fix: disable redis sso sync

2025-06-20 14:13:04 +02:00
parent 2fccb6d966
commit dab590aeb8
1 changed files with 61 additions and 61 deletions
@@ -1,63 +1,63 @@
-apiVersion: batch/v1
+#apiVersion: batch/v1
-kind: CronJob
+#kind: CronJob
-metadata:
+#metadata:
-  name: sync-dataprotection-keys
+#  name: sync-dataprotection-keys
-  namespace: redis
+#  namespace: redis
-spec:
+#spec:
-  schedule: "0 12 14 * *" # at noon the 14th of every month
+#  schedule: "0 12 14 * *" # at noon the 14th of every month
-  jobTemplate:
+#  jobTemplate:
-    spec:
+#    spec:
-      template:
+#      template:
-        spec:
+#        spec:
-          containers:
+#          containers:
-          - name: sync
+#          - name: sync
-            image: redis
+#            image: redis
-            command: [ "/bin/sh", "/script/sync.sh" ]
+#            command: [ "/bin/sh", "/script/sync.sh" ]
-            env:
+#            env:
-            - name: PROD_REDIS_PASSWORD
+#            - name: PROD_REDIS_PASSWORD
-              valueFrom:
+#              valueFrom:
-                secretKeyRef:
+#                secretKeyRef:
-                  name: prod-redis
+#                  name: prod-redis
-                  key: redis-password
+#                  key: redis-password
-            - name: STAGING_REDIS_PASSWORD
+#            - name: STAGING_REDIS_PASSWORD
-              valueFrom:
+#              valueFrom:
-                secretKeyRef:
+#                secretKeyRef:
-                  name: staging-redis
+#                  name: staging-redis
-                  key: redis-password
+#                  key: redis-password
-            volumeMounts:
+#            volumeMounts:
-            - name: script
+#            - name: script
-              mountPath: /script
+#              mountPath: /script
-            securityContext:
+#            securityContext:
-              allowPrivilegeEscalation: false
+#              allowPrivilegeEscalation: false
-              capabilities:
+#              capabilities:
-                drop:
+#                drop:
-                - ALL
+#                - ALL
-              readOnlyRootFilesystem: false
+#              readOnlyRootFilesystem: false
-              runAsGroup: 0
+#              runAsGroup: 0
-              runAsNonRoot: true
+#              runAsNonRoot: true
-              runAsUser: 1001
+#              runAsUser: 1001
-              seccompProfile:
+#              seccompProfile:
-                type: RuntimeDefault
+#                type: RuntimeDefault
-          securityContext:
+#          securityContext:
-            fsGroup: 1001
+#            fsGroup: 1001
-            fsGroupChangePolicy: Always
+#            fsGroupChangePolicy: Always
-          volumes:
+#          volumes:
-            - name: script
+#            - name: script
-              configMap:
+#              configMap:
-                name: sync-dataprotection-keys-script
+#                name: sync-dataprotection-keys-script
-                defaultMode: 0500
+#                defaultMode: 0500
-          restartPolicy: Never
+#          restartPolicy: Never
-      backoffLimit: 4
+#      backoffLimit: 4
---
+#---
-apiVersion: v1
+#apiVersion: v1
-kind: ConfigMap
+#kind: ConfigMap
-metadata:
+#metadata:
-  name: sync-dataprotection-keys-script
+#  name: sync-dataprotection-keys-script
-  namespace: redis
+#  namespace: redis
-data:
+#data:
-  sync.sh: |-
+#  sync.sh: |-
-    #!/bin/sh
+#    #!/bin/sh
-    redis-cli -h prod-redis-master -a $PROD_REDIS_PASSWORD -D "" --raw dump DataProtection-Keys |\
+#    redis-cli -h prod-redis-master -a $PROD_REDIS_PASSWORD -D "" --raw dump DataProtection-Keys |\
-    redis-cli -h staging-redis-master -a $STAGING_REDIS_PASSWORD -X keys restore DataProtection-Keys 0 keys replace
+#    redis-cli -h staging-redis-master -a $STAGING_REDIS_PASSWORD -X keys restore DataProtection-Keys 0 keys replace