From 28278d6c67a12c596146568a979b7a25b732454f Mon Sep 17 00:00:00 2001 From: Brad Stein Date: Fri, 6 Feb 2026 18:38:29 -0300 Subject: [PATCH] maintenance: pivot soteria to longhorn --- services/maintenance/secretproviderclass.yaml | 18 ------------------ services/maintenance/soteria-configmap.yaml | 5 ----- services/maintenance/soteria-deployment.yaml | 9 --------- services/maintenance/soteria-rbac.yaml | 6 ------ 4 files changed, 38 deletions(-) diff --git a/services/maintenance/secretproviderclass.yaml b/services/maintenance/secretproviderclass.yaml index cb61e46..85df2af 100644 --- a/services/maintenance/secretproviderclass.yaml +++ b/services/maintenance/secretproviderclass.yaml @@ -13,27 +13,9 @@ spec: - objectName: "harbor-pull__dockerconfigjson" secretPath: "kv/data/atlas/shared/harbor-pull" secretKey: "dockerconfigjson" - - objectName: "soteria_restic__AWS_ACCESS_KEY_ID" - secretPath: "kv/data/atlas/maintenance/soteria-restic" - secretKey: "AWS_ACCESS_KEY_ID" - - objectName: "soteria_restic__AWS_SECRET_ACCESS_KEY" - secretPath: "kv/data/atlas/maintenance/soteria-restic" - secretKey: "AWS_SECRET_ACCESS_KEY" - - objectName: "soteria_restic__RESTIC_PASSWORD" - secretPath: "kv/data/atlas/maintenance/soteria-restic" - secretKey: "RESTIC_PASSWORD" secretObjects: - secretName: harbor-regcred type: kubernetes.io/dockerconfigjson data: - objectName: harbor-pull__dockerconfigjson key: .dockerconfigjson - - secretName: soteria-restic - type: Opaque - data: - - objectName: soteria_restic__AWS_ACCESS_KEY_ID - key: AWS_ACCESS_KEY_ID - - objectName: soteria_restic__AWS_SECRET_ACCESS_KEY - key: AWS_SECRET_ACCESS_KEY - - objectName: soteria_restic__RESTIC_PASSWORD - key: RESTIC_PASSWORD diff --git a/services/maintenance/soteria-configmap.yaml b/services/maintenance/soteria-configmap.yaml index cb3d630..a409a58 100644 --- a/services/maintenance/soteria-configmap.yaml +++ b/services/maintenance/soteria-configmap.yaml @@ -8,8 +8,3 @@ data: SOTERIA_BACKUP_DRIVER: "longhorn" SOTERIA_LONGHORN_URL: "http://longhorn-backend.longhorn-system.svc:9500" SOTERIA_LONGHORN_BACKUP_MODE: "incremental" - SOTERIA_RESTIC_REPOSITORY: "s3:s3.us-west-004.backblazeb2.com/atlas-soteria" - SOTERIA_S3_ENDPOINT: "s3.us-west-004.backblazeb2.com" - SOTERIA_S3_REGION: "us-west-004" - SOTERIA_RESTIC_BACKUP_ARGS: "" - SOTERIA_RESTIC_FORGET_ARGS: "" diff --git a/services/maintenance/soteria-deployment.yaml b/services/maintenance/soteria-deployment.yaml index a456748..359edfd 100644 --- a/services/maintenance/soteria-deployment.yaml +++ b/services/maintenance/soteria-deployment.yaml @@ -44,15 +44,6 @@ spec: envFrom: - configMapRef: name: soteria - env: - - name: SOTERIA_SECRET_NAMESPACE - value: "maintenance" - - name: SOTERIA_RESTIC_SECRET_NAME - value: "soteria-restic" - - name: SOTERIA_JOB_TTL_SECONDS - value: "86400" - - name: SOTERIA_JOB_NODE_SELECTOR - value: "kubernetes.io/arch=arm64,node-role.kubernetes.io/worker=true" livenessProbe: httpGet: path: /healthz diff --git a/services/maintenance/soteria-rbac.yaml b/services/maintenance/soteria-rbac.yaml index 3896c96..c5ef8ee 100644 --- a/services/maintenance/soteria-rbac.yaml +++ b/services/maintenance/soteria-rbac.yaml @@ -4,15 +4,9 @@ kind: ClusterRole metadata: name: soteria rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "create", "update", "delete"] - apiGroups: [""] resources: ["persistentvolumeclaims", "persistentvolumes"] verbs: ["get", "list"] - - apiGroups: ["batch"] - resources: ["jobs"] - verbs: ["get", "list", "create"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding