mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-05-05 08:31:44 +08:00
858ab494c3
For now, just re-use the fedimg credentials. Note that currently the AWS support is not enabled so nothing makes use of these credentials just yet.
81 lines
2.7 KiB
YAML
81 lines
2.7 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: cloud-image-uploader
|
|
annotations:
|
|
image.openshift.io/triggers: '[{"from":{"kind":"ImageStreamTag","name":"cloud-image-uploader:latest"},"fieldPath":"spec.template.spec.containers[?(@.name==\"cloud-image-uploader\")].image"}]'
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: cloud-image-uploader
|
|
strategy:
|
|
type: Recreate
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: cloud-image-uploader
|
|
spec:
|
|
volumes:
|
|
- name: config-volume
|
|
configMap:
|
|
name: cloud-image-uploader-configmap
|
|
- name: fedora-messaging-ca-volume
|
|
secret:
|
|
secretName: cloud-image-uploader-fedora-messaging-ca
|
|
- name: fedora-messaging-key-volume
|
|
secret:
|
|
secretName: cloud-image-uploader-fedora-messaging-key
|
|
- name: fedora-messaging-cert-volume
|
|
secret:
|
|
secretName: cloud-image-uploader-fedora-messaging-crt
|
|
containers:
|
|
- name: cloud-image-uploader
|
|
image: image-registry.openshift-image-registry.svc:5000/cloud-image-uploader/cloud-image-uploader:latest
|
|
imagePullPolicy: Always
|
|
workingDir: /srv/cloud-uploader/
|
|
env:
|
|
- name: AZURE_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: azure-credentials
|
|
key: secret
|
|
- name: AZURE_CLIENT_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: azure-credentials
|
|
key: client_id
|
|
- name: AZURE_TENANT
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: azure-credentials
|
|
key: tenant_id
|
|
- name: AZURE_SUBSCRIPTION_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: azure-credentials
|
|
key: subscription_id
|
|
- name: AWS_ACCESS_KEY_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: aws-credentials
|
|
key: access_key_id
|
|
- name: AWS_SECRET_ACCESS_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: aws-credentials
|
|
key: secret_access_key
|
|
volumeMounts:
|
|
- name: config-volume
|
|
mountPath: /etc/fedora-messaging
|
|
readOnly: true
|
|
- name: fedora-messaging-ca-volume
|
|
mountPath: /etc/pki/rabbitmq/ca
|
|
readOnly: true
|
|
- name: fedora-messaging-key-volume
|
|
mountPath: /etc/pki/rabbitmq/key
|
|
readOnly: true
|
|
- name: fedora-messaging-cert-volume
|
|
mountPath: /etc/pki/rabbitmq/cert
|
|
readOnly: true
|