apiVersion: batch/v1beta1 kind: CronJob metadata: name: cloud-backup labels: app.kubernetes.part-of: cloud spec: schedule: "10 23 * * *" successfulJobsHistoryLimit: 0 failedJobsHistoryLimit: 0 jobTemplate: spec: template: spec: containers: - name: backup-app image: domaindrivenarchitecture/meissa-cloud-backup imagePullPolicy: IfNotPresent command: ["/entrypoint.sh"] env: - name: POSTGRES_USER_FILE value: /var/run/secrets/cloud-secrets/postgres-user - name: POSTGRES_DB_FILE value: /var/run/secrets/cloud-secrets/postgres-db - name: POSTGRES_PASSWORD_FILE value: /var/run/secrets/cloud-secrets/postgres-password - name: POSTGRES_HOST value: "postgresql-service:5432" - name: POSTGRES_SERVICE value: "postgresql-service" - name: POSTGRES_PORT value: "5432" - name: AWS_DEFAULT_REGION value: eu-central-1 - name: AWS_ACCESS_KEY_ID_FILE value: /var/run/secrets/backup-secrets/aws-access-key-id - name: AWS_SECRET_ACCESS_KEY_FILE value: /var/run/secrets/backup-secrets/aws-secret-access-key - name: RESTIC_REPOSITORY valueFrom: configMapKeyRef: name: backup-config key: restic-repository - name: RESTIC_PASSWORD_FILE value: /var/run/secrets/backup-secrets/restic-password volumeMounts: - name: cloud-data-volume mountPath: /var/backups - name: backup-secret-volume mountPath: /var/run/secrets/backup-secrets readOnly: true - name: cloud-secret-volume mountPath: /var/run/secrets/cloud-secrets readOnly: true volumes: - name: cloud-data-volume persistentVolumeClaim: claimName: cloud-pvc - name: cloud-secret-volume secret: secretName: cloud-secret - name: backup-secret-volume secret: secretName: backup-secret restartPolicy: OnFailure