Files
@ b605b92e89b8
Branch filter:
Location: pomerium/kube/04-gen-secrets-job.yaml - annotation
b605b92e89b8
905 B
text/x-yaml
change provider to oidc to try to stop failed user directory syncs
6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 | apiVersion: batch/v1
kind: Job
metadata:
labels:
app.kubernetes.io/name: pomerium
name: pomerium-gen-secrets
namespace: pomerium
spec:
template:
metadata:
labels:
app.kubernetes.io/name: pomerium
name: pomerium-gen-secrets
spec:
containers:
- args:
- gen-secrets
- --secrets=$(POD_NAMESPACE)/bootstrap
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: pomerium/ingress-controller:main
imagePullPolicy: IfNotPresent
name: gen-secrets
securityContext:
allowPrivilegeEscalation: false
nodeSelector:
kubernetes.io/os: linux
restartPolicy: OnFailure
securityContext:
fsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
serviceAccountName: pomerium-gen-secrets
|