summaryrefslogtreecommitdiffstats
path: root/examples/certificate-check-volume.yaml
diff options
context:
space:
mode:
authorOpenShift Bot <eparis+openshiftbot@redhat.com>2017-04-07 06:38:55 -0500
committerGitHub <noreply@github.com>2017-04-07 06:38:55 -0500
commit75e79b3f8756c05ac504143b2524d587a93f8dd7 (patch)
treeb44eab73cf5ff715fbc0ee510e22f1d44bd6f29f /examples/certificate-check-volume.yaml
parentec80b0c7d11a89b9c812e00c2c4db262c9dc9f72 (diff)
parent9dbc6d42ec99f902a9cef786009cee4953bbbde4 (diff)
downloadopenshift-75e79b3f8756c05ac504143b2524d587a93f8dd7.tar.gz
openshift-75e79b3f8756c05ac504143b2524d587a93f8dd7.tar.bz2
openshift-75e79b3f8756c05ac504143b2524d587a93f8dd7.tar.xz
openshift-75e79b3f8756c05ac504143b2524d587a93f8dd7.zip
Merge pull request #3822 from codificat/cronjob-example
Merged by openshift-bot
Diffstat (limited to 'examples/certificate-check-volume.yaml')
-rw-r--r--examples/certificate-check-volume.yaml54
1 files changed, 54 insertions, 0 deletions
diff --git a/examples/certificate-check-volume.yaml b/examples/certificate-check-volume.yaml
new file mode 100644
index 000000000..c19dc1f88
--- /dev/null
+++ b/examples/certificate-check-volume.yaml
@@ -0,0 +1,54 @@
+# An example Job to run a certificate check of OpenShift's internal
+# certificate status from within OpenShift.
+#
+# The generated reports are stored in a Persistent Volume using
+# the playbook 'html_and_json_timestamp.yaml'.
+#
+# This example uses the openshift/openshift-ansible container image.
+# (see README_CONTAINER_IMAGE.md in the top level dir for more details).
+#
+# The following objects are xpected to be configured before the creation
+# of this Job:
+# - A ConfigMap named 'inventory' with a key named 'hosts' that
+# contains the the Ansible inventory file
+# - A Secret named 'sshkey' with a key named 'ssh-privatekey
+# that contains the ssh key to connect to the hosts
+# - A PersistentVolumeClaim named 'certcheck-reports' where the
+# generated reports are going to be stored
+# (see examples/README.md for more details)
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: certificate-check
+spec:
+ containers:
+ - name: openshift-ansible
+ image: openshift/openshift-ansible
+ env:
+ - name: PLAYBOOK_FILE
+ value: playbooks/certificate_expiry/html_and_json_timestamp.yaml
+ - name: INVENTORY_FILE
+ value: /tmp/inventory/hosts # from configmap vol below
+ - name: ANSIBLE_PRIVATE_KEY_FILE # from secret vol below
+ value: /opt/app-root/src/.ssh/id_rsa/ssh-privatekey
+ - name: CERT_EXPIRY_WARN_DAYS
+ value: "45" # must be a string, don't forget the quotes
+ volumeMounts:
+ - name: sshkey
+ mountPath: /opt/app-root/src/.ssh/id_rsa
+ - name: inventory
+ mountPath: /tmp/inventory
+ - name: reports
+ mountPath: /var/lib/certcheck
+ volumes:
+ - name: sshkey
+ secret:
+ secretName: sshkey
+ - name: inventory
+ configMap:
+ name: inventory
+ - name: reports
+ persistentVolumeClaim:
+ claimName: certcheck-reports
+ restartPolicy: Never