pomerium: kube/04-gen-secrets-job.yaml annotate

annotate kube/04-gen-secrets-job.yaml @ 0:6bf643829330

start

author	drewp@bigasterisk.com
date	Sun, 11 Sep 2022 01:24:55 -0700
parents
children

rev	line source
0 6bf643829330 start drewp@bigasterisk.com parents: diff changeset	1 apiVersion: batch/v1
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	2 kind: Job
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	3 metadata:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	4 labels:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	5 app.kubernetes.io/name: pomerium
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	6 name: pomerium-gen-secrets
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	7 namespace: pomerium
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	8 spec:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	9 template:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	10 metadata:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	11 labels:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	12 app.kubernetes.io/name: pomerium
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	13 name: pomerium-gen-secrets
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	14 spec:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	15 containers:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	16 - args:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	17 - gen-secrets
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	18 - --secrets=$(POD_NAMESPACE)/bootstrap
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	19 env:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	20 - name: POD_NAMESPACE
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	21 valueFrom:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	22 fieldRef:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	23 fieldPath: metadata.namespace
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	24 image: pomerium/ingress-controller:main
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	25 imagePullPolicy: IfNotPresent
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	26 name: gen-secrets
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	27 securityContext:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	28 allowPrivilegeEscalation: false
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	29 nodeSelector:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	30 kubernetes.io/os: linux
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	31 restartPolicy: OnFailure
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	32 securityContext:
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	33 fsGroup: 1000
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	34 runAsNonRoot: true
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	35 runAsUser: 1000
6bf643829330 start drewp@bigasterisk.com parents: diff changeset	36 serviceAccountName: pomerium-gen-secrets

Mercurial > code > home > repos > pomerium

annotate kube/04-gen-secrets-job.yaml @ 0:6bf643829330