Add an option to enable Prometheus with real certificates

While the install scripts do not enable Prometheus integration by default, solutions running upstream may want to use and enable it with Prometheus. This addition offers a way for upstream users to understand how to properly configure Prometheus using real certificates.

At the very least, it serves as documentation and provides an option for those installing from source who want to implement secure Prometheus integration.

Author: camilamacedo86

config/base/prometheus/monitor.yaml

@@ -1,19 +1,22 @@
-# Prometheus Monitor Service (Metrics)
+# Patch for Prometheus ServiceMonitor to enable secure TLS configuration
+# using certificates managed by cert-manager
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
-  labels:
-    control-plane: operator-controller-controller-manager
   name: controller-manager-metrics-monitor
   namespace: system
 spec:
   endpoints:
-    - path: /metrics
-      port: https
-      scheme: https
-      bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
-      tlsConfig:
-        insecureSkipVerify: true
-  selector:
-    matchLabels:
-      control-plane: operator-controller-controller-manager
+    - tlsConfig:
+        insecureSkipVerify: false
+        ca:
+          secret:
+            name: olmv1-ca
+            key: ca.crt
+        cert:
+          secret:
+            name: olmv1-ca
+            key: olm-ca.crt
+        keySecret:
+          name: olmv1-ca
+          key: ca.crt