Update cert-manager install/uninstall process

2022-08-05 13:42:50 -04:00 · 2022-08-05 13:42:50 -04:00 · 618739bef7
commit 618739bef7
parent 6a593a6ac7
4 changed files with 37 additions and 20 deletions
--- a/003-cert-manager/external-secrets.yaml
+++ b/003-cert-manager/external-secrets.yaml
@ -1,14 +1,4 @@
 ---
-apiVersion: v1
-kind: Secret
-type: kubernetes.io/service-account-token
-metadata:
-  name: serviceaccounttoken
-  namespace: cert-manager 
-  annotations:
-    kubernetes.io/service-account.name: "cert-manager"
-...
---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
--- a/003-cert-manager/install.sh
+++ b/003-cert-manager/install.sh
@ -1,16 +1,15 @@
 #!/bin/bash

-CHART_VERSION=1.8.0
+CHART_VERSION=1.9.1
 NAMESPACE=cert-manager
 EMAIL=amarpreet@minhas.io

-./vault-role.sh
+kubectl create ns ${NAMESPACE}
+#kubectl create serviceaccount -n ${NAMESPACE} cert-manager

 helm repo add jetstack https://charts.jetstack.io
 helm repo update

-kubectl create ns ${NAMESPACE}
-kubectl create serviceaccount -n ${NAMESPACE} cert-manager
 kubectl apply -n ${NAMESPACE} -f external-secrets.yaml

 helm upgrade --install \
@ -22,6 +21,9 @@ helm upgrade --install \
 	--set installCRDs=true \
 	--cleanup-on-fail

+kubectl apply -n ${NAMESPACE} -f serviceaccounttoken.yaml
+./vault-role.sh
+
 helm upgrade -install \
 	cert-manager-csi-driver \
 	jetstack/cert-manager-csi-driver \
@ -48,4 +50,6 @@ helm upgrade --install \
 	--cleanup-on-fail
 popd

+rm -rf cert-manager-webhook-namecheap
+
 kubectl apply -f issuers.yaml
--- a/003-cert-manager/serviceaccounttoken.yaml
+++ b/003-cert-manager/serviceaccounttoken.yaml
@ -0,0 +1,10 @@
+---
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/service-account-token
+metadata:
+  name: serviceaccounttoken
+  namespace: cert-manager 
+  annotations:
+    kubernetes.io/service-account.name: "cert-manager"
+...
--- a/003-cert-manager/uninstall.sh
+++ b/003-cert-manager/uninstall.sh
@ -1,9 +1,22 @@
 #!/bin/bash

-CHART_VERSION=1.8.0
+CHART_VERSION=1.9.1

-kubectl delete -f vault-issuer.yaml
-kubectl get Issuers,ClusterIssuers,Certificates,CertificateRequests,Orders,Challenges --all-namespaces
-#helm -n cert-manager delete cert-manager
-#kubectl delete ns cert-manager
-#kubectl delete -f https://github.com/jetstack/cert-manager/releases/download/v${CHART_VERSION}/cert-manager.crds.yaml
+kubectl delete -f issuers.yaml
+for i in $(kubectl get Issuers -n cert-manager | grep -v NAME | cut -d' ' -f1); do
+	kubectl delete Issuers -n cert-manager $i
+done
+for i in $(kubectl get ClusterIssuers | grep -v NAME | cut -d' ' -f1); do
+	kubectl delete ClusterIssuers $i
+done
+for i in $(kubectl get Certificates -n cert-manager | grep -v NAME | cut -d' ' -f1); do
+	kubectl delete Certificates -n cert-manager $i
+done
+
+helm -n cert-manager delete namecheap-webhook 
+helm -n cert-manager delete letsencrypt-namecheap-issuer
+helm -n cert-manager delete cert-manager
+
+kubectl delete -n ${NAMESPACE} -f external-secrets.yaml
+kubectl delete -n ${NAMESPACE} -f serviceaccounttoken.yaml
+kubectl delete ns cert-manager