{{- if .Values.job.enabled }} --- apiVersion: "batch/v1" kind: "Job" metadata: name: "{{ include "postgresql.fullname" . }}-bootstrap" labels: {{- include "postgresql.labels" . | nindent 4 }} {{- with .Values.job.annotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} spec: backoffLimit: 4 template: metadata: annotations: confighash-users: {{ toYaml .Values.job.users | sha256sum | trunc 32 }} confighash-databases: {{ toYaml .Values.job.databases | sha256sum | trunc 32 }} {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "postgresql.selectorLabels" . | nindent 8 }} spec: restartPolicy: Never {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "postgresql.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: - name: "psql" securityContext: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} env: - name: "PGHOST" value: {{ include "postgresql.fullname" . | quote }} - name: "PGPORT" value: {{ .Values.service.port | quote }} - name: "PGUSER" value: {{ .Values.postgres.user | quote }} - name: "PGPASSWORD" value: {{ .Values.postgres.password | quote }} command: - "/bin/sh" - "-c" - "cd /bootstrap/ && ./_run" resources: {{- toYaml .Values.resources | nindent 12 }} volumeMounts: - mountPath: "/bootstrap/" name: "bootstrap" readOnly: true {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} volumes: - name: "bootstrap" secret: secretName: {{ include "postgresql.fullname" . }}-bootstrap defaultMode: 0550 {{- end }}