apiVersion: v1 kind: ServiceAccount metadata: name: astra-labelbackup namespace: astra-connector --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: astra-labelbackup rules: - apiGroups: ["astra.netapp.io"] resources: ["*"] verbs: ["*"] - apiGroups: [""] resources: ["namespaces"] verbs: ["get", "watch", "list"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: astra-labelbackup roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: astra-labelbackup subjects: - kind: ServiceAccount name: astra-labelbackup namespace: astra-connector --- apiVersion: batch/v1 kind: CronJob metadata: name: astra-labelbackup namespace: astra-connector labels: app: astra-labelbackup spec: schedule: "0 23 * * *" concurrencyPolicy: Forbid jobTemplate: spec: template: metadata: labels: app: astra-labelbackup spec: serviceAccountName: astra-labelbackup restartPolicy: Never containers: - name: alpine-astra-backup image: python:3.10.13-alpine3.19 env: - name: ACTOOLKIT_VERSION value: "3.0.0" - name: BUCKET value: "" - name: GOLD_BUCKET value: "" - name: PROTECTION_LABEL_KEY value: "astra.netapp.io/protection" - name: GOLD_LABEL value: "gold" - name: SILVER_LABEL value: "silver" - name: BRONZE_LABEL value: "bronze" command: ["/bin/sh"] args: - -c - > apk add curl && pip install --upgrade pip && pip install actoolkit==$ACTOOLKIT_VERSION && curl -sLO https://raw.githubusercontent.com/NetApp/netapp-astra-toolkits/neptune/examples/labelbased-backup/protectCluster.py && python protectCluster.py