diff --git a/openshift/catalogd/kustomize/overlays/openshift/olmv1-ns/patches/manager_deployment_certs.yaml b/openshift/catalogd/kustomize/overlays/openshift/olmv1-ns/patches/manager_deployment_certs.yaml index fb3b3b8e1..45a65a450 100644 --- a/openshift/catalogd/kustomize/overlays/openshift/olmv1-ns/patches/manager_deployment_certs.yaml +++ b/openshift/catalogd/kustomize/overlays/openshift/olmv1-ns/patches/manager_deployment_certs.yaml @@ -17,8 +17,10 @@ path: /spec/template/spec/containers/0/args/- value: "--tls-key=/var/certs/tls.key" - op: add + path: /spec/template/spec/containers/0/args/- + value: "--pull-cas-dir=/var/ca-certs" +- op: remove path: /spec/template/spec/containers/0/env - value: [{"name":"SSL_CERT_DIR", "value":"/var/ca-certs"}] - op: add path: /spec/template/spec/securityContext/seLinuxOptions value: {"type":"spc_t"} diff --git a/openshift/catalogd/manifests-experimental/18-deployment-openshift-catalogd-catalogd-controller-manager.yml b/openshift/catalogd/manifests-experimental/18-deployment-openshift-catalogd-catalogd-controller-manager.yml index d0081dddb..1555f9eb7 100644 --- a/openshift/catalogd/manifests-experimental/18-deployment-openshift-catalogd-catalogd-controller-manager.yml +++ b/openshift/catalogd/manifests-experimental/18-deployment-openshift-catalogd-catalogd-controller-manager.yml @@ -46,14 +46,12 @@ spec: - --external-address=catalogd-service.openshift-catalogd.svc - --tls-cert=/var/certs/tls.crt - --tls-key=/var/certs/tls.key + - --pull-cas-dir=/var/ca-certs - --v=${LOG_VERBOSITY} - --feature-gates=APIV1MetasHandler=true - --global-pull-secret=openshift-config/pull-secret command: - ./catalogd - env: - - name: SSL_CERT_DIR - value: /var/ca-certs image: ${CATALOGD_IMAGE} imagePullPolicy: IfNotPresent livenessProbe: diff --git a/openshift/catalogd/manifests/18-deployment-openshift-catalogd-catalogd-controller-manager.yml b/openshift/catalogd/manifests/18-deployment-openshift-catalogd-catalogd-controller-manager.yml index 651978d02..8bb09bd1a 100644 --- a/openshift/catalogd/manifests/18-deployment-openshift-catalogd-catalogd-controller-manager.yml +++ b/openshift/catalogd/manifests/18-deployment-openshift-catalogd-catalogd-controller-manager.yml @@ -46,13 +46,11 @@ spec: - --external-address=catalogd-service.openshift-catalogd.svc - --tls-cert=/var/certs/tls.crt - --tls-key=/var/certs/tls.key + - --pull-cas-dir=/var/ca-certs - --v=${LOG_VERBOSITY} - --global-pull-secret=openshift-config/pull-secret command: - ./catalogd - env: - - name: SSL_CERT_DIR - value: /var/ca-certs image: ${CATALOGD_IMAGE} imagePullPolicy: IfNotPresent livenessProbe: diff --git a/openshift/operator-controller/kustomize/overlays/openshift/olmv1-ns/patches/manager_deployment_certs.yaml b/openshift/operator-controller/kustomize/overlays/openshift/olmv1-ns/patches/manager_deployment_certs.yaml index a9497231c..66f84aa47 100644 --- a/openshift/operator-controller/kustomize/overlays/openshift/olmv1-ns/patches/manager_deployment_certs.yaml +++ b/openshift/operator-controller/kustomize/overlays/openshift/olmv1-ns/patches/manager_deployment_certs.yaml @@ -20,8 +20,8 @@ path: /spec/template/spec/containers/0/args/- value: "--catalogd-cas-dir=/var/ca-certs" - op: add - path: /spec/template/spec/containers/0/env - value: [{"name":"SSL_CERT_DIR", "value":"/var/ca-certs"}] + path: /spec/template/spec/containers/0/args/- + value: "--pull-cas-dir=/var/ca-certs" - op: add path: /spec/template/spec/securityContext/seLinuxOptions value: {"type":"spc_t"} diff --git a/openshift/operator-controller/manifests-experimental/20-deployment-openshift-operator-controller-operator-controller-controller-manager.yml b/openshift/operator-controller/manifests-experimental/20-deployment-openshift-operator-controller-operator-controller-controller-manager.yml index 532e92d9f..e9b1092d4 100644 --- a/openshift/operator-controller/manifests-experimental/20-deployment-openshift-operator-controller-operator-controller-controller-manager.yml +++ b/openshift/operator-controller/manifests-experimental/20-deployment-openshift-operator-controller-operator-controller-controller-manager.yml @@ -46,6 +46,7 @@ spec: - --tls-cert=/var/certs/tls.crt - --tls-key=/var/certs/tls.key - --catalogd-cas-dir=/var/ca-certs + - --pull-cas-dir=/var/ca-certs - --v=${LOG_VERBOSITY} - --feature-gates=PreflightPermissions=true - --feature-gates=SingleOwnNamespaceInstallSupport=true @@ -53,9 +54,6 @@ spec: - --global-pull-secret=openshift-config/pull-secret command: - /operator-controller - env: - - name: SSL_CERT_DIR - value: /var/ca-certs image: ${OPERATOR_CONTROLLER_IMAGE} imagePullPolicy: IfNotPresent livenessProbe: diff --git a/openshift/operator-controller/manifests/20-deployment-openshift-operator-controller-operator-controller-controller-manager.yml b/openshift/operator-controller/manifests/20-deployment-openshift-operator-controller-operator-controller-controller-manager.yml index 24e1f7f14..13d4a8baa 100644 --- a/openshift/operator-controller/manifests/20-deployment-openshift-operator-controller-operator-controller-controller-manager.yml +++ b/openshift/operator-controller/manifests/20-deployment-openshift-operator-controller-operator-controller-controller-manager.yml @@ -46,13 +46,11 @@ spec: - --tls-cert=/var/certs/tls.crt - --tls-key=/var/certs/tls.key - --catalogd-cas-dir=/var/ca-certs + - --pull-cas-dir=/var/ca-certs - --v=${LOG_VERBOSITY} - --global-pull-secret=openshift-config/pull-secret command: - /operator-controller - env: - - name: SSL_CERT_DIR - value: /var/ca-certs image: ${OPERATOR_CONTROLLER_IMAGE} imagePullPolicy: IfNotPresent livenessProbe: