Merge pull request #265 from codekow/update-cert

update: cert-manager

cert-manager-operator

@@ -0,0 +1 @@
+openshift-cert-manager-operator

openshift-cert-manager-operator/INFO.md

@@ -0,0 +1,4 @@
+# openshift-cert-manager-operator
+
+The cert-manager Operator for Red Hat OpenShift provides seamless support for cert-manager, which automates certificate management.
+For more information, see the [cert-manager Operator for Red Hat OpenShift documentation](https://docs.openshift.com/container-platform/latest/security/cert_manager_operator/index.html).

openshift-cert-manager-operator/README.md

@@ -0,0 +1,35 @@
+# cert-manager Operator for Red Hat OpenShift
+
+Install cert-manager Operator for Red Hat OpenShift.
+
+Do not use the `base` directory directly, as you will need to patch the `channel` based on the version of OpenShift you are using, or the version of the operator you want to use.
+
+The current *overlays* available are for the following channels:
+
+* [stable-v1](operator/overlays/stable-v1)
+* [stable-v1.10](operator/overlays/stable-v1.10)
+* [stable-v1.11](operator/overlays/stable-v1.11)
+* [tech-preview](operator/overlays/tech-preview)
+
+## Usage
+
+If you have cloned the `gitops-catalog` repository, you can install cert-manager Operator for Red Hat OpenShift based on the overlay of your choice by running from the root (`gitops-catalog`) directory.
+
+```
+oc apply -k openshift-cert-manager-operator/operator/overlays/<channel>
+```
+
+Or, without cloning:
+
+```
+oc apply -k https://github.com/redhat-cop/gitops-catalog/openshift-cert-manager-operator/operator/overlays/<channel>
+```
+
+As part of a different overlay in your own GitOps repo:
+
+```
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - https://github.com/redhat-cop/gitops-catalog/openshift-cert-manager-operator/operator/overlays/<channel>?ref=main
+```

cert-manager-operator/examples/acs-central-certificate/kustomization.yaml → openshift-cert-manager-operator/examples/acs-central-certificate/kustomization.yaml

@@ -1,4 +1,3 @@
----
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 

cert-manager-operator/examples/letsencrypt-route53-issuer/kustomization.yaml → openshift-cert-manager-operator/examples/letsencrypt-route53-issuer/kustomization.yaml

@@ -1,4 +1,3 @@
----
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 

cert-manager-operator/examples/openshift-api-certificate/kustomization.yaml → openshift-cert-manager-operator/examples/openshift-api-certificate/kustomization.yaml

@@ -1,4 +1,3 @@
----
 kind: Kustomization
 apiVersion: kustomize.config.k8s.io/v1beta1
 

cert-manager-operator/examples/openshift-api-certificate/patch-cluster-api-cert-job.yaml → openshift-cert-manager-operator/examples/openshift-api-certificate/patch-cluster-api-cert-job.yaml

@@ -1,3 +1,4 @@
+---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
@@ -57,6 +58,8 @@ spec:
             - -c
             - |
               #!/usr/bin/env bash
+              # lets try to dynamically get this value ??
+              # API_HOST_NAME=$(oc get secret openshift-api-certificate -n openshift-config -o jsonpath='{.metadata.annotations.cert-manager\.io/common-name}')
               if oc get secret openshift-api-certificate -n openshift-config; then
                 oc patch apiserver cluster --type=merge -p '{"spec":{"servingCerts": {"namedCertificates": [{"names": ["'$API_HOST_NAME'"], "servingCertificate": {"name": "openshift-api-certificate"}}]}}}'
               else

cert-manager-operator/examples/openshift-wildcard-certificate/kustomization.yaml → openshift-cert-manager-operator/examples/openshift-wildcard-certificate/kustomization.yaml

@@ -1,4 +1,3 @@
----
 kind: Kustomization
 apiVersion: kustomize.config.k8s.io/v1beta1
 

cert-manager-operator/operator/base/kustomization.yaml → openshift-cert-manager-operator/operator/base/kustomization.yaml

@@ -1,9 +1,6 @@
----
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
-namespace: cert-manager-operator
-
 resources:
   - namespace.yaml
   - operator-group.yaml

openshift-cert-manager-operator/operator/base/namespace.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  annotations:
+    openshift.io/display-name: "cert-manager Operator for Red Hat OpenShift"
+  labels:
+    openshift.io/cluster-monitoring: 'true'
+  name: cert-manager-operator

cert-manager-operator/operator/base/operator-group.yaml → openshift-cert-manager-operator/operator/base/operator-group.yaml

@@ -1,9 +1,8 @@
 apiVersion: operators.coreos.com/v1
 kind: OperatorGroup
 metadata:
-  name: cert-manager-operator
+  name: openshift-cert-manager-operator
   namespace: cert-manager-operator
 spec:
   targetNamespaces:
     - cert-manager-operator
-  upgradeStrategy: Default

cert-manager-operator/operator/base/subscription.yaml → openshift-cert-manager-operator/operator/base/subscription.yaml

@@ -1,12 +1,10 @@
 apiVersion: operators.coreos.com/v1alpha1
 kind: Subscription
 metadata:
-  labels:
-    operators.coreos.com/openshift-cert-manager-operator.cert-manager-operator: ""
   name: openshift-cert-manager-operator
   namespace: cert-manager-operator
 spec:
-  channel: stable-v1
+  channel: patch-me-see-overlays-dir
   installPlanApproval: Automatic
   name: openshift-cert-manager-operator
   source: redhat-operators

openshift-cert-manager-operator/operator/overlays/stable-v1.10/kustomization.yaml

@@ -0,0 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../base
+
+patches:
+  - target:
+      kind: Subscription
+      name: openshift-cert-manager-operator
+    path: patch-channel.yaml

openshift-cert-manager-operator/operator/overlays/stable-v1.10/patch-channel.yaml

@@ -0,0 +1,3 @@
+- op: replace
+  path: /spec/channel
+  value: stable-v1.10

openshift-cert-manager-operator/operator/overlays/stable-v1.11/kustomization.yaml

@@ -0,0 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../base
+
+patches:
+  - target:
+      kind: Subscription
+      name: openshift-cert-manager-operator
+    path: patch-channel.yaml

openshift-cert-manager-operator/operator/overlays/stable-v1.11/patch-channel.yaml

@@ -0,0 +1,3 @@
+- op: replace
+  path: /spec/channel
+  value: stable-v1.11

openshift-cert-manager-operator/operator/overlays/stable-v1/kustomization.yaml

@@ -0,0 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../base
+
+patches:
+  - target:
+      kind: Subscription
+      name: openshift-cert-manager-operator
+    path: patch-channel.yaml

openshift-cert-manager-operator/operator/overlays/stable-v1/patch-channel.yaml

@@ -0,0 +1,3 @@
+- op: replace
+  path: /spec/channel
+  value: stable-v1

openshift-cert-manager-operator/operator/overlays/tech-preview/kustomization.yaml

@@ -0,0 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../base
+
+patches:
+  - target:
+      kind: Subscription
+      name: openshift-cert-manager-operator
+    path: patch-channel.yaml

openshift-cert-manager-operator/operator/overlays/tech-preview/patch-channel.yaml

@@ -0,0 +1,3 @@
+- op: replace
+  path: /spec/channel
+  value: tech-preview