shipwright-io
diff --git a/‎README.md
Lines changed: 11 additions & 1 deletion b/‎README.md
Lines changed: 11 additions & 1 deletion
diff --git a/‎bundle/manifests/shipwright-operator.clusterserviceversion.yaml
Lines changed: 174 additions & 0 deletions b/‎bundle/manifests/shipwright-operator.clusterserviceversion.yaml
Lines changed: 174 additions & 0 deletions
diff --git a/‎config/manager/manager.yaml
Lines changed: 3 additions & 0 deletions b/‎config/manager/manager.yaml
Lines changed: 3 additions & 0 deletions
diff --git a/‎config/manifests/bases/shipwright-operator.clusterserviceversion.yaml
Lines changed: 3 additions & 0 deletions b/‎config/manifests/bases/shipwright-operator.clusterserviceversion.yaml
Lines changed: 3 additions & 0 deletions
@@ -13,6 +13,12 @@ Once OLM has been deployed, use the following command to install the latest oper
 $ kubectl apply -f https://operatorhub.io/install/shipwright-operator.yaml
 ```
 
+## OLM Dependencies
+When installed via OLM using the provided SHipwright Operator Bundle, the Shipwright operator has two dependencies to:
+- The Tekton operator needed by the Shipright Build Controller
+- The Cert-Manager operator needed in case you delegate to the Shipwright operator the ssl certificates management of the Shipwright Conversion webhook
+The two operators are then installed automatically by OLM.
+
 ## Usage
 
 To deploy and manage [Shipwright Builds](https://github.com/shipwright-io/build) in your cluster,
@@ -36,11 +42,15 @@ Refer to the [ShipwrightBuild documentation](docs/shipwrightbuild.md) for more i
 
 The operator handles differents environment variables to customize Shiprwright controller installation:
 - KO_DATA_PATH : defines the shipwright controller manifest to install
+- USE_MANAGED_WEBHOOK_CERTS: defines wether the webook ssl certificate is installed by the operator. It requires cert-manager to be installed in the cluster.
 - IMAGE_SHIPWRIGHT_SHIPWRIGHT_BUILD : defines the Shipwright Build Controller Image to use
 - IMAGE_SHIPWRIGHT_GIT_CONTAINER_IMAGE: defines the Shipwright Git Container Image to use
-- IMAGE_SHIPWRIGHT_MUTATE_IMAGE_CONTAINER_IMAGE:  defines the Shipwright Mutate Image to use
+- IMAGE_SHIPWRIGHT_IMAGE_PROCESSING_CONTAINER_IMAGE:  defines the Shipwright Processing Image to use
 - IMAGE_SHIPWRIGHT_BUNDLE_CONTAINER_IMAGE: defines the Shipwright Bundle Image to use
 - IMAGE_SHIPWRIGHT_WAITER_CONTAINER_IMAGE: defines the Shipwright Waiter Image to use
+- IMAGE_SHIPWRIGHT_SHIPWRIGHT_BUILD_WEBHOOK: defines the Shipwright Build Webhook Image to use
+
+For more information about the function of these images, please consider the Shipwright Build doc https://github.com/shipwright-io/build/blob/main/docs/configuration.md
 
 ## Contributing
 
 
@@ -40,6 +40,9 @@ spec:
     - kind: TektonConfig
       name: tektonconfigs.operator.tekton.dev
       version: v1alpha1
+    - kind: Certificate
+      name: certificates.cert-manager.io
+      version: v1
   description: |
     Shipwright is a framework for building container images on Kubernetes.
 
@@ -380,6 +383,30 @@ spec:
           - events
           verbs:
           - create
+        - apiGroups:
+          - admissionregistration.k8s.io
+          resources:
+          - validatingwebhookconfigurations
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
+        - apiGroups:
+          - admissionregistration.k8s.io/v1beta1
+          resources:
+          - validatingwebhookconfigurations
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
         - apiGroups:
           - apiextensions.k8s.io
           resources:
@@ -421,6 +448,16 @@ spec:
           - delete
           - patch
           - update
+        - apiGroups:
+          - apps
+          resourceNames:
+          - shipwright-build-webhook
+          resources:
+          - deployments
+          verbs:
+          - delete
+          - patch
+          - update
         - apiGroups:
           - apps
           resourceNames:
@@ -429,6 +466,52 @@ spec:
           - deployments/finalizers
           verbs:
           - update
+        - apiGroups:
+          - apps
+          resourceNames:
+          - shipwright-build-webhook
+          resources:
+          - deployments/finalizers
+          verbs:
+          - update
+        - apiGroups:
+          - cert-manager.io
+          resources:
+          - certificates
+          verbs:
+          - create
+          - get
+          - list
+          - watch
+        - apiGroups:
+          - cert-manager.io
+          resourceNames:
+          - shipwright-build-webhook-cert
+          resources:
+          - certificates
+          verbs:
+          - delete
+          - patch
+          - update
+        - apiGroups:
+          - cert-manager.io
+          resources:
+          - issuers
+          verbs:
+          - create
+          - get
+          - list
+          - watch
+        - apiGroups:
+          - cert-manager.io
+          resourceNames:
+          - selfsigned-issuer
+          resources:
+          - issuers
+          verbs:
+          - delete
+          - patch
+          - update
         - apiGroups:
           - ""
           resources:
@@ -441,6 +524,25 @@ spec:
           - patch
           - update
           - watch
+        - apiGroups:
+          - ""
+          resources:
+          - secrets
+          verbs:
+          - create
+          - get
+          - list
+          - watch
+        - apiGroups:
+          - ""
+          resourceNames:
+          - shipwright-build-webhook-cert
+          resources:
+          - secrets
+          verbs:
+          - delete
+          - patch
+          - update
         - apiGroups:
           - ""
           resources:
@@ -460,6 +562,35 @@ spec:
           - delete
           - patch
           - update
+        - apiGroups:
+          - ""
+          resourceNames:
+          - shipwright-build-webhook
+          resources:
+          - serviceaccounts
+          verbs:
+          - delete
+          - patch
+          - update
+        - apiGroups:
+          - ""
+          resources:
+          - services
+          verbs:
+          - create
+          - get
+          - list
+          - watch
+        - apiGroups:
+          - ""
+          resourceNames:
+          - shipwright-build-controller
+          resources:
+          - services
+          verbs:
+          - delete
+          - patch
+          - update
         - apiGroups:
           - operator.shipwright.io
           resources:
@@ -511,6 +642,16 @@ spec:
           - delete
           - patch
           - update
+        - apiGroups:
+          - rbac.authorization.k8s.io
+          resourceNames:
+          - shipwright-build-webhook
+          resources:
+          - clusterrolebindings
+          verbs:
+          - delete
+          - patch
+          - update
         - apiGroups:
           - rbac.authorization.k8s.io
           resources:
@@ -550,6 +691,16 @@ spec:
           - delete
           - patch
           - update
+        - apiGroups:
+          - rbac.authorization.k8s.io
+          resourceNames:
+          - shipwright-build-webhook
+          resources:
+          - clusterroles
+          verbs:
+          - delete
+          - patch
+          - update
         - apiGroups:
           - rbac.authorization.k8s.io
           resources:
@@ -569,6 +720,16 @@ spec:
           - delete
           - patch
           - update
+        - apiGroups:
+          - rbac.authorization.k8s.io
+          resourceNames:
+          - shipwright-build-webhook
+          resources:
+          - rolebindings
+          verbs:
+          - delete
+          - patch
+          - update
         - apiGroups:
           - rbac.authorization.k8s.io
           resources:
@@ -588,6 +749,16 @@ spec:
           - delete
           - patch
           - update
+        - apiGroups:
+          - rbac.authorization.k8s.io
+          resourceNames:
+          - shipwright-build-webhook
+          resources:
+          - roles
+          verbs:
+          - delete
+          - patch
+          - update
         - apiGroups:
           - authentication.k8s.io
           resources:
@@ -639,6 +810,9 @@ spec:
                 - --health-probe-bind-address=:8081
                 - --metrics-bind-address=127.0.0.1:8080
                 - --leader-elect
+                env:
+                - name: USE_MANAGED_WEBHOOK_CERTS
+                  value: "true"
                 image: ko://github.com/shipwright-io/operator
                 livenessProbe:
                   httpGet:
 
@@ -29,6 +29,9 @@ spec:
       containers:
       - args:
         - --leader-elect
+        env:
+        - name: USE_MANAGED_WEBHOOK_CERTS
+          value: "true"
         image: ko://github.com/shipwright-io/operator
         name: operator
         securityContext:
 
@@ -26,6 +26,9 @@ spec:
     - kind: TektonConfig
       name: tektonconfigs.operator.tekton.dev
       version: v1alpha1
+    - kind: Certificate
+      name: certificates.cert-manager.io
+      version: v1
   description: |
     Shipwright is a framework for building container images on Kubernetes.