Uploaded image for project: 'Operator Runtime'
  1. Operator Runtime
  2. OPRUN-3428

[DOWNSTREAM] Create a service-ca-operator kustomize overlay

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Normal Normal
    • None
    • None
    • None
    • Veritas OLM Sprint 256

      We utilize cert-manager upstream for generating the TLS certificates used by catalogd (and the CA used by operator-controller for verification) to serve catalog contents over HTTPS.

      OpenShift has it's own operator for managing certificates: https://github.com/openshift/service-ca-operator

      To align with the rest of the OpenShift org and continue serving catalog contents over HTTPS we need to add a downstream only kustomize overlay so that the manifests generated for catalogd downstream creates certificates via service-ca-operator.

      An example of this overlay approach can be seen here: https://github.com/openshift/operator-framework-rukpak/tree/main/openshift/kustomize/overlays/openshift

            tgeiger@redhat.com Tayler Geiger
            rh-ee-bpalmer Bryce Palmer
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: