127 lines
4.2 KiB
Go
127 lines
4.2 KiB
Go
package builder
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
zitadelv1alpha1 "bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/api/v1alpha1"
|
|
configuration "bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/pkg/configuration"
|
|
"bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/pkg/masterkey"
|
|
batchv1 "k8s.io/api/batch/v1"
|
|
corev1 "k8s.io/api/core/v1"
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
"k8s.io/apimachinery/pkg/types"
|
|
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
|
|
)
|
|
|
|
func (b *Builder) BuildInitJob(zitadel *zitadelv1alpha1.ZitadelCluster, key types.NamespacedName) (*batchv1.Job, error) {
|
|
|
|
backOffLimit := int32(5)
|
|
activeDeadlineSeconds := int64(300)
|
|
runAsNonRoot := true
|
|
enableServiceLinks := false
|
|
user := int64(1000)
|
|
initJob := &batchv1.Job{
|
|
ObjectMeta: metav1.ObjectMeta{
|
|
Name: key.Name,
|
|
Namespace: key.Namespace,
|
|
},
|
|
Spec: batchv1.JobSpec{
|
|
BackoffLimit: &backOffLimit,
|
|
ActiveDeadlineSeconds: &activeDeadlineSeconds,
|
|
Template: corev1.PodTemplateSpec{
|
|
Spec: corev1.PodSpec{
|
|
RestartPolicy: corev1.RestartPolicyOnFailure,
|
|
SecurityContext: &corev1.PodSecurityContext{
|
|
RunAsNonRoot: &runAsNonRoot,
|
|
RunAsUser: &user,
|
|
},
|
|
EnableServiceLinks: &enableServiceLinks,
|
|
Volumes: []corev1.Volume{
|
|
{Name: "zitadel-config-yaml", VolumeSource: corev1.VolumeSource{ConfigMap: &corev1.ConfigMapVolumeSource{LocalObjectReference: corev1.LocalObjectReference{Name: configuration.ConfigurationName(zitadel)}}}},
|
|
},
|
|
Containers: []corev1.Container{
|
|
{
|
|
Name: "zitadel-init",
|
|
Image: zitadel.Spec.Image.Name + ":" + zitadel.Spec.Image.Tag,
|
|
Args: []string{
|
|
"init",
|
|
"--config", "/config/zitadel-config-yaml",
|
|
},
|
|
VolumeMounts: []corev1.VolumeMount{
|
|
{Name: "zitadel-config-yaml", MountPath: "/config"},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}
|
|
if err := controllerutil.SetControllerReference(zitadel, initJob, b.scheme); err != nil {
|
|
return nil, fmt.Errorf("error setting controller reference to InitJob: %v", err)
|
|
}
|
|
return initJob, nil
|
|
}
|
|
|
|
func (b *Builder) BuildSetupJob(zitadel *zitadelv1alpha1.ZitadelCluster, key types.NamespacedName) (*batchv1.Job, error) {
|
|
|
|
backOffLimit := int32(5)
|
|
activeDeadlineSeconds := int64(300)
|
|
runAsNonRoot := true
|
|
enableServiceLinks := false
|
|
user := int64(1000)
|
|
setupJob := &batchv1.Job{
|
|
ObjectMeta: metav1.ObjectMeta{
|
|
Name: key.Name,
|
|
Namespace: key.Namespace,
|
|
},
|
|
Spec: batchv1.JobSpec{
|
|
BackoffLimit: &backOffLimit,
|
|
ActiveDeadlineSeconds: &activeDeadlineSeconds,
|
|
Template: corev1.PodTemplateSpec{
|
|
Spec: corev1.PodSpec{
|
|
RestartPolicy: corev1.RestartPolicyOnFailure,
|
|
SecurityContext: &corev1.PodSecurityContext{
|
|
RunAsNonRoot: &runAsNonRoot,
|
|
RunAsUser: &user,
|
|
},
|
|
EnableServiceLinks: &enableServiceLinks,
|
|
Volumes: []corev1.Volume{
|
|
{Name: "zitadel-config-yaml", VolumeSource: corev1.VolumeSource{ConfigMap: &corev1.ConfigMapVolumeSource{LocalObjectReference: corev1.LocalObjectReference{Name: configuration.ConfigurationName(zitadel)}}}},
|
|
},
|
|
Containers: []corev1.Container{
|
|
{
|
|
Name: "zitadel-setup",
|
|
Image: zitadel.Spec.Image.Name + ":" + zitadel.Spec.Image.Tag,
|
|
Args: []string{
|
|
"setup",
|
|
"--config", "/config/zitadel-config-yaml",
|
|
"--steps", "/config/zitadel-config-yaml",
|
|
"--masterkeyFromEnv",
|
|
"--init-projections=true",
|
|
},
|
|
|
|
Env: []corev1.EnvVar{
|
|
{
|
|
Name: "ZITADEL_MASTERKEY",
|
|
ValueFrom: &corev1.EnvVarSource{SecretKeyRef: &corev1.SecretKeySelector{LocalObjectReference: corev1.LocalObjectReference{Name: masterkey.MasterKeyName(zitadel)}, Key: masterkey.Key}},
|
|
},
|
|
{
|
|
Name: "ZITADEL_FIRSTINSTANCE_MACHINEKEYPATH",
|
|
Value: "/machinekey/sa.json",
|
|
},
|
|
},
|
|
VolumeMounts: []corev1.VolumeMount{
|
|
{Name: "zitadel-config-yaml", MountPath: "/config"},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}
|
|
if err := controllerutil.SetControllerReference(zitadel, setupJob, b.scheme); err != nil {
|
|
return nil, fmt.Errorf("error setting controller reference to SetupJob: %v", err)
|
|
}
|
|
return setupJob, nil
|
|
}
|