diff options
Diffstat (limited to 'certServiceK8sExternalProvider/deploy')
5 files changed, 95 insertions, 246 deletions
diff --git a/certServiceK8sExternalProvider/deploy/_certificte_example_.yaml b/certServiceK8sExternalProvider/deploy/_certificte_example_.yaml index dff8cacf..70708036 100644 --- a/certServiceK8sExternalProvider/deploy/_certificte_example_.yaml +++ b/certServiceK8sExternalProvider/deploy/_certificte_example_.yaml @@ -22,7 +22,7 @@ # ============LICENSE_END========================================================= # -apiVersion: cert-manager.io/v1alpha2 +apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: _sample_cert_name_ diff --git a/certServiceK8sExternalProvider/deploy/configuration.yaml b/certServiceK8sExternalProvider/deploy/configuration.yaml index 711e5948..08e26fce 100644 --- a/certServiceK8sExternalProvider/deploy/configuration.yaml +++ b/certServiceK8sExternalProvider/deploy/configuration.yaml @@ -22,7 +22,7 @@ # ============LICENSE_END========================================================= # -apiVersion: certmanager.onap.org/v1beta1 +apiVersion: certmanager.onap.org/v1 kind: CertServiceIssuer metadata: name: certservice-issuer diff --git a/certServiceK8sExternalProvider/deploy/crd.yaml b/certServiceK8sExternalProvider/deploy/crd.yaml index 5c61de4f..9bdbf350 100644 --- a/certServiceK8sExternalProvider/deploy/crd.yaml +++ b/certServiceK8sExternalProvider/deploy/crd.yaml @@ -22,12 +22,9 @@ # ============LICENSE_END========================================================= # -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.2.5 - creationTimestamp: null name: certserviceissuers.certmanager.onap.org spec: group: certmanager.onap.org @@ -37,104 +34,95 @@ spec: plural: certserviceissuers singular: certserviceissuer scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: CertServiceIssuer is the Schema for the certserviceissuers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CertServiceIssuerSpec defines the desired state of CertServiceIssuer - properties: - url: - description: URL is the base URL for the certservice certificates instance. - type: string - keyRef: - description: keyRef is a reference to a Secret containing the - provisioner password used to decrypt the provisioner private key. - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - description: The name of the secret in the pod's namespace to - select from. - type: string - required: - - name - - key - type: object - required: - - url - - keyRef - type: object - status: - description: CertServiceIssuerStatus defines the observed state of CertServiceIssuer - properties: - conditions: - items: - description: CertServiceIssuerCondition contains condition information for - the certservice issuer. - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - format: date-time - type: string - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - allOf: - - enum: - - "True" - - "False" - - Unknown - - enum: - - "True" - - "False" - - Unknown - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - type: string - type: - description: Type of the condition, currently ('Ready'). - enum: - - Ready - type: string - required: - - status - - type - type: object - type: array - type: object - type: object - version: v1beta1 versions: - - name: v1beta1 + - name: v1 served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] + schema: + openAPIV3Schema: + description: CertServiceIssuer is the Schema for the certserviceissuers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CertServiceIssuerSpec defines the desired state of CertServiceIssuer + properties: + url: + description: URL is the base URL for the certservice certificates instance. + type: string + keyRef: + description: keyRef is a reference to a Secret containing the + provisioner password used to decrypt the provisioner private key. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + description: The name of the secret in the pod's namespace to + select from. + type: string + required: + - name + - key + type: object + required: + - url + - keyRef + type: object + status: + description: CertServiceIssuerStatus defines the observed state of CertServiceIssuer + properties: + conditions: + items: + description: CertServiceIssuerCondition contains condition information for + the certservice issuer. + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding + to the last status change of this condition. + format: date-time + type: string + message: + description: Message is a human readable description of the details + of the last transition, complementing reason. + type: string + reason: + description: Reason is a brief machine readable explanation for + the condition's last transition. + type: string + status: + allOf: + - enum: + - "True" + - "False" + - Unknown + - enum: + - "True" + - "False" + - Unknown + description: Status of the condition, one of ('True', 'False', + 'Unknown'). + type: string + type: + description: Type of the condition, currently ('Ready'). + enum: + - Ready + type: string + required: + - status + - type + type: object + type: array + type: object + type: object diff --git a/certServiceK8sExternalProvider/deploy/deployment.yaml b/certServiceK8sExternalProvider/deploy/deployment.yaml index c2c617cf..3e21dc2e 100644 --- a/certServiceK8sExternalProvider/deploy/deployment.yaml +++ b/certServiceK8sExternalProvider/deploy/deployment.yaml @@ -72,16 +72,15 @@ spec: name: https - args: - --metrics-addr=127.0.0.1:8080 - - --enable-leader-election command: - /oom-certservice-k8s-external-provider image: onap/oom-certservice-k8s-external-provider:1.0.0 name: oom-certservice-k8s-external-provider resources: limits: - cpu: 100m - memory: 50Mi + cpu: 250m + memory: 128Mi requests: cpu: 100m - memory: 30Mi + memory: 64Mi terminationGracePeriodSeconds: 10 diff --git a/certServiceK8sExternalProvider/deploy/roles.yaml b/certServiceK8sExternalProvider/deploy/roles.yaml index 5025e11e..8b47c886 100644 --- a/certServiceK8sExternalProvider/deploy/roles.yaml +++ b/certServiceK8sExternalProvider/deploy/roles.yaml @@ -22,143 +22,6 @@ # ============LICENSE_END========================================================= # -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.2.5 - creationTimestamp: null - name: certserviceissuers.certmanager.onap.org -spec: - group: certmanager.onap.org - names: - kind: CertServiceIssuer - listKind: CertServiceIssuerList - plural: certserviceissuers - singular: certserviceissuer - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: CertServiceIssuer is the Schema for the certserviceissuers API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CertServiceIssuerSpec defines the desired state of CertServiceIssuer - properties: - caBundle: - description: CABundle is a base64 encoded TLS certificate used to verify - connections to the certservice certificates server. If not set the system - root certificates are used to validate the TLS connection. - format: byte - type: string - provisioner: - description: Provisioner contains the certservice certificates provisioner - configuration. - properties: - kid: - description: KeyID is the kid property of the JWK provisioner. - type: string - name: - description: Names is the name of the JWK provisioner. - type: string - passwordRef: - description: PasswordRef is a reference to a Secret containing the - provisioner password used to decrypt the provisioner private key. - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - description: The name of the secret in the pod's namespace to - select from. - type: string - required: - - name - type: object - required: - - kid - - name - - passwordRef - type: object - url: - description: URL is the base URL for the certservice certificates instance. - type: string - required: - - provisioner - - url - type: object - status: - description: CertServiceIssuerStatus defines the observed state of CertServiceIssuer - properties: - conditions: - items: - description: CertServiceIssuerCondition contains condition information for - the certservice issuer. - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - format: date-time - type: string - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - allOf: - - enum: - - "True" - - "False" - - Unknown - - enum: - - "True" - - "False" - - Unknown - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - type: string - type: - description: Type of the condition, currently ('Ready'). - enum: - - Ready - type: string - required: - - status - - type - type: object - type: array - type: object - type: object - version: v1beta1 - versions: - - name: v1beta1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -195,7 +58,6 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null name: certservice-issuer-manager-role rules: - apiGroups: |