changed provisioning from helm to operator

2024-09-19 20:08:52 +02:00 · 2022-07-30 21:08:22 +02:00 · 2022-07-30 21:08:22 +02:00 · 665ef9cb7b
parent 79bcb47ca7
commit 665ef9cb7b
11 changed files with 59 additions and 21 deletions
--- a/base/apps/cert-manager/kustomization.yaml
+++ b/base/apps/cert-manager/kustomization.yaml
@ -0,0 +1,4 @@
+---
+namespace: cert-manager
+resources:
+  - letsencrypt.yaml
--- a/overlays/prod/apps/cert-manager/issuer.yaml
+++ b/overlays/prod/apps/cert-manager/issuer.yaml
@ -2,13 +2,13 @@
 apiVersion: cert-manager.io/v1
 kind: Issuer
 metadata:
-  name: letsencrypt-acme-staging-v02
+  name: letsencrypt-acme-staging
 spec:
  acme:
    email: hostmaster@fabcity-hamburg.de
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
-      name: account-key-acme-staging
+      name: letsencrypt-acme-key-staging
    solvers:
      - http01:
          ingress:
@ -17,13 +17,13 @@ spec:
 apiVersion: cert-manager.io/v1
 kind: Issuer
 metadata:
-  name: letsencrypt-acme-v02
+  name: letsencrypt-acme
 spec:
  acme:
    email: hostmaster@fabcity-hamburg.de
    server: https://acme-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
-      name: account-key-acme
+      name: letsencrypt-acme-key
    solvers:
      - http01:
          ingress:
--- a/base/cert-manager/kustomization.yaml
+++ b/base/cert-manager/kustomization.yaml
@ -1,10 +0,0 @@
---
-resources:
-  - https://github.com/cert-manager/cert-manager/releases/download/v1.8.2/cert-manager.crds.yaml
-  - namespace.yaml
-helmCharts:
-  - name: cert-manager
-    version: v1.8.2
-    releaseName: fcos-cert-manager
-    namespace: security
-    repo: https://charts.jetstack.io
--- a/base/cert-manager/values.yaml
+++ b/base/cert-manager/values.yaml
@ -1,3 +0,0 @@
---
-cert-manager:
-  namespace: security
--- a/base/operators/cert-manager/kustomization.yaml
+++ b/base/operators/cert-manager/kustomization.yaml
@ -0,0 +1,6 @@
+---
+namespace: cert-manager
+resources:
+  - namespace.yaml
+  - subscription.yaml
+  - operatorgroup.yaml
--- a/base/operators/cert-manager/namespace.yaml
+++ b/base/operators/cert-manager/namespace.yaml
@ -2,4 +2,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: security
+  name: cert-manager
--- a/base/operators/cert-manager/operatorgroup.yaml
+++ b/base/operators/cert-manager/operatorgroup.yaml
@ -0,0 +1,5 @@
+---
+apiVersion: operators.coreos.com/v1
+kind: OperatorGroup
+metadata:
+  name: cert-manager
--- a/base/operators/cert-manager/subscription.yaml
+++ b/base/operators/cert-manager/subscription.yaml
@ -0,0 +1,11 @@
+---
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+  name: cert-manager
+spec:
+  name: cert-manager
+  channel: stable
+  source: operatorhubio-catalog
+  sourceNamespace: olm
+  installPlanApproval: Automatic
--- a/overlays/dev/cert-manager/kustomization.yaml
+++ b/overlays/dev/cert-manager/kustomization.yaml
@ -0,0 +1,4 @@
+---
+namespace: cert-manager
+resources:
+  - selfsigned.yaml
--- a/overlays/dev/cert-manager/selfsigned.yaml
+++ b/overlays/dev/cert-manager/selfsigned.yaml
@ -0,0 +1,24 @@
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: selfsigned-issuer
+spec:
+  selfSigned: {}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: selfsigned-issuer
+spec:
+  isCA: true
+  duration: 8760h
+  secretName: tls-selfsigned-issuer
+  commonName: selfsigned-issuer
+  subject:
+    organizations:
+      - k8s-local-dev
+  issuerRef:
+    name: selfsigned-issuer
+    kind: ClusterIssuer
+    group: cert-manager.io
--- a/overlays/prod/apps/cert-manager/kustomization.yaml
+++ b/overlays/prod/apps/cert-manager/kustomization.yaml
@ -1,3 +0,0 @@
---
-resources:
-  - ./issuer.yaml