66 lines
2.3 KiB
HCL
66 lines
2.3 KiB
HCL
resource "kubectl_manifest" "Job_taiga-createinitialtemplates" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: batch/v1
|
|
kind: Job
|
|
metadata:
|
|
name: "${var.instance}-${var.component}-post-config"
|
|
namespace: "${var.namespace}"
|
|
labels: ${jsonencode(local.postcfg_all_labels)}
|
|
ownerReferences: ${jsonencode(var.install_owner)}
|
|
spec:
|
|
backoffLimit: 4
|
|
parallelism: 1
|
|
template:
|
|
spec:
|
|
restartPolicy: Never
|
|
initContainers:
|
|
- name: wait-for-svc
|
|
image: "${var.images.back.registry}/${var.images.back.repository}:${var.images.back.tag}"
|
|
imagePullPolicy: ${var.images.back.pull_policy}
|
|
command: ["/bin/bash", "-c"]
|
|
args: ["set -o pipefail;for i in {1..200};do (echo > /dev/tcp/${module.service.name}/80) && exit 0; sleep 2;done; exit 1"]
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
runAsGroup: 0
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
containers:
|
|
- name: postconfig
|
|
image: "${var.images.back.registry}/${var.images.back.repository}:${var.images.back.tag}"
|
|
imagePullPolicy: ${var.images.back.pull_policy}
|
|
command: ["/scripts/postconfig.sh"]
|
|
env:
|
|
- name: POSTGRES_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: ${var.instance}-${var.component}-pg-app
|
|
key: password
|
|
envFrom:
|
|
- secretRef:
|
|
name: ${kubectl_manifest.secret.name}
|
|
- configMapRef:
|
|
name: ${kubectl_manifest.cm_env_back.name}
|
|
volumeMounts:
|
|
- name: scripts
|
|
mountPath: /scripts
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
runAsGroup: 0
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumes:
|
|
- name: scripts
|
|
configMap:
|
|
name: ${kubectl_manifest.cm_scripts.name}
|
|
defaultMode: 0755
|
|
EOF
|
|
}
|