mirror of
https://github.com/openshift/openshift-ansible.git
synced 2026-02-05 06:46:04 +01:00
54 lines
1.8 KiB
YAML
54 lines
1.8 KiB
YAML
# An example Job to run a certificate check of OpenShift's internal
|
|
# certificate status from within OpenShift.
|
|
#
|
|
# The generated reports are uploaded to a location in the master
|
|
# hosts, using the playbook 'easy-mode-upload.yaml'.
|
|
#
|
|
# This example uses the openshift/origin-ansible container image.
|
|
# (see README_CONTAINER_IMAGE.md in the top level dir for more details).
|
|
#
|
|
# The following objects are expected to be configured before the creation
|
|
# of this Job:
|
|
# - A ConfigMap named 'inventory' with a key named 'hosts' that
|
|
# contains the the Ansible inventory file
|
|
# - A Secret named 'sshkey' with a key named 'ssh-privatekey
|
|
# that contains the ssh key to connect to the hosts
|
|
# (see examples/README.md for more details)
|
|
---
|
|
apiVersion: batch/v1
|
|
kind: Job
|
|
metadata:
|
|
name: certificate-check
|
|
spec:
|
|
parallelism: 1
|
|
completions: 1
|
|
template:
|
|
metadata:
|
|
name: certificate-check
|
|
spec:
|
|
containers:
|
|
- name: openshift-ansible
|
|
image: docker.io/openshift/origin-ansible
|
|
env:
|
|
- name: PLAYBOOK_FILE
|
|
value: playbooks/openshift-checks/certificate_expiry/easy-mode-upload.yaml
|
|
- name: INVENTORY_FILE
|
|
value: /tmp/inventory/hosts # from configmap vol below
|
|
- name: ANSIBLE_PRIVATE_KEY_FILE # from secret vol below
|
|
value: /opt/app-root/src/.ssh/id_rsa/ssh-privatekey
|
|
- name: CERT_EXPIRY_WARN_DAYS
|
|
value: "45" # must be a string, don't forget the quotes
|
|
volumeMounts:
|
|
- name: sshkey
|
|
mountPath: /opt/app-root/src/.ssh/id_rsa
|
|
- name: inventory
|
|
mountPath: /tmp/inventory
|
|
volumes:
|
|
- name: sshkey
|
|
secret:
|
|
secretName: sshkey
|
|
- name: inventory
|
|
configMap:
|
|
name: inventory
|
|
restartPolicy: Never
|