diff --git a/helm-toolkit/templates/manifests/_job-bootstrap.tpl b/helm-toolkit/templates/manifests/_job-bootstrap.tpl index 01552de3b..5ae5e5745 100644 --- a/helm-toolkit/templates/manifests/_job-bootstrap.tpl +++ b/helm-toolkit/templates/manifests/_job-bootstrap.tpl @@ -31,7 +31,9 @@ limitations under the License. {{- $logConfigFile := index . "logConfigFile" | default (printf "/etc/%s/logging.conf" $serviceName ) -}} {{- $keystoneUser := index . "keystoneUser" | default $serviceName -}} {{- $openrc := index . "openrc" | default "true" -}} - +{{- $secretBin := index . "secretBin" -}} +{{- $backoffLimit := index . "backoffLimit" | default "6" -}} +{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}} {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "bootstrap" }} @@ -42,6 +44,10 @@ kind: Job metadata: name: {{ printf "%s-%s" $serviceNamePretty "bootstrap" | quote }} spec: + backoffLimit: {{ $backoffLimit }} +{{- if $activeDeadlineSeconds }} + activeDeadlineSeconds: {{ $activeDeadlineSeconds }} +{{- end }} template: metadata: labels: @@ -65,6 +71,8 @@ spec: {{- end }} {{- end }} command: + - /bin/bash + - -c - /tmp/bootstrap.sh volumeMounts: - name: pod-tmp @@ -90,9 +98,15 @@ spec: - name: pod-tmp emptyDir: {} - name: bootstrap-sh +{{- if $secretBin }} + secret: + secretName: {{ $secretBin | quote }} + defaultMode: 0555 +{{- else }} configMap: name: {{ $configMapBin | quote }} defaultMode: 0555 +{{- end }} - name: etc-service emptyDir: {} - name: bootstrap-conf diff --git a/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl b/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl index d5b1f6a3d..042dddd9a 100644 --- a/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl +++ b/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl @@ -32,7 +32,9 @@ limitations under the License. {{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}} {{- $dbToDrop := index . "dbToDrop" | default ( dict "adminSecret" $envAll.Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "logConfigFile" (printf "/etc/%s/logging.conf" $serviceName ) "configDbSection" "database" "configDbKey" "connection" ) -}} {{- $dbsToDrop := default (list $dbToDrop) (index . "dbsToDrop") }} - +{{- $secretBin := index . "secretBin" -}} +{{- $backoffLimit := index . "backoffLimit" | default "6" -}} +{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}} {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-drop" }} @@ -46,6 +48,10 @@ metadata: "helm.sh/hook": pre-delete "helm.sh/hook-delete-policy": hook-succeeded spec: + backoffLimit: {{ $backoffLimit }} +{{- if $activeDeadlineSeconds }} + activeDeadlineSeconds: {{ $activeDeadlineSeconds }} +{{- end }} template: metadata: labels: @@ -111,9 +117,15 @@ spec: - name: pod-tmp emptyDir: {} - name: db-drop-sh +{{- if $secretBin }} + secret: + secretName: {{ $secretBin | quote }} + defaultMode: 0555 +{{- else }} configMap: name: {{ $configMapBin | quote }} defaultMode: 0555 +{{- end }} {{- $local := dict "configMapBinFirst" true -}} {{- range $key1, $dbToDrop := $dbsToDrop }} {{- $dbToDropType := default "oslo" $dbToDrop.inputType }} diff --git a/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl b/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl index e01445ca7..e7430b832 100644 --- a/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl +++ b/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl @@ -32,7 +32,9 @@ limitations under the License. {{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}} {{- $dbToInit := index . "dbToInit" | default ( dict "adminSecret" $envAll.Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "logConfigFile" (printf "/etc/%s/logging.conf" $serviceName ) "configDbSection" "database" "configDbKey" "connection" ) -}} {{- $dbsToInit := default (list $dbToInit) (index . "dbsToInit") }} - +{{- $secretBin := index . "secretBin" -}} +{{- $backoffLimit := index . "backoffLimit" | default "6" -}} +{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}} {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-init" }} @@ -43,6 +45,10 @@ kind: Job metadata: name: {{ printf "%s-%s" $serviceNamePretty "db-init" | quote }} spec: + backoffLimit: {{ $backoffLimit }} +{{- if $activeDeadlineSeconds }} + activeDeadlineSeconds: {{ $activeDeadlineSeconds }} +{{- end }} template: metadata: labels: @@ -108,9 +114,15 @@ spec: - name: pod-tmp emptyDir: {} - name: db-init-sh +{{- if $secretBin }} + secret: + secretName: {{ $secretBin | quote }} + defaultMode: 0555 +{{- else }} configMap: name: {{ $configMapBin | quote }} defaultMode: 0555 +{{- end }} {{- $local := dict "configMapBinFirst" true -}} {{- range $key1, $dbToInit := $dbsToInit }} {{- $dbToInitType := default "oslo" $dbToInit.inputType }} diff --git a/helm-toolkit/templates/manifests/_job-db-sync.tpl b/helm-toolkit/templates/manifests/_job-db-sync.tpl index 6e74932ce..4053e1207 100644 --- a/helm-toolkit/templates/manifests/_job-db-sync.tpl +++ b/helm-toolkit/templates/manifests/_job-db-sync.tpl @@ -29,7 +29,9 @@ limitations under the License. {{- $podVols := index . "podVols" | default false -}} {{- $podEnvVars := index . "podEnvVars" | default false -}} {{- $dbToSync := index . "dbToSync" | default ( dict "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "logConfigFile" (printf "/etc/%s/logging.conf" $serviceName ) "image" ( index $envAll.Values.images.tags ( printf "%s_db_sync" $serviceName )) ) -}} - +{{- $secretBin := index . "secretBin" -}} +{{- $backoffLimit := index . "backoffLimit" | default "6" -}} +{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}} {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-sync" }} @@ -40,6 +42,10 @@ kind: Job metadata: name: {{ printf "%s-%s" $serviceNamePretty "db-sync" | quote }} spec: + backoffLimit: {{ $backoffLimit }} +{{- if $activeDeadlineSeconds }} + activeDeadlineSeconds: {{ $activeDeadlineSeconds }} +{{- end }} template: metadata: labels: @@ -61,6 +67,8 @@ spec: {{ $podEnvVars | toYaml | indent 12 }} {{- end }} command: + - /bin/bash + - -c - /tmp/db-sync.sh volumeMounts: - name: pod-tmp @@ -86,9 +94,15 @@ spec: - name: pod-tmp emptyDir: {} - name: db-sync-sh +{{- if $secretBin }} + secret: + secretName: {{ $secretBin | quote }} + defaultMode: 0555 +{{- else }} configMap: name: {{ $configMapBin | quote }} defaultMode: 0555 +{{- end }} - name: etc-service emptyDir: {} - name: db-sync-conf diff --git a/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl b/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl index 70871220d..424256398 100644 --- a/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl +++ b/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl @@ -25,6 +25,9 @@ limitations under the License. {{- $serviceTypes := index . "serviceTypes" -}} {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} +{{- $secretBin := index . "secretBin" -}} +{{- $backoffLimit := index . "backoffLimit" | default "6" -}} +{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}} {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "ks-endpoints" }} @@ -35,6 +38,10 @@ kind: Job metadata: name: {{ printf "%s-%s" $serviceNamePretty "ks-endpoints" | quote }} spec: + backoffLimit: {{ $backoffLimit }} +{{- if $activeDeadlineSeconds }} + activeDeadlineSeconds: {{ $activeDeadlineSeconds }} +{{- end }} template: metadata: labels: @@ -54,6 +61,8 @@ spec: imagePullPolicy: {{ $envAll.Values.images.pull_policy }} {{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_endpoints | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} command: + - /bin/bash + - -c - /tmp/ks-endpoints.sh volumeMounts: - name: pod-tmp @@ -80,7 +89,13 @@ spec: - name: pod-tmp emptyDir: {} - name: ks-endpoints-sh +{{- if $secretBin }} + secret: + secretName: {{ $secretBin | quote }} + defaultMode: 0555 +{{- else }} configMap: name: {{ $configMapBin | quote }} defaultMode: 0555 {{- end }} +{{- end }} diff --git a/helm-toolkit/templates/manifests/_job-ks-service.tpl b/helm-toolkit/templates/manifests/_job-ks-service.tpl index 7d81411a5..ac541093d 100644 --- a/helm-toolkit/templates/manifests/_job-ks-service.tpl +++ b/helm-toolkit/templates/manifests/_job-ks-service.tpl @@ -25,6 +25,9 @@ limitations under the License. {{- $serviceTypes := index . "serviceTypes" -}} {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} +{{- $secretBin := index . "secretBin" -}} +{{- $backoffLimit := index . "backoffLimit" | default "6" -}} +{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}} {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "ks-service" }} @@ -35,6 +38,10 @@ kind: Job metadata: name: {{ printf "%s-%s" $serviceNamePretty "ks-service" | quote }} spec: + backoffLimit: {{ $backoffLimit }} +{{- if $activeDeadlineSeconds }} + activeDeadlineSeconds: {{ $activeDeadlineSeconds }} +{{- end }} template: metadata: labels: @@ -53,6 +60,8 @@ spec: imagePullPolicy: {{ $envAll.Values.images.pull_policy }} {{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_service | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} command: + - /bin/bash + - -c - /tmp/ks-service.sh volumeMounts: - name: pod-tmp @@ -74,7 +83,13 @@ spec: - name: pod-tmp emptyDir: {} - name: ks-service-sh +{{- if $secretBin }} + secret: + secretName: {{ $secretBin | quote }} + defaultMode: 0555 +{{- else }} configMap: name: {{ $configMapBin | quote }} defaultMode: 0555 {{- end }} +{{- end }} diff --git a/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl b/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl index 2aa659b5b..1f8aaffdf 100644 --- a/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl +++ b/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl @@ -25,6 +25,9 @@ limitations under the License. {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} {{- $serviceUser := index . "serviceUser" | default $serviceName -}} +{{- $secretBin := index . "secretBin" -}} +{{- $backoffLimit := index . "backoffLimit" | default "6" -}} +{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}} {{- $serviceUserPretty := $serviceUser | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceUserPretty "ks-user" }} @@ -35,6 +38,10 @@ kind: Job metadata: name: {{ printf "%s-%s" $serviceUserPretty "ks-user" | quote }} spec: + backoffLimit: {{ $backoffLimit }} +{{- if $activeDeadlineSeconds }} + activeDeadlineSeconds: {{ $activeDeadlineSeconds }} +{{- end }} template: metadata: labels: @@ -52,6 +59,8 @@ spec: imagePullPolicy: {{ $envAll.Values.images.pull_policy }} {{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_user | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} command: + - /bin/bash + - -c - /tmp/ks-user.sh volumeMounts: - name: pod-tmp @@ -80,7 +89,13 @@ spec: - name: pod-tmp emptyDir: {} - name: ks-user-sh +{{- if $secretBin }} + secret: + secretName: {{ $secretBin | quote }} + defaultMode: 0555 +{{- else }} configMap: name: {{ $configMapBin | quote }} defaultMode: 0555 +{{- end }} {{- end -}} diff --git a/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl b/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl index 967bb4bda..3356a73e8 100644 --- a/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl +++ b/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl @@ -20,6 +20,9 @@ limitations under the License. {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} {{- $serviceUser := index . "serviceUser" | default $serviceName -}} +{{- $secretBin := index . "secretBin" -}} +{{- $backoffLimit := index . "backoffLimit" | default "6" -}} +{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}} {{- $serviceUserPretty := $serviceUser | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceUserPretty "rabbit-init" }} @@ -30,6 +33,10 @@ kind: Job metadata: name: {{ printf "%s-%s" $serviceUserPretty "rabbit-init" | quote }} spec: + backoffLimit: {{ $backoffLimit }} +{{- if $activeDeadlineSeconds }} + activeDeadlineSeconds: {{ $activeDeadlineSeconds }} +{{- end }} template: metadata: labels: @@ -47,6 +54,8 @@ spec: imagePullPolicy: {{ $envAll.Values.images.pull_policy | quote }} {{ tuple $envAll $envAll.Values.pod.resources.jobs.rabbit_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} command: + - /bin/bash + - -c - /tmp/rabbit-init.sh volumeMounts: - name: pod-tmp @@ -74,8 +83,13 @@ spec: - name: pod-tmp emptyDir: {} - name: rabbit-init-sh +{{- if $secretBin }} + secret: + secretName: {{ $secretBin | quote }} + defaultMode: 0555 +{{- else }} configMap: name: {{ $configMapBin | quote }} defaultMode: 0555 - +{{- end }} {{- end -}} diff --git a/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl b/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl index 201e5a5a2..56dcfbaa0 100644 --- a/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl +++ b/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl @@ -25,6 +25,9 @@ limitations under the License. {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} {{- $configMapCeph := index . "configMapCeph" | default (printf "ceph-etc" ) -}} +{{- $secretBin := index . "secretBin" -}} +{{- $backoffLimit := index . "backoffLimit" | default "6" -}} +{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}} {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $s3UserSecret := index $envAll.Values.secrets.rgw $serviceName -}} {{- $s3Bucket := index . "s3Bucket" | default $serviceName }} @@ -39,6 +42,10 @@ metadata: annotations: {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }} spec: + backoffLimit: {{ $backoffLimit }} +{{- if $activeDeadlineSeconds }} + activeDeadlineSeconds: {{ $activeDeadlineSeconds }} +{{- end }} template: metadata: labels: @@ -56,6 +63,8 @@ spec: imagePullPolicy: {{ $envAll.Values.images.pull_policy }} {{ tuple $envAll $envAll.Values.pod.resources.jobs.s3_bucket | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} command: + - /bin/bash + - -c - /tmp/create-s3-bucket.sh env: {{- with $env := dict "s3AdminSecret" $envAll.Values.secrets.rgw.admin }} @@ -93,9 +102,15 @@ spec: - name: pod-tmp emptyDir: {} - name: s3-bucket-sh +{{- if $secretBin }} + secret: + secretName: {{ $secretBin | quote }} + defaultMode: 0555 +{{- else }} configMap: name: {{ $configMapBin | quote }} defaultMode: 0555 +{{- end }} - name: etcceph emptyDir: {} - name: ceph-etc diff --git a/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl b/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl index 322cd402c..2bd19291f 100644 --- a/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl +++ b/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl @@ -25,6 +25,9 @@ limitations under the License. {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} {{- $configMapCeph := index . "configMapCeph" | default (printf "ceph-etc" ) -}} +{{- $secretBin := index . "secretBin" -}} +{{- $backoffLimit := index . "backoffLimit" | default "6" -}} +{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}} {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $s3UserSecret := index $envAll.Values.secrets.rgw $serviceName -}} @@ -38,6 +41,10 @@ metadata: annotations: {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }} spec: + backoffLimit: {{ $backoffLimit }} +{{- if $activeDeadlineSeconds }} + activeDeadlineSeconds: {{ $activeDeadlineSeconds }} +{{- end }} template: metadata: labels: @@ -75,6 +82,8 @@ spec: imagePullPolicy: {{ $envAll.Values.images.pull_policy }} {{ tuple $envAll $envAll.Values.pod.resources.jobs.s3_user | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} command: + - /bin/bash + - -c - /tmp/create-s3-user.sh env: {{- with $env := dict "s3AdminSecret" $envAll.Values.secrets.rgw.admin }} @@ -108,9 +117,15 @@ spec: - name: pod-tmp emptyDir: {} - name: create-s3-user-sh +{{- if $secretBin }} + secret: + secretName: {{ $secretBin | quote }} + defaultMode: 0555 +{{- else }} configMap: name: {{ $configMapBin | quote }} defaultMode: 0555 +{{- end }} - name: ceph-keyring-sh configMap: name: {{ $configMapBin | quote }} diff --git a/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl b/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl index 6a0519f1b..7101ab7f3 100644 --- a/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl +++ b/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl @@ -26,7 +26,9 @@ limitations under the License. {{- $podVolMounts := index . "podVolMounts" | default false -}} {{- $podVols := index . "podVols" | default false -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} - +{{- $secretBin := index . "secretBin" -}} +{{- $backoffLimit := index . "backoffLimit" | default "6" -}} +{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}} {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "image-repo-sync" }} @@ -37,6 +39,10 @@ kind: Job metadata: name: {{ printf "%s-%s" $serviceNamePretty "image-repo-sync" | quote }} spec: + backoffLimit: {{ $backoffLimit }} +{{- if $activeDeadlineSeconds }} + activeDeadlineSeconds: {{ $activeDeadlineSeconds }} +{{- end }} template: metadata: labels: @@ -58,6 +64,8 @@ spec: - name: IMAGE_SYNC_LIST value: "{{ include "helm-toolkit.utils.image_sync_list" $envAll }}" command: + - /bin/bash + - -c - /tmp/image-repo-sync.sh volumeMounts: - name: pod-tmp @@ -75,9 +83,15 @@ spec: - name: pod-tmp emptyDir: {} - name: bootstrap-sh +{{- if $secretBin }} + secret: + secretName: {{ $secretBin | quote }} + defaultMode: 0555 +{{- else }} configMap: name: {{ $configMapBin | quote }} defaultMode: 0555 +{{- end }} - name: docker-socket hostPath: path: /var/run/docker.sock