infra/kubernetes
1
0
Fork 0
Code Pull Requests 3 Activity

jenkins: Add CronJob for updatecheck

Browse Source 
`updatecheck` is a little utility I wrote that queries Fedora Bodhi for
updates and sends an HTTP request when one is found.  I am specifically
going to use it to trigger rebuilding the _gasket-driver_ RPM whenever
there is a new _kernel_ published.
This commit is contained in:
Dustin
2025-11-23 10:29:20 -06:00
parent a544860a62
commit b7a7e4f6b4
3 changed files with 108 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
jenkins/updatecheck.yaml Normal file
View File

@@ -0,0 +1,74 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: updatecheck
namespace: jenkins
labels:
app.kubernetes.io/name: updatecheck
app.kubernetes.io/component: updatecheck
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 300Mi
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: updatecheck
namespace: jenkins
labels: &labels
app.kubernetes.io/name: updatecheck
app.kubernetes.io/component: updatecheck
spec:
schedule: >-
22 */4 * * *
concurrencyPolicy: Forbid
jobTemplate:
metadata:
labels: *labels
spec:
template:
metadata:
labels: *labels
spec:
restartPolicy: Never
containers:
- name: updatecheck
image: git.pyrocufflink.net/infra/updatecheck
args:
- /etc/updatecheck/config.toml
env:
- name: RUST_LOG
value: updatecheck=debug,info
securityContext:
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /etc/updatecheck
name: config
- mountPath: /run/secrets/updatecheck
name: secrets
readOnly: true
- mountPath: /var/lib/updatecheck
name: data
securityContext:
runAsUser: 21470
runAsGroup: 21470
fsGroup: 21470
runAsNonRoot: true
volumes:
- name: config
configMap:
name: updatecheck
- name: data
persistentVolumeClaim:
claimName: updatecheck
- name: secrets
secret:
secretName: webhook-trigger
items:
- key: text
path: token
mode: 0440