-
Story
-
Resolution: Done
-
Normal
-
None
-
None
-
None
-
Upstream
-
3
-
False
-
None
-
False
-
OCPSTRAT-1597 - [Tech Preview/phase 4] Next-gen OLM (OLM v1)
-
-
-
Veritas OLM Sprint 256
We utilize cert-manager upstream for generating the TLS certificates used by catalogd (and the CA used by operator-controller for verification) to serve catalog contents over HTTPS.
OpenShift has it's own operator for managing certificates: https://github.com/openshift/service-ca-operator
To align with the rest of the OpenShift org and continue serving catalog contents over HTTPS we need to add a downstream only kustomize overlay so that the manifests generated for catalogd downstream creates certificates via service-ca-operator.
An example of this overlay approach can be seen here: https://github.com/openshift/operator-framework-rukpak/tree/main/openshift/kustomize/overlays/openshift
- is cloned by
-
OPRUN-3436 [DOWNSTREAM] operator-controller: Create a service-ca-operator kustomize overlay
- Closed
- links to