Files
@ b0761c1022d9
Branch filter:
Location: pomerium/04-gen-secrets-job.yaml - annotation
b0761c1022d9
912 B
text/x-yaml
ignore
723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 723ad82340d1 | apiVersion: batch/v1
kind: Job
metadata:
labels:
app.kubernetes.io/name: pomerium
name: pomerium-gen-secrets
namespace: pomerium
spec:
template:
metadata:
labels:
app.kubernetes.io/name: pomerium
name: pomerium-gen-secrets
spec:
containers:
- args:
- gen-secrets
- --secrets=$(POD_NAMESPACE)/bootstrap
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: pomerium/ingress-controller:sha-efe2d11
imagePullPolicy: IfNotPresent
name: gen-secrets
securityContext:
allowPrivilegeEscalation: false
nodeSelector:
kubernetes.io/os: linux
restartPolicy: OnFailure
securityContext:
fsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
serviceAccountName: pomerium-gen-secrets
|