Update to certmanager v1 (canada-ca#1223)

This commit bumps us to v1 and updates our Certificate and Issuer manifests to
the new v1 format.

Author: sleepycat

app/bases/certificate.yaml

@@ -1,17 +1,20 @@
-apiVersion: cert-manager.io/v1alpha2
+apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
+  creationTimestamp: null
   name: ingress-cert
   namespace: istio-system
 spec:
-  keySize: 4096
-  keyAlgorithm: rsa
-  keyEncoding: pkcs8
-  secretName: tracker-credential
+  commonName: tracker.alpha.canada.ca
+  dnsNames:
+  - tracker.alpha.canada.ca
+  - suivi.alpha.canada.ca
   issuerRef:
-    name: selfsigned
     kind: Issuer
-  commonName: pulse.alpha.canada.ca
-  dnsNames:
-  - pulse.alpha.canada.ca
-  - pouls.alpha.canada.ca
+    name: selfsigned
+  privateKey:
+    algorithm: RSA
+    encoding: PKCS8
+    size: 4096
+  secretName: tracker-credential
+status: {}

app/gke/certificate.yaml

@@ -1,17 +1,20 @@
-apiVersion: cert-manager.io/v1alpha2
+apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
+  creationTimestamp: null
   name: ingress-cert
   namespace: istio-system
 spec:
-  keySize: 4096
-  keyAlgorithm: rsa
-  keyEncoding: pkcs8
-  secretName: tracker-credential
-  issuerRef:
-    name: letsencrypt
-    kind: Issuer
   commonName: tracker.alpha.canada.ca
   dnsNames:
   - tracker.alpha.canada.ca
   - suivi.alpha.canada.ca
+  issuerRef:
+    kind: Issuer
+    name: letsencrypt
+  privateKey:
+    algorithm: RSA
+    encoding: PKCS8
+    size: 4096
+  secretName: tracker-credential
+status: {}

app/gke/letsencrypt-issuer.yaml

@@ -1,33 +1,42 @@
-apiVersion: cert-manager.io/v1alpha2
-kind: Issuer
-metadata:
-  name: letsencrypt
-  namespace: istio-system
-spec:
-  acme:
-    server: https://acme-v02.api.letsencrypt.org/directory
-    email: mike@korora.ca
-    privateKeySecretRef:
-      name: letsencrypt-prod
-    solvers:
-    - selector: {}
-      http01:
-        ingress:
-          class: istio
----
-apiVersion: cert-manager.io/v1alpha2
-kind: Issuer
-metadata:
-  name: letsencrypt-staging
-  namespace: istio-system
-spec:
-  acme:
-    server: https://acme-staging-v02.api.letsencrypt.org/directory
-    email: mike@korora.ca
-    privateKeySecretRef:
-      name: letsencrypt-staging
-    solvers:
-    - selector: {}
-      http01:
-        ingress:
-          class: istio
+apiVersion: v1
+items:
+- apiVersion: cert-manager.io/v1
+  kind: Issuer
+  metadata:
+    creationTimestamp: null
+    name: letsencrypt
+    namespace: istio-system
+  spec:
+    acme:
+      email: mike@korora.ca
+      preferredChain: ""
+      privateKeySecretRef:
+        name: letsencrypt-prod
+      server: https://acme-v02.api.letsencrypt.org/directory
+      solvers:
+      - http01:
+          ingress:
+            class: istio
+        selector: {}
+  status: {}
+- apiVersion: cert-manager.io/v1
+  kind: Issuer
+  metadata:
+    creationTimestamp: null
+    name: letsencrypt-staging
+    namespace: istio-system
+  spec:
+    acme:
+      email: mike@korora.ca
+      preferredChain: ""
+      privateKeySecretRef:
+        name: letsencrypt-staging
+      server: https://acme-staging-v02.api.letsencrypt.org/directory
+      solvers:
+      - http01:
+          ingress:
+            class: istio
+        selector: {}
+  status: {}
+kind: List
+metadata: {}

app/minikube/selfsigned-issuer.yaml

@@ -1,7 +1,8 @@
-apiVersion: cert-manager.io/v1alpha2
+apiVersion: cert-manager.io/v1
 kind: Issuer
 metadata:
   name: selfsigned
   namespace: istio-system
 spec:
   selfSigned: {}
+status: {}

app/test/selfsigned-issuer.yaml

@@ -1,7 +1,9 @@
-apiVersion: cert-manager.io/v1alpha2
+apiVersion: cert-manager.io/v1
 kind: Issuer
 metadata:
+  creationTimestamp: null
   name: selfsigned
   namespace: istio-system
 spec:
   selfSigned: {}
+status: {}

platform/README.md

@@ -5,23 +5,26 @@ This folder contains the Custom Resource Definitions that the Tracker app relies
 As an example, the Tracker app uses a `Certificate` object to acquire a TLS certificate. 
 
 ```
-apiVersion: cert-manager.io/v1alpha2
+apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
+  creationTimestamp: null
   name: ingress-cert
   namespace: istio-system
 spec:
-  keySize: 4096
-  keyAlgorithm: rsa
-  keyEncoding: pkcs8
-  secretName: tracker-credential
+  commonName: tracker.alpha.canada.ca
+  dnsNames:
+  - tracker.alpha.canada.ca
+  - suivi.alpha.canada.ca
   issuerRef:
-    name: selfsigned
     kind: Issuer
-  commonName: pulse.alpha.canada.ca
-  dnsNames:
-  - pulse.alpha.canada.ca
-  - pouls.alpha.canada.ca
+    name: selfsigned
+  privateKey:
+    algorithm: RSA
+    encoding: PKCS8
+    size: 4096
+  secretName: tracker-credential
+status: {}
 ```
 
 `Certificate` is not a native Kubernetes object and is just assumed to exist in the environment. The manifests in this folder are all about defining generic objects like `Certificate` that the app can rely on without knowing how it got there.