diff --git a/config/cloudpaks/cp-shared/operators/templates/0000-cert-manager-namespace.yaml b/config/cloudpaks/cp-shared/operators/templates/0000-cert-manager-namespace.yaml deleted file mode 100644 index 6241fb0a..00000000 --- a/config/cloudpaks/cp-shared/operators/templates/0000-cert-manager-namespace.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - creationTimestamp: null - name: {{.Values.metadata.cert_manager_namespace}} -spec: {} -status: {} diff --git a/config/cloudpaks/cp-shared/operators/templates/0100-cert-manager-operator-group.yaml b/config/cloudpaks/cp-shared/operators/templates/0100-cert-manager-operator-group.yaml deleted file mode 100644 index f223fb60..00000000 --- a/config/cloudpaks/cp-shared/operators/templates/0100-cert-manager-operator-group.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -apiVersion: operators.coreos.com/v1 -kind: OperatorGroup -metadata: - annotations: - argocd.argoproj.io/sync-wave: "100" - creationTimestamp: null - name: ibm-cert-manager - namespace: {{.Values.metadata.cert_manager_namespace}} -spec: - upgradeStrategy: Default diff --git a/config/cloudpaks/cp-shared/operators/templates/0100-cert-manager-subscription.yaml b/config/cloudpaks/cp-shared/operators/templates/0100-cert-manager-subscription.yaml deleted file mode 100644 index 5cb2b481..00000000 --- a/config/cloudpaks/cp-shared/operators/templates/0100-cert-manager-subscription.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - annotations: - argocd.argoproj.io/sync-wave: "100" - creationTimestamp: null - name: ibm-cert-manager-operator - namespace: {{.Values.metadata.cert_manager_namespace}} -spec: - channel: v4.1 - installPlanApproval: Automatic - name: ibm-cert-manager-operator - source: ibm-operator-catalog - sourceNamespace: openshift-marketplace diff --git a/config/cloudpaks/cp-shared/operators/values.yaml b/config/cloudpaks/cp-shared/operators/values.yaml index d3e8b84e..cd891b63 100644 --- a/config/cloudpaks/cp-shared/operators/values.yaml +++ b/config/cloudpaks/cp-shared/operators/values.yaml @@ -1,7 +1,6 @@ --- metadata: argocd_namespace: openshift-gitops - cert_manager_namespace: ibm-cert-manager serviceaccount: argocd_application_controller: openshift-gitops-argocd-application-controller online_catalog_source_priority: -1 diff --git a/config/cloudpaks/cp4a/operators/templates/0050-sync-cluster-scoper-operators.yaml b/config/cloudpaks/cp4a/operators/templates/0050-sync-cluster-scoper-operators.yaml new file mode 100644 index 00000000..86a506b6 --- /dev/null +++ b/config/cloudpaks/cp4a/operators/templates/0050-sync-cluster-scoper-operators.yaml @@ -0,0 +1,83 @@ +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: sync-cluster-scoper-operators + annotations: + argocd.argoproj.io/hook: Sync + argocd.argoproj.io/sync-wave: "50" + namespace: openshift-gitops +spec: + template: + spec: + containers: + - name: config + image: quay.io/openshift/origin-cli:latest + imagePullPolicy: IfNotPresent + env: + - name: ARGOCD_NAMESPACE + value: "openshift-gitops" + - name: IBM_CERT_MANAGER + value: {{.Values.metadata.cert_manager_namespace}} + - name: IBM_CERT_MANAGER_CHANNEL + value: {{.Values.metadata.cert_manager_channel}} + command: + - /bin/sh + - -c + - | + set -eo pipefail + set -x + + result=0 + ibm_cert_manager_count=$(oc get Subscription.operators.coreos.com \ + -l operators.coreos.com/ibm-cert-manager-operator.ibm-cert-manager \ + -A \ + -o name | wc -l || result=1) + if [ "${result}" == 0 ]; then + if [ "${ibm_cert_manager_count}" == "0" ]; then + echo "INFO: Installing IBM Cert Manager." + cat << EOF | oc apply -f - + --- + apiVersion: operators.coreos.com/v1 + kind: OperatorGroup + metadata: + name: ibm-cert-manager + namespace: ${IBM_CERT_MANAGER:?} + spec: + upgradeStrategy: Default + --- + apiVersion: operators.coreos.com/v1alpha1 + kind: Subscription + metadata: + name: ibm-cert-manager-operator + namespace: ${IBM_CERT_MANAGER:?} + spec: + channel: ${IBM_CERT_MANAGER_CHANNEL:?} + installPlanApproval: Automatic + name: ibm-cert-manager-operator + source: ibm-operator-catalog + sourceNamespace: openshift-marketplace + EOF + oc wait Subscription.operators.coreos.com ibm-cert-manager-operator -n ${IBM_CERT_MANAGER:?} --for=CatalogSourcesUnhealthy=False \ + && oc wait Subscription.operators.coreos.com ibm-cert-manager-operator -n ${IBM_CERT_MANAGER:?} --for=jsonpath='state'="AtLatestKnown" \ + && echo "INFO: Successfully install IBM Cert Manager." \ + || result=1 + else + echo "INFO: IBM Cert Manager already installed." + oc get Subscription.operators.coreos.com \ + -l operators.coreos.com/ibm-cert-manager-operator.ibm-cert-manager \ + -A + fi + else + echo "ERROR: Unable to ascertain status of cert managers in the cluster." + fi + + if [ "${result}" -eq 1 ] ; then + echo "ERROR: Unable to locate a running IBM Cert Manager and to install one afterwards." + fi + + exit "${result}" + + restartPolicy: Never + serviceAccountName: {{.Values.serviceaccount.argocd_application_controller}} + backoffLimit: 2 diff --git a/config/cloudpaks/cp4a/operators/values.yaml b/config/cloudpaks/cp4a/operators/values.yaml index 8fc805a7..ef0c14ca 100644 --- a/config/cloudpaks/cp4a/operators/values.yaml +++ b/config/cloudpaks/cp4a/operators/values.yaml @@ -1,6 +1,8 @@ --- metadata: argocd_app_namespace: ibm-cloudpaks + cert_manager_namespace: ibm-cert-manager + cert_manager_channel: v4.1 serviceaccount: argocd_application_controller: openshift-gitops-argocd-application-controller storageclass: