Add support for upgrade of cert manager #34

README.md

@@ -194,6 +194,30 @@ To use custom storage classes for cassandra statefulsets, you can populate the `
 - anthos-vsphere-csi
 *Note: If you face any issues with any of the provisioners, please create a github issue in this repository*
 
+#### To update cert-manager
+
+To update cert-manager, follow these steps:
+
+1. Specify the version in the vars.yaml file:
+    Modify the cert_manager_version variable in the vars/vars.yaml file to the desired version. For example:
+```
+cert_manager_version: v1.14.0
+```
+
+Run the Ansible playbook:
+Execute the Ansible playbook which includes the logic to check the current version of cert-manager, compare it with the specified version, and update if necessary.
+```
+ansible-playbook playbook.yaml -e @vars/vars.yaml --tags "cert-manager"
+```
+The playbook will:
+
+- Check the currently installed version of cert-manager.
+- Compare it with the version specified in the vars.yaml file.
+- If the versions differ, the playbook will download and apply the new cert-manager manifest.
+- If the versions are the same and cert-manager is running, no action will be taken.
+- If cert-manager is not installed, the playbook will install it using the specified version.
+
+
 ## Limitations
 * Refer [link](https://cloud.google.com/apigee/docs/hybrid/preview/helm-install#limitations)
 

roles/cert-manager/tasks/main.yml

@@ -13,23 +13,39 @@
 # limitations under the License.
 ---
 # tasks file for cert-manager
+# tasks file for cert-manager
 - name: Certificates directory exists
   file:
     path: "{{ setup_path }}"
     state: directory
 
-- name: Install cert manager
+- name: Check if cert-manager is installed
+  kubernetes.core.k8s_info:
+    kind: Deployment
+    namespace: cert-manager
+    label_selectors:
+      - "app.kubernetes.io/instance=cert-manager"
+  register: cert_manager_deployments
+  ignore_errors: true
+
+- name: Get the currently running version of cert-manager
+  shell: "kubectl get deployment -n cert-manager -l app.kubernetes.io/instance=cert-manager -o jsonpath='{.items[0].metadata.labels.app\\.kubernetes\\.io/version}'"
+  register: running_cert_manager_version
+  when: "cert_manager_deployments.resources | length > 0"
+
+- name: Install or upgrade cert-manager
   block:
     - name: Download cert-manager
       uri:
-        url: https://github.com/jetstack/cert-manager/releases/download/{{ cert_manager_version }}/cert-manager.yaml
+        url: "https://github.com/jetstack/cert-manager/releases/download/{{ cert_manager_version }}/cert-manager.yaml"
         dest: "{{ setup_path }}/cert-manager.yaml"
+      when: "cert_manager_deployments.resources | length == 0 or running_cert_manager_version.stdout != cert_manager_version"
 
     - name: Apply cert-manager manifest to the cluster.
       kubernetes.core.k8s:
-        state: "{{cert_manager_status}}"
+        state: "present"
         src: "{{ setup_path }}/cert-manager.yaml"
-  when: "install_cert_manager"
+  when: "cert_manager_deployments.resources | length == 0 or running_cert_manager_version.stdout != cert_manager_version"
 
 - name: Wait for cert-manager to be up.
   kubernetes.core.k8s_info: