2d16c35a3c
The RWO puppetserver-shared-config PVC caused multi-attach errors when the cronjob pod was scheduled on a different node than the previous run, stalling the init container indefinitely. Since the config only needs to exist for the duration of the job, remove the init container and PVC entirely and clone the r10k config directly into /shared within the main container before running g10k.
70 lines
2.1 KiB
YAML
70 lines
2.1 KiB
YAML
---
|
|
apiVersion: batch/v1
|
|
kind: CronJob
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: r10k-code
|
|
app.kubernetes.io/instance: puppetserver
|
|
app.kubernetes.io/name: puppetserver
|
|
app.kubernetes.io/version: 8.8.0
|
|
name: g10k-code
|
|
namespace: puppet
|
|
spec:
|
|
schedule: "*/1 * * * *"
|
|
concurrencyPolicy: Forbid
|
|
successfulJobsHistoryLimit: 3
|
|
failedJobsHistoryLimit: 3
|
|
jobTemplate:
|
|
spec:
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: g10k-code
|
|
app.kubernetes.io/instance: puppetserver
|
|
app.kubernetes.io/name: puppetserver
|
|
app.kubernetes.io/version: 8.8.0
|
|
spec:
|
|
hostname: g10k-code
|
|
imagePullSecrets: null
|
|
containers:
|
|
- name: g10k-code
|
|
image: git.unkin.net/unkin/almalinux9-g10k:20260308
|
|
imagePullPolicy: IfNotPresent
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 128Mi
|
|
limits:
|
|
cpu: 200m
|
|
memory: 256Mi
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
args:
|
|
- |
|
|
set -e
|
|
echo "Cloning r10k config repository..."
|
|
git clone https://git.unkin.net/unkin/puppet-r10k.git /shared
|
|
echo "Running g10k..."
|
|
/usr/bin/g10k -config /shared/r10k.yaml
|
|
envFrom: null
|
|
env: []
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- all
|
|
runAsGroup: 999
|
|
runAsNonRoot: true
|
|
runAsUser: 999
|
|
volumeMounts:
|
|
- mountPath: /etc/puppetlabs/code/
|
|
name: puppet-code-volume
|
|
restartPolicy: OnFailure
|
|
securityContext:
|
|
fsGroup: 999
|
|
volumes:
|
|
- name: puppet-code-volume
|
|
persistentVolumeClaim:
|
|
claimName: puppetserver-code-shared
|