apiVersion: v1
kind: ServiceAccount
metadata: {name: manual-failover, namespace: mssql-ag}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata: {name: manual-failover, namespace: mssql-ag}
rules:
- apiGroups: ['']
  resourceNames: [mssql-ag]
  resources: [configmaps]
  verbs: [get, update]
- apiGroups: ['']
  resourceNames: [ag1]
  resources: [endpoints]
  verbs: [get]
- apiGroups: ['']
  resources: [pods]
  verbs: [list]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata: {name: manual-failover, namespace: mssql-ag}
roleRef: {apiGroup: rbac.authorization.k8s.io, kind: Role, name: manual-failover}
subjects:
- {kind: ServiceAccount, name: manual-failover}
---
apiVersion: batch/v1
kind: Job
metadata: {name: manual-failover, namespace: mssql-ag}
spec:
  template:
    metadata: {name: manual-failover}
    spec:
      containers:
      - command: [/mssql-server-k8s-failover]
        env:
        - {name: MSSQL_K8S_AG_NAME, value: mssql-ag}
        - {name: MSSQL_K8S_NEW_PRIMARY, value: mssql1-0}
        - name: MSSQL_K8S_NAMESPACE
          valueFrom:
            fieldRef: {fieldPath: metadata.namespace}
        image: mcr.microsoft.com/mssql/ha:2019-CTP2.1-ubuntu
        name: manual-failover
      restartPolicy: Never
      serviceAccount: manual-failover