rudolphjacksonm/upgrade-cert-manager.sh

## upgrade-cert-manager.sh
#!/bin/bash
# Backup all cert-manager data before upgrade
kubectl get -o yaml \
   --all-namespaces \
   issuer,clusterissuer,certificates > cert-manager-backup.yaml

# Backing up certificaterequests separately as our cluster
# didn't have this type of resource and hence would error out
kubectl get -o yaml \
   --all-namespaces \
   certificaterequests >> cert-manager-backup.yaml

# Remove cert-manager from kube-system
helm uninstall cert-manager -n kube-system
# Ensure CRDs are removed
kubectl delete crd \
  certificates.certmanager.k8s.io \
  issuers.certmanager.k8s.io \
  clusterissuers.certmanager.k8s.io

# Remove ClusterrRoleBinding(s)
if kubectl get clusterrolebinding -l app=cert-manager 2>&1 > /dev/null; then
  echo 'Removing ClusterRoleBindings for cert-manager'
  kubectl delete clusterrolebinding -l app=cert-manager
fi

# Remove ClusterRole(s)
if kubectl get clusterrole -l app=cert-manager 2>&1 > /dev/null; then
  echo 'Removing ClusterRoles for cert-manager'
  kubectl delete clusterrole -l app=cert-manager
fi

# Remove ServiceAccount(s)
if kubectl get serviceaccount -l app=cert-manager -n kube-system 2>&1 > /dev/null; then
  echo 'Deleting ServiceAccounts for cert-manager'
  kubectl delete serviceaccount -l app=cert-manager
fi

# Apply CRDs
kubectl apply \
  -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.7/deploy/manifests/00-crds.yaml

# Create the cert-manager namespace if it doesn't already exist
kubectl create namespace cert-manager
kubectl label namespace cert-manager certmanager.k8s.io/disable-validation="true"

# Install the new version of cert-manager
helm repo add jetstack https://charts.jetstack.io
helm install cert-manager --namespace cert-manager jetstack/cert-manager --version "v0.7.2" --wait --timeout 180s

# Wait for webhook component to be ready before restoring backup
kubectl wait --for=condition=ready pod -n cert-manager -l app=webhook

# Restore all resources from backup we made earlier
kubectl apply -f ./cert-manager-backup.yaml
	#!/bin/bash
	# Backup all cert-manager data before upgrade
	kubectl get -o yaml \
	--all-namespaces \
	issuer,clusterissuer,certificates > cert-manager-backup.yaml

	# Backing up certificaterequests separately as our cluster
	# didn't have this type of resource and hence would error out
	kubectl get -o yaml \
	--all-namespaces \
	certificaterequests >> cert-manager-backup.yaml

	# Remove cert-manager from kube-system
	helm uninstall cert-manager -n kube-system
	# Ensure CRDs are removed
	kubectl delete crd \
	certificates.certmanager.k8s.io \
	issuers.certmanager.k8s.io \
	clusterissuers.certmanager.k8s.io

	# Remove ClusterrRoleBinding(s)
	if kubectl get clusterrolebinding -l app=cert-manager 2>&1 > /dev/null; then
	echo 'Removing ClusterRoleBindings for cert-manager'
	kubectl delete clusterrolebinding -l app=cert-manager
	fi

	# Remove ClusterRole(s)
	if kubectl get clusterrole -l app=cert-manager 2>&1 > /dev/null; then
	echo 'Removing ClusterRoles for cert-manager'
	kubectl delete clusterrole -l app=cert-manager
	fi

	# Remove ServiceAccount(s)
	if kubectl get serviceaccount -l app=cert-manager -n kube-system 2>&1 > /dev/null; then
	echo 'Deleting ServiceAccounts for cert-manager'
	kubectl delete serviceaccount -l app=cert-manager
	fi

	# Apply CRDs
	kubectl apply \
	-f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.7/deploy/manifests/00-crds.yaml

	# Create the cert-manager namespace if it doesn't already exist
	kubectl create namespace cert-manager
	kubectl label namespace cert-manager certmanager.k8s.io/disable-validation="true"

	# Install the new version of cert-manager
	helm repo add jetstack https://charts.jetstack.io
	helm install cert-manager --namespace cert-manager jetstack/cert-manager --version "v0.7.2" --wait --timeout 180s

	# Wait for webhook component to be ready before restoring backup
	kubectl wait --for=condition=ready pod -n cert-manager -l app=webhook

	# Restore all resources from backup we made earlier
	kubectl apply -f ./cert-manager-backup.yaml