52 lines
1.4 KiB
YAML
52 lines
1.4 KiB
YAML
# services/comms/synapse-seeder-admin-ensure-job.yaml
|
|
apiVersion: batch/v1
|
|
kind: Job
|
|
metadata:
|
|
name: synapse-seeder-admin-ensure-3
|
|
namespace: comms
|
|
spec:
|
|
backoffLimit: 2
|
|
template:
|
|
spec:
|
|
restartPolicy: OnFailure
|
|
serviceAccountName: comms-vault
|
|
containers:
|
|
- name: psql
|
|
image: postgres:16-alpine
|
|
env:
|
|
- name: PGHOST
|
|
value: postgres-service.postgres.svc.cluster.local
|
|
- name: PGPORT
|
|
value: "5432"
|
|
- name: PGDATABASE
|
|
value: synapse
|
|
- name: PGUSER
|
|
value: synapse
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- |
|
|
set -euo pipefail
|
|
. /vault/scripts/comms_vault_env.sh
|
|
psql -v ON_ERROR_STOP=1 <<'SQL'
|
|
UPDATE users SET admin = 1 WHERE name = '@othrys-seeder:live.bstein.dev';
|
|
SQL
|
|
volumeMounts:
|
|
- name: vault-secrets
|
|
mountPath: /vault/secrets
|
|
readOnly: true
|
|
- name: vault-scripts
|
|
mountPath: /vault/scripts
|
|
readOnly: true
|
|
volumes:
|
|
- name: vault-secrets
|
|
csi:
|
|
driver: secrets-store.csi.k8s.io
|
|
readOnly: true
|
|
volumeAttributes:
|
|
secretProviderClass: comms-vault
|
|
- name: vault-scripts
|
|
configMap:
|
|
name: comms-vault-env
|
|
defaultMode: 0555
|