apiVersion: batch/v1beta1 kind: CronJob metadata: name: cloud-backup labels: app.kubernetes.part-of: cloud spec: schedule: "10 23 * * *" successfulJobsHistoryLimit: 1 failedJobsHistoryLimit: 1 jobTemplate: spec: template: spec: containers: - name: backup-app image: domaindrivenarchitecture/c4k-cloud-backup imagePullPolicy: IfNotPresent command: ["/entrypoint.sh"] env: - name: POSTGRES_USER valueFrom: secretKeyRef: name: postgres-secret key: postgres-user - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: postgres-secret key: postgres-password - name: POSTGRES_DB valueFrom: configMapKeyRef: name: postgres-config key: postgres-db - name: POSTGRES_HOST value: "postgresql-service:5432" - name: POSTGRES_SERVICE value: "postgresql-service" - name: POSTGRES_PORT value: "5432" - name: AWS_DEFAULT_REGION value: eu-central-1 - name: AWS_ACCESS_KEY_ID_FILE value: /var/run/secrets/backup-secrets/aws-access-key-id - name: AWS_SECRET_ACCESS_KEY_FILE value: /var/run/secrets/backup-secrets/aws-secret-access-key - name: RESTIC_REPOSITORY valueFrom: configMapKeyRef: name: backup-config key: restic-repository - name: RESTIC_PASSWORD_FILE value: /var/run/secrets/backup-secrets/restic-password volumeMounts: - name: cloud-data-volume mountPath: /var/backups - name: backup-secret-volume mountPath: /var/run/secrets/backup-secrets readOnly: true volumes: - name: cloud-data-volume persistentVolumeClaim: claimName: cloud-pvc - name: backup-secret-volume secret: secretName: backup-secret restartPolicy: OnFailure