From 5f227939bc5794fec67e62fe3776d0e0d1db8e71 Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Sat, 21 Mar 2026 17:39:03 +1100 Subject: [PATCH] feat: add CronJob to generate Puppet types for all environments (#67) - add kubernetes CronJob that runs every 5 minutes to automaticall generate Puppet types for all environments in the code directory. Reviewed-on: https://git.unkin.net/unkin/argocd-apps/pulls/67 --- apps/base/puppet/cronjob_generate-types.yaml | 86 ++++++++++++++++++++ 1 file changed, 86 insertions(+) create mode 100644 apps/base/puppet/cronjob_generate-types.yaml diff --git a/apps/base/puppet/cronjob_generate-types.yaml b/apps/base/puppet/cronjob_generate-types.yaml new file mode 100644 index 0000000..502099b --- /dev/null +++ b/apps/base/puppet/cronjob_generate-types.yaml @@ -0,0 +1,86 @@ +--- +apiVersion: batch/v1 +kind: CronJob +metadata: + labels: + app.kubernetes.io/component: generate-types + app.kubernetes.io/instance: puppetserver + app.kubernetes.io/name: puppetserver + app.kubernetes.io/version: 8.8.0 + name: generate-types + namespace: puppet +spec: + schedule: "*/5 * * * *" + concurrencyPolicy: Forbid + successfulJobsHistoryLimit: 3 + failedJobsHistoryLimit: 3 + jobTemplate: + spec: + template: + metadata: + labels: + app.kubernetes.io/component: generate-types + app.kubernetes.io/instance: puppetserver + app.kubernetes.io/name: puppetserver + app.kubernetes.io/version: 8.8.0 + spec: + hostname: generate-types + imagePullSecrets: null + containers: + - name: generate-types + image: ghcr.io/openvoxproject/openvoxserver:8.8.0-main + imagePullPolicy: IfNotPresent + command: + - sh + - -c + args: + - | + find /etc/puppetlabs/code/environments -mindepth 1 -maxdepth 1 -type d | while read -r envdir; do + env="$(basename "$envdir")" + echo "Generating types for $env" + puppet generate types --environment "$env" + done + env: + - name: PUPPETSERVER_JAVA_ARGS + value: -Xms1024m -Xmx3072m -Dcom.sun.management.jmxremote.port=31000 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false + resources: + limits: + cpu: 300m + memory: 256Mi + requests: + cpu: 200m + memory: 128Mi + securityContext: + runAsUser: 0 + runAsNonRoot: false + capabilities: + add: + - CAP_CHOWN + - CAP_SETUID + - CAP_SETGID + - CAP_DAC_OVERRIDE + - CAP_AUDIT_WRITE + - CAP_FOWNER + - CHOWN + - SETUID + - SETGID + - DAC_OVERRIDE + - AUDIT_WRITE + - FOWNER + drop: + - all + volumeMounts: + - mountPath: /etc/puppetlabs/code/ + name: puppet-code-volume + - mountPath: /etc/puppetlabs/puppet/ + name: puppet-puppet-volume + restartPolicy: OnFailure + securityContext: + fsGroup: 999 + volumes: + - name: puppet-code-volume + persistentVolumeClaim: + claimName: puppetserver-code-shared + - name: puppet-puppet-volume + persistentVolumeClaim: + claimName: puppetserver-compiler-config-shared