USHIFT-5563: introduce cert-manager operator manifests

[eslutsky]

this PR introduces cert-manager operator manifests to Microshift , currently the operator will fail because of missing dependencies , this is being handled in this PR.

manual steps involved (which will be automated during the rebase proccess)

1. manifests copied from the operator: cp -r ${cert-manager-repo-dir}/config/{default,crd,rbac,manager} ${microshift-repo-dir}/assets/optional/cert-manager
2. moved default/kustomize.yaml ${microshift-repo-dir}/assets/optional/cert-manager/kustomized.yaml
3. changed paths in kustomized.yaml ../to.`
4. replace in manager/kustomization.yaml with the operator published image in newName.
5. create release-cert-manager-{aarch64,x86_64}.json with images references taken from [1].

[0] cert-manager-repo-dir is from https://github.com/openshift/cert-manager-operator/tree/master/config [1] image reference is published here

extracting latest published version (for rebase)

1. install opm client https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/stable/
2. run opm command

 export REGISTRY_AUTH_FILE=~/.pull-secret.json
 
 opm render registry.redhat.io/redhat/redhat-operator-index:v4.19 -o yaml  >redhat-operator-index.yaml
 yq 'select(.schema == "olm.channel" and .package == "openshift-cert-manager-operator" and .name == "stable-v1")' redhat-operator-index.yaml
 
#  which produces:
- name: cert-manager-operator.v1.15.0
  replaces: cert-manager-operator.v1.14.1
  skipRange: '>=1.14.1 <1.15.0'
- name: cert-manager-operator.v1.15.1
  replaces: cert-manager-operator.v1.15.0
  skipRange: '>=1.15.0 <1.15.1'
- name: cert-manager-operator.v1.16.0
  replaces: cert-manager-operator.v1.15.1
  skipRange: '>=1.15.1 <1.16.0'
name: stable-v1
package: openshift-cert-manager-operator
schema: olm.channel



yq 'select (.name=="cert-manager-operator.v1.16.0") | pick(["relatedImages"])' redhat-operator-index.yaml

# which produces
relatedImages:
- image: registry.redhat.io/cert-manager/cert-manager-istio-csr-rhel9@sha256:9ea2c29a384b964cef14f853278821df3cd30320f25afab8823897192f67fc7e
  name: cert-manager-istiocsr
- image: registry.redhat.io/cert-manager/cert-manager-operator-bundle@sha256:f3324ea2051d4ffb00136de53f5355bcc0449bc79349833ddaae528cb37cd3b0
  name: ""
- image: registry.redhat.io/cert-manager/cert-manager-operator-rhel9@sha256:41146965b3344b008ff0f6d119c1cb071efa7f02c742ce9af303b896ae43bff7
  name: ""
- image: registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:438d487c6b644319094f92250d43e0becf1bd0cc4b7d2864f4de72bacd1b9daf
  name: cert-manager-acmesolver
- image: registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:408a5c91e6066d33801456db5b0c214095ab7e47a0af1dcb91b5c88bfbcca4d4
  name: cert-manager-webhook
- image: registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:408a5c91e6066d33801456db5b0c214095ab7e47a0af1dcb91b5c88bfbcca4d4
  name: cert-manager-ca-injector
- image: registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:408a5c91e6066d33801456db5b0c214095ab7e47a0af1dcb91b5c88bfbcca4d4
  name: cert-manager-controller

Which issue(s) this PR addresses:

Closes #<Issue Number>

[openshift-ci[bot]]

Skipping CI for Draft Pull Request. If you want CI signal for your change, please convert it to an actual PR. You can still manually trigger a test run with /test all

[eslutsky]

/test ?

[openshift-ci[bot]]

@eslutsky: The following commands are available to trigger required jobs:

/test e2e-aws-ai-model-serving

/test e2e-aws-footprint-and-performance

/test e2e-aws-tests

/test e2e-aws-tests-arm

/test e2e-aws-tests-bootc

/test e2e-aws-tests-bootc-arm

/test e2e-aws-tests-bootc-periodic

/test e2e-aws-tests-bootc-periodic-arm

/test e2e-aws-tests-cache

/test e2e-aws-tests-cache-arm

/test e2e-aws-tests-periodic

/test e2e-aws-tests-periodic-arm

/test images

/test ocp-full-conformance-rhel-eus

/test ocp-full-conformance-serial-rhel-eus

/test test-rpm

/test test-unit

/test verify

The following commands are available to trigger optional jobs:

/test security

/test test-rebase

Use /test all to run the following jobs that were automatically triggered:

pull-ci-openshift-microshift-main-e2e-aws-tests

pull-ci-openshift-microshift-main-e2e-aws-tests-arm

pull-ci-openshift-microshift-main-e2e-aws-tests-bootc

pull-ci-openshift-microshift-main-e2e-aws-tests-bootc-arm

pull-ci-openshift-microshift-main-images

pull-ci-openshift-microshift-main-ocp-full-conformance-rhel-eus

pull-ci-openshift-microshift-main-ocp-full-conformance-serial-rhel-eus

pull-ci-openshift-microshift-main-security

pull-ci-openshift-microshift-main-test-rebase

pull-ci-openshift-microshift-main-test-rpm

pull-ci-openshift-microshift-main-test-unit

pull-ci-openshift-microshift-main-verify

In response to this:

/test ?

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[eslutsky]

/test test-rebase

[openshift-ci-robot]

@eslutsky: This pull request references USHIFT-5563 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.20.0" version, but no target version was set.

In response to this:

this PR introduces cert-manager operator manifests to Microshift , currently the operator will fail because of missing dependencies , this is being handled in this PR.

manual steps involved (which will be automated during the rebase proccess)

1. manifests copied from the operator: cp -r ${cert-manager-repo-dir}/config/{default,crd,rbac,manager} ${microshift-repo-dir}/assets/optional/cert-manager
2. moved default/kustomize.yaml ${microshift-repo-dir}/assets/optional/cert-manager/kustomized.yaml
3. changed paths in kustomized.yaml ../to.`
4. replace in manager/kustomization.yaml with the operator published image in newName.
5. create release-cert-manager-{aarch64,x86_64}.json with images references taken from [1].

[0] cert-manager-repo-dir is from https://github.com/openshift/cert-manager-operator/tree/master/config [1] image reference is published here

extracting latest published version (for rebase)

1. install opm client https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/stable/
2. run opm command

 export REGISTRY_AUTH_FILE=~/.pull-secret.json
 
 opm render registry.redhat.io/redhat/redhat-operator-index:v4.19 -o yaml  >redhat-operator-index.yaml
 yq 'select(.schema == "olm.channel" and .package == "openshift-cert-manager-operator" and .name == "stable-v1")' redhat-operator-index.yaml
 
#  which produces:
- name: cert-manager-operator.v1.15.0
  replaces: cert-manager-operator.v1.14.1
  skipRange: '>=1.14.1 <1.15.0'
- name: cert-manager-operator.v1.15.1
  replaces: cert-manager-operator.v1.15.0
  skipRange: '>=1.15.0 <1.15.1'
- name: cert-manager-operator.v1.16.0
  replaces: cert-manager-operator.v1.15.1
  skipRange: '>=1.15.1 <1.16.0'
name: stable-v1
package: openshift-cert-manager-operator
schema: olm.channel



yq 'select (.name=="cert-manager-operator.v1.16.0") | pick(["relatedImages"])' redhat-operator-index.yaml

# which produces
relatedImages:
- image: registry.redhat.io/cert-manager/cert-manager-istio-csr-rhel9@sha256:9ea2c29a384b964cef14f853278821df3cd30320f25afab8823897192f67fc7e
  name: cert-manager-istiocsr
- image: registry.redhat.io/cert-manager/cert-manager-operator-bundle@sha256:f3324ea2051d4ffb00136de53f5355bcc0449bc79349833ddaae528cb37cd3b0
  name: ""
- image: registry.redhat.io/cert-manager/cert-manager-operator-rhel9@sha256:41146965b3344b008ff0f6d119c1cb071efa7f02c742ce9af303b896ae43bff7
  name: ""
- image: registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9@sha256:438d487c6b644319094f92250d43e0becf1bd0cc4b7d2864f4de72bacd1b9daf
  name: cert-manager-acmesolver
- image: registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:408a5c91e6066d33801456db5b0c214095ab7e47a0af1dcb91b5c88bfbcca4d4
  name: cert-manager-webhook
- image: registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:408a5c91e6066d33801456db5b0c214095ab7e47a0af1dcb91b5c88bfbcca4d4
  name: cert-manager-ca-injector
- image: registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9@sha256:408a5c91e6066d33801456db5b0c214095ab7e47a0af1dcb91b5c88bfbcca4d4
  name: cert-manager-controller

Which issue(s) this PR addresses:

Closes #<Issue Number>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[eslutsky]

/test test-rebase

[eslutsky]

/test verify

[eslutsky]

/test e2e-aws-tests-bootc-arm

[openshift-ci-robot]

@eslutsky: This pull request references USHIFT-5563 which is a valid jira issue.

In response to this:

this PR introduces cert-manager operator manifests to Microshift manual steps involved (which will be automated during the rebase proccess)

1. manifests copied from the operator: cp -r ${cert-manager-repo-dir}/config/{default,crd,rbac,manager} ${microshift-repo-dir}/assets/optional/cert-manager
2. moved default/kustomize.yaml ${microshift-repo-dir}/assets/optional/cert-manager/kustomized.yaml
3. changed paths in kustomized.yaml ../to.`
4. replace in manager/kustomization.yaml with the operator published image in newName.
5. create release-cert-manager-{aarch64,x86_64}.json with images references taken from [1].

[0] cert-manager-repo-dir is from https://github.com/openshift/cert-manager-operator/tree/master/config [1] image reference is published here

Which issue(s) this PR addresses:

Closes #<Issue Number>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci-robot]

@eslutsky: This pull request references USHIFT-5563 which is a valid jira issue.

In response to this:

this PR introduces:

• cert-manager operator manifests to Microshift , based on :
• operator - manually built from cert-manager 1.17.0 sources and pushed to http://quay.io/microshift/cert-manager:latest
• images - extracted from opm (redhat operator catalog ) - latest relesed images 1.16.4
• RPM creating and build code
• RF tests

Which issue(s) this PR addresses:

Closes #<Issue Number>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci-robot]

@eslutsky: This pull request references USHIFT-5563 which is a valid jira issue.

In response to this:

this PR introduces:

• cert-manager operator manifests to Microshift , based on :
• operator - manually built from cert-manager 1.17.0 sources and pushed to http://quay.io/microshift/cert-manager:latest
• images - extracted from opm (redhat operator catalog ) - latest relesed images 1.16.4
• RPM creation code
• RF tests

Which issue(s) this PR addresses:

Closes #<Issue Number>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci-robot]

@eslutsky: This pull request references USHIFT-5563 which is a valid jira issue.

In response to this:

this PR introduces:

• cert-manager manifests , based on :
• operator - manually built from cert-manager 1.17.0 sources and pushed to http://quay.io/microshift/cert-manager:latest
• images - extracted from opm (redhat operator catalog ) - latest relesed images 1.16.4
• RPM creation code
• RF tests

Which issue(s) this PR addresses:

Closes #<Issue Number>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[eslutsky]

/test e2e-aws-tests-bootc

[openshift-ci-robot]

@eslutsky: This pull request references USHIFT-5563 which is a valid jira issue.

In response to this:

this PR introduces:

• cert-manager manifests , based on :
• operator - manually built from cert-manager 1.17.0 sources (arm64 and amd64) and pushed to http://quay.io/microshift/cert-manager:latest
• images - extracted from opm (redhat operator catalog ) - latest relesed images 1.16.4
• RPM creation code
• RF tests

Which issue(s) this PR addresses:

Closes #<Issue Number>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[eslutsky]

/retest

[eslutsky]

/test e2e-aws-tests-bootc-arm /test e2e-aws-tests-bootc-periodic-arm

[pmtk]

/lgtm

[openshift-ci[bot]]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: eslutsky, pmtk

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• ~~OWNERS~~ [eslutsky,pmtk]

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

[pmtk]

/retest

[openshift-ci-robot]

/retest-required

Remaining retests: 0 against base HEAD 5e34dc6f9f2dcde7aa35f4cf82cbe79929b392c4 and 2 for PR HEAD c29adcd487a6be867d4e60288d9bb8b250ebad51 in total

[eslutsky]

/test e2e-aws-tests-periodic-arm

[openshift-ci[bot]]

@eslutsky: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.