diff --git a/manifests/function/cabpk/v0.3.3/certmanager/certificate.yaml b/manifests/function/cabpk/v0.3.3/certmanager/certificate.yaml new file mode 100644 index 000000000..7decb1a4b --- /dev/null +++ b/manifests/function/cabpk/v0.3.3/certmanager/certificate.yaml @@ -0,0 +1,25 @@ +# The following manifests contain a self-signed issuer CR and a certificate CR. +# More document can be found at https://docs.cert-manager.io +# WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for breaking changes +apiVersion: cert-manager.io/v1alpha2 +kind: Issuer +metadata: + name: selfsigned-issuer + namespace: system +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1alpha2 +kind: Certificate +metadata: + name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml + namespace: system +spec: + # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize + dnsNames: + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local + issuerRef: + kind: Issuer + name: selfsigned-issuer + secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize diff --git a/manifests/function/cabpk/v0.3.3/certmanager/kustomization.yaml b/manifests/function/cabpk/v0.3.3/certmanager/kustomization.yaml new file mode 100644 index 000000000..bebea5a59 --- /dev/null +++ b/manifests/function/cabpk/v0.3.3/certmanager/kustomization.yaml @@ -0,0 +1,5 @@ +resources: +- certificate.yaml + +configurations: +- kustomizeconfig.yaml diff --git a/manifests/function/certmanager/kustomizeconfig.yaml b/manifests/function/cabpk/v0.3.3/certmanager/kustomizeconfig.yaml similarity index 100% rename from manifests/function/certmanager/kustomizeconfig.yaml rename to manifests/function/cabpk/v0.3.3/certmanager/kustomizeconfig.yaml diff --git a/manifests/function/cabpk/v0.3.3/webhook/kustomization.yaml b/manifests/function/cabpk/v0.3.3/webhook/kustomization.yaml index bef9dfd88..cf9bcbdd1 100644 --- a/manifests/function/cabpk/v0.3.3/webhook/kustomization.yaml +++ b/manifests/function/cabpk/v0.3.3/webhook/kustomization.yaml @@ -3,7 +3,7 @@ namespace: capi-webhook-system resources: - manifests.yaml - service.yaml -- ../../../certmanager +- ../certmanager - ../manager configurations: diff --git a/manifests/function/cabpk/v0.3.7/certmanager/certificate.yaml b/manifests/function/cabpk/v0.3.7/certmanager/certificate.yaml new file mode 100644 index 000000000..7decb1a4b --- /dev/null +++ b/manifests/function/cabpk/v0.3.7/certmanager/certificate.yaml @@ -0,0 +1,25 @@ +# The following manifests contain a self-signed issuer CR and a certificate CR. +# More document can be found at https://docs.cert-manager.io +# WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for breaking changes +apiVersion: cert-manager.io/v1alpha2 +kind: Issuer +metadata: + name: selfsigned-issuer + namespace: system +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1alpha2 +kind: Certificate +metadata: + name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml + namespace: system +spec: + # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize + dnsNames: + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local + issuerRef: + kind: Issuer + name: selfsigned-issuer + secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize diff --git a/manifests/function/cabpk/v0.3.7/certmanager/kustomization.yaml b/manifests/function/cabpk/v0.3.7/certmanager/kustomization.yaml new file mode 100644 index 000000000..bebea5a59 --- /dev/null +++ b/manifests/function/cabpk/v0.3.7/certmanager/kustomization.yaml @@ -0,0 +1,5 @@ +resources: +- certificate.yaml + +configurations: +- kustomizeconfig.yaml diff --git a/manifests/function/cabpk/v0.3.7/certmanager/kustomizeconfig.yaml b/manifests/function/cabpk/v0.3.7/certmanager/kustomizeconfig.yaml new file mode 100644 index 000000000..28a895a40 --- /dev/null +++ b/manifests/function/cabpk/v0.3.7/certmanager/kustomizeconfig.yaml @@ -0,0 +1,19 @@ +# This configuration is for teaching kustomize how to update name ref and var substitution +nameReference: +- kind: Issuer + group: cert-manager.io + fieldSpecs: + - kind: Certificate + group: cert-manager.io + path: spec/issuerRef/name + +varReference: +- kind: Certificate + group: cert-manager.io + path: spec/commonName +- kind: Certificate + group: cert-manager.io + path: spec/dnsNames +- kind: Certificate + group: cert-manager.io + path: spec/secretName diff --git a/manifests/function/cabpk/v0.3.7/webhook/kustomization.yaml b/manifests/function/cabpk/v0.3.7/webhook/kustomization.yaml index 8119e340a..23314b771 100644 --- a/manifests/function/cabpk/v0.3.7/webhook/kustomization.yaml +++ b/manifests/function/cabpk/v0.3.7/webhook/kustomization.yaml @@ -3,7 +3,7 @@ namespace: capi-webhook-system resources: - manifests.yaml - service.yaml -- ../../../certmanager +- ../certmanager - ../manager configurations: diff --git a/manifests/function/cacpk/v0.3.3/certmanager/certificate.yaml b/manifests/function/cacpk/v0.3.3/certmanager/certificate.yaml new file mode 100644 index 000000000..7decb1a4b --- /dev/null +++ b/manifests/function/cacpk/v0.3.3/certmanager/certificate.yaml @@ -0,0 +1,25 @@ +# The following manifests contain a self-signed issuer CR and a certificate CR. +# More document can be found at https://docs.cert-manager.io +# WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for breaking changes +apiVersion: cert-manager.io/v1alpha2 +kind: Issuer +metadata: + name: selfsigned-issuer + namespace: system +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1alpha2 +kind: Certificate +metadata: + name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml + namespace: system +spec: + # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize + dnsNames: + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local + issuerRef: + kind: Issuer + name: selfsigned-issuer + secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize diff --git a/manifests/function/cacpk/v0.3.3/certmanager/kustomization.yaml b/manifests/function/cacpk/v0.3.3/certmanager/kustomization.yaml new file mode 100644 index 000000000..bebea5a59 --- /dev/null +++ b/manifests/function/cacpk/v0.3.3/certmanager/kustomization.yaml @@ -0,0 +1,5 @@ +resources: +- certificate.yaml + +configurations: +- kustomizeconfig.yaml diff --git a/manifests/function/cacpk/v0.3.3/certmanager/kustomizeconfig.yaml b/manifests/function/cacpk/v0.3.3/certmanager/kustomizeconfig.yaml new file mode 100644 index 000000000..28a895a40 --- /dev/null +++ b/manifests/function/cacpk/v0.3.3/certmanager/kustomizeconfig.yaml @@ -0,0 +1,19 @@ +# This configuration is for teaching kustomize how to update name ref and var substitution +nameReference: +- kind: Issuer + group: cert-manager.io + fieldSpecs: + - kind: Certificate + group: cert-manager.io + path: spec/issuerRef/name + +varReference: +- kind: Certificate + group: cert-manager.io + path: spec/commonName +- kind: Certificate + group: cert-manager.io + path: spec/dnsNames +- kind: Certificate + group: cert-manager.io + path: spec/secretName diff --git a/manifests/function/cacpk/v0.3.3/webhook/kustomization.yaml b/manifests/function/cacpk/v0.3.3/webhook/kustomization.yaml index 8119e340a..23314b771 100644 --- a/manifests/function/cacpk/v0.3.3/webhook/kustomization.yaml +++ b/manifests/function/cacpk/v0.3.3/webhook/kustomization.yaml @@ -3,7 +3,7 @@ namespace: capi-webhook-system resources: - manifests.yaml - service.yaml -- ../../../certmanager +- ../certmanager - ../manager configurations: diff --git a/manifests/function/cacpk/v0.3.7/certmanager/certificate.yaml b/manifests/function/cacpk/v0.3.7/certmanager/certificate.yaml new file mode 100644 index 000000000..7decb1a4b --- /dev/null +++ b/manifests/function/cacpk/v0.3.7/certmanager/certificate.yaml @@ -0,0 +1,25 @@ +# The following manifests contain a self-signed issuer CR and a certificate CR. +# More document can be found at https://docs.cert-manager.io +# WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for breaking changes +apiVersion: cert-manager.io/v1alpha2 +kind: Issuer +metadata: + name: selfsigned-issuer + namespace: system +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1alpha2 +kind: Certificate +metadata: + name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml + namespace: system +spec: + # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize + dnsNames: + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local + issuerRef: + kind: Issuer + name: selfsigned-issuer + secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize diff --git a/manifests/function/cacpk/v0.3.7/certmanager/kustomization.yaml b/manifests/function/cacpk/v0.3.7/certmanager/kustomization.yaml new file mode 100644 index 000000000..bebea5a59 --- /dev/null +++ b/manifests/function/cacpk/v0.3.7/certmanager/kustomization.yaml @@ -0,0 +1,5 @@ +resources: +- certificate.yaml + +configurations: +- kustomizeconfig.yaml diff --git a/manifests/function/cacpk/v0.3.7/certmanager/kustomizeconfig.yaml b/manifests/function/cacpk/v0.3.7/certmanager/kustomizeconfig.yaml new file mode 100644 index 000000000..28a895a40 --- /dev/null +++ b/manifests/function/cacpk/v0.3.7/certmanager/kustomizeconfig.yaml @@ -0,0 +1,19 @@ +# This configuration is for teaching kustomize how to update name ref and var substitution +nameReference: +- kind: Issuer + group: cert-manager.io + fieldSpecs: + - kind: Certificate + group: cert-manager.io + path: spec/issuerRef/name + +varReference: +- kind: Certificate + group: cert-manager.io + path: spec/commonName +- kind: Certificate + group: cert-manager.io + path: spec/dnsNames +- kind: Certificate + group: cert-manager.io + path: spec/secretName diff --git a/manifests/function/cacpk/v0.3.7/webhook/kustomization.yaml b/manifests/function/cacpk/v0.3.7/webhook/kustomization.yaml index 8119e340a..23314b771 100644 --- a/manifests/function/cacpk/v0.3.7/webhook/kustomization.yaml +++ b/manifests/function/cacpk/v0.3.7/webhook/kustomization.yaml @@ -3,7 +3,7 @@ namespace: capi-webhook-system resources: - manifests.yaml - service.yaml -- ../../../certmanager +- ../certmanager - ../manager configurations: diff --git a/manifests/function/capd/v0.3.7/certmanager/certificate.yaml b/manifests/function/capd/v0.3.7/certmanager/certificate.yaml new file mode 100644 index 000000000..cc53cbd94 --- /dev/null +++ b/manifests/function/capd/v0.3.7/certmanager/certificate.yaml @@ -0,0 +1,24 @@ +# The following manifests contain a self-signed issuer CR and a certificate CR. +# More document can be found at https://docs.cert-manager.io +apiVersion: cert-manager.io/v1alpha2 +kind: Issuer +metadata: + name: selfsigned-issuer + namespace: system +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1alpha2 +kind: Certificate +metadata: + name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml + namespace: system +spec: + # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize + dnsNames: + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local + issuerRef: + kind: Issuer + name: selfsigned-issuer + secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize diff --git a/manifests/function/capd/v0.3.7/certmanager/kustomization.yaml b/manifests/function/capd/v0.3.7/certmanager/kustomization.yaml new file mode 100644 index 000000000..438e93c2c --- /dev/null +++ b/manifests/function/capd/v0.3.7/certmanager/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- certificate.yaml + +configurations: +- kustomizeconfig.yaml diff --git a/manifests/function/capd/v0.3.7/certmanager/kustomizeconfig.yaml b/manifests/function/capd/v0.3.7/certmanager/kustomizeconfig.yaml new file mode 100644 index 000000000..28a895a40 --- /dev/null +++ b/manifests/function/capd/v0.3.7/certmanager/kustomizeconfig.yaml @@ -0,0 +1,19 @@ +# This configuration is for teaching kustomize how to update name ref and var substitution +nameReference: +- kind: Issuer + group: cert-manager.io + fieldSpecs: + - kind: Certificate + group: cert-manager.io + path: spec/issuerRef/name + +varReference: +- kind: Certificate + group: cert-manager.io + path: spec/commonName +- kind: Certificate + group: cert-manager.io + path: spec/dnsNames +- kind: Certificate + group: cert-manager.io + path: spec/secretName diff --git a/manifests/function/capd/v0.3.7/webhook/kustomization.yaml b/manifests/function/capd/v0.3.7/webhook/kustomization.yaml index 30aaf2a9f..ec4e28426 100644 --- a/manifests/function/capd/v0.3.7/webhook/kustomization.yaml +++ b/manifests/function/capd/v0.3.7/webhook/kustomization.yaml @@ -5,7 +5,7 @@ namespace: capd-system resources: - manifests.yaml - service.yaml -- ../../../certmanager +- ../certmanager - ../manager patchesStrategicMerge: diff --git a/manifests/function/certmanager/certificate.yaml b/manifests/function/capi/v0.3.3/certmanager/certificate.yaml similarity index 100% rename from manifests/function/certmanager/certificate.yaml rename to manifests/function/capi/v0.3.3/certmanager/certificate.yaml diff --git a/manifests/function/certmanager/kustomization.yaml b/manifests/function/capi/v0.3.3/certmanager/kustomization.yaml similarity index 100% rename from manifests/function/certmanager/kustomization.yaml rename to manifests/function/capi/v0.3.3/certmanager/kustomization.yaml diff --git a/manifests/function/capi/v0.3.3/certmanager/kustomizeconfig.yaml b/manifests/function/capi/v0.3.3/certmanager/kustomizeconfig.yaml new file mode 100644 index 000000000..28a895a40 --- /dev/null +++ b/manifests/function/capi/v0.3.3/certmanager/kustomizeconfig.yaml @@ -0,0 +1,19 @@ +# This configuration is for teaching kustomize how to update name ref and var substitution +nameReference: +- kind: Issuer + group: cert-manager.io + fieldSpecs: + - kind: Certificate + group: cert-manager.io + path: spec/issuerRef/name + +varReference: +- kind: Certificate + group: cert-manager.io + path: spec/commonName +- kind: Certificate + group: cert-manager.io + path: spec/dnsNames +- kind: Certificate + group: cert-manager.io + path: spec/secretName diff --git a/manifests/function/capi/v0.3.3/webhook/kustomization.yaml b/manifests/function/capi/v0.3.3/webhook/kustomization.yaml index 75997036c..64f3d36b8 100644 --- a/manifests/function/capi/v0.3.3/webhook/kustomization.yaml +++ b/manifests/function/capi/v0.3.3/webhook/kustomization.yaml @@ -4,7 +4,7 @@ resources: - namespace.yaml - manifests.yaml - service.yaml -- ../../../certmanager +- ../certmanager - ../manager configurations: diff --git a/manifests/function/capi/v0.3.7/certmanager/certificate.yaml b/manifests/function/capi/v0.3.7/certmanager/certificate.yaml new file mode 100644 index 000000000..af4e13ffe --- /dev/null +++ b/manifests/function/capi/v0.3.7/certmanager/certificate.yaml @@ -0,0 +1,24 @@ +# The following manifests contain a self-signed issuer CR and a certificate CR. +# More document can be found at https://docs.cert-manager.io +apiVersion: cert-manager.io/v1alpha2 +kind: Issuer +metadata: + name: selfsigned-issuer + namespace: system +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1alpha2 +kind: Certificate +metadata: + name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml + namespace: system +spec: + # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize + dnsNames: + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local + issuerRef: + kind: Issuer + name: selfsigned-issuer + secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize diff --git a/manifests/function/capi/v0.3.7/certmanager/kustomization.yaml b/manifests/function/capi/v0.3.7/certmanager/kustomization.yaml new file mode 100644 index 000000000..e0182475f --- /dev/null +++ b/manifests/function/capi/v0.3.7/certmanager/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- certificate.yaml + +configurations: +- kustomizeconfig.yaml diff --git a/manifests/function/capi/v0.3.7/certmanager/kustomizeconfig.yaml b/manifests/function/capi/v0.3.7/certmanager/kustomizeconfig.yaml new file mode 100644 index 000000000..28a895a40 --- /dev/null +++ b/manifests/function/capi/v0.3.7/certmanager/kustomizeconfig.yaml @@ -0,0 +1,19 @@ +# This configuration is for teaching kustomize how to update name ref and var substitution +nameReference: +- kind: Issuer + group: cert-manager.io + fieldSpecs: + - kind: Certificate + group: cert-manager.io + path: spec/issuerRef/name + +varReference: +- kind: Certificate + group: cert-manager.io + path: spec/commonName +- kind: Certificate + group: cert-manager.io + path: spec/dnsNames +- kind: Certificate + group: cert-manager.io + path: spec/secretName diff --git a/manifests/function/capi/v0.3.7/webhook/kustomization.yaml b/manifests/function/capi/v0.3.7/webhook/kustomization.yaml index 75997036c..64f3d36b8 100644 --- a/manifests/function/capi/v0.3.7/webhook/kustomization.yaml +++ b/manifests/function/capi/v0.3.7/webhook/kustomization.yaml @@ -4,7 +4,7 @@ resources: - namespace.yaml - manifests.yaml - service.yaml -- ../../../certmanager +- ../certmanager - ../manager configurations: diff --git a/manifests/function/capm3/v0.3.1/certmanager/certificate.yaml b/manifests/function/capm3/v0.3.1/certmanager/certificate.yaml new file mode 100644 index 000000000..af4e13ffe --- /dev/null +++ b/manifests/function/capm3/v0.3.1/certmanager/certificate.yaml @@ -0,0 +1,24 @@ +# The following manifests contain a self-signed issuer CR and a certificate CR. +# More document can be found at https://docs.cert-manager.io +apiVersion: cert-manager.io/v1alpha2 +kind: Issuer +metadata: + name: selfsigned-issuer + namespace: system +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1alpha2 +kind: Certificate +metadata: + name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml + namespace: system +spec: + # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize + dnsNames: + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local + issuerRef: + kind: Issuer + name: selfsigned-issuer + secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize diff --git a/manifests/function/capm3/v0.3.1/certmanager/kustomization.yaml b/manifests/function/capm3/v0.3.1/certmanager/kustomization.yaml new file mode 100644 index 000000000..e0182475f --- /dev/null +++ b/manifests/function/capm3/v0.3.1/certmanager/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- certificate.yaml + +configurations: +- kustomizeconfig.yaml diff --git a/manifests/function/capm3/v0.3.1/certmanager/kustomizeconfig.yaml b/manifests/function/capm3/v0.3.1/certmanager/kustomizeconfig.yaml new file mode 100644 index 000000000..28a895a40 --- /dev/null +++ b/manifests/function/capm3/v0.3.1/certmanager/kustomizeconfig.yaml @@ -0,0 +1,19 @@ +# This configuration is for teaching kustomize how to update name ref and var substitution +nameReference: +- kind: Issuer + group: cert-manager.io + fieldSpecs: + - kind: Certificate + group: cert-manager.io + path: spec/issuerRef/name + +varReference: +- kind: Certificate + group: cert-manager.io + path: spec/commonName +- kind: Certificate + group: cert-manager.io + path: spec/dnsNames +- kind: Certificate + group: cert-manager.io + path: spec/secretName diff --git a/manifests/function/capm3/v0.3.1/webhook/kustomization.yaml b/manifests/function/capm3/v0.3.1/webhook/kustomization.yaml index a39111141..edd5cc7ac 100644 --- a/manifests/function/capm3/v0.3.1/webhook/kustomization.yaml +++ b/manifests/function/capm3/v0.3.1/webhook/kustomization.yaml @@ -3,7 +3,7 @@ namespace: capi-webhook-system resources: - manifests.yaml - service.yaml -- ../../../certmanager +- ../certmanager - ../manager configurations: diff --git a/manifests/function/capm3/v0.3.2/certmanager/certificate.yaml b/manifests/function/capm3/v0.3.2/certmanager/certificate.yaml new file mode 100644 index 000000000..af4e13ffe --- /dev/null +++ b/manifests/function/capm3/v0.3.2/certmanager/certificate.yaml @@ -0,0 +1,24 @@ +# The following manifests contain a self-signed issuer CR and a certificate CR. +# More document can be found at https://docs.cert-manager.io +apiVersion: cert-manager.io/v1alpha2 +kind: Issuer +metadata: + name: selfsigned-issuer + namespace: system +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1alpha2 +kind: Certificate +metadata: + name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml + namespace: system +spec: + # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize + dnsNames: + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local + issuerRef: + kind: Issuer + name: selfsigned-issuer + secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize diff --git a/manifests/function/capm3/v0.3.2/certmanager/kustomization.yaml b/manifests/function/capm3/v0.3.2/certmanager/kustomization.yaml new file mode 100644 index 000000000..e0182475f --- /dev/null +++ b/manifests/function/capm3/v0.3.2/certmanager/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- certificate.yaml + +configurations: +- kustomizeconfig.yaml diff --git a/manifests/function/capm3/v0.3.2/certmanager/kustomizeconfig.yaml b/manifests/function/capm3/v0.3.2/certmanager/kustomizeconfig.yaml new file mode 100644 index 000000000..28a895a40 --- /dev/null +++ b/manifests/function/capm3/v0.3.2/certmanager/kustomizeconfig.yaml @@ -0,0 +1,19 @@ +# This configuration is for teaching kustomize how to update name ref and var substitution +nameReference: +- kind: Issuer + group: cert-manager.io + fieldSpecs: + - kind: Certificate + group: cert-manager.io + path: spec/issuerRef/name + +varReference: +- kind: Certificate + group: cert-manager.io + path: spec/commonName +- kind: Certificate + group: cert-manager.io + path: spec/dnsNames +- kind: Certificate + group: cert-manager.io + path: spec/secretName diff --git a/manifests/function/capm3/v0.3.2/webhook/kustomization.yaml b/manifests/function/capm3/v0.3.2/webhook/kustomization.yaml index a39111141..edd5cc7ac 100644 --- a/manifests/function/capm3/v0.3.2/webhook/kustomization.yaml +++ b/manifests/function/capm3/v0.3.2/webhook/kustomization.yaml @@ -3,7 +3,7 @@ namespace: capi-webhook-system resources: - manifests.yaml - service.yaml -- ../../../certmanager +- ../certmanager - ../manager configurations: diff --git a/manifests/function/capz/v0.4.8/certmanager/certificate.yaml b/manifests/function/capz/v0.4.8/certmanager/certificate.yaml new file mode 100644 index 000000000..2c0e245ed --- /dev/null +++ b/manifests/function/capz/v0.4.8/certmanager/certificate.yaml @@ -0,0 +1,24 @@ +# The following manifests contain a self-signed issuer CR and a certificate CR. +# More document can be found at https://docs.cert-manager.io +apiVersion: cert-manager.io/v1alpha2 +kind: Issuer +metadata: + name: selfsigned-issuer + namespace: system +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1alpha2 +kind: Certificate +metadata: + name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml + namespace: system +spec: + # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize + dnsNames: + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local + issuerRef: + kind: Issuer + name: selfsigned-issuer + secretName: $(SERVICE_NAME)-cert diff --git a/manifests/function/capz/v0.4.8/certmanager/kustomization.yaml b/manifests/function/capz/v0.4.8/certmanager/kustomization.yaml new file mode 100644 index 000000000..34e7e5b12 --- /dev/null +++ b/manifests/function/capz/v0.4.8/certmanager/kustomization.yaml @@ -0,0 +1,4 @@ +resources: + - certificate.yaml +configurations: + - kustomizeconfig.yaml diff --git a/manifests/function/capz/v0.4.8/certmanager/kustomizeconfig.yaml b/manifests/function/capz/v0.4.8/certmanager/kustomizeconfig.yaml new file mode 100644 index 000000000..c6a6c0f1e --- /dev/null +++ b/manifests/function/capz/v0.4.8/certmanager/kustomizeconfig.yaml @@ -0,0 +1,19 @@ +# This configuration is for teaching kustomize how to update name ref and var substitution +nameReference: + - kind: Issuer + group: cert-manager.io + fieldSpecs: + - kind: Certificate + group: cert-manager.io + path: spec/issuerRef/name + +varReference: + - kind: Certificate + group: cert-manager.io + path: spec/commonName + - kind: Certificate + group: cert-manager.io + path: spec/dnsNames + - kind: Certificate + group: cert-manager.io + path: spec/secretName diff --git a/manifests/function/capz/v0.4.8/webhook/kustomization.yaml b/manifests/function/capz/v0.4.8/webhook/kustomization.yaml index 72270658b..309802cbc 100644 --- a/manifests/function/capz/v0.4.8/webhook/kustomization.yaml +++ b/manifests/function/capz/v0.4.8/webhook/kustomization.yaml @@ -3,7 +3,7 @@ namespace: capi-webhook-system resources: - manifests.yaml - service.yaml - - ../../../certmanager + - ../certmanager - ../manager configurations: