github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context-k129.yml

github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context-k129.yml (about)

     1  apiVersion: batch/v1
     2  kind: Job
     3  metadata:
     4    generation: 1
     5    labels:
     6      batch.kubernetes.io/job-name: restore-job-restore-s3-sec-context
     7      job-name: restore-job-restore-s3-sec-context
     8    name: restore-job-restore-s3-sec-context
     9    ownerReferences:
    10      - controller: true
    11        kind: PerconaXtraDBClusterRestore
    12        name: restore-s3
    13  spec:
    14    backoffLimit: 4
    15    completionMode: NonIndexed
    16    completions: 1
    17    manualSelector: false
    18    parallelism: 1
    19    podReplacementPolicy: TerminatingOrFailed
    20    selector:
    21      matchLabels: {}
    22    suspend: false
    23    template:
    24      metadata:
    25        annotations:
    26          openshift.io/scc: privileged
    27        labels:
    28          batch.kubernetes.io/job-name: restore-job-restore-s3-sec-context
    29          job-name: restore-job-restore-s3-sec-context
    30      spec:
    31        containers:
    32          - command:
    33              - recovery-cloud.sh
    34            env:
    35              - name: PXC_SERVICE
    36                value: sec-context-pxc
    37              - name: PXC_USER
    38                value: xtrabackup
    39              - name: PXC_PASS
    40                valueFrom:
    41                  secretKeyRef:
    42                    key: xtrabackup
    43                    name: my-cluster-secrets
    44              - name: VERIFY_TLS
    45                value: "true"
    46              - name: ENDPOINT
    47                value: http://minio-service.namespace:9000/
    48              - name: DEFAULT_REGION
    49                value: us-east-1
    50              - name: ACCESS_KEY_ID
    51                valueFrom:
    52                  secretKeyRef:
    53                    key: AWS_ACCESS_KEY_ID
    54                    name: minio-secret
    55              - name: SECRET_ACCESS_KEY
    56                valueFrom:
    57                  secretKeyRef:
    58                    key: AWS_SECRET_ACCESS_KEY
    59                    name: minio-secret
    60              - name: XB_USE_MEMORY
    61                value: 100MB
    62            imagePullPolicy: Always
    63            name: xtrabackup
    64            resources: {}
    65            securityContext:
    66              privileged: true
    67            terminationMessagePath: /dev/termination-log
    68            terminationMessagePolicy: File
    69            volumeMounts:
    70              - mountPath: /datadir
    71                name: datadir
    72              - mountPath: /etc/mysql/vault-keyring-secret
    73                name: vault-keyring-secret
    74        dnsPolicy: ClusterFirst
    75        restartPolicy: Never
    76        schedulerName: default-scheduler
    77        securityContext:
    78          fsGroup: 1001
    79          runAsUser: 1001
    80          supplementalGroups:
    81            - 1001
    82        serviceAccount: percona-xtradb-cluster-operator-workload
    83        serviceAccountName: percona-xtradb-cluster-operator-workload
    84        terminationGracePeriodSeconds: 30
    85        topologySpreadConstraints:
    86          - maxSkew: 1
    87            topologyKey: kubernetes.io/hostname
    88            whenUnsatisfiable: ScheduleAnyway
    89        volumes:
    90          - name: datadir
    91            persistentVolumeClaim:
    92              claimName: datadir-sec-context-pxc-0
    93          - name: vault-keyring-secret
    94            secret:
    95              defaultMode: 420
    96              optional: true
    97              secretName: sec-context-vault