From 202cb67afdf9b7e5d9273795d0569d3f8511a7d1 Mon Sep 17 00:00:00 2001 From: Reto Lehmann Date: Mon, 29 Apr 2024 10:43:59 +0200 Subject: [PATCH 1/2] Cleanup net-certmanager integration --- config/core/configmaps/logging.yaml | 3 +-- .../ytt/certmanager/net-certmanager-config.yaml | 0 test/config/ytt/core/overlay-config-logging.yaml | 1 - .../ingress/istio/istio-certmanager-webhook.yaml | 14 -------------- test/e2e-common.sh | 2 +- test/e2e/certmanager/e2e-common.sh | 2 +- test/e2e/externaldomaintls/README.md | 2 +- 7 files changed, 4 insertions(+), 20 deletions(-) rename third_party/cert-manager-latest/net-certmanager.yaml => test/config/ytt/certmanager/net-certmanager-config.yaml (100%) delete mode 100644 test/config/ytt/ingress/istio/istio-certmanager-webhook.yaml diff --git a/config/core/configmaps/logging.yaml b/config/core/configmaps/logging.yaml index 1b84d750ae74..2a8a6e36e43a 100644 --- a/config/core/configmaps/logging.yaml +++ b/config/core/configmaps/logging.yaml @@ -22,7 +22,7 @@ metadata: app.kubernetes.io/component: logging app.kubernetes.io/name: knative-serving annotations: - knative.dev/example-checksum: "53fda05f" + knative.dev/example-checksum: "9f25d429" data: _example: | ################################ @@ -73,7 +73,6 @@ data: loglevel.webhook: "info" loglevel.activator: "info" loglevel.hpaautoscaler: "info" - loglevel.net-certmanager-controller: "info" loglevel.net-istio-controller: "info" loglevel.net-contour-controller: "info" loglevel.net-kourier-controller: "info" diff --git a/third_party/cert-manager-latest/net-certmanager.yaml b/test/config/ytt/certmanager/net-certmanager-config.yaml similarity index 100% rename from third_party/cert-manager-latest/net-certmanager.yaml rename to test/config/ytt/certmanager/net-certmanager-config.yaml diff --git a/test/config/ytt/core/overlay-config-logging.yaml b/test/config/ytt/core/overlay-config-logging.yaml index 56b6994a873c..31415e04c230 100644 --- a/test/config/ytt/core/overlay-config-logging.yaml +++ b/test/config/ytt/core/overlay-config-logging.yaml @@ -33,5 +33,4 @@ data: loglevel.activator: "debug" loglevel.hpaautoscaler: "debug" loglevel.net-istio-controller: "debug" - loglevel.net-certmanager-controller: "debug" loglevel.net-contour-controller: "debug" diff --git a/test/config/ytt/ingress/istio/istio-certmanager-webhook.yaml b/test/config/ytt/ingress/istio/istio-certmanager-webhook.yaml deleted file mode 100644 index 8bae07cf9b74..000000000000 --- a/test/config/ytt/ingress/istio/istio-certmanager-webhook.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: "security.istio.io/v1beta1" -kind: "PeerAuthentication" -metadata: - name: "net-certmanager-webhook" - namespace: "knative-serving" - labels: - networking.knative.dev/ingress-provider: istio -spec: - selector: - matchLabels: - app: net-certmanager-webhook - portLevelMtls: - 8443: - mode: PERMISSIVE diff --git a/test/e2e-common.sh b/test/e2e-common.sh index a93cf14d7dea..d766a994cbf3 100644 --- a/test/e2e-common.sh +++ b/test/e2e-common.sh @@ -309,8 +309,8 @@ function install() { YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt/ingress/${ingress}") YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt/certmanager/kapp-order.yaml") YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt/certmanager/kapp-secret-upgrade.yaml") + YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt//certmanager/net-certmanager-config.yaml") YTT_FILES+=("${REPO_ROOT_DIR}/third_party/cert-manager-${CERT_MANAGER_VERSION}/cert-manager.yaml") - YTT_FILES+=("${REPO_ROOT_DIR}/third_party/cert-manager-${CERT_MANAGER_VERSION}/net-certmanager.yaml") if (( MESH )); then YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt/mesh") diff --git a/test/e2e/certmanager/e2e-common.sh b/test/e2e/certmanager/e2e-common.sh index dcfc9588878e..a4dde0f44bf6 100644 --- a/test/e2e/certmanager/e2e-common.sh +++ b/test/e2e/certmanager/e2e-common.sh @@ -42,7 +42,7 @@ function test_setup() { kubectl apply -f third_party/cert-manager-latest/cert-manager.yaml || return 1 wait_until_pods_running cert-manager || return 1 - echo ">> Bringing up net-certmanager Controller" + echo ">> Bringing up serving controller with net-certmanager enabled" ko apply -f config || return 1 echo ">> Waiting for Serving components to be running..." wait_until_pods_running knative-serving || return 1 diff --git a/test/e2e/externaldomaintls/README.md b/test/e2e/externaldomaintls/README.md index c3272fad82ba..bc8cab824d7a 100644 --- a/test/e2e/externaldomaintls/README.md +++ b/test/e2e/externaldomaintls/README.md @@ -5,7 +5,7 @@ feature documentation. # Prerequisites * Have `cert-manager` installed -* Have `net-certmanager` installed +* Have the Knative certmanager integration enabled * Upload test images with `./test/upload-test-images.sh` * Enable `external-domain-tls` with `kubectl patch cm config-network -n knative-serving -p '{"data":{"external-domain-tls": "enabled"}}'` From d46df3e2ac20b7995b4bddd8be812a4d96ede5ad Mon Sep 17 00:00:00 2001 From: Reto Lehmann Date: Mon, 29 Apr 2024 14:04:56 +0200 Subject: [PATCH 2/2] Remove additional / --- test/e2e-common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/e2e-common.sh b/test/e2e-common.sh index d766a994cbf3..b4fbdeb91cae 100644 --- a/test/e2e-common.sh +++ b/test/e2e-common.sh @@ -309,7 +309,7 @@ function install() { YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt/ingress/${ingress}") YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt/certmanager/kapp-order.yaml") YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt/certmanager/kapp-secret-upgrade.yaml") - YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt//certmanager/net-certmanager-config.yaml") + YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt/certmanager/net-certmanager-config.yaml") YTT_FILES+=("${REPO_ROOT_DIR}/third_party/cert-manager-${CERT_MANAGER_VERSION}/cert-manager.yaml") if (( MESH )); then