# services/bstein-dev-home/vaultwarden-cred-sync-cronjob.yaml apiVersion: batch/v1 kind: CronJob metadata: name: vaultwarden-cred-sync namespace: bstein-dev-home spec: schedule: "*/15 * * * *" concurrencyPolicy: Forbid successfulJobsHistoryLimit: 1 failedJobsHistoryLimit: 3 jobTemplate: spec: backoffLimit: 0 template: spec: serviceAccountName: bstein-dev-home restartPolicy: Never nodeSelector: kubernetes.io/arch: arm64 node-role.kubernetes.io/worker: "true" imagePullSecrets: - name: harbor-bstein-robot containers: - name: sync image: registry.bstein.dev/bstein/bstein-dev-home-backend:0.1.1-83 # {"$imagepolicy": "bstein-dev-home:bstein-dev-home-backend"} imagePullPolicy: Always command: - python - /scripts/vaultwarden_cred_sync.py env: - name: PYTHONPATH value: /app - name: KEYCLOAK_ENABLED value: "true" - name: KEYCLOAK_REALM value: atlas - name: KEYCLOAK_ADMIN_URL value: http://keycloak.sso.svc.cluster.local - name: KEYCLOAK_ADMIN_REALM value: atlas - name: KEYCLOAK_ADMIN_CLIENT_ID value: bstein-dev-home-admin - name: KEYCLOAK_ADMIN_CLIENT_SECRET valueFrom: secretKeyRef: name: bstein-dev-home-keycloak-admin key: client_secret - name: HTTP_CHECK_TIMEOUT_SEC value: "20" volumeMounts: - name: vaultwarden-cred-sync-script mountPath: /scripts readOnly: true volumes: - name: vaultwarden-cred-sync-script configMap: name: vaultwarden-cred-sync-script defaultMode: 0555