Cleanup net-certmanager integration (#15168)

* Cleanup net-certmanager integration

* Remove additional /

config/core/configmaps/logging.yaml

@@ -22,7 +22,7 @@ metadata:
     app.kubernetes.io/component: logging
     app.kubernetes.io/name: knative-serving
   annotations:
-    knative.dev/example-checksum: "53fda05f"
+    knative.dev/example-checksum: "9f25d429"
 data:
   _example: |
     ################################
@@ -73,7 +73,6 @@ data:
     loglevel.webhook: "info"
     loglevel.activator: "info"
     loglevel.hpaautoscaler: "info"
-    loglevel.net-certmanager-controller: "info"
     loglevel.net-istio-controller: "info"
     loglevel.net-contour-controller: "info"
     loglevel.net-kourier-controller: "info"

test/config/ytt/core/overlay-config-logging.yaml

@@ -33,5 +33,4 @@ data:
   loglevel.activator: "debug"
   loglevel.hpaautoscaler: "debug"
   loglevel.net-istio-controller: "debug"
-  loglevel.net-certmanager-controller: "debug"
   loglevel.net-contour-controller: "debug"

test/config/ytt/ingress/istio/istio-certmanager-webhook.yaml

@@ -1,14 +0,0 @@
-apiVersion: "security.istio.io/v1beta1"
-kind: "PeerAuthentication"
-metadata:
-  name: "net-certmanager-webhook"
-  namespace: "knative-serving"
-  labels:
-    networking.knative.dev/ingress-provider: istio
-spec:
-  selector:
-    matchLabels:
-      app: net-certmanager-webhook
-  portLevelMtls:
-    8443:
-      mode: PERMISSIVE

test/e2e-common.sh

@@ -309,8 +309,8 @@ function install() {
   YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt/ingress/${ingress}")
   YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt/certmanager/kapp-order.yaml")
   YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt/certmanager/kapp-secret-upgrade.yaml")
+  YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt/certmanager/net-certmanager-config.yaml")
   YTT_FILES+=("${REPO_ROOT_DIR}/third_party/cert-manager-${CERT_MANAGER_VERSION}/cert-manager.yaml")
-  YTT_FILES+=("${REPO_ROOT_DIR}/third_party/cert-manager-${CERT_MANAGER_VERSION}/net-certmanager.yaml")
 
   if (( MESH )); then
     YTT_FILES+=("${REPO_ROOT_DIR}/test/config/ytt/mesh")

test/e2e/certmanager/e2e-common.sh

@@ -42,7 +42,7 @@ function test_setup() {
   kubectl apply -f third_party/cert-manager-latest/cert-manager.yaml || return 1
   wait_until_pods_running cert-manager || return 1
 
-  echo ">> Bringing up net-certmanager Controller"
+  echo ">> Bringing up serving controller with net-certmanager enabled"
   ko apply -f config || return 1
   echo ">> Waiting for Serving components to be running..."
   wait_until_pods_running knative-serving || return 1

test/e2e/externaldomaintls/README.md

@@ -5,7 +5,7 @@ feature documentation.
 
 # Prerequisites
 * Have `cert-manager` installed
-* Have `net-certmanager` installed
+* Have the Knative certmanager integration enabled
 * Upload test images with `./test/upload-test-images.sh`
 * Enable `external-domain-tls` with `kubectl patch cm config-network -n knative-serving -p '{"data":{"external-domain-tls": "enabled"}}'`