admin/neon-vortex
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
neon-vortex/build-job-cleanup.yaml
Neon Vortex d7bc188ee5
Some checks failed
Build and Push to Harbor / build-and-push (push) Has been cancelled
Details
Reorganize to dedicated namespaces with automatic cleanup 
**Namespace Structure:**
- neonvortex: Application deployment and webhook listener
- flux-builds: Build jobs with automatic cleanup
- flux-system: Flux CD control plane (unchanged)

**Automatic Cleanup:**
- Build jobs: 30-minute TTL after completion
- Cleanup CronJob: Runs every 30 minutes
  - Keeps last 10 successful builds
  - Deletes failed jobs older than 1 hour
  - Removes all jobs older than 24 hours

**Changes:**
- Moved HelmRelease from default to neonvortex namespace
- Moved build jobs from default to flux-builds namespace
- Updated webhook listener to create jobs in flux-builds
- Updated Flux alerts to monitor new namespace
- Cleaned up all resources from default namespace
- Added dedicated ServiceAccounts and RBAC per namespace

**Benefits:**
- Clean namespace separation for better organization
- Automatic job cleanup prevents resource accumulation
- Build history maintained (last 10 successful builds)
- Improved monitoring and troubleshooting
- Default namespace is now clean

Comprehensive migration guide in NAMESPACE_MIGRATION_GUIDE.md

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-22 23:27:32 -05:00

120 lines
3.8 KiB
YAML
Raw Permalink Blame History

---
apiVersion: v1
kind: ServiceAccount
metadata:
name: job-cleanup-sa
namespace: flux-builds
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: job-cleanup-role
namespace: flux-builds
rules:
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["list", "delete", "deletecollection"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["list", "delete"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: job-cleanup-binding
namespace: flux-builds
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: job-cleanup-role
subjects:
- kind: ServiceAccount
name: job-cleanup-sa
namespace: flux-builds
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: cleanup-old-build-jobs
namespace: flux-builds
spec:
schedule: "*/30 * * * *" # Run every 30 minutes
concurrencyPolicy: Forbid
successfulJobsHistoryLimit: 1
failedJobsHistoryLimit: 1
jobTemplate:
spec:
template:
spec:
serviceAccountName: job-cleanup-sa
restartPolicy: Never
containers:
- name: cleanup
image: bitnami/kubectl:latest
command:
- /bin/bash
- -c
- |
set -e
echo "===== Cleaning up old build jobs ====="
date
# Keep only the last 10 successful jobs
echo "Finding old successful jobs..."
SUCCESSFUL_JOBS=$(kubectl get jobs -n flux-builds \
-l app=neonvortex \
--sort-by=.metadata.creationTimestamp \
--field-selector status.successful=1 \
-o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}' | head -n -10)
if [ -n "$SUCCESSFUL_JOBS" ]; then
echo "Deleting old successful jobs:"
echo "$SUCCESSFUL_JOBS"
echo "$SUCCESSFUL_JOBS" | xargs -r kubectl delete job -n flux-builds
else
echo "No old successful jobs to delete"
fi
# Delete failed jobs older than 1 hour
echo ""
echo "Finding old failed jobs..."
CUTOFF_TIME=$(date -u -d '1 hour ago' '+%Y-%m-%dT%H:%M:%SZ' 2>/dev/null || date -u -v-1H '+%Y-%m-%dT%H:%M:%SZ')
FAILED_JOBS=$(kubectl get jobs -n flux-builds \
-l app=neonvortex \
--field-selector status.successful=0 \
-o json | \
jq -r --arg cutoff "$CUTOFF_TIME" \
'.items[] | select(.status.completionTime < $cutoff or .status.startTime < $cutoff) | .metadata.name')
if [ -n "$FAILED_JOBS" ]; then
echo "Deleting old failed jobs:"
echo "$FAILED_JOBS"
echo "$FAILED_JOBS" | xargs -r kubectl delete job -n flux-builds
else
echo "No old failed jobs to delete"
fi
# Delete jobs older than 24 hours regardless of status
echo ""
echo "Finding jobs older than 24 hours..."
CUTOFF_24H=$(date -u -d '24 hours ago' '+%Y-%m-%dT%H:%M:%SZ' 2>/dev/null || date -u -v-24H '+%Y-%m-%dT%H:%M:%SZ')
OLD_JOBS=$(kubectl get jobs -n flux-builds \
-l app=neonvortex \
-o json | \
jq -r --arg cutoff "$CUTOFF_24H" \
'.items[] | select(.metadata.creationTimestamp < $cutoff) | .metadata.name')
if [ -n "$OLD_JOBS" ]; then
echo "Deleting jobs older than 24 hours:"
echo "$OLD_JOBS"
echo "$OLD_JOBS" | xargs -r kubectl delete job -n flux-builds
else
echo "No jobs older than 24 hours"
fi
echo ""
echo "===== Cleanup complete ====="
kubectl get jobs -n flux-builds -l app=neonvortex
Reference in New Issue View Git Blame Copy Permalink