Add Cert Manager operator (#8)

SupremeMortal · web-flow · commit 9dbb05336310 · 2024-09-03T15:21:11.000+01:00
Revisions: - openshift/cert-manager-operator@4e8c722
diff --git a/catalog/cert-manager-operator/cert-manager-operator.v1.14.0-2024-08-09-204321.yaml b/catalog/cert-manager-operator/cert-manager-operator.v1.14.0-2024-08-09-204321.yaml
@@ -0,0 +1,356 @@
+---
+image: quay.io/okderators/cert-manager-operator-bundle:1.14.0-2024-08-09-204321
+name: cert-manager-operator.v1.14.0-2024-08-09-204321
+package: cert-manager-operator
+properties:
+- type: olm.gvk
+  value:
+    group: acme.cert-manager.io
+    kind: Challenge
+    version: v1
+- type: olm.gvk
+  value:
+    group: acme.cert-manager.io
+    kind: Order
+    version: v1
+- type: olm.gvk
+  value:
+    group: cert-manager.io
+    kind: Certificate
+    version: v1
+- type: olm.gvk
+  value:
+    group: cert-manager.io
+    kind: CertificateRequest
+    version: v1
+- type: olm.gvk
+  value:
+    group: cert-manager.io
+    kind: ClusterIssuer
+    version: v1
+- type: olm.gvk
+  value:
+    group: cert-manager.io
+    kind: Issuer
+    version: v1
+- type: olm.gvk
+  value:
+    group: operator.openshift.io
+    kind: CertManager
+    version: v1alpha1
+- type: olm.package
+  value:
+    packageName: cert-manager-operator
+    version: 1.14.0-2024-08-09-204321
+- type: olm.csv.metadata
+  value:
+    annotations:
+      alm-examples: |-
+        [
+          {
+            "apiVersion": "acme.cert-manager.io/v1",
+            "kind": "Challenge",
+            "metadata": {
+              "name": "tls-cert-sample",
+              "namespace": "default"
+            },
+            "spec": {
+              "authorizationURL": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/XXXXX",
+              "dnsName": "sample.dns.name",
+              "issuerRef": {
+                "kind": "Issuer",
+                "name": "letsencrypt-staging"
+              },
+              "key": "XXX",
+              "solver": {
+                "dns01": {
+                  "route53": {
+                    "accessKeyID": "XXX",
+                    "hostedZoneID": "XXX",
+                    "region": "us-east-1",
+                    "secretAccessKeySecretRef": {
+                      "key": "awsSecretAccessKey",
+                      "name": "aws-secret"
+                    }
+                  }
+                },
+                "selector": {
+                  "dnsNames": [
+                    "sample.dns.name"
+                  ]
+                }
+              },
+              "token": "XXX",
+              "type": "DNS-01",
+              "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/XXXXXX/XXXXX",
+              "wildcard": false
+            }
+          },
+          {
+            "apiVersion": "acme.cert-manager.io/v1",
+            "kind": "Order",
+            "metadata": {
+              "annotations": {
+                "cert-manager.io/certificate-name": "tls-cert",
+                "cert-manager.io/certificate-revision": "1",
+                "cert-manager.io/private-key-secret-name": "tls-cert-sample"
+              },
+              "name": "tls-cert-sample",
+              "namespace": "default"
+            },
+            "spec": {
+              "commonName": "sample.dns.name",
+              "dnsNames": [
+                "sample.dns.name"
+              ],
+              "issuerRef": {
+                "kind": "Issuer",
+                "name": "letsencrypt-staging"
+              },
+              "request": "XXX"
+            }
+          },
+          {
+            "apiVersion": "cert-manager.io/v1",
+            "kind": "Certificate",
+            "metadata": {
+              "name": "selfsigned-ca",
+              "namespace": "default"
+            },
+            "spec": {
+              "commonName": "selfsigned-ca.dns.name",
+              "isCA": true,
+              "issuerRef": {
+                "group": "cert-manager.io",
+                "kind": "ClusterIssuer",
+                "name": "selfsigned-issuer"
+              },
+              "privateKey": {
+                "algorithm": "ECDSA",
+                "size": 256
+              },
+              "secretName": "ca-root-secret"
+            }
+          },
+          {
+            "apiVersion": "cert-manager.io/v1",
+            "kind": "Certificate",
+            "metadata": {
+              "name": "tls-cert",
+              "namespace": "default"
+            },
+            "spec": {
+              "commonName": "sample.dns.name",
+              "dnsNames": [
+                "sample.dns.name"
+              ],
+              "isCA": false,
+              "issuerRef": {
+                "kind": "Issuer",
+                "name": "letsencrypt-staging"
+              },
+              "secretName": "tls-cert"
+            }
+          },
+          {
+            "apiVersion": "cert-manager.io/v1",
+            "kind": "CertificateRequest",
+            "metadata": {
+              "annotations": {
+                "cert-manager.io/certificate-name": "tls-cert",
+                "cert-manager.io/certificate-revision": "1",
+                "cert-manager.io/private-key-secret-name": "tls-cert-sample"
+              },
+              "name": "tls-cert-sample",
+              "namespace": "default"
+            },
+            "spec": {
+              "groups": [
+                "system:serviceaccounts",
+                "system:serviceaccounts:cert-manager",
+                "system:authenticated"
+              ],
+              "issuerRef": {
+                "kind": "Issuer",
+                "name": "letsencrypt-staging"
+              },
+              "request": "XXX",
+              "username": "system:serviceaccount:cert-manager:cert-manager"
+            }
+          },
+          {
+            "apiVersion": "cert-manager.io/v1",
+            "kind": "ClusterIssuer",
+            "metadata": {
+              "name": "selfsigned-issuer"
+            },
+            "spec": {
+              "selfSigned": {}
+            }
+          },
+          {
+            "apiVersion": "cert-manager.io/v1",
+            "kind": "Issuer",
+            "metadata": {
+              "name": "ca-issuer",
+              "namespace": "default"
+            },
+            "spec": {
+              "ca": {
+                "secretName": "ca-root-secret"
+              }
+            }
+          },
+          {
+            "apiVersion": "cert-manager.io/v1",
+            "kind": "Issuer",
+            "metadata": {
+              "name": "letsencrypt-staging",
+              "namespace": "default"
+            },
+            "spec": {
+              "acme": {
+                "email": "aos-ci-cd@redhat.com",
+                "privateKeySecretRef": {
+                  "name": "letsencrypt-staging"
+                },
+                "server": "https://acme-staging-v02.api.letsencrypt.org/directory",
+                "solvers": [
+                  {
+                    "dns01": {
+                      "route53": {
+                        "accessKeyID": "\u003cACCESS_KEY_ID\u003e",
+                        "hostedZoneID": "\u003cHOSTED_ZONE_ID\u003e",
+                        "region": "\u003cAWS_REGION\u003e",
+                        "secretAccessKeySecretRef": {
+                          "key": "access-key",
+                          "name": "sample-aws-secret"
+                        }
+                      }
+                    },
+                    "selector": {
+                      "dnsNames": [
+                        "sample.dns.name"
+                      ]
+                    }
+                  }
+                ]
+              }
+            }
+          },
+          {
+            "apiVersion": "operator.openshift.io/v1alpha1",
+            "kind": "CertManager",
+            "metadata": {
+              "name": "cluster"
+            },
+            "spec": {
+              "logLevel": "Normal",
+              "managementState": "Managed"
+            }
+          }
+        ]
+      capabilities: Seamless Upgrades
+      categories: Security
+      console.openshift.io/disable-operand-delete: "true"
+      containerImage: quay.io/okderators/cert-manager-operator:1.14.0-2024-08-09-204321
+      createdAt: 2023-03-03T00:00:00
+      features.operators.openshift.io/disconnected: "false"
+      features.operators.openshift.io/fips-compliant: "true"
+      features.operators.openshift.io/proxy-aware: "true"
+      features.operators.openshift.io/tls-profiles: "false"
+      features.operators.openshift.io/token-auth-aws: "true"
+      features.operators.openshift.io/token-auth-azure: "true"
+      features.operators.openshift.io/token-auth-gcp: "true"
+      olm.skipRange: '>=1.13.1 <1.14.0'
+      operator.openshift.io/uninstall-message: The cert-manager Operator OKD will
+        be removed from cert-manager-operator namespace. If your Operator configured
+        any off-cluster resources, these will continue to run and require manual cleanup.
+        All operands created by the operator will need to be manually cleaned up.
+        Please refer to https://docs.openshift.com/container-platform/latest/security/cert_manager_operator/cert-manager-operator-uninstall.html
+        for additional steps.
+      operatorframework.io/cluster-monitoring: "true"
+      operatorframework.io/suggested-namespace: cert-manager-operator
+      operators.openshift.io/infrastructure-features: '["proxy-aware"]'
+      operators.operatorframework.io/builder: operator-sdk-v1.25.1
+      operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
+      repository: https://github.com/openshift/cert-manager-operator
+      support: OKD Community
+    apiServiceDefinitions: {}
+    crdDescriptions:
+      owned:
+      - kind: CertificateRequest
+        name: certificaterequests.cert-manager.io
+        version: v1
+      - kind: Certificate
+        name: certificates.cert-manager.io
+        version: v1
+      - description: CertManager is the Schema for the certmanagers API
+        displayName: CertManager
+        kind: CertManager
+        name: certmanagers.operator.openshift.io
+        version: v1alpha1
+      - kind: Challenge
+        name: challenges.acme.cert-manager.io
+        version: v1
+      - kind: ClusterIssuer
+        name: clusterissuers.cert-manager.io
+        version: v1
+      - kind: Issuer
+        name: issuers.cert-manager.io
+        version: v1
+      - kind: Order
+        name: orders.acme.cert-manager.io
+        version: v1
+    description: |
+      The cert-manager Operator for OKD provides seamless support for [cert-manager v1.14.5](https://github.com/cert-manager/cert-manager/tree/v1.14.5), which automates certificate management.
+      For more information, see the [cert-manager Operator for OKD documentation](https://docs.openshift.com/container-platform/latest/security/cert_manager_operator/index.html).
+    displayName: cert-manager Operator for OKD
+    installModes:
+    - supported: true
+      type: OwnNamespace
+    - supported: true
+      type: SingleNamespace
+    - supported: false
+      type: MultiNamespace
+    - supported: false
+      type: AllNamespaces
+    keywords:
+    - cert-manager
+    - cert-manager-operator
+    - cert
+    - certificates
+    - security
+    - TLS
+    labels:
+      operatorframework.io/arch.amd64: supported
+      operatorframework.io/arch.arm64: supported
+      operatorframework.io/arch.ppc64le: supported
+      operatorframework.io/arch.s390x: supported
+      operatorframework.io/os.linux: supported
+    links:
+    - name: Documentation
+      url: https://github.com/openshift/cert-manager-operator/blob/master/README.md
+    maintainers:
+    - email: support@redhat.com
+      name: Red Hat Support
+    maturity: stable
+    minKubeVersion: 1.25.0
+    provider:
+      name: OKD Community
+relatedImages:
+- image: gcr.io/kubebuilder/kube-rbac-proxy:v0.16.0
+  name: ""
+- image: quay.io/jetstack/cert-manager-acmesolver:v1.14.5
+  name: cert-manager-acmesolver
+- image: quay.io/jetstack/cert-manager-cainjector:v1.14.5
+  name: cert-manager-ca-injector
+- image: quay.io/jetstack/cert-manager-controller:v1.14.5
+  name: cert-manager-controller
+- image: quay.io/jetstack/cert-manager-webhook:v1.14.5
+  name: cert-manager-webhook
+- image: quay.io/okderators/cert-manager-operator-bundle:1.14.0-2024-08-09-204321
+  name: ""
+- image: quay.io/okderators/cert-manager-operator:1.14.0-2024-08-09-204321
+  name: ""
+schema: olm.bundle
diff --git a/catalog/cert-manager-operator/cert-manager-operator.yaml b/catalog/cert-manager-operator/cert-manager-operator.yaml
@@ -0,0 +1,10 @@
+---
+schema: olm.package
+name: cert-manager-operator
+defaultChannel: alpha
+---
+schema: olm.channel
+package: cert-manager-operator
+name: alpha
+entries:
+  - name: cert-manager-operator.v1.14.0-2024-08-09-204321
