ab4740dabf
Upversioned the cert-manager app to latest v1.15.3 to pick up the
latest CVE fixes
Test Cases:
PASS: Install the lab with build upversioned to cert-manager v1.15.3
PASS: Perform application update on lab with existing cert-manager
to latest cert-manager v1.15.3 and verify that app is
successfully updated
PASS: On system with cert-manager v1.15.3, deploy kuard https service
with cert issued by stepca using ACME protocol
PASS: Deploy oidc app with oidc-auth-app-certificate and verify it
is successfully deployed and test wad user authentication
PASS: Run full build,install,bootstrap and unlock
PASS: Create a root ca, intermediate CA and deploy a certificate
issued by ICA
PASS: Deploy a certificate, get it issued by CA and verify the cert
is getting renewed
PASS: Create certificate with 30 or less days to expire and verify
that the "expiring soon" alarm is created
PASS: Perform a platform upgrade and notice that after upgrade the
cert-manager app is successfully updated to new version
PASS: Install lab with k8s 1.24.4 with cert-manager app version v1.15.3
and verify that app is successfully applied.
Story: 2011088
Task: 51141
Depends-on: https://review.opendev.org/c/starlingx/ansible-playbooks/+/931784
Change-Id: Ib8f2964a98074dc4ea667e5b527e3b052cca3d9c
Signed-off-by: amantri <ayyappa.mantri@windriver.com>
|
||
|---|---|---|
| helm-charts/upstream/cert-manager-helm | ||
| python3-k8sapp-cert-manager | ||
| stx-cert-manager-helm | ||
| .gitignore | ||
| .gitreview | ||
| .zuul.yaml | ||
| bindep.txt | ||
| CONTRIBUTING.rst | ||
| debian_build_layer.cfg | ||
| debian_iso_image.inc | ||
| debian_pkg_dirs | ||
| github_sync.trigger | ||
| HACKING.rst | ||
| README.rst | ||
| requirements.txt | ||
| test-requirements.txt | ||
| tox.ini | ||
# StarlingX/Cert-Manager-Armada-App
## Introduction [Cert-Manager](https://cert-manager.io/) is Kubernetes native application that facilities certificate management. This repository deploys Cert-Manager as a platform-managed application using FluxCD Helm Charts for the StarlingX project.
## Build The build tools available as independent repositories under the StarlingX project are necessary to build this application.
See [StarlingX Build Guide](https://docs.starlingx.io/developer_resources/build_guide.html) for more details.
To build this app:
` ${MY_REPO_ROOT_DIR}/cgcs-root/build-tools/build-pkgs cert-manager-helm stx-cert-manager-helm The generated RPM is located in
$MY_BUILD_DIR/std/rpmbuild/RPMS`.
To extract the tarball without installing on build system, use
command:
` rpm2cpio stx-cert-manager-helm-1.0-0.tis.noarch.rpm | cpio -idmv`
## Usage Note that the Cert-Manager application is included on a StarlingX install system by default.
Following commands can be used to upload, apply, remove, delete, and view the application:
` system application-remove cert-manager system application-delete cert-manager system application-upload <.tgz file> system application-apply cert-manager system application-list`
Cert-Manager Kubernetes resources can be found in the cert-manager namespace.
` kubectl get namespaces | grep cert-manager kubectl get crd | grep cert-manager kubectl get pods --namespace cert-manager`