Skip to content

Update x509 updater to a k8s CronJob #1182

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

Update x509 updater to a k8s CronJob #1182

wants to merge 2 commits into from

Conversation

@ponyisi
Copy link
Collaborator

@ponyisi ponyisi commented Oct 15, 2025

Fixes #453

Copilot AI reviewed Oct 15, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR converts the x509 certificate updater from a Kubernetes Deployment to a CronJob that runs every 6 hours. The change addresses issue #453 by implementing a more appropriate scheduling mechanism for periodic certificate updates.

  • Added a --loop argument to control whether the updater runs continuously or exits after one execution
  • Modified the Python script to exit after the first pass when not in loop mode
  • Changed the Kubernetes resource from Deployment to CronJob with a 6-hour schedule

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
x509_secrets/x509_updater.py Added loop argument and conditional exit logic for single-run execution
helm/servicex/templates/x509-secrets/deployment.yaml Converted from Deployment to CronJob with 6-hour schedule

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

gordonwatts
gordonwatts reviewed Oct 16, 2025
View reviewed changes
Copy link
Collaborator

@gordonwatts gordonwatts left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks great to me - though I think Ben should probably approve!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gordonwatts gordonwatts gordonwatts left review comments

Copilot code review Copilot Copilot left review comments

@MattShirley MattShirley Awaiting requested review from MattShirley

@BenGalewsky BenGalewsky Awaiting requested review from BenGalewsky

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

X509 Secrets should be made into a cronjob and not a deployment

2 participants

@ponyisi @gordonwatts