Remove unnecessary steps to install cert-manager when relying on the …

…new Authorino Operator install script

.github/workflows/integration-test.yaml

@@ -31,12 +31,6 @@ jobs:
         run: go install sigs.k8s.io/[email protected]
       - name: Create kind cluster
         run: kind create cluster --name authorino-smoke-tests
-      - name: Install cert-manager
-        run: |
-          kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.4.0/cert-manager.yaml
-          kubectl delete mutatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook
-          kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io/cert-manager-webhook
-          kubectl -n cert-manager wait --timeout=300s --for=condition=Available deployments --all
       - name: Install Authorino Operator
         run: |
           curl -sL https://raw.githubusercontent.com/Kuadrant/authorino-operator/main/utils/install.sh | bash -s

docs/contributing.md

@@ -90,10 +90,10 @@ make test
 
 The following command will:
 - Start a local Kubernetes cluster (using Kind)
+- Install [cert-manager](https://github.com/jetstack/cert-manager) in the cluster
 - Install the [Authorino Operator](https://github.com/kuadrant/authorino-operator) and Authorino CRDs
 - Build an image of Authorino based on the current branch
 - Push the freshly built image to the cluster's registry
-- Install [cert-manager](https://github.com/jetstack/cert-manager) in the cluster
 - Generate TLS certificates for the Authorino service
 - Deploy an instance of Authorino
 - Deploy the example application [**Talker API**](https://github.com/kuadrant/authorino-examples#talker-api), a simple HTTP API that echoes back whatever it gets in the request

docs/getting-started.md

@@ -56,6 +56,8 @@ curl -sL https://raw.githubusercontent.com/Kuadrant/authorino-operator/main/util
 
 The above will install the latest build of the Authorino Operator and latest version of the manifests (CRDs and RBAC), which by default points as well to the latest build of Authorino, both based on the `main` branches of each component. To install a stable released version of the Operator and therefore also defaults to its latest compatible stable release of Authorino, replace `main` with another tag of a proper release of the Operator, e.g. 'v0.2.0'.
 
+This step will also install [cert-manager](https://github.com/jetstack/cert-manager) in the cluster (required).
+
 Alternatively, you can deploy the Authorino Operator using the Operator Lifecycle Manager bundles. For instructions, check out [Installing via OLM](https://github.com/kuadrant/authorino-operator#installing-via-olm).
 
 ### Step: Request an Authorino instance
@@ -72,12 +74,7 @@ The instructions here are for centralized gateway or centralized authorization s
   kubectl create namespace authorino
   ```
 
-  Deploy [cert-manager](https://github.com/jetstack/cert-manager) <small>(skip if you already have certificates and certificate keys created and stored in Kubernetes `Secret`s in the namespace or cert-manager is installed and running in the cluster)</small>:
-  ```sh
-  kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.4.0/cert-manager.yaml
-  ```
-
-  Create the TLS certificates <small>(skip if you already have certificates and certificate keys created and stored in Kubernetes `Secret`s in the namespace)</small>:
+  Create the TLS certificates <small>(requires [cert-manager](https://github.com/jetstack/cert-manager); skip if you already have certificates and certificate keys created and stored in Kubernetes `Secret`s in the namespace)</small>:
   ```sh
   curl -sSL https://raw.githubusercontent.com/Kuadrant/authorino/main/deploy/certs.yaml | sed "s/\$(AUTHORINO_INSTANCE)/authorino/g;s/\$(NAMESPACE)/authorino/g" | kubectl -n authorino apply -f -
   ```
@@ -138,12 +135,7 @@ The instructions here are for centralized gateway or centralized authorization s
   kubectl create namespace myapp
   ```
 
-  Deploy [cert-manager](https://github.com/jetstack/cert-manager) <small>(skip if you already have certificates and certificate keys created and stored in Kubernetes `Secret`s in the namespace or cert-manager is installed and running in the cluster)</small>:
-  ```sh
-  kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.4.0/cert-manager.yaml
-  ```
-
-  Create the TLS certificates <small>(skip if you already have certificates and certificate keys created and stored in Kubernetes `Secret`s in the namespace)</small>:
+  Create the TLS certificates <small>(requires [cert-manager](https://github.com/jetstack/cert-manager); skip if you already have certificates and certificate keys created and stored in Kubernetes `Secret`s in the namespace)</small>:
   ```sh
   curl -sSL https://raw.githubusercontent.com/Kuadrant/authorino/main/deploy/certs.yaml | sed "s/\$(AUTHORINO_INSTANCE)/authorino/g;s/\$(NAMESPACE)/myapp/g" | kubectl -n myapp apply -f -
   ```

docs/user-guides/mtls-authentication.md

@@ -23,26 +23,21 @@ Verify client X.509 certificates against trusted root CAs stored in Kubernetes `
 ## Requirements
 
 - Kubernetes server
-- [cert-manager](https://github.com/jetstack/cert-manager)
 
 Create a containerized Kubernetes server locally using [Kind](https://kind.sigs.k8s.io):
 
 ```sh
 kind create cluster --name authorino-tutorial
 ```
 
-Install cert-manager in the cluster:
-
-```sh
-kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.4.0/cert-manager.yaml
-```
-
 ## 1. Install the Authorino Operator
 
 ```sh
 curl -sL https://raw.githubusercontent.com/Kuadrant/authorino-operator/main/utils/install.sh | bash -s
 ```
 
+This step will also install [cert-manager](https://github.com/jetstack/cert-manager) in the cluster (required).
+
 ## 2. Deploy Authorino
 
 Create the TLS certificates for the Authorino service:
@@ -388,32 +383,6 @@ curl -k --cert /tmp/aisha.crt --key /tmp/aisha.key https://talker-api-authorino.
 
 ## Cleanup
 
-If you have started a Kubernetes cluster locally with Kind to try this user guide, delete it by running:
-
 ```sh
 kind delete cluster --name authorino-tutorial
 ```
-
-Otherwise, delete the resources created in each step:
-
-```sh
-kubectl delete authconfig/talker-api-protection
-kubectl delete authorino/authorino
-kubectl delete ingress/service
-kubectl delete configmap/service
-kubectl delete configmap/deployment
-kubectl delete configmap/envoy
-kubectl delete -f https://raw.githubusercontent.com/kuadrant/authorino-examples/main/talker-api/talker-api-deploy.yaml
-```
-
-To uninstall the Authorino Operator and manifests (CRDs, RBAC, etc), run:
-
-```sh
-kubectl delete -f https://raw.githubusercontent.com/Kuadrant/authorino-operator/main/config/deploy/manifests.yaml
-```
-
-To uninstall the cert-manager, run:
-
-```sh
-kubectl delete -f kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.4.0/cert-manager.yaml
-```

docs/user-guides/validating-webhook.md

@@ -43,7 +43,6 @@ For convenience, the same instance of Authorino used to enforce the AuthConfig a
 ## Requirements
 
 - Kubernetes server
-- [cert-manager](https://github.com/jetstack/cert-manager)
 - Auth server / Identity Provider (IdP) that implements OpenID Connect authentication and OpenID Connect Discovery (e.g. [Keycloak](https://www.keycloak.org))
 
 Create a containerized Kubernetes server locally using [Kind](https://kind.sigs.k8s.io):
@@ -52,12 +51,6 @@ Create a containerized Kubernetes server locally using [Kind](https://kind.sigs.
 kind create cluster --name authorino-tutorial
 ```
 
-Install cert-manager:
-
-```sh
-kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.4.0/cert-manager.yaml
-```
-
 Deploy a Keycloak server preloaded with all the realm settings required for this guide:
 
 ```sh
@@ -71,6 +64,8 @@ kubectl -n keycloak apply -f https://raw.githubusercontent.com/kuadrant/authorin
 curl -sL https://raw.githubusercontent.com/Kuadrant/authorino-operator/main/utils/install.sh | bash -s
 ```
 
+This step will also install [cert-manager](https://github.com/jetstack/cert-manager) in the cluster (required).
+
 ## 2. Deploy Authorino
 
 Create the namespace: