Merge pull request #91029 from subhtk/ocp53445

xenolinux · web-flow · commit 4c72cdc1ca6b · 2025-04-10T13:53:23.000+05:30
OCPBUGS#53445: Updated example for istio issuer
diff --git a/modules/cert-manager-istio-creating-issuer.adoc b/modules/cert-manager-istio-creating-issuer.adoc
@@ -13,7 +13,16 @@ Use this procedure to create the root CA issuer for Istio-CSR agent.
 Other supported issuers can be used, except for the ACME issuer, which is not supported. For more information, see "{cert-manager-operator} issuer providers".
 ====
 
-* Create a YAML file, for example, `issuer.yaml`, that defines the `Issuer` and `Certificate` objects:
+.Procedure
+
+. Create a new project for installing Istio-CSR by running the following command. If you have an existing project for installing Istio-CSR, skip this step.
++ 
+[source,terminal] 
+---- 
+$ oc new-project <istio_csr_project_name> 
+---- 
+
+. Create a YAML file that defines the `Issuer` and `Certificate` objects:
 +
 .Example `issuer.yaml` file
 [source,yaml]
@@ -22,17 +31,17 @@ apiVersion: cert-manager.io/v1
 kind: Issuer <1>
 metadata:
   name: selfsigned
-  namespace: <istio_project_name> <2>
+  namespace: <istio_csr_project_name> <2>
 spec:
   selfSigned: {}
 ---
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
   name: istio-ca
-  namespace: <istio_project_name>
+  namespace: <istio_csr_project_name>
 spec:
- isCA: true
+  isCA: true
   duration: 87600h # 10 years
   secretName: istio-ca
   commonName: istio-ca
@@ -48,10 +57,11 @@ spec:
     kind: Issuer <1>
     group: cert-manager.io
 ---
-kind: Issuer
+apiVersion: cert-manager.io/v1
+kind: Issuer <1>
 metadata:
   name: istio-ca
-  namespace: <istio_project_name> <2>
+  namespace: <istio_csr_project_name> <2>
 spec:
   ca:
     secretName: istio-ca
@@ -65,7 +75,7 @@ spec:
 +
 [source,terminal]
 ----
-$ oc get issuer istio-ca -n <istio_project_name>
+$ oc get issuer istio-ca -n <istio_csr_project_name>
 ----
 +
 .Example output
diff --git a/modules/cert-manager-istio-csr-installing.adoc b/modules/cert-manager-istio-csr-installing.adoc
@@ -21,13 +21,6 @@ If you are using `Issuer` resource, create the `Issuer` and `Certificate` resour
 
 .Procedure
 
-. Create a new project for installing Istio-CSR by running the following command. You can use an existing project and skip this step.
-+
-[source,terminal]
-----
-$ oc new-project <istio_csr_project_name>
-----
-
 . Create the `IstioCSR` custom resource to enable Istio-CSR agent managed by the {cert-manager-operator} for processing Istio workload and control plane certificate signing requests.
 +
 [NOTE]  
@@ -40,9 +33,9 @@ Only one `IstioCSR` custom resource (CR) is supported at a time. If multiple `Is
 * The Operator does not automatically remove objects created for `IstioCSR`. If an active `IstioCSR` resource is deleted and a new one is created in a different namespace without removing the previous deployments, multiple `istio-csr` deployments may remain active. This behavior is not recommended and is not supported.    
 ====  
 
-.. Create a YAML file, for example, `istiocsr.yaml`, that defines the `IstioCSR` object:
+.. Create a YAML file that defines the `IstioCSR` object:
 +
-.Example `IstioCSR.yaml` file
+.Example `IstioCSR` CR 
 [source,yaml]
 ----
 apiVersion: operator.openshift.io/v1alpha1
@@ -51,7 +44,7 @@ metadata:
   name: default
   namespace: <istio_csr_project_name>
 spec:
-  IstioCSRConfig:
+  istioCSRConfig:
     certManager:
       issuerRef:
         name: istio-ca  <1>
