From 8339b3e118827212811f08d203adc8116d1f705b Mon Sep 17 00:00:00 2001 From: Denilson Nastacio Date: Wed, 6 Dec 2023 09:49:24 -0500 Subject: [PATCH] feat: Support Red Hat Cert Manager Signed-off-by: Denilson Nastacio --- .../templates/0050-sync-cp4a-config-map.yaml | 3 ++- .../templates/0100-cp-shared-app.yaml | 10 ++++++---- .../0100-cp-shared-operators-app.yaml | 2 ++ config/argocd-cloudpaks/cp-shared/values.yaml | 1 + config/argocd-cloudpaks/cp4a/Chart.yaml | 4 ++-- ...l => 00-presync-adjust-prereq-config.yaml} | 20 +++++++++---------- .../cp4a/templates/cp4a-app.yaml | 2 ++ .../cp4a/templates/cp4a-operator-app.yaml | 2 ++ config/argocd-cloudpaks/cp4a/values.yaml | 1 + .../cloudpaks/cp-shared/operators/Chart.yaml | 4 ++-- .../0100-rh-cert-manager-operator-group.yaml | 15 ++++++++++++++ .../0110-rh-cert-manager-subscription.yaml | 17 ++++++++++++++++ .../cloudpaks/cp-shared/operators/values.yaml | 1 + ...> 0050-sync-cluster-scoped-operators.yaml} | 5 ++++- tests/prebuild/yamllint-config.yaml | 3 +++ 15 files changed, 69 insertions(+), 21 deletions(-) rename config/argocd-cloudpaks/cp4a/templates/{00-presync-adjust-ocp-platform.yaml => 00-presync-adjust-prereq-config.yaml} (82%) create mode 100644 config/cloudpaks/cp-shared/operators/templates/0100-rh-cert-manager-operator-group.yaml create mode 100644 config/cloudpaks/cp-shared/operators/templates/0110-rh-cert-manager-subscription.yaml rename config/cloudpaks/cp4a/operators/templates/{0050-sync-cluster-scoper-operators.yaml => 0050-sync-cluster-scoped-operators.yaml} (94%) diff --git a/config/argocd-cloudpaks/cp-shared/templates/0050-sync-cp4a-config-map.yaml b/config/argocd-cloudpaks/cp-shared/templates/0050-sync-cp4a-config-map.yaml index 026d6f54..92c3a5fa 100644 --- a/config/argocd-cloudpaks/cp-shared/templates/0050-sync-cp4a-config-map.yaml +++ b/config/argocd-cloudpaks/cp-shared/templates/0050-sync-cp4a-config-map.yaml @@ -157,9 +157,10 @@ spec: oc get configmap "${config_map_name}" \ --namespace "${ARGOCD_NAMESPACE}" > /dev/null 2>&1 \ && oc patch configmap "${config_map_name}" \ - --patch "{\"data\":{\"serviceaccount.argocd_application_controller\":\"{{.Values.serviceaccount.argocd_application_controller}}\", \"shared_configuration.sc_deployment_platform\":\"${cp4a_platform}\", \"storageclass.gold\":\"${storage_class_gold}\", \"storageclass.silver\":\"${storage_class_silver}\", \"storageclass.bronze\":\"${storage_class_bronze}\", \"storageclass.block\":\"${storage_class_rwo}\" }}" \ + --patch "{\"data\":{\"red_hat_cert_manager\":\"{{.Values.red_hat_cert_manager}}\", \"serviceaccount.argocd_application_controller\":\"{{.Values.serviceaccount.argocd_application_controller}}\", \"shared_configuration.sc_deployment_platform\":\"${cp4a_platform}\", \"storageclass.gold\":\"${storage_class_gold}\", \"storageclass.silver\":\"${storage_class_silver}\", \"storageclass.bronze\":\"${storage_class_bronze}\", \"storageclass.block\":\"${storage_class_rwo}\" }}" \ --namespace "${ARGOCD_NAMESPACE}" \ || oc create configmap "${config_map_name}" \ + --from-literal=red_hat_cert_manager="${red_hat_cert_manager}" \ --from-literal=serviceaccount.argocd_application_controller="{{.Values.serviceaccount.argocd_application_controller}}" \ --from-literal=shared_configuration.sc_deployment_platform="${cp4a_platform}" \ --from-literal=storageclass.gold="${storage_class_gold}" \ diff --git a/config/argocd-cloudpaks/cp-shared/templates/0100-cp-shared-app.yaml b/config/argocd-cloudpaks/cp-shared/templates/0100-cp-shared-app.yaml index 2125e4d7..c558ca4a 100644 --- a/config/argocd-cloudpaks/cp-shared/templates/0100-cp-shared-app.yaml +++ b/config/argocd-cloudpaks/cp-shared/templates/0100-cp-shared-app.yaml @@ -37,14 +37,16 @@ spec: value: "{{.Values.dedicated_cs.namespace_mapping.cp4s}}" - name: online_catalog_source_priority value: "{{.Values.online_catalog_source_priority}}" - - name: storageclass.rwo.override - value: "{{.Values.storageclass.rwo.override}}" - - name: storageclass.rwx.override - value: "{{.Values.storageclass.rwx.override}}" + - name: red_hat_cert_manager + value: "{{.Values.red_hat_cert_manager | toString}}" - name: repoURL value: ${ARGOCD_APP_SOURCE_REPO_URL} - name: serviceaccount.argocd_application_controller value: {{.Values.serviceaccount.argocd_application_controller}} + - name: storageclass.rwo.override + value: "{{.Values.storageclass.rwo.override}}" + - name: storageclass.rwx.override + value: "{{.Values.storageclass.rwx.override}}" - name: targetRevision value: ${ARGOCD_APP_SOURCE_TARGET_REVISION} path: config/argocd-cloudpaks/cp-shared diff --git a/config/argocd-cloudpaks/cp-shared/templates/0100-cp-shared-operators-app.yaml b/config/argocd-cloudpaks/cp-shared/templates/0100-cp-shared-operators-app.yaml index e16948b6..628efc66 100644 --- a/config/argocd-cloudpaks/cp-shared/templates/0100-cp-shared-operators-app.yaml +++ b/config/argocd-cloudpaks/cp-shared/templates/0100-cp-shared-operators-app.yaml @@ -25,6 +25,8 @@ spec: parameters: - name: online_catalog_source_priority value: "{{.Values.online_catalog_source_priority}}" + - name: red_hat_cert_manager + value: "{{.Values.red_hat_cert_manager | toString}}" - name: repoURL value: ${ARGOCD_APP_SOURCE_REPO_URL} - name: serviceaccount.argocd_application_controller diff --git a/config/argocd-cloudpaks/cp-shared/values.yaml b/config/argocd-cloudpaks/cp-shared/values.yaml index 61575e75..e91cbe74 100644 --- a/config/argocd-cloudpaks/cp-shared/values.yaml +++ b/config/argocd-cloudpaks/cp-shared/values.yaml @@ -14,6 +14,7 @@ dedicated_cs: cp4i: cp4i cp4s: cp4s online_catalog_source_priority: -1 +red_hat_cert_manager: false storageclass: rwo: override: diff --git a/config/argocd-cloudpaks/cp4a/Chart.yaml b/config/argocd-cloudpaks/cp4a/Chart.yaml index 71755318..0b7feb89 100644 --- a/config/argocd-cloudpaks/cp4a/Chart.yaml +++ b/config/argocd-cloudpaks/cp4a/Chart.yaml @@ -16,9 +16,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.4.2 +version: 0.5.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: "0.5.2" +appVersion: 0.6.2 diff --git a/config/argocd-cloudpaks/cp4a/templates/00-presync-adjust-ocp-platform.yaml b/config/argocd-cloudpaks/cp4a/templates/00-presync-adjust-prereq-config.yaml similarity index 82% rename from config/argocd-cloudpaks/cp4a/templates/00-presync-adjust-ocp-platform.yaml rename to config/argocd-cloudpaks/cp4a/templates/00-presync-adjust-prereq-config.yaml index 61920473..20dee96b 100644 --- a/config/argocd-cloudpaks/cp4a/templates/00-presync-adjust-ocp-platform.yaml +++ b/config/argocd-cloudpaks/cp4a/templates/00-presync-adjust-prereq-config.yaml @@ -2,7 +2,7 @@ apiVersion: batch/v1 kind: Job metadata: - name: cp4a-adjust-ocp-platform + name: cp4a-adjust-prereq-config annotations: argocd.argoproj.io/hook: PreSync namespace: openshift-gitops @@ -13,32 +13,29 @@ spec: - name: config image: quay.io/openshift/origin-cli:latest imagePullPolicy: IfNotPresent - resources: - requests: - memory: "64Mi" - cpu: "250m" - limits: - memory: "128Mi" - cpu: "300m" env: - name: ARGOCD_APP_NAME value: cp4a-app - name: ARGOCD_NAMESPACE - value: openshift-gitops + value: "{{.Values.metadata.argocd_namespace}}" command: - /bin/sh - -c - | set -eo pipefail set -x + + red_hat_cert_manager=$(oc get configmap argocd-cp4a-config \ + --namespace "${ARGOCD_NAMESPACE}" -o jsonpath='{.data.red_hat_cert_manager}') + # https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/21.0.x?topic=deployment-installing-capabilities-in-operator-hub platform=$(oc get configmap argocd-cp4a-config \ --namespace "${ARGOCD_NAMESPACE}" -o jsonpath='{.data.shared_configuration\.sc_deployment_platform}') echo "INFO: Install Argo CLI." # Install it from cluster, not from Internet, so airgap scenarios still work - argo_route=openshift-gitops-server - argo_secret=openshift-gitops-cluster + argo_route="${ARGOCD_NAMESPACE}-server" + argo_secret="${ARGOCD_NAMESPACE}-cluster" export HOME=/tmp argo_cmd="${HOME}/argocd" @@ -50,6 +47,7 @@ spec: && argo_pwd=$(oc get secret ${argo_secret} -n ${ARGOCD_NAMESPACE} -ojsonpath='{.data.admin\.password}' | base64 -d ; echo ) \ && "${argo_cmd}" login "${argo_url}" --username admin --password "${argo_pwd}" --insecure \ && "${argo_cmd}" app set "${ARGOCD_APP_NAME}" \ + --helm-set-string red_hat_cert_manager="${red_hat_cert_manager}" \ --helm-set-string spec.shared_configuration.sc_deployment_platform="${platform}" \ && echo "INFO: ${ARGOCD_APP_NAME} successfully updated OCP platform." \ || result=1 diff --git a/config/argocd-cloudpaks/cp4a/templates/cp4a-app.yaml b/config/argocd-cloudpaks/cp4a/templates/cp4a-app.yaml index 42c145ba..bd74e96d 100644 --- a/config/argocd-cloudpaks/cp4a/templates/cp4a-app.yaml +++ b/config/argocd-cloudpaks/cp4a/templates/cp4a-app.yaml @@ -28,6 +28,8 @@ spec: value: ${ARGOCD_APP_NAMESPACE} - name: metadata.argocd_app_namespace value: {{.Values.metadata.argocd_app_namespace}} + - name: red_hat_cert_manager + value: "{{.Values.red_hat_cert_manager | toString}}" - name: repoURL value: ${ARGOCD_APP_SOURCE_REPO_URL} - name: serviceaccount.argocd_application_controller diff --git a/config/argocd-cloudpaks/cp4a/templates/cp4a-operator-app.yaml b/config/argocd-cloudpaks/cp4a/templates/cp4a-operator-app.yaml index b65aa0f8..efa6197f 100644 --- a/config/argocd-cloudpaks/cp4a/templates/cp4a-operator-app.yaml +++ b/config/argocd-cloudpaks/cp4a/templates/cp4a-operator-app.yaml @@ -32,6 +32,8 @@ spec: value: ${ARGOCD_APP_NAMESPACE} - name: metadata.argocd_app_namespace value: {{.Values.metadata.argocd_app_namespace}} + - name: red_hat_cert_manager + value: "{{.Values.red_hat_cert_manager | toString}}" - name: repoURL value: ${ARGOCD_APP_SOURCE_REPO_URL} - name: serviceaccount.argocd_application_controller diff --git a/config/argocd-cloudpaks/cp4a/values.yaml b/config/argocd-cloudpaks/cp4a/values.yaml index 6966b991..03807555 100644 --- a/config/argocd-cloudpaks/cp4a/values.yaml +++ b/config/argocd-cloudpaks/cp4a/values.yaml @@ -6,6 +6,7 @@ serviceaccount: metadata: argocd_app_namespace: cp4a argocd_namespace: openshift-gitops +red_hat_cert_manager: false spec: shared_configuration: sc_deployment_platform: ROKS diff --git a/config/cloudpaks/cp-shared/operators/Chart.yaml b/config/cloudpaks/cp-shared/operators/Chart.yaml index 8d0cd749..c2511566 100644 --- a/config/cloudpaks/cp-shared/operators/Chart.yaml +++ b/config/cloudpaks/cp-shared/operators/Chart.yaml @@ -16,9 +16,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.5.0 +version: 0.6.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: "1.1.0" +appVersion: "1.2.0" diff --git a/config/cloudpaks/cp-shared/operators/templates/0100-rh-cert-manager-operator-group.yaml b/config/cloudpaks/cp-shared/operators/templates/0100-rh-cert-manager-operator-group.yaml new file mode 100644 index 00000000..f19b0200 --- /dev/null +++ b/config/cloudpaks/cp-shared/operators/templates/0100-rh-cert-manager-operator-group.yaml @@ -0,0 +1,15 @@ +{{- $red_hat_cert_manager := .Values.red_hat_cert_manager | toString }} +{{- if eq ( default "false" $red_hat_cert_manager ) "true" }} +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + annotations: + argocd.argoproj.io/sync-wave: "100" + name: cert-manager-operator + namespace: cert-manager-operator +spec: + targetNamespaces: + - cert-manager-operator + upgradeStrategy: Default +{{- end }} diff --git a/config/cloudpaks/cp-shared/operators/templates/0110-rh-cert-manager-subscription.yaml b/config/cloudpaks/cp-shared/operators/templates/0110-rh-cert-manager-subscription.yaml new file mode 100644 index 00000000..575fbd02 --- /dev/null +++ b/config/cloudpaks/cp-shared/operators/templates/0110-rh-cert-manager-subscription.yaml @@ -0,0 +1,17 @@ +{{- $red_hat_cert_manager := .Values.red_hat_cert_manager | toString }} +{{- if eq ( default "false" $red_hat_cert_manager ) "true" }} +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + annotations: + argocd.argoproj.io/sync-wave: "110" + name: openshift-cert-manager-operator + namespace: cert-manager-operator +spec: + channel: stable-v1 + installPlanApproval: Automatic + name: openshift-cert-manager-operator + source: redhat-operators + sourceNamespace: openshift-marketplace +{{- end }} diff --git a/config/cloudpaks/cp-shared/operators/values.yaml b/config/cloudpaks/cp-shared/operators/values.yaml index cd891b63..cc86bb6b 100644 --- a/config/cloudpaks/cp-shared/operators/values.yaml +++ b/config/cloudpaks/cp-shared/operators/values.yaml @@ -1,4 +1,5 @@ --- +red_hat_cert_manager: false metadata: argocd_namespace: openshift-gitops serviceaccount: diff --git a/config/cloudpaks/cp4a/operators/templates/0050-sync-cluster-scoper-operators.yaml b/config/cloudpaks/cp4a/operators/templates/0050-sync-cluster-scoped-operators.yaml similarity index 94% rename from config/cloudpaks/cp4a/operators/templates/0050-sync-cluster-scoper-operators.yaml rename to config/cloudpaks/cp4a/operators/templates/0050-sync-cluster-scoped-operators.yaml index 40e692ce..13ff8dca 100644 --- a/config/cloudpaks/cp4a/operators/templates/0050-sync-cluster-scoper-operators.yaml +++ b/config/cloudpaks/cp4a/operators/templates/0050-sync-cluster-scoped-operators.yaml @@ -1,8 +1,10 @@ +{{- $red_hat_cert_manager := .Values.red_hat_cert_manager | toString }} +{{- if eq ( default "false" $red_hat_cert_manager ) "false" }} --- apiVersion: batch/v1 kind: Job metadata: - name: sync-cluster-scoper-operators + name: sync-cluster-scoped-operators annotations: argocd.argoproj.io/hook: Sync argocd.argoproj.io/sync-wave: "50" @@ -86,3 +88,4 @@ spec: restartPolicy: Never serviceAccountName: {{.Values.serviceaccount.argocd_application_controller}} backoffLimit: 2 +{{- end}} diff --git a/tests/prebuild/yamllint-config.yaml b/tests/prebuild/yamllint-config.yaml index 38c87f40..853f15af 100644 --- a/tests/prebuild/yamllint-config.yaml +++ b/tests/prebuild/yamllint-config.yaml @@ -6,7 +6,10 @@ ignore: | config/argocd-cloudpaks/cp4i/templates/0400-cp4i-client-app.yaml config/argocd-cloudpaks/cp4aiops/templates/000-aimgr-namespace.yaml config/argocd-cloudpaks/cp4aiops/templates/130-cp4aiops-ia-app.yaml + config/cloudpaks/cp-shared/operators/templates/0100-rh-cert-manager-operator-group.yaml + config/cloudpaks/cp-shared/operators/templates/0110-rh-cert-manager-subscription.yaml config/cloudpaks/cp4a/operators/templates/0000-cp4ba-namespace.yaml + config/cloudpaks/cp4a/operators/templates/0050-sync-cluster-scoped-operators.yaml config/cloudpaks/cp4a/operators/templates/0100-operator-group.yaml config/cloudpaks/cp4i/install-prereqs/templates/0000-namespace.yaml config/cloudpaks/cp4i/install-prereqs/templates/0100-operator-group.yaml