github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context-k127.yml

github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context-k127.yml (about)

     1  apiVersion: batch/v1
     2  kind: Job
     3  metadata:
     4    generation: 1
     5    labels:
     6      batch.kubernetes.io/job-name: restore-job-restore-s3-sec-context
     7      job-name: restore-job-restore-s3-sec-context
     8    name: restore-job-restore-s3-sec-context
     9    ownerReferences:
    10      - controller: true
    11        kind: PerconaXtraDBClusterRestore
    12        name: restore-s3
    13  spec:
    14    backoffLimit: 4
    15    completionMode: NonIndexed
    16    completions: 1
    17    parallelism: 1
    18    selector:
    19      matchLabels: {}
    20    suspend: false
    21    template:
    22      metadata:
    23        annotations:
    24          openshift.io/scc: privileged
    25        labels:
    26          batch.kubernetes.io/job-name: restore-job-restore-s3-sec-context
    27          job-name: restore-job-restore-s3-sec-context
    28      spec:
    29        containers:
    30          - command:
    31              - recovery-cloud.sh
    32            env:
    33              - name: PXC_SERVICE
    34                value: sec-context-pxc
    35              - name: PXC_USER
    36                value: xtrabackup
    37              - name: PXC_PASS
    38                valueFrom:
    39                  secretKeyRef:
    40                    key: xtrabackup
    41                    name: my-cluster-secrets
    42              - name: VERIFY_TLS
    43                value: "true"
    44              - name: ENDPOINT
    45                value: http://minio-service.namespace:9000/
    46              - name: DEFAULT_REGION
    47                value: us-east-1
    48              - name: ACCESS_KEY_ID
    49                valueFrom:
    50                  secretKeyRef:
    51                    key: AWS_ACCESS_KEY_ID
    52                    name: minio-secret
    53              - name: SECRET_ACCESS_KEY
    54                valueFrom:
    55                  secretKeyRef:
    56                    key: AWS_SECRET_ACCESS_KEY
    57                    name: minio-secret
    58              - name: XB_USE_MEMORY
    59                value: 100MB
    60            imagePullPolicy: Always
    61            name: xtrabackup
    62            resources: {}
    63            securityContext:
    64              privileged: true
    65            terminationMessagePath: /dev/termination-log
    66            terminationMessagePolicy: File
    67            volumeMounts:
    68              - mountPath: /datadir
    69                name: datadir
    70              - mountPath: /etc/mysql/vault-keyring-secret
    71                name: vault-keyring-secret
    72        dnsPolicy: ClusterFirst
    73        restartPolicy: Never
    74        schedulerName: default-scheduler
    75        securityContext:
    76          fsGroup: 1001
    77          runAsUser: 1001
    78          supplementalGroups:
    79            - 1001
    80        serviceAccount: percona-xtradb-cluster-operator-workload
    81        serviceAccountName: percona-xtradb-cluster-operator-workload
    82        terminationGracePeriodSeconds: 30
    83        topologySpreadConstraints:
    84          - maxSkew: 1
    85            topologyKey: kubernetes.io/hostname
    86            whenUnsatisfiable: ScheduleAnyway
    87        volumes:
    88          - name: datadir
    89            persistentVolumeClaim:
    90              claimName: datadir-sec-context-pxc-0
    91          - name: vault-keyring-secret
    92            secret:
    93              defaultMode: 420
    94              optional: true
    95              secretName: sec-context-vault