github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context.yml

github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context.yml (about)

     1  apiVersion: batch/v1
     2  kind: Job
     3  metadata:
     4    generation: 1
     5    labels:
     6      job-name: restore-job-restore-s3-sec-context
     7    name: restore-job-restore-s3-sec-context
     8    ownerReferences:
     9      - controller: true
    10        kind: PerconaXtraDBClusterRestore
    11        name: restore-s3
    12  spec:
    13    backoffLimit: 4
    14    completionMode: NonIndexed
    15    completions: 1
    16    parallelism: 1
    17    selector:
    18      matchLabels: {}
    19    suspend: false
    20    template:
    21      metadata:
    22        annotations:
    23          openshift.io/scc: privileged
    24        labels:
    25          job-name: restore-job-restore-s3-sec-context
    26      spec:
    27        containers:
    28          - command:
    29              - recovery-cloud.sh
    30            env:
    31              - name: PXC_SERVICE
    32                value: sec-context-pxc
    33              - name: PXC_USER
    34                value: xtrabackup
    35              - name: PXC_PASS
    36                valueFrom:
    37                  secretKeyRef:
    38                    key: xtrabackup
    39                    name: my-cluster-secrets
    40              - name: VERIFY_TLS
    41                value: "true"
    42              - name: ENDPOINT
    43                value: http://minio-service.namespace:9000/
    44              - name: DEFAULT_REGION
    45                value: us-east-1
    46              - name: ACCESS_KEY_ID
    47                valueFrom:
    48                  secretKeyRef:
    49                    key: AWS_ACCESS_KEY_ID
    50                    name: minio-secret
    51              - name: SECRET_ACCESS_KEY
    52                valueFrom:
    53                  secretKeyRef:
    54                    key: AWS_SECRET_ACCESS_KEY
    55                    name: minio-secret
    56              - name: XB_USE_MEMORY
    57                value: 100MB
    58            imagePullPolicy: Always
    59            name: xtrabackup
    60            resources: {}
    61            securityContext:
    62              privileged: true
    63            terminationMessagePath: /dev/termination-log
    64            terminationMessagePolicy: File
    65            volumeMounts:
    66              - mountPath: /datadir
    67                name: datadir
    68              - mountPath: /etc/mysql/vault-keyring-secret
    69                name: vault-keyring-secret
    70        dnsPolicy: ClusterFirst
    71        restartPolicy: Never
    72        schedulerName: default-scheduler
    73        securityContext:
    74          fsGroup: 1001
    75          runAsUser: 1001
    76          supplementalGroups:
    77            - 1001
    78        serviceAccount: percona-xtradb-cluster-operator-workload
    79        serviceAccountName: percona-xtradb-cluster-operator-workload
    80        terminationGracePeriodSeconds: 30
    81        topologySpreadConstraints:
    82          - maxSkew: 1
    83            topologyKey: kubernetes.io/hostname
    84            whenUnsatisfiable: ScheduleAnyway
    85        volumes:
    86          - name: datadir
    87            persistentVolumeClaim:
    88              claimName: datadir-sec-context-pxc-0
    89          - name: vault-keyring-secret
    90            secret:
    91              defaultMode: 420
    92              optional: true
    93              secretName: sec-context-vault