From 665ef9cb7b3f72268bf087c84d16e1822fa9b8be Mon Sep 17 00:00:00 2001 From: Sebastian Wendel Date: Sat, 30 Jul 2022 21:08:22 +0200 Subject: [PATCH] changed provisioning from helm to operator --- base/apps/cert-manager/kustomization.yaml | 4 ++++ .../apps/cert-manager/letsencrypt.yaml | 8 +++---- base/cert-manager/kustomization.yaml | 10 -------- base/cert-manager/values.yaml | 3 --- .../operators/cert-manager/kustomization.yaml | 6 +++++ .../cert-manager/namespace.yaml | 2 +- .../operators/cert-manager/operatorgroup.yaml | 5 ++++ base/operators/cert-manager/subscription.yaml | 11 +++++++++ overlays/dev/cert-manager/kustomization.yaml | 4 ++++ overlays/dev/cert-manager/selfsigned.yaml | 24 +++++++++++++++++++ .../prod/apps/cert-manager/kustomization.yaml | 3 --- 11 files changed, 59 insertions(+), 21 deletions(-) create mode 100644 base/apps/cert-manager/kustomization.yaml rename overlays/prod/apps/cert-manager/issuer.yaml => base/apps/cert-manager/letsencrypt.yaml (80%) delete mode 100644 base/cert-manager/kustomization.yaml delete mode 100644 base/cert-manager/values.yaml create mode 100644 base/operators/cert-manager/kustomization.yaml rename base/{ => operators}/cert-manager/namespace.yaml (68%) create mode 100644 base/operators/cert-manager/operatorgroup.yaml create mode 100644 base/operators/cert-manager/subscription.yaml create mode 100644 overlays/dev/cert-manager/kustomization.yaml create mode 100644 overlays/dev/cert-manager/selfsigned.yaml delete mode 100644 overlays/prod/apps/cert-manager/kustomization.yaml diff --git a/base/apps/cert-manager/kustomization.yaml b/base/apps/cert-manager/kustomization.yaml new file mode 100644 index 0000000..c519dfe --- /dev/null +++ b/base/apps/cert-manager/kustomization.yaml @@ -0,0 +1,4 @@ +--- +namespace: cert-manager +resources: + - letsencrypt.yaml diff --git a/overlays/prod/apps/cert-manager/issuer.yaml b/base/apps/cert-manager/letsencrypt.yaml similarity index 80% rename from overlays/prod/apps/cert-manager/issuer.yaml rename to base/apps/cert-manager/letsencrypt.yaml index 5b0aba8..1e91c7d 100644 --- a/overlays/prod/apps/cert-manager/issuer.yaml +++ b/base/apps/cert-manager/letsencrypt.yaml @@ -2,13 +2,13 @@ apiVersion: cert-manager.io/v1 kind: Issuer metadata: - name: letsencrypt-acme-staging-v02 + name: letsencrypt-acme-staging spec: acme: email: hostmaster@fabcity-hamburg.de server: https://acme-staging-v02.api.letsencrypt.org/directory privateKeySecretRef: - name: account-key-acme-staging + name: letsencrypt-acme-key-staging solvers: - http01: ingress: @@ -17,13 +17,13 @@ spec: apiVersion: cert-manager.io/v1 kind: Issuer metadata: - name: letsencrypt-acme-v02 + name: letsencrypt-acme spec: acme: email: hostmaster@fabcity-hamburg.de server: https://acme-v02.api.letsencrypt.org/directory privateKeySecretRef: - name: account-key-acme + name: letsencrypt-acme-key solvers: - http01: ingress: diff --git a/base/cert-manager/kustomization.yaml b/base/cert-manager/kustomization.yaml deleted file mode 100644 index d81a14e..0000000 --- a/base/cert-manager/kustomization.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -resources: - - https://github.com/cert-manager/cert-manager/releases/download/v1.8.2/cert-manager.crds.yaml - - namespace.yaml -helmCharts: - - name: cert-manager - version: v1.8.2 - releaseName: fcos-cert-manager - namespace: security - repo: https://charts.jetstack.io diff --git a/base/cert-manager/values.yaml b/base/cert-manager/values.yaml deleted file mode 100644 index 576fa08..0000000 --- a/base/cert-manager/values.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -cert-manager: - namespace: security diff --git a/base/operators/cert-manager/kustomization.yaml b/base/operators/cert-manager/kustomization.yaml new file mode 100644 index 0000000..57fdb23 --- /dev/null +++ b/base/operators/cert-manager/kustomization.yaml @@ -0,0 +1,6 @@ +--- +namespace: cert-manager +resources: + - namespace.yaml + - subscription.yaml + - operatorgroup.yaml diff --git a/base/cert-manager/namespace.yaml b/base/operators/cert-manager/namespace.yaml similarity index 68% rename from base/cert-manager/namespace.yaml rename to base/operators/cert-manager/namespace.yaml index 133fe73..6bc19f4 100644 --- a/base/cert-manager/namespace.yaml +++ b/base/operators/cert-manager/namespace.yaml @@ -2,4 +2,4 @@ apiVersion: v1 kind: Namespace metadata: - name: security + name: cert-manager diff --git a/base/operators/cert-manager/operatorgroup.yaml b/base/operators/cert-manager/operatorgroup.yaml new file mode 100644 index 0000000..64f0444 --- /dev/null +++ b/base/operators/cert-manager/operatorgroup.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: cert-manager diff --git a/base/operators/cert-manager/subscription.yaml b/base/operators/cert-manager/subscription.yaml new file mode 100644 index 0000000..826de4b --- /dev/null +++ b/base/operators/cert-manager/subscription.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: cert-manager +spec: + name: cert-manager + channel: stable + source: operatorhubio-catalog + sourceNamespace: olm + installPlanApproval: Automatic diff --git a/overlays/dev/cert-manager/kustomization.yaml b/overlays/dev/cert-manager/kustomization.yaml new file mode 100644 index 0000000..48fc7aa --- /dev/null +++ b/overlays/dev/cert-manager/kustomization.yaml @@ -0,0 +1,4 @@ +--- +namespace: cert-manager +resources: + - selfsigned.yaml diff --git a/overlays/dev/cert-manager/selfsigned.yaml b/overlays/dev/cert-manager/selfsigned.yaml new file mode 100644 index 0000000..62be889 --- /dev/null +++ b/overlays/dev/cert-manager/selfsigned.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: selfsigned-issuer +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: selfsigned-issuer +spec: + isCA: true + duration: 8760h + secretName: tls-selfsigned-issuer + commonName: selfsigned-issuer + subject: + organizations: + - k8s-local-dev + issuerRef: + name: selfsigned-issuer + kind: ClusterIssuer + group: cert-manager.io diff --git a/overlays/prod/apps/cert-manager/kustomization.yaml b/overlays/prod/apps/cert-manager/kustomization.yaml deleted file mode 100644 index 1329424..0000000 --- a/overlays/prod/apps/cert-manager/kustomization.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -resources: - - ./issuer.yaml