Merge pull request #47039 from sochotnicky/add-ttlSecondsAfterFinished-to-auto-ldapsync

bergerhoffer · web-flow · commit 253b8663d0a1 · 2022-07-20T10:17:19.000-04:00
Add ttlSecondsAfterFinished into LDAP sync cron job
diff --git a/modules/ldap-auto-syncing.adoc b/modules/ldap-auto-syncing.adoc
@@ -175,6 +175,7 @@ spec:
   jobTemplate:
     spec:
       backoffLimit: 0
+      ttlSecondsAfterFinished: 1800                                                  <3>
       template:
         spec:
           containers:
@@ -183,7 +184,7 @@ spec:
               command:
                 - "/bin/bash"
                 - "-c"
-                - "oc adm groups sync --sync-config=/etc/config/sync.yaml --confirm" <3>
+                - "oc adm groups sync --sync-config=/etc/config/sync.yaml --confirm" <4>
               volumeMounts:
                 - mountPath: "/etc/config"
                   name: "ldap-sync-volume"
@@ -197,10 +198,10 @@ spec:
                 name: "ldap-group-syncer"
             - name: "ldap-bind-password"
               secret:
-                secretName: "ldap-secret"                                            <4>
+                secretName: "ldap-secret"                                            <5>
             - name: "ldap-ca"
               configMap:
-                name: "ca-config-map"                                                <5>
+                name: "ca-config-map"                                                <6>
           restartPolicy: "Never"
           terminationGracePeriodSeconds: 30
           activeDeadlineSeconds: 500
@@ -209,9 +210,10 @@ spec:
 ----
 <1> Configure the settings for the cron job. See "Creating cron jobs" for more information on cron job settings.
 <2> The schedule for the job specified in link:https://en.wikipedia.org/wiki/Cron[cron format]. This example cron job runs every 30 minutes. Adjust the frequency as necessary, making sure to take into account how long the sync takes to run.
-<3> The LDAP sync command for the cron job to run. Passes in the sync configuration file that was defined in the config map.
-<4> This secret was created when the LDAP IDP was configured.
-<5> This config map was created when the LDAP IDP was configured.
+<3> How long, in seconds, to keep finished jobs. This should match the period of the job schedule in order to clean old failed jobs and prevent unnecessary alerts. For more information, see link:https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished[TTL-after-finished Controller] in the Kubernetes documentation.
+<4> The LDAP sync command for the cron job to run. Passes in the sync configuration file that was defined in the config map.
+<5> This secret was created when the LDAP IDP was configured.
+<6> This config map was created when the LDAP IDP was configured.
 
 . Create the cron job:
 +
