How do you trigger rerunning a job once one of its dependent secrets get updated?
For example, say I have this simple job:
apiVersion: batch/v1
kind: Job
metadata:
name: job-test
spec:
template:
metadata:
labels:
app: databricks
spec:
containers:
- name: job-test
image: alpine
command:
- echo
- hello $(DAN_TEST)
env:
- name: DAN_TEST
valueFrom:
secretKeyRef:
name: dan-test
key: dan-test-1
restartPolicy: Never
backoffLimit: 4
Adding this job makes it run and print out the secret, but when the secret is changed, the job is not automatically rerun.
Is there built-in or 3rd party extension resource that can target the secret and the job and trigger a rerun?
stakater/Reloader allows resources to be reloaded based on watched changes in a ConfigMap or Secret.
Unfortunately, Job and CronJob resources are not supported, so to make it work I used a Deployment with an initContainer which executed the job, and a container which kept the pod alive.
apiVersion: apps/v1
kind: Deployment
metadata:
name: job-test
labels:
app: job-test
annotations:
reloader.stakater.com/auto: "true"
spec:
replicas: 1
selector:
matchLabels:
app: job-test
template:
metadata:
labels:
app: job-test
spec:
initContainers:
- name: job-test
image: alpine
imagePullPolicy: Always
command:
- echo
- hello $(DAN_TEST)
env:
- name: DAN_TEST
valueFrom:
secretKeyRef:
name: dan-test
key: dan-test-1
containers:
- name: job-test-wait
image: alpine
command:
- tail
- -f
- /dev/null
I forgot exactly why the pod needed to be kept alive, but from trial and error this is what I got working a few months ago and am still using today.