65 lines
1.6 KiB
YAML
65 lines
1.6 KiB
YAML
apiVersion: batch/v1
|
|
kind: CronJob
|
|
metadata:
|
|
name: server-cron
|
|
labels:
|
|
app.kubernetes.io/name: nextcloud
|
|
app.kubernetes.io/component: cron
|
|
spec:
|
|
schedule: "*/5 * * * *"
|
|
concurrencyPolicy: Forbid
|
|
successfulJobsHistoryLimit: 1
|
|
failedJobsHistoryLimit: 1
|
|
jobTemplate:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: nextcloud
|
|
app.kubernetes.io/component: cron
|
|
spec:
|
|
backoffLimit: 0 # no retry
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: nextcloud
|
|
app.kubernetes.io/component: cron
|
|
spec:
|
|
restartPolicy: Never
|
|
serviceAccountName: server-cron
|
|
containers:
|
|
- name: kubectl
|
|
image: bitnami/kubectl
|
|
imagePullPolicy: IfNotPresent
|
|
command: ["/bin/bash"]
|
|
args:
|
|
- -xc
|
|
- kubectl exec "$(kubectl get pods -l 'app.kubernetes.io/component=server' -o name)" -- /bin/bash -c '( if ! which sudo &>/dev/null; then apt update && apt install sudo; fi ) && sudo -u www-data php -f /var/www/html/cron.php'
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: server-cron
|
|
automountServiceAccountToken: true
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: Role
|
|
metadata:
|
|
name: pod-list-exec
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["pods", "pods/log"]
|
|
verbs: ["get", "list"]
|
|
- apiGroups: [""]
|
|
resources: ["pods/exec"]
|
|
verbs: ["create"]
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: server-cron
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: server-cron
|
|
roleRef:
|
|
kind: Role
|
|
name: pod-list-exec
|
|
apiGroup: rbac.authorization.k8s.io |