From b82ac1419c6fcc13ae04ab2010cc274044151fc4 Mon Sep 17 00:00:00 2001
From: Stefan Reimer <stefan@zero-downtime.net>
Date: Mon, 8 Jun 2020 15:19:35 +0100
Subject: [PATCH] Make sure the self-signed resources are applied AFTER
 cert-manager itself

---
 charts/kubezero-cert-manager/Chart.yaml                   | 4 ++--
 charts/kubezero-cert-manager/templates/cluster-ca.yaml    | 8 ++++++++
 .../kubezero-cert-manager/templates/cluster-issuer.yaml   | 2 ++
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/charts/kubezero-cert-manager/Chart.yaml b/charts/kubezero-cert-manager/Chart.yaml
index 0aafe10..855585a 100644
--- a/charts/kubezero-cert-manager/Chart.yaml
+++ b/charts/kubezero-cert-manager/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: kubezero-cert-manager
 description: KubeZero Umbrella Chart for cert-manager
 type: application
-version: 0.3.3
+version: 0.3.4
 home: https://kubezero.com
 icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
 keywords:
@@ -15,6 +15,6 @@ dependencies:
     version: ">= 0.1.1"
     repository: https://zero-down-time.github.io/kubezero/
   - name: cert-manager
-    version: 0.15.0
+    version: 0.15.1
     repository: https://charts.jetstack.io
 kubeVersion: ">= 1.16.0"
diff --git a/charts/kubezero-cert-manager/templates/cluster-ca.yaml b/charts/kubezero-cert-manager/templates/cluster-ca.yaml
index f5f70b0..91acb06 100644
--- a/charts/kubezero-cert-manager/templates/cluster-ca.yaml
+++ b/charts/kubezero-cert-manager/templates/cluster-ca.yaml
@@ -9,6 +9,8 @@ metadata:
   namespace: kube-system
   labels:
 {{ include "kubezero-lib.labels" . | indent 4 }}
+  annotations:
+    "helm.sh/hook": "post-install"
 spec:
   selfSigned: {}
 ---
@@ -19,6 +21,8 @@ metadata:
   namespace: kube-system
   labels:
 {{ include "kubezero-lib.labels" . | indent 4 }}
+  annotations:
+    "helm.sh/hook": "post-install"
 spec:
   secretName: kubezero-ca-tls
   commonName: "kubezero-local-ca"
@@ -37,6 +41,8 @@ metadata:
   namespace: kube-system
   labels:
 {{ include "kubezero-lib.labels" . | indent 4 }}
+  annotations:
+    "helm.sh/hook": "post-install"
 data:
   tls.crt: {{ .Values.localCA.ca.crt | b64enc }}
   tls.key: {{ .Values.localCA.ca.key | b64enc }}
@@ -50,6 +56,8 @@ metadata:
   namespace: kube-system
   labels:
 {{ include "kubezero-lib.labels" . | indent 4 }}
+  annotations:
+    "helm.sh/hook": "post-install"
 spec:
   ca:
     secretName: kubezero-ca-tls
diff --git a/charts/kubezero-cert-manager/templates/cluster-issuer.yaml b/charts/kubezero-cert-manager/templates/cluster-issuer.yaml
index 4861733..918977f 100644
--- a/charts/kubezero-cert-manager/templates/cluster-issuer.yaml
+++ b/charts/kubezero-cert-manager/templates/cluster-issuer.yaml
@@ -5,6 +5,8 @@ metadata:
   name: {{ .Values.clusterIssuer.name }}
   labels:
 {{ include "kubezero-lib.labels" . | indent 4 }}
+  annotations:
+    "helm.sh/hook": "post-install"
 spec:
   acme:
     server: {{ .Values.clusterIssuer.server }}