k8s-and-chill/rendered/envs/production/ocis/job-ocis-secret-init.yaml

apiVersion: batch/v1
kind: Job
metadata:
  annotations:
    a8r.io/repository: ssh://git@git.tr1ceracop.de:222/gitea_admin/k8s-and-chill.git
    argocd.argoproj.io/sync-options: Replace=true
  name: ocis-secret-init
  namespace: ocis
spec:
  template:
    spec:
      containers:
        - command:
            - sh
            - -c
            - |
              set -e

              SECRET_NAME="ocis-s3-credentials"

              if ! kubectl get secret "${SECRET_NAME}" -n ${NAMESPACE} >/dev/null 2>&1; then
                echo "ERROR: Secret ${SECRET_NAME} does not exist in namespace ${NAMESPACE}."
                echo "Please create it manually with keys 'accessKey' and 'secretKey':"
                echo "  kubectl create secret generic ${SECRET_NAME} -n ${NAMESPACE} \\"
                echo "    --from-literal=accessKey=<your-access-key> \\"
                echo "    --from-literal=secretKey=<your-secret-key>"
                exit 1
              else
                echo "Secret ${SECRET_NAME} exists, OK"
              fi              
          env:
            - name: NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
          image: alpine/k8s:1.32.3
          name: init
      restartPolicy: OnFailure
      serviceAccountName: ocis-secret-init
  ttlSecondsAfterFinished: 300