Merge pull request #876 from laverya/multidoc-yaml-crds

Multidoc yaml crds

Author: laverya

integration/init/cert-manager/expected/.ship/state.json

@@ -0,0 +1,8 @@
+{
+  "v1": {
+    "config": {},
+    "releaseName": "ship",
+    "upstream": "https://github.com/jetstack/cert-manager/blob/208009151b40a0f82e2f27df7e639996b1529868/deploy/manifests/cert-manager.yaml",
+    "contentSHA": "17734bef6ffddfd157722aa1bf0bf56e0457bcd2470cab40900a5bb43554de06"
+  }
+}

integration/init/cert-manager/expected/base/deploy/manifests/APIService-v1beta1.admission.certmanager.k8s.io.yaml

@@ -0,0 +1,19 @@
+apiVersion: apiregistration.k8s.io/v1beta1
+kind: APIService
+metadata:
+  annotations:
+    certmanager.k8s.io/inject-ca-from: cert-manager/cert-manager-webhook-webhook-tls
+  labels:
+    app: webhook
+    chart: webhook-v0.7.0
+    heritage: Tiller
+    release: cert-manager
+  name: v1beta1.admission.certmanager.k8s.io
+spec:
+  group: admission.certmanager.k8s.io
+  groupPriorityMinimum: 1000
+  service:
+    name: cert-manager-webhook
+    namespace: cert-manager
+  version: v1beta1
+  versionPriority: 15

integration/init/cert-manager/expected/base/deploy/manifests/Certificate-cert-manager-webhook-ca-cert-manager.yaml

@@ -0,0 +1,17 @@
+apiVersion: certmanager.k8s.io/v1alpha1
+kind: Certificate
+metadata:
+  labels:
+    app: webhook
+    chart: webhook-v0.7.0
+    heritage: Tiller
+    release: cert-manager
+  name: cert-manager-webhook-ca
+  namespace: cert-manager
+spec:
+  commonName: ca.webhook.cert-manager
+  duration: 43800h
+  isCA: true
+  issuerRef:
+    name: cert-manager-webhook-selfsign
+  secretName: cert-manager-webhook-ca

integration/init/cert-manager/expected/base/deploy/manifests/Certificate-cert-manager-webhook-webhook-tls-cert-manager.yaml

@@ -0,0 +1,19 @@
+apiVersion: certmanager.k8s.io/v1alpha1
+kind: Certificate
+metadata:
+  labels:
+    app: webhook
+    chart: webhook-v0.7.0
+    heritage: Tiller
+    release: cert-manager
+  name: cert-manager-webhook-webhook-tls
+  namespace: cert-manager
+spec:
+  dnsNames:
+  - cert-manager-webhook
+  - cert-manager-webhook.cert-manager
+  - cert-manager-webhook.cert-manager.svc
+  duration: 8760h
+  issuerRef:
+    name: cert-manager-webhook-ca
+  secretName: cert-manager-webhook-webhook-tls

integration/init/cert-manager/expected/base/deploy/manifests/ClusterRole-cert-manager-cainjector.yaml

@@ -0,0 +1,44 @@
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  labels:
+    app: cainjector
+    release: cert-manager
+  name: cert-manager-cainjector
+rules:
+- apiGroups:
+  - certmanager.k8s.io
+  resources:
+  - certificates
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - events
+  verbs:
+  - '*'
+- apiGroups:
+  - admissionregistration.k8s.io
+  resources:
+  - validatingwebhookconfigurations
+  - mutatingwebhookconfigurations
+  verbs:
+  - '*'
+- apiGroups:
+  - apiregistration.k8s.io
+  resources:
+  - apiservices
+  verbs:
+  - '*'

integration/init/cert-manager/expected/base/deploy/manifests/ClusterRole-cert-manager-edit.yaml

@@ -0,0 +1,21 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app: cert-manager
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+    rbac.authorization.k8s.io/aggregate-to-edit: "true"
+    release: cert-manager
+  name: cert-manager-edit
+rules:
+- apiGroups:
+  - certmanager.k8s.io
+  resources:
+  - certificates
+  - issuers
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - patch
+  - update

integration/init/cert-manager/expected/base/deploy/manifests/ClusterRole-cert-manager-view.yaml

@@ -0,0 +1,20 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app: cert-manager
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+    rbac.authorization.k8s.io/aggregate-to-edit: "true"
+    rbac.authorization.k8s.io/aggregate-to-view: "true"
+    release: cert-manager
+  name: cert-manager-view
+rules:
+- apiGroups:
+  - certmanager.k8s.io
+  resources:
+  - certificates
+  - issuers
+  verbs:
+  - get
+  - list
+  - watch

integration/init/cert-manager/expected/base/deploy/manifests/ClusterRole-cert-manager-webhook:webhook-requester.yaml

@@ -0,0 +1,16 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app: webhook
+    release: cert-manager
+  name: cert-manager-webhook:webhook-requester
+rules:
+- apiGroups:
+  - admission.certmanager.k8s.io
+  resources:
+  - certificates
+  - issuers
+  - clusterissuers
+  verbs:
+  - create

integration/init/cert-manager/expected/base/deploy/manifests/ClusterRole-cert-manager.yaml

@@ -0,0 +1,36 @@
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  labels:
+    app: cert-manager
+    release: cert-manager
+  name: cert-manager
+rules:
+- apiGroups:
+  - certmanager.k8s.io
+  resources:
+  - certificates
+  - certificates/finalizers
+  - issuers
+  - clusterissuers
+  - orders
+  - orders/finalizers
+  - challenges
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  - events
+  - services
+  - pods
+  verbs:
+  - '*'
+- apiGroups:
+  - extensions
+  resources:
+  - ingresses
+  verbs:
+  - '*'

integration/init/cert-manager/expected/base/deploy/manifests/ClusterRoleBinding-cert-manager-cainjector.yaml

@@ -0,0 +1,15 @@
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app: cainjector
+    release: cert-manager
+  name: cert-manager-cainjector
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cert-manager-cainjector
+subjects:
+- kind: ServiceAccount
+  name: cert-manager-cainjector
+  namespace: cert-manager

integration/init/cert-manager/expected/base/deploy/manifests/ClusterRoleBinding-cert-manager-webhook:auth-delegator.yaml

@@ -0,0 +1,16 @@
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app: webhook
+    release: cert-manager
+  name: cert-manager-webhook:auth-delegator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: system:auth-delegator
+subjects:
+- apiGroup: ""
+  kind: ServiceAccount
+  name: cert-manager-webhook
+  namespace: cert-manager

integration/init/cert-manager/expected/base/deploy/manifests/ClusterRoleBinding-cert-manager.yaml

@@ -0,0 +1,15 @@
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app: cert-manager
+    release: cert-manager
+  name: cert-manager
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cert-manager
+subjects:
+- kind: ServiceAccount
+  name: cert-manager
+  namespace: cert-manager