-
-
Notifications
You must be signed in to change notification settings - Fork 2
/
s3_pvc_appset.yaml
81 lines (74 loc) · 2.34 KB
/
s3_pvc_appset.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
---
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: matrix-s3-pvc-app-set
namespace: argocd
annotations:
argocd.argoproj.io/sync-wave: "1"
spec:
goTemplate: true
# generator allows us to source specific values from an external k8s secret
generators:
- plugin:
configMapRef:
name: secret-var-plugin-generator
input:
parameters:
secret_vars:
- matrix_s3_provider
- matrix_s3_backup_endpoint
- matrix_s3_backup_bucket
- matrix_s3_backup_region
- matrix_s3_pvc_capacity
- matrix_pvc_backup_schedule
template:
metadata:
name: matrix-s3-pvc
annotations:
argocd.argoproj.io/sync-wave: "1"
spec:
project: matrix
destination:
server: "https://kubernetes.default.svc"
namespace: matrix
syncPolicy:
syncOptions:
- ApplyOutOfSyncOnly=true
automated:
prune: true
selfHeal: true
source:
repoURL: https://github.com/small-hack/argocd-apps.git
path: s3_persistence_and_backups/
targetRevision: main
helm:
valuesObject:
provider: '{{ .matrix_s3_provider }}'
pvc_capacity: '{{ .matrix_s3_pvc_capacity }}'
# not in use yet
k8up:
backup_name: "matrix-nightly-backup"
# -- can be set to 's3' or 'local'
backup_type: "s3"
s3:
bucket: '{{ .matrix_s3_backup_bucket }}'
endpoint: '{{ .matrix_s3_backup_endpoint }}'
accessKeyIDSecretRef:
name: 's3-backups-credentials'
key: 'accessKeyId'
optional: false
secretAccessKeySecretRef:
name: 's3-backups-credentials'
key: 'secretAccessKey'
optional: false
repoPasswordSecretRef:
name: 's3-backups-credentials'
key: 'resticRepoPassword'
prometheus_url: 'push-gateway.prometheus.svc:9091'
podSecurityContext:
runAsUser: 0
schedules:
backup: "{{ .matrix_pvc_backup_schedule }}"
check: "0 0 * * *"
prune: "0 0 * * *"