From 7064eb18aabaacedd1b52cc71585f370c7667d4a Mon Sep 17 00:00:00 2001
From: Matt Rogers <mrogers@redhat.com>
Date: Mon, 24 Sep 2018 13:11:13 -0400
Subject: [PATCH] create update payload manifests

---
 Dockerfile                                    |  3 ++
 .../clusterrole.yaml                          |  0
 .../clusterrolebinding.yaml                   |  0
 .../apiservice-cabundle-controller/cm.yaml    |  0
 .../defaultconfig.yaml                        |  0
 .../deployment.yaml                           |  0
 .../apiservice-cabundle-controller/ns.yaml    |  0
 .../apiservice-cabundle-controller/sa.yaml    |  0
 .../signing-cabundle.yaml                     |  0
 .../apiservice-cabundle-controller/svc.yaml   |  0
 .../clusterrole.yaml                          |  0
 .../clusterrolebinding.yaml                   |  0
 .../cm.yaml                                   |  0
 .../defaultconfig.yaml                        |  0
 .../deployment.yaml                           |  0
 .../ns.yaml                                   |  0
 .../sa.yaml                                   |  0
 .../signing-secret.yaml                       |  0
 .../svc.yaml                                  |  0
 .../01_serviceservingcertsigner_00_roles.yaml | 11 +++++
 ...serviceservingcertsigner_01_namespace.yaml |  6 +++
 .../01_serviceservingcertsigner_02_crd.yaml   | 14 +++++++
 .../01_serviceservingcertsigner_03_cm.yaml    |  9 +++++
 ...01_serviceservingcertsigner_04_deploy.yaml | 40 +++++++++++++++++++
 .../01_serviceservingcertsigner_05_sa.yaml    |  7 ++++
 ...01_serviceservingcertsigner_06_config.yaml | 11 +++++
 manifests/image-references                    |  8 ++++
 27 files changed, 109 insertions(+)
 rename {manifests => bindata}/v3.10.0/apiservice-cabundle-controller/clusterrole.yaml (100%)
 rename {manifests => bindata}/v3.10.0/apiservice-cabundle-controller/clusterrolebinding.yaml (100%)
 rename {manifests => bindata}/v3.10.0/apiservice-cabundle-controller/cm.yaml (100%)
 rename {manifests => bindata}/v3.10.0/apiservice-cabundle-controller/defaultconfig.yaml (100%)
 rename {manifests => bindata}/v3.10.0/apiservice-cabundle-controller/deployment.yaml (100%)
 rename {manifests => bindata}/v3.10.0/apiservice-cabundle-controller/ns.yaml (100%)
 rename {manifests => bindata}/v3.10.0/apiservice-cabundle-controller/sa.yaml (100%)
 rename {manifests => bindata}/v3.10.0/apiservice-cabundle-controller/signing-cabundle.yaml (100%)
 rename {manifests => bindata}/v3.10.0/apiservice-cabundle-controller/svc.yaml (100%)
 rename {manifests => bindata}/v3.10.0/service-serving-cert-signer-controller/clusterrole.yaml (100%)
 rename {manifests => bindata}/v3.10.0/service-serving-cert-signer-controller/clusterrolebinding.yaml (100%)
 rename {manifests => bindata}/v3.10.0/service-serving-cert-signer-controller/cm.yaml (100%)
 rename {manifests => bindata}/v3.10.0/service-serving-cert-signer-controller/defaultconfig.yaml (100%)
 rename {manifests => bindata}/v3.10.0/service-serving-cert-signer-controller/deployment.yaml (100%)
 rename {manifests => bindata}/v3.10.0/service-serving-cert-signer-controller/ns.yaml (100%)
 rename {manifests => bindata}/v3.10.0/service-serving-cert-signer-controller/sa.yaml (100%)
 rename {manifests => bindata}/v3.10.0/service-serving-cert-signer-controller/signing-secret.yaml (100%)
 rename {manifests => bindata}/v3.10.0/service-serving-cert-signer-controller/svc.yaml (100%)
 create mode 100644 manifests/01_serviceservingcertsigner_00_roles.yaml
 create mode 100644 manifests/01_serviceservingcertsigner_01_namespace.yaml
 create mode 100644 manifests/01_serviceservingcertsigner_02_crd.yaml
 create mode 100644 manifests/01_serviceservingcertsigner_03_cm.yaml
 create mode 100644 manifests/01_serviceservingcertsigner_04_deploy.yaml
 create mode 100644 manifests/01_serviceservingcertsigner_05_sa.yaml
 create mode 100644 manifests/01_serviceservingcertsigner_06_config.yaml
 create mode 100644 manifests/image-references

diff --git a/Dockerfile b/Dockerfile
index 6243895c..39341ef9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,3 +9,6 @@ RUN cd /go/src/github.com/openshift/service-serving-cert-signer && go build ./cm
 
 FROM centos:7
 COPY --from=0 /go/src/github.com/openshift/service-serving-cert-signer/service-serving-cert-signer /usr/bin/service-serving-cert-signer
+
+COPY manifests /manifests
+LABEL io.openshift.release.operator=true
diff --git a/manifests/v3.10.0/apiservice-cabundle-controller/clusterrole.yaml b/bindata/v3.10.0/apiservice-cabundle-controller/clusterrole.yaml
similarity index 100%
rename from manifests/v3.10.0/apiservice-cabundle-controller/clusterrole.yaml
rename to bindata/v3.10.0/apiservice-cabundle-controller/clusterrole.yaml
diff --git a/manifests/v3.10.0/apiservice-cabundle-controller/clusterrolebinding.yaml b/bindata/v3.10.0/apiservice-cabundle-controller/clusterrolebinding.yaml
similarity index 100%
rename from manifests/v3.10.0/apiservice-cabundle-controller/clusterrolebinding.yaml
rename to bindata/v3.10.0/apiservice-cabundle-controller/clusterrolebinding.yaml
diff --git a/manifests/v3.10.0/apiservice-cabundle-controller/cm.yaml b/bindata/v3.10.0/apiservice-cabundle-controller/cm.yaml
similarity index 100%
rename from manifests/v3.10.0/apiservice-cabundle-controller/cm.yaml
rename to bindata/v3.10.0/apiservice-cabundle-controller/cm.yaml
diff --git a/manifests/v3.10.0/apiservice-cabundle-controller/defaultconfig.yaml b/bindata/v3.10.0/apiservice-cabundle-controller/defaultconfig.yaml
similarity index 100%
rename from manifests/v3.10.0/apiservice-cabundle-controller/defaultconfig.yaml
rename to bindata/v3.10.0/apiservice-cabundle-controller/defaultconfig.yaml
diff --git a/manifests/v3.10.0/apiservice-cabundle-controller/deployment.yaml b/bindata/v3.10.0/apiservice-cabundle-controller/deployment.yaml
similarity index 100%
rename from manifests/v3.10.0/apiservice-cabundle-controller/deployment.yaml
rename to bindata/v3.10.0/apiservice-cabundle-controller/deployment.yaml
diff --git a/manifests/v3.10.0/apiservice-cabundle-controller/ns.yaml b/bindata/v3.10.0/apiservice-cabundle-controller/ns.yaml
similarity index 100%
rename from manifests/v3.10.0/apiservice-cabundle-controller/ns.yaml
rename to bindata/v3.10.0/apiservice-cabundle-controller/ns.yaml
diff --git a/manifests/v3.10.0/apiservice-cabundle-controller/sa.yaml b/bindata/v3.10.0/apiservice-cabundle-controller/sa.yaml
similarity index 100%
rename from manifests/v3.10.0/apiservice-cabundle-controller/sa.yaml
rename to bindata/v3.10.0/apiservice-cabundle-controller/sa.yaml
diff --git a/manifests/v3.10.0/apiservice-cabundle-controller/signing-cabundle.yaml b/bindata/v3.10.0/apiservice-cabundle-controller/signing-cabundle.yaml
similarity index 100%
rename from manifests/v3.10.0/apiservice-cabundle-controller/signing-cabundle.yaml
rename to bindata/v3.10.0/apiservice-cabundle-controller/signing-cabundle.yaml
diff --git a/manifests/v3.10.0/apiservice-cabundle-controller/svc.yaml b/bindata/v3.10.0/apiservice-cabundle-controller/svc.yaml
similarity index 100%
rename from manifests/v3.10.0/apiservice-cabundle-controller/svc.yaml
rename to bindata/v3.10.0/apiservice-cabundle-controller/svc.yaml
diff --git a/manifests/v3.10.0/service-serving-cert-signer-controller/clusterrole.yaml b/bindata/v3.10.0/service-serving-cert-signer-controller/clusterrole.yaml
similarity index 100%
rename from manifests/v3.10.0/service-serving-cert-signer-controller/clusterrole.yaml
rename to bindata/v3.10.0/service-serving-cert-signer-controller/clusterrole.yaml
diff --git a/manifests/v3.10.0/service-serving-cert-signer-controller/clusterrolebinding.yaml b/bindata/v3.10.0/service-serving-cert-signer-controller/clusterrolebinding.yaml
similarity index 100%
rename from manifests/v3.10.0/service-serving-cert-signer-controller/clusterrolebinding.yaml
rename to bindata/v3.10.0/service-serving-cert-signer-controller/clusterrolebinding.yaml
diff --git a/manifests/v3.10.0/service-serving-cert-signer-controller/cm.yaml b/bindata/v3.10.0/service-serving-cert-signer-controller/cm.yaml
similarity index 100%
rename from manifests/v3.10.0/service-serving-cert-signer-controller/cm.yaml
rename to bindata/v3.10.0/service-serving-cert-signer-controller/cm.yaml
diff --git a/manifests/v3.10.0/service-serving-cert-signer-controller/defaultconfig.yaml b/bindata/v3.10.0/service-serving-cert-signer-controller/defaultconfig.yaml
similarity index 100%
rename from manifests/v3.10.0/service-serving-cert-signer-controller/defaultconfig.yaml
rename to bindata/v3.10.0/service-serving-cert-signer-controller/defaultconfig.yaml
diff --git a/manifests/v3.10.0/service-serving-cert-signer-controller/deployment.yaml b/bindata/v3.10.0/service-serving-cert-signer-controller/deployment.yaml
similarity index 100%
rename from manifests/v3.10.0/service-serving-cert-signer-controller/deployment.yaml
rename to bindata/v3.10.0/service-serving-cert-signer-controller/deployment.yaml
diff --git a/manifests/v3.10.0/service-serving-cert-signer-controller/ns.yaml b/bindata/v3.10.0/service-serving-cert-signer-controller/ns.yaml
similarity index 100%
rename from manifests/v3.10.0/service-serving-cert-signer-controller/ns.yaml
rename to bindata/v3.10.0/service-serving-cert-signer-controller/ns.yaml
diff --git a/manifests/v3.10.0/service-serving-cert-signer-controller/sa.yaml b/bindata/v3.10.0/service-serving-cert-signer-controller/sa.yaml
similarity index 100%
rename from manifests/v3.10.0/service-serving-cert-signer-controller/sa.yaml
rename to bindata/v3.10.0/service-serving-cert-signer-controller/sa.yaml
diff --git a/manifests/v3.10.0/service-serving-cert-signer-controller/signing-secret.yaml b/bindata/v3.10.0/service-serving-cert-signer-controller/signing-secret.yaml
similarity index 100%
rename from manifests/v3.10.0/service-serving-cert-signer-controller/signing-secret.yaml
rename to bindata/v3.10.0/service-serving-cert-signer-controller/signing-secret.yaml
diff --git a/manifests/v3.10.0/service-serving-cert-signer-controller/svc.yaml b/bindata/v3.10.0/service-serving-cert-signer-controller/svc.yaml
similarity index 100%
rename from manifests/v3.10.0/service-serving-cert-signer-controller/svc.yaml
rename to bindata/v3.10.0/service-serving-cert-signer-controller/svc.yaml
diff --git a/manifests/01_serviceservingcertsigner_00_roles.yaml b/manifests/01_serviceservingcertsigner_00_roles.yaml
new file mode 100644
index 00000000..7ffe9dfc
--- /dev/null
+++ b/manifests/01_serviceservingcertsigner_00_roles.yaml
@@ -0,0 +1,11 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: system:openshift:operator:service-cert-signer
+roleRef:
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+- kind: ServiceAccount
+  namespace: openshift-core-operators
+  name: openshift-service-cert-signer-operator
diff --git a/manifests/01_serviceservingcertsigner_01_namespace.yaml b/manifests/01_serviceservingcertsigner_01_namespace.yaml
new file mode 100644
index 00000000..382186ac
--- /dev/null
+++ b/manifests/01_serviceservingcertsigner_01_namespace.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  labels:
+    openshift.io/run-level: "1"
+  name: openshift-core-operators
diff --git a/manifests/01_serviceservingcertsigner_02_crd.yaml b/manifests/01_serviceservingcertsigner_02_crd.yaml
new file mode 100644
index 00000000..562c7c6a
--- /dev/null
+++ b/manifests/01_serviceservingcertsigner_02_crd.yaml
@@ -0,0 +1,14 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: servicecertsigneroperatorconfigs.servicecertsigner.config.openshift.io
+spec:
+  scope: Cluster
+  group: servicecertsigner.config.openshift.io
+  version: v1alpha1
+  names:
+    kind: ServiceCertSignerOperatorConfig
+    plural: servicecertsigneroperatorconfigs
+    singular: servicecertsigneroperatorconfig
+  subresources:
+    status: {}
diff --git a/manifests/01_serviceservingcertsigner_03_cm.yaml b/manifests/01_serviceservingcertsigner_03_cm.yaml
new file mode 100644
index 00000000..5e41700c
--- /dev/null
+++ b/manifests/01_serviceservingcertsigner_03_cm.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: openshift-core-operators
+  name: openshift-service-cert-signer-operator-config
+data:
+  operator-config.yaml: |
+    apiVersion: operator.openshift.io/v1alpha1
+    kind: GenericOperatorConfig
diff --git a/manifests/01_serviceservingcertsigner_04_deploy.yaml b/manifests/01_serviceservingcertsigner_04_deploy.yaml
new file mode 100644
index 00000000..cd055469
--- /dev/null
+++ b/manifests/01_serviceservingcertsigner_04_deploy.yaml
@@ -0,0 +1,40 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  namespace: openshift-core-operators
+  name: openshift-service-cert-signer-operator
+  labels:
+    app: openshift-service-cert-signer-operator
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: openshift-service-cert-signer-operator
+  template:
+    metadata:
+      name: openshift-service-cert-signer-operator
+      labels:
+        app: openshift-service-cert-signer-operator
+    spec:
+      serviceAccountName: openshift-service-cert-signer-operator
+      containers:
+      - name: operator
+        image: openshift/origin-service-serving-cert-signer:latest
+        imagePullPolicy: IfNotPresent
+        command: ["service-serving-cert-signer", "operator"]
+        args:
+        - "--config=/var/run/configmaps/config/operator-config.yaml"
+        - "-v=4"
+        volumeMounts:
+        - mountPath: /var/run/configmaps/config
+          name: config
+      volumes:
+      - name: serving-cert
+        secret:
+          defaultMode: 400
+          secretName: openshift-service-cert-signer-operator-serving-cert
+          optional: true
+      - name: config
+        configMap:
+          defaultMode: 440
+          name: openshift-service-cert-signer-operator-config
diff --git a/manifests/01_serviceservingcertsigner_05_sa.yaml b/manifests/01_serviceservingcertsigner_05_sa.yaml
new file mode 100644
index 00000000..f14c5731
--- /dev/null
+++ b/manifests/01_serviceservingcertsigner_05_sa.yaml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: openshift-core-operators
+  name: openshift-service-cert-signer-operator
+  labels:
+    app: openshift-service-cert-signer-operator
diff --git a/manifests/01_serviceservingcertsigner_06_config.yaml b/manifests/01_serviceservingcertsigner_06_config.yaml
new file mode 100644
index 00000000..d4265d70
--- /dev/null
+++ b/manifests/01_serviceservingcertsigner_06_config.yaml
@@ -0,0 +1,11 @@
+apiVersion: servicecertsigner.config.openshift.io/v1alpha1
+kind: ServiceCertSignerOperatorConfig
+metadata:
+  name: instance
+spec:
+  managementState: Managed
+  imagePullSpec: openshift/origin-service-serving-cert-signer:latest
+  version: 3.10.0
+  logging:
+    level: 4
+  replicas: 1
diff --git a/manifests/image-references b/manifests/image-references
new file mode 100644
index 00000000..09b600cf
--- /dev/null
+++ b/manifests/image-references
@@ -0,0 +1,8 @@
+kind: ImageStream
+apiVersion: image.openshift.io/v1
+spec:
+  tags:
+  - name: service-serving-cert-signer
+    from:
+      kind: DockerImage
+      name: quay.io/openshift/origin-service-serving-cert-signer