From 528e78fb2d3d0ec71e43ecf58ac1027ba74051e9 Mon Sep 17 00:00:00 2001 From: Shruti Anekar Date: Tue, 9 Jun 2026 12:56:19 +0530 Subject: [PATCH 1/4] Add Containerfile.art for ART builds Adapted from cert-manager-operator-release Containerfile.cert-manager-operator for ART build pipeline Signed-off-by: Shruti Anekar --- Containerfile.art | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 Containerfile.art diff --git a/Containerfile.art b/Containerfile.art new file mode 100644 index 000000000..77becba83 --- /dev/null +++ b/Containerfile.art @@ -0,0 +1,40 @@ +FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_golang_1.25 AS builder + +ARG SOURCE_DIR="/go/src/github.com/openshift/cert-manager-operator" +WORKDIR $SOURCE_DIR + +COPY . $SOURCE_DIR +COPY LICENSE /licenses/ + +RUN make build --warn-undefined-variables + +FROM registry.access.redhat.com/ubi9/ubi-minimal:latest + +ARG RELEASE_VERSION +ARG COMMIT_SHA +ARG SOURCE_URL +ARG SOURCE_DIR="/go/src/github.com/openshift/cert-manager-operator" + +COPY --from=builder $SOURCE_DIR/cert-manager-operator /usr/bin/ +COPY --from=builder /licenses /licenses + +USER 65534:65534 + +LABEL com.redhat.component="cert-manager-operator-container" \ + name="cert-manager/cert-manager-operator-rhel9" \ + version="${RELEASE_VERSION}" \ + summary="cert-manager-operator" \ + maintainer="Red Hat, Inc." \ + description="cert-manager-operator-container" \ + vendor="Red Hat, Inc." \ + release="${RELEASE_VERSION}" \ + io.openshift.expose-services="" \ + io.openshift.build.commit.id="${COMMIT_SHA}" \ + io.openshift.build.source-location="${SOURCE_URL}" \ + io.openshift.build.commit.url="${SOURCE_URL}/commit/${COMMIT_SHA}" \ + io.openshift.maintainer.product="OpenShift Container Platform" \ + io.openshift.tags="data,images,operator,cert-manager" \ + io.k8s.display-name="openshift-cert-manager-operator" \ + io.k8s.description="cert-manager-operator-container" + +ENTRYPOINT ["/usr/bin/cert-manager-operator"] From 7584b5e57e791f705a6002c52a8ac9421352997f Mon Sep 17 00:00:00 2001 From: Shruti Anekar Date: Tue, 9 Jun 2026 14:45:03 +0530 Subject: [PATCH 2/4] Add art.yaml and image-references - ART tooling reqs Signed-off-by: Shruti Anekar --- bundle/art.yaml | 2 ++ bundle/image-references | 25 +++++++++++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 bundle/art.yaml create mode 100644 bundle/image-references diff --git a/bundle/art.yaml b/bundle/art.yaml new file mode 100644 index 000000000..ee9dc11ef --- /dev/null +++ b/bundle/art.yaml @@ -0,0 +1,2 @@ +--- +updates: [] diff --git a/bundle/image-references b/bundle/image-references new file mode 100644 index 000000000..e87d72fd1 --- /dev/null +++ b/bundle/image-references @@ -0,0 +1,25 @@ +--- +kind: ImageStream +apiVersion: image.openshift.io/v1 +spec: + tags: + - name: cert-manager-operator-rhel9 + from: + kind: DockerImage + name: openshift.io/cert-manager-operator:latest + - name: jetstack-cert-manager-rhel9 + from: + kind: DockerImage + name: quay.io/jetstack/cert-manager-controller:v1.19.4 + - name: jetstack-cert-manager-acmesolver-rhel9 + from: + kind: DockerImage + name: quay.io/jetstack/cert-manager-acmesolver:v1.19.4 + - name: cert-manager-istio-csr-rhel9 + from: + kind: DockerImage + name: quay.io/jetstack/cert-manager-istio-csr:v0.16.0 + - name: cert-manager-trust-manager-rhel9 + from: + kind: DockerImage + name: quay.io/jetstack/trust-manager:v0.20.3 From 856a4354f9c85bb101bc32b347a7d4b6b9fbe2d3 Mon Sep 17 00:00:00 2001 From: Shruti Anekar Date: Tue, 9 Jun 2026 17:12:56 +0530 Subject: [PATCH 3/4] Use make build-operator to skip code generation in container build Signed-off-by: Shruti Anekar --- Containerfile.art | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containerfile.art b/Containerfile.art index 77becba83..dc086c4bf 100644 --- a/Containerfile.art +++ b/Containerfile.art @@ -6,7 +6,7 @@ WORKDIR $SOURCE_DIR COPY . $SOURCE_DIR COPY LICENSE /licenses/ -RUN make build --warn-undefined-variables +RUN make build-operator --warn-undefined-variables FROM registry.access.redhat.com/ubi9/ubi-minimal:latest From d8ac945706647eabe54315fc81fbabdc3f43fdcc Mon Sep 17 00:00:00 2001 From: Shruti Anekar Date: Fri, 12 Jun 2026 11:49:57 +0530 Subject: [PATCH 4/4] update containerfile for art builds --- Containerfile.art | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/Containerfile.art b/Containerfile.art index dc086c4bf..ae8454517 100644 --- a/Containerfile.art +++ b/Containerfile.art @@ -1,14 +1,21 @@ FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_golang_1.25 AS builder ARG SOURCE_DIR="/go/src/github.com/openshift/cert-manager-operator" +ARG COMMIT_SHA WORKDIR $SOURCE_DIR COPY . $SOURCE_DIR COPY LICENSE /licenses/ -RUN make build-operator --warn-undefined-variables +ENV GO_BUILD_TAGS=strictfipsruntime,openssl +ENV GOEXPERIMENT=strictfipsruntime +ENV CGO_ENABLED=1 +ENV GOFLAGS="" +ENV GOBUILD_BUILD_FLAGS='-w -s -X github.com/openshift/cert-manager-operator/pkg/version.COMMIT=${COMMIT_SHA}' + +RUN go build -o "$SOURCE_DIR/cert-manager-operator" -ldflags "${GOBUILD_BUILD_FLAGS}" -tags "${GO_BUILD_TAGS}" main.go -FROM registry.access.redhat.com/ubi9/ubi-minimal:latest +FROM registry.access.redhat.com/ubi9/ubi-minimal:latest@sha256:ae09ecc3d754bc1726cbda3e2599cc7839e09fe1cc547ce173cf669b645be3cc ARG RELEASE_VERSION ARG COMMIT_SHA @@ -21,6 +28,7 @@ COPY --from=builder /licenses /licenses USER 65534:65534 LABEL com.redhat.component="cert-manager-operator-container" \ + cpe="cpe:/a:redhat:cert_manager:1.19::el9" \ name="cert-manager/cert-manager-operator-rhel9" \ version="${RELEASE_VERSION}" \ summary="cert-manager-operator" \