tomaszkiewicz/cert-manager.yml

## cert-manager.yml
---
# Source: cert-manager/templates/00-namespace.yaml

apiVersion: v1
kind: Namespace
metadata:
  name: "cert-manager"

---
# Source: cert-manager/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: cert-manager
  namespace: "cert-manager"
  labels:
    app: cert-manager
    chart: cert-manager-v0.3.1
    release: cert-manager
    heritage: Tiller
---
# Source: cert-manager/templates/certificate-crd.yaml
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  name: certificates.certmanager.k8s.io
  labels:
    app: cert-manager
    chart: cert-manager-v0.3.1
    release: cert-manager
    heritage: Tiller
spec:
  group: certmanager.k8s.io
  version: v1alpha1
  scope: Namespaced
  names:
    kind: Certificate
    plural: certificates
    shortNames:
      - cert
      - certs

---
# Source: cert-manager/templates/clusterissuer-crd.yaml
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  name: clusterissuers.certmanager.k8s.io
  labels:
    app: cert-manager
    chart: cert-manager-v0.3.1
    release: cert-manager
    heritage: Tiller
spec:
  group: certmanager.k8s.io
  version: v1alpha1
  names:
    kind: ClusterIssuer
    plural: clusterissuers
  scope: Cluster
---
# Source: cert-manager/templates/issuer-crd.yaml
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  name: issuers.certmanager.k8s.io
  labels:
    app: cert-manager
    chart: cert-manager-v0.3.1
    release: cert-manager
    heritage: Tiller
spec:
  group: certmanager.k8s.io
  version: v1alpha1
  names:
    kind: Issuer
    plural: issuers
  scope: Namespaced
---
# Source: cert-manager/templates/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
  name: cert-manager
  labels:
    app: cert-manager
    chart: cert-manager-v0.3.1
    release: cert-manager
    heritage: Tiller
rules:
  - apiGroups: ["certmanager.k8s.io"]
    resources: ["certificates", "issuers", "clusterissuers"]
    verbs: ["*"]
  - apiGroups: [""]
    # TODO: remove endpoints once 0.4 is released. We include it here in case
    # users use the 'master' version of the Helm chart with a 0.2.x release of
    # cert-manager that still performs leader election with Endpoint resources.
    # We advise users don't do this, but some will anyway and this will reduce
    # friction.
    resources: ["endpoints", "configmaps", "secrets", "events", "services", "pods"]
    verbs: ["*"]
  - apiGroups: ["extensions"]
    resources: ["ingresses"]
    verbs: ["*"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: cert-manager
  labels:
    app: cert-manager
    chart: cert-manager-v0.3.1
    release: cert-manager
    heritage: Tiller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cert-manager
subjects:
  - name: cert-manager
    namespace: "cert-manager"
    kind: ServiceAccount
---
# Source: cert-manager/templates/deployment.yaml
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: cert-manager
  namespace: "cert-manager"
  labels:
    app: cert-manager
    chart: cert-manager-v0.3.1
    release: cert-manager
    heritage: Tiller
spec:
  replicas: 1
  selector:
    matchLabels:
      app: cert-manager
      release: cert-manager
  template:
    metadata:
      labels:
        app: cert-manager
        release: cert-manager
      annotations:
        iam.amazonaws.com/role: k8s-cert-manager
    spec:
      serviceAccountName: cert-manager
      containers:
        - name: cert-manager
          image: "quay.io/jetstack/cert-manager-controller:v0.3.0"
          imagePullPolicy: IfNotPresent
          args:
          - --cluster-resource-namespace=$(POD_NAMESPACE)
          - --leader-election-namespace=$(POD_NAMESPACE)
          env:
          - name: POD_NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
          resources:
            requests:
              cpu: 10m
              memory: 32Mi
	---
	# Source: cert-manager/templates/00-namespace.yaml

	apiVersion: v1
	kind: Namespace
	metadata:
	name: "cert-manager"

	---
	# Source: cert-manager/templates/serviceaccount.yaml
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: cert-manager
	namespace: "cert-manager"
	labels:
	app: cert-manager
	chart: cert-manager-v0.3.1
	release: cert-manager
	heritage: Tiller
	---
	# Source: cert-manager/templates/certificate-crd.yaml
	apiVersion: apiextensions.k8s.io/v1beta1
	kind: CustomResourceDefinition
	metadata:
	name: certificates.certmanager.k8s.io
	labels:
	app: cert-manager
	chart: cert-manager-v0.3.1
	release: cert-manager
	heritage: Tiller
	spec:
	group: certmanager.k8s.io
	version: v1alpha1
	scope: Namespaced
	names:
	kind: Certificate
	plural: certificates
	shortNames:
	- cert
	- certs

	---
	# Source: cert-manager/templates/clusterissuer-crd.yaml
	apiVersion: apiextensions.k8s.io/v1beta1
	kind: CustomResourceDefinition
	metadata:
	name: clusterissuers.certmanager.k8s.io
	labels:
	app: cert-manager
	chart: cert-manager-v0.3.1
	release: cert-manager
	heritage: Tiller
	spec:
	group: certmanager.k8s.io
	version: v1alpha1
	names:
	kind: ClusterIssuer
	plural: clusterissuers
	scope: Cluster
	---
	# Source: cert-manager/templates/issuer-crd.yaml
	apiVersion: apiextensions.k8s.io/v1beta1
	kind: CustomResourceDefinition
	metadata:
	name: issuers.certmanager.k8s.io
	labels:
	app: cert-manager
	chart: cert-manager-v0.3.1
	release: cert-manager
	heritage: Tiller
	spec:
	group: certmanager.k8s.io
	version: v1alpha1
	names:
	kind: Issuer
	plural: issuers
	scope: Namespaced
	---
	# Source: cert-manager/templates/rbac.yaml
	apiVersion: rbac.authorization.k8s.io/v1beta1
	kind: ClusterRole
	metadata:
	name: cert-manager
	labels:
	app: cert-manager
	chart: cert-manager-v0.3.1
	release: cert-manager
	heritage: Tiller
	rules:
	- apiGroups: ["certmanager.k8s.io"]
	resources: ["certificates", "issuers", "clusterissuers"]
	verbs: ["*"]
	- apiGroups: [""]
	# TODO: remove endpoints once 0.4 is released. We include it here in case
	# users use the 'master' version of the Helm chart with a 0.2.x release of
	# cert-manager that still performs leader election with Endpoint resources.
	# We advise users don't do this, but some will anyway and this will reduce
	# friction.
	resources: ["endpoints", "configmaps", "secrets", "events", "services", "pods"]
	verbs: ["*"]
	- apiGroups: ["extensions"]
	resources: ["ingresses"]
	verbs: ["*"]
	---
	apiVersion: rbac.authorization.k8s.io/v1beta1
	kind: ClusterRoleBinding
	metadata:
	name: cert-manager
	labels:
	app: cert-manager
	chart: cert-manager-v0.3.1
	release: cert-manager
	heritage: Tiller
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: cert-manager
	subjects:
	- name: cert-manager
	namespace: "cert-manager"
	kind: ServiceAccount
	---
	# Source: cert-manager/templates/deployment.yaml
	apiVersion: apps/v1beta1
	kind: Deployment
	metadata:
	name: cert-manager
	namespace: "cert-manager"
	labels:
	app: cert-manager
	chart: cert-manager-v0.3.1
	release: cert-manager
	heritage: Tiller
	spec:
	replicas: 1
	selector:
	matchLabels:
	app: cert-manager
	release: cert-manager
	template:
	metadata:
	labels:
	app: cert-manager
	release: cert-manager
	annotations:
	iam.amazonaws.com/role: k8s-cert-manager
	spec:
	serviceAccountName: cert-manager
	containers:
	- name: cert-manager
	image: "quay.io/jetstack/cert-manager-controller:v0.3.0"
	imagePullPolicy: IfNotPresent
	args:
	- --cluster-resource-namespace=$(POD_NAMESPACE)
	- --leader-election-namespace=$(POD_NAMESPACE)
	env:
	- name: POD_NAMESPACE
	valueFrom:
	fieldRef:
	fieldPath: metadata.namespace
	resources:
	requests:
	cpu: 10m
	memory: 32Mi