restartPolicy: Never
    53        schedulerName: default-scheduler
    54        securityContext:
    55          fsGroup: 1001
    56          runAsUser: 1001
    57          supplementalGroups:
    58            - 1001
    59        serviceAccount: percona-xtradb-cluster-operator-workload
    60        serviceAccountName: percona-xtradb-cluster-operator-workload
    61        terminationGracePeriodSeconds: 30
    62        topologySpreadConstraints:
    63          - maxSkew: 1
    64            topologyKey: kubernetes.io/hostname
    65            whenUnsatisfiable: ScheduleAnyway
    66        volumes:
    67          - name: datadir
    68            persistentVolumeClaim:
    69              claimName: datadir-sec-context-pxc-0
    70          - name: vault-keyring-secret
    71            secret:
    72              defaultMode: 420
    73              optional: true
    74              secretName: sec-context-vault
    75          - name: ssl-internal
    76            secret:
    77              defaultMode: 420
    78              optional: true
    79              secretName: some-name-ssl-internal
    80          - name: ssl
    81            secret:
    82              defaultMode: 420
    83              optional: false
    84              secretName: some-name-ssl