Home Explore Help
Sign In
wigust
/
dotfiles
Watch 2
Star 1
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 5fc73fc919
Branches Tags
dotfiles
/
apps
/
base
/
maintenance-guix-deploy
/
job.yaml

job.yaml 1.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839 
  1. apiVersion: batch/v1
    2. 

  2. kind: Job
    3. 

  3. metadata:
    4. 

  4.   name: guix-deploy
    5. 

  5.   annotations:
    6. 

  6.     # Setting spec.force to true will make Flux recreate the Job when any
    7. 

  7.     # immutable field is changed, forcing the Job to run every time the
    8. 

  8.     # container image tag changes.
    9. 

  9.     kustomize.toolkit.fluxcd.io/force: enabled
    10. 

  10. spec:
    11. 

  11.   backoffLimit: 0
    12. 

  12.   template:
    13. 

  13.     spec:
    14. 

  14.       hostNetwork: true
    15. 

  15.       hostPID: true
    16. 

  16.       restartPolicy: Never
    17. 

  17.       containers:
    18. 

  18.       - command:
    19. 

  19.         - /bin/sh
    20. 

  20.         - -c
    21. 

  21.         - |
    22. 

  22.           nsenter --target "1" --mount --uts --ipc --net --pid --no-fork \
    23. 

  23.           /run/setuid-programs/sudo --user=oleg --login --preserve-env=GUIX_DEPLOY_FILE bash <<'EOF'
    24. 

  24.           set -o nounset -o errexit -o pipefail -o xtrace
    25. 

  25.           cd "${HOME}/.local/share/chezmoi" || exit 1
    26. 

  26.           guix deploy "${GUIX_DEPLOY_FILE}"
    27. 

  27.           EOF
    28. 

  28.         image: docker-registry.wugi.info/library/util-linux-with-udev
    29. 

  29.         name: nsenter
    30. 

  30.         resources:
    31. 

  31.           limits:
    32. 

  32.             cpu: 14000m
    33. 

  33.             memory: 4096Mi
    34. 

  34.           requests:
    35. 

  35.             cpu: 1000m
    36. 

  36.             memory: 512Mi
    37. 

  37.         securityContext:
    38. 

  38.           privileged: true
    39. 

  39.