operator-framework · everettraven · Jul 3, 2024 · Jul 2, 2024
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1alpha1
+kind: Component
+# No namespace is specified here, otherwise, it will overwrite _all_ the other namespaces!
+resources:
+- resources/issuers.yaml
@@ -0,0 +1,32 @@
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: self-sign-issuer
+  namespace: cert-manager
+spec:
+  selfSigned: {}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: olmv1-ca
+  namespace: cert-manager
+spec:
+  isCA: true
+  commonName: olmv1-ca
+  secretName: olmv1-ca
+  privateKey:
+    algorithm: ECDSA
+    size: 256
+  issuerRef:
+    name: self-sign-issuer
+    kind: Issuer
+    group: cert-manager.io
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: olmv1-ca
+spec:
+  ca:
+    secretName: olmv1-ca
@@ -0,0 +1,15 @@
+apiVersion: kustomize.config.k8s.io/v1alpha1
+kind: Component
+namespace: olmv1-system
+namePrefix: catalogd-
+resources:
+- resources/certificate.yaml
+patches:
+- target:
+    kind: Service
+    name: catalogserver
+  path: patches/catalogserver_service_port.yaml
+- target:
+    kind: Deployment
+    name: controller-manager
+  path: patches/manager_deployment_certs.yaml
@@ -9,6 +9,11 @@ spec:
   dnsNames:
     - localhost
     - catalogd-catalogserver.olmv1-system.svc
+    - catalogd-catalogserver.olmv1-system.svc.cluster.local
+  privateKey:
+    algorithm: ECDSA
+    size: 256
   issuerRef:
-    kind: Issuer
-    name: catalogd-catalogserver-ca-issuer
+    kind: ClusterIssuer
+    group: cert-manager.io
+    name: olmv1-ca
@@ -1,28 +1,9 @@
-# Adds namespace to all resources.
-namespace: olmv1-system
-
-# Value of this field is prepended to the
-# names of all resources, e.g. a deployment named
-# "wordpress" becomes "alices-wordpress".
-# Note that it should also match with the prefix (text before '-') of the namespace
-# field above.
-namePrefix: catalogd-
-
-# the following config is for teaching kustomize how to do var substitution
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
 - ../../base/crd
 - ../../base/rbac
 - ../../base/manager
-- resources
-
-patches:
-- target:
-    kind: Service
-    name: catalogserver
-  path: patches/catalogserver_service_port.yaml
-- target:
-    kind: Deployment
-    name: controller-manager
-  path: patches/manager_deployment_certs.yaml
+components:
+- ../../components/tls
+- ../../components/ca