Skip to content

Commit

Permalink
templates/openshift: make the maintenance template generic
Browse files Browse the repository at this point in the history
We could deploy this job for both composer and each tenant's workers
that's present in app-intf. Then we can remove the maintenance bits from
the composer template.
  • Loading branch information
croissanne committed Apr 29, 2024
1 parent 5a776c5 commit a87e306
Show file tree
Hide file tree
Showing 2 changed files with 59 additions and 8 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -286,10 +286,10 @@ jobs:
-p IMAGE_TAG=image_tag \
--local \
-o yaml > processed-templates/composer.yml
oc process -f templates/openshift/maintenance-crc-workers.yml \
oc process -f templates/openshift/maintenance.yml \
-p IMAGE_TAG=image_tag \
--local \
-o yaml > processed-templates/maintenance-crc-workers.yml
-o yaml > processed-templates/maintenance.yml
- uses: stackrox/[email protected]
with:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,23 +1,23 @@
apiVersion: v1
kind: Template
metadata:
name: composer
name: image-builder-maintenance
annotations:
openshift.io/display-name: Image Builder CRC worker services
openshift.io/display-name: Image Builder maintenance
description: |
Services related to maintaining the CRC workers.
Cronjob related to maintaining both composer and the workers.
tags: golang
iconClass: icon-shadowman
template.openshift.io/provider-display-name: Red Hat, Inc.
labels:
template: composer-worker-maintenance
template: image-builder-maintenance
objects:
- apiVersion: batch/v1
kind: CronJob
metadata:
labels:
service: image-builder
name: crc-worker-maintenance
name: image-builder-maintenance
spec:
# run maintenance job at midnight
schedule: 0 0 * * *
Expand All @@ -32,7 +32,7 @@ objects:
restartPolicy: Never
containers:
- image: "${IMAGE_NAME}:${IMAGE_TAG}"
name: crc-worker-maintenance
name: image-builder-maintenance
resources:
requests:
cpu: "${CPU_REQUEST}"
Expand All @@ -41,72 +41,118 @@ objects:
cpu: "${CPU_LIMIT}"
memory: "${MEMORY_LIMIT}"
env:
- name: PGHOST
valueFrom:
secretKeyRef:
name: composer-db
key: db.host
optional: true
- name: PGPORT
valueFrom:
secretKeyRef:
name: composer-db
key: db.port
optional: true
- name: PGDATABASE
valueFrom:
secretKeyRef:
name: composer-db
key: db.name
optional: true
- name: PGUSER
valueFrom:
secretKeyRef:
name: composer-db
key: db.user
optional: true
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: composer-db
key: db.password
optional: true
- name: PGSSLMODE
value: "${PGSSLMODE}"
- name: GCP_AUTH_PROVIDER_X509_CERT_URL
valueFrom:
secretKeyRef:
name: gcp-service-account
key: auth_provider_x509_cert_url
optional: true
- name: GCP_AUTH_URI
valueFrom:
secretKeyRef:
name: gcp-service-account
key: auth_uri
optional: true
- name: GCP_CLIENT_EMAIL
valueFrom:
secretKeyRef:
name: gcp-service-account
key: client_email
optional: true
- name: GCP_CLIENT_ID
valueFrom:
secretKeyRef:
name: gcp-service-account
key: client_id
optional: true
- name: GCP_CLIENT_X509_CERT_URL
valueFrom:
secretKeyRef:
name: gcp-service-account
key: client_x509_cert_url
optional: true
- name: GCP_PRIVATE_KEY
valueFrom:
secretKeyRef:
name: gcp-service-account
key: private_key
optional: true
- name: GCP_PRIVATE_KEY_ID
valueFrom:
secretKeyRef:
name: gcp-service-account
key: private_key_id
optional: true
- name: GCP_PROJECT_ID
valueFrom:
secretKeyRef:
name: gcp-service-account
key: project_id
optional: true
- name: GCP_TOKEN_URI
valueFrom:
secretKeyRef:
name: gcp-service-account
key: token_uri
optional: true
- name: GCP_TYPE
valueFrom:
secretKeyRef:
name: gcp-service-account
key: type
optional: true
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: aws-account
key: access_key_id
optional: true
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: aws-account
key: secret_access_key
optional: true
- name: DRY_RUN
value: "${MAINTENANCE_DRY_RUN}"
- name: ENABLE_AWS_MAINTENANCE
value: "${ENABLE_AWS_MAINTENANCE}"
- name: ENABLE_GCP_MAINTENANCE
value: "${ENABLE_GCP_MAINTENANCE}"
- name: ENABLE_DB_MAINTENANCE
value: "${ENABLE_DB_MAINTENANCE}"
- name: MAX_CONCURRENT_REQUESTS
value: "${MAINTENANCE_MAX_CONCURRENT_REQUESTS}"

Expand Down Expand Up @@ -145,6 +191,11 @@ parameters:
# don't change this value, overwrite it in app-interface for a specific namespace
value: "false"
required: true
- description: Enable DB maintenance
name: ENABLE_DB_MAINTENANCE
# don't change this value, overwrite it in app-interface for a specific namespace
value: "false"
required: true
- description: composer-maintenance max concurrent requests
name: MAINTENANCE_MAX_CONCURRENT_REQUESTS
value: "10"
Expand Down

0 comments on commit a87e306

Please sign in to comment.