Upgrade cert-manager version to 1.7.0

defaults/main.yml

@@ -3,5 +3,5 @@ ingress_domain: "local"
 cert_manager_namespace: "cert-manager"
 
 certmanager_csi: true
-certmanager_version: "1.6.1"
+certmanager_version: "1.7.0"
 certmanager_csi_version: "0.2.0"

tasks/main.yml

@@ -108,6 +108,12 @@
 # https://github.com/smallstep/step-issuer
   - name: Install Step webhook
     block:
+#    - name: SmallStep PVC
+#      kubernetes.core.k8s:
+#        state: present
+#        context: "{{ my_context }}"
+#        namespace: "cert-manager"
+#        resource_definition: "{{ lookup('template', 'smallstep-pvc.yml.j2') | from_yaml }}"
     - name: Defined smallstep repository
       kubernetes.core.helm_repository:
         name: smallstep
@@ -124,6 +130,8 @@
 #          ca:
 #            provisioner:
 #              name: "admin"
+#            db:
+#              existingClaim: smallstep
     # https://github.com/smallstep/helm-charts/tree/master/step-issuer
     - name: Deploy step-certificates chart
       kubernetes.core.helm:

templates/smallstep-pvc.yml.j2

@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: smallstep
+  labels:
+    app: smallstep
+spec:
+  accessModes:
+{% if smallstep_storage_classname == "manual" %}
+    - ReadWriteOnce
+  storageClassName: manual
+{% elif smallstep_storage_classname == "local" %}
+    - ReadWriteOnce
+  storageClassName: local-path
+{% elif smallstep_storage_classname == "longhorn" %}
+    - ReadWriteOnce
+  storageClassName: longhorn
+{% elif smallstep_storage_classname == "nfs-backup" %}
+    - ReadWriteMany
+  storageClassName: nfs-backup
+{% elif smallstep_storage_classname is not defined or smallstep_storage_classname == "default" %}
+    - ReadWriteOnce
+{% endif %}
+  resources:
+    requests:
+      storage: 1Gi