🪄 For Openshift, adding the magic cert injection and patch file for i…

…t. This allows us to mount in custom ca bundles via ConfigMap/VolumeSource. (#437)

OCP documentation is here: https://docs.openshift.com/container-platform/4.14/networking/configuring-a-custom-pki.html#certificate-injection-using-operators_configuring-a-custom-pki

Signed-off-by: Matthias Wessendorf <[email protected]>

config/openshift-trusted-cabundle.yaml

@@ -0,0 +1,23 @@
+# Copyright 2020 The Knative Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: config-openshift-trusted-cabundle
+  namespace: knative-eventing
+  labels:
+    app.kubernetes.io/version: devel
+    app.kubernetes.io/name: knative-eventing
+    config.openshift.io/inject-trusted-cabundle: "true"

openshift/patches/023-configmap-trusted-cabundle.patch

@@ -0,0 +1,30 @@
+diff --git a/config/openshift-trusted-cabundle.yaml b/config/openshift-trusted-cabundle.yaml
+new file mode 100644
+index 000000000..a4c1a5f73
+--- /dev/null
++++ b/config/openshift-trusted-cabundle.yaml
+@@ -0,0 +1,23 @@
++# Copyright 2020 The Knative Authors
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#     https://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
++apiVersion: v1
++kind: ConfigMap
++metadata:
++  name: config-openshift-trusted-cabundle
++  namespace: knative-eventing
++  labels:
++    app.kubernetes.io/version: devel
++    app.kubernetes.io/name: knative-eventing
++    config.openshift.io/inject-trusted-cabundle: "true"
+-- 

openshift/release/artifacts/eventing-core.yaml

@@ -5033,3 +5033,27 @@ roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: openshift-serverless-view-eventing-configmaps
+---
+# Copyright 2020 The Knative Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: config-openshift-trusted-cabundle
+  namespace: knative-eventing
+  labels:
+    app.kubernetes.io/version: v1.11
+    app.kubernetes.io/name: knative-eventing
+    config.openshift.io/inject-trusted-cabundle: "true"