cert_manager: Remove deprecated ClusterIssuer and its Secret (#8064)
parent
1a57780a75
commit
6c004efd5f
|
@ -45,7 +45,6 @@
|
||||||
- { name: deploy-cert-manager, file: deploy-cert-manager.yml, type: deploy }
|
- { name: deploy-cert-manager, file: deploy-cert-manager.yml, type: deploy }
|
||||||
- { name: svc-cert-manager, file: svc-cert-manager.yml, type: svc }
|
- { name: svc-cert-manager, file: svc-cert-manager.yml, type: svc }
|
||||||
- { name: webhook-cert-manager, file: webhook-cert-manager.yml, type: webhook }
|
- { name: webhook-cert-manager, file: webhook-cert-manager.yml, type: webhook }
|
||||||
- { name: secret-cert-manager, file: secret-cert-manager.yml, type: secret }
|
|
||||||
|
|
||||||
- name: Cert Manager | Create manifests
|
- name: Cert Manager | Create manifests
|
||||||
template:
|
template:
|
||||||
|
@ -66,31 +65,3 @@
|
||||||
with_items: "{{ cert_manager_manifests.results }}"
|
with_items: "{{ cert_manager_manifests.results }}"
|
||||||
when:
|
when:
|
||||||
- inventory_hostname == groups['kube_control_plane'][0]
|
- inventory_hostname == groups['kube_control_plane'][0]
|
||||||
|
|
||||||
- name: Cert Manager | Wait for Webhook pods become ready
|
|
||||||
command: "{{ bin_dir }}/kubectl wait po --namespace={{ cert_manager_namespace }} --selector app=webhook --for=condition=Ready --timeout=600s"
|
|
||||||
register: cert_manager_webhook_pods_ready
|
|
||||||
when: inventory_hostname == groups['kube_control_plane'][0]
|
|
||||||
until: cert_manager_webhook_pods_ready is succeeded
|
|
||||||
retries: 30
|
|
||||||
delay: 10
|
|
||||||
|
|
||||||
- name: Cert Manager | Create ClusterIssuer manifest
|
|
||||||
template:
|
|
||||||
src: "clusterissuer-cert-manager.yml.j2"
|
|
||||||
dest: "{{ kube_config_dir }}/addons/cert_manager/clusterissuer-cert-manager.yml"
|
|
||||||
register: cert_manager_clusterissuer_manifest
|
|
||||||
when:
|
|
||||||
- inventory_hostname == groups['kube_control_plane'][0] and cert_manager_webhook_pods_ready is succeeded
|
|
||||||
|
|
||||||
- name: Cert Manager | Apply ClusterIssuer manifest
|
|
||||||
kube:
|
|
||||||
name: "clusterissuer-cert-manager"
|
|
||||||
kubectl: "{{ bin_dir }}/kubectl"
|
|
||||||
filename: "{{ kube_config_dir }}/addons/cert_manager/clusterissuer-cert-manager.yml"
|
|
||||||
state: "latest"
|
|
||||||
when: inventory_hostname == groups['kube_control_plane'][0] and cert_manager_clusterissuer_manifest is succeeded
|
|
||||||
register: cert_manager_apply_clusterissuer_manifest
|
|
||||||
until: cert_manager_apply_clusterissuer_manifest is succeeded
|
|
||||||
retries: 30
|
|
||||||
delay: 10
|
|
||||||
|
|
|
@ -1,23 +0,0 @@
|
||||||
# Copyright YEAR The Jetstack cert-manager contributors.
|
|
||||||
#
|
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
# you may not use this file except in compliance with the License.
|
|
||||||
# You may obtain a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
# See the License for the specific language governing permissions and
|
|
||||||
# limitations under the License.
|
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: cert-manager.io/v1alpha2
|
|
||||||
kind: ClusterIssuer
|
|
||||||
metadata:
|
|
||||||
name: ca-issuer
|
|
||||||
namespace: {{ cert_manager_namespace }}
|
|
||||||
spec:
|
|
||||||
ca:
|
|
||||||
secretName: ca-key-pair
|
|
|
@ -1,9 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: ca-key-pair
|
|
||||||
namespace: {{ cert_manager_namespace }}
|
|
||||||
data:
|
|
||||||
tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURvRENDQW9pZ0F3SUJBZ0lVYXRUWVNIK1lUMVJvbXVGekF2clFRWGtsQ0Vrd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2FERUxNQWtHQTFVRUJoTUNWVk14RHpBTkJnTlZCQWdUQms5eVpXZHZiakVSTUE4R0ExVUVCeE1JVUc5eQpkR3hoYm1ReEV6QVJCZ05WQkFvVENrdDFZbVZ5Ym1WMFpYTXhDekFKQmdOVkJBc1RBa05CTVJNd0VRWURWUVFECkV3cExkV0psY201bGRHVnpNQjRYRFRJd01EY3hNREUxTWpFd01Gb1hEVEkxTURjd09URTFNakV3TUZvd2FERUwKTUFrR0ExVUVCaE1DVlZNeER6QU5CZ05WQkFnVEJrOXlaV2R2YmpFUk1BOEdBMVVFQnhNSVVHOXlkR3hoYm1ReApFekFSQmdOVkJBb1RDa3QxWW1WeWJtVjBaWE14Q3pBSkJnTlZCQXNUQWtOQk1STXdFUVlEVlFRREV3cExkV0psCmNtNWxkR1Z6TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF0MmZFNUhRSm8vNGIKRjNqN1JPZzJ6REhNdEhLd0pjVEZZYkZZMGpIWGZTVWJTS1ZObzUrNTNqQ29SdFFWd1FyYU12QnozMGRJbzd6agpMcE1VQU5aRStacXQrbkk5RWtzMVphS1NKNmYvNXpmZDEzZ1ZOTkgzN05KVUVKV0NHTnVoUmVFNDRpcUtmSDV3Ck9iZlJKL2ZCYVQ5cW9DQW9tWVcvV1JUS0t5ancreFBPeWdZZERsUk9jdzBSRmdieDkvWk5GS1lYR3BQcmdyR0wKWW45VWZXZG92WHozbys3N1piNm9SRWdBVkNDUTBaN0VEYUpjd3RCZkxOV0pWbGRET2dJNFpmWDBaNnNBN2lobgptQ1hHenJGd25JaVhaajUrdjk0ejF0SThOazlvL1RFbG9EdlJnamJNblRxQ2hGa1ZROHhtaXMwckZmMVprN3ZwCjNOMWFtY2hBQVFJREFRQUJvMEl3UURBT0JnTlZIUThCQWY4RUJBTUNBUVl3RHdZRFZSMFRBUUgvQkFVd0F3RUIKL3pBZEJnTlZIUTRFRmdRVTFEaTE0aVpKWGczajNObHdjenZFR1dwRFN2SXdEUVlKS29aSWh2Y05BUUVMQlFBRApnZ0VCQURkR1FDSFcwNkFVZUo4alM3cURPM2F1TG4xTHE0c1JCWHBoVUZ6TGRyMi9rUUlZd1BtcTRmb09RMjBwCitLTVUyanpmR0VHd3ZOU0p2QnphNHRGS1NiZHRpeFI3RmsyREdPLzc5a3ZPZ2o3UVRrUUpkUzNwaWtSc09EMlUKaytpa09qL2wyTkRSRFVXZlh4RjRjeVZTZ0VubDExUUVDa0JrUHBIYlIrUHQxYWhnMGVRMElnL0MvZC8vN2Vtegp3ZWNUZjBsQkc1UmszaURHdkxhaHdTek9jQWhSY1BxVW9idCs1bTVycmp0R3BrTFNQOTBzVko2TTZ3ZE43dGR4CkNpTktWWGRZaHBZWmUrQ1hEQ2lRR0NLVHE5NHJPbGptVmh5Z0FKWjlBOERVOWVZRmVOci9oOW84c2JYNFlzcU0KV3YwREkyQldlQ3k3MmlXZXErNHkwTENKSzQ4PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
|
|
||||||
tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBdDJmRTVIUUpvLzRiRjNqN1JPZzJ6REhNdEhLd0pjVEZZYkZZMGpIWGZTVWJTS1ZOCm81KzUzakNvUnRRVndRcmFNdkJ6MzBkSW83empMcE1VQU5aRStacXQrbkk5RWtzMVphS1NKNmYvNXpmZDEzZ1YKTk5IMzdOSlVFSldDR051aFJlRTQ0aXFLZkg1d09iZlJKL2ZCYVQ5cW9DQW9tWVcvV1JUS0t5ancreFBPeWdZZApEbFJPY3cwUkZnYng5L1pORktZWEdwUHJnckdMWW45VWZXZG92WHozbys3N1piNm9SRWdBVkNDUTBaN0VEYUpjCnd0QmZMTldKVmxkRE9nSTRaZlgwWjZzQTdpaG5tQ1hHenJGd25JaVhaajUrdjk0ejF0SThOazlvL1RFbG9EdlIKZ2piTW5UcUNoRmtWUTh4bWlzMHJGZjFaazd2cDNOMWFtY2hBQVFJREFRQUJBb0lCQUJZd2R0RFEvUzJiRzduKwpTQ0F4SEJnZVdrN21wVXNjZ0dqdVpQbWhVQm55K0ZjVXNNMEFFU1BCclVwTWRJbFRmOHl6N01EeHhlY1Jma2J2ClFuZExkVExodFBUZEIyaUVNdVNtQTVyS3A1cFkxdjB2cVJrbjRpQUQzbW5YUE5NM0YwNzJEY1RITXRRWEZBclgKbzNWN2N5b0JveXZXV0RNaXpHREJ0Q2YrbnhFeFFzS0lLUGFxRzlDVWZlSU95RVgzRXJ6QWo3b3lnSXFLZGozbgpFbVBzbThrWDVROW9iOUZwd3FKNkxMTzcxTklQZnpaOUNLSXpSYzBNU3grL3hPYmdKSlJCNmtZTXpjWkloQ1JBClNNclBsYXZLMEVzMHpoTnIyc05aZHBlSmRzWGk5YURwZjhMOTEvdFpJeEpSMEdSUXpEZXhBN2FWdk8vVUo0N0YKOXNXUVBUVUNnWUVBeXNvTm01VHdkNWZqRzk3NXVRa3pGQUgrRGVCNXBlNTBOMkpyN01neWZsVm8zZlJrSTFKKwpsZXlyUnRIempKSzlqeEVtdVJ0YnIvUWZ3MGRUNnhRSnVJSmk3Vmlld3NPNUgzeWtwdytkbm9jVUhVVDhFWEpVCnpLSzRmSGo1SjFrNHBmaHlnNFBJZ0YxMFF1anhJRlc3Q0R3UERJRStuZm5ZczBJZ1U3SkV0OU1DZ1lFQTU0ZWsKTUltWWMyeHhoYTM1U25qd0ZCeEVwSUF3ZGdvdXBROWVsMHhmVVRkdTJsUnA1NHVZaVFVWURhNjJ6RE1kL21QagppSTdqaGl6TEU4VmU4OWh6QXljeTNIRVJPSHNETkhQVG5WN0phcmp3T29aWWIvRnM2NkxtazZMY05BbGI3TER6Cm5FNGdkTEt0cWpQVnBMbmF1T3VOQitXQzY5bm9xRUZpZWxnUWVGc0NnWUIxZGk0RnBYTFlReEZZem9JbHJPOTYKTW1FL0ZueEFJZXdOUEtRNUJnbEJaaVdWRXYrQitrRzZnOWo5NzVTOEl5OUxsR3F5bytjcTl5UUN6K2tLN0pObwozWldCMTJnMmRucGZnNm8zM25LMUpaY0FFVHBVdkwzanZvbFFDQjZCclV1RHozSTlQWE5BNzJEdGROSmVvV254CnJpQWxaU09wQzlSNm1OM3l2UHJTNHdLQmdCQS9WWWRPY0pOUS9kcHFyZjdLNDlZVmNiKzFlekVkWDg2WGVJVFgKaUN6VDNnU1dQZVJReUlCOUNnWVR4NklteUNrTTYyK3V6MHFnSkJRY0dxQzBCTVlvM3duWEtXVTBSTEpPbW9BRgpvYzdLY1prNXlrVDR4VEwzK0lSTnZuUXNYL1lKS045RUlFVHdNUDJycTRkbXYzR1FuaEg2eWlndzM0SEhMTmozCkN4alhBb0dBSjBUNkN0c1c2dEVpYUI5bnc4enI3M2xkMDhraDZSL3B4VHF5c2diNERFTmptd2dndUFoMlJSZkwKYVg3eTNqSUNOTFBjWEFOYlB0QmYrQkRBTTl0UTEzMk5hYzg3N016RHRVSyswem9CWWtwWGM4Rkd4akVuTzc5RQp2MC9vT2wzR2RaWnNJSXhLblcvVlVmYjJydGY1RWgyQytOY1FpWkNXZm5kWkthMXR4WjQ9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
|
|
Loading…
Reference in New Issue