feat: migrate cert-mgr + rmq to operator
diff --git a/atmosphere/flows.py b/atmosphere/flows.py
index 0c8b2bd..d0bd92d 100644
--- a/atmosphere/flows.py
+++ b/atmosphere/flows.py
@@ -32,6 +32,14 @@
             name=constants.HELM_REPOSITORY_JETSTACK,
             url="https://charts.jetstack.io",
         ),
+        flux.ApplyHelmReleaseTask(
+            namespace=constants.NAMESPACE_CERT_MANAGER,
+            name=constants.HELM_RELEASE_CERT_MANAGER_NAME,
+            repository=constants.HELM_REPOSITORY_JETSTACK,
+            chart=constants.HELM_RELEASE_CERT_MANAGER_NAME,
+            version=constants.HELM_RELEASE_CERT_MANAGER_VERSION,
+            values=constants.HELM_RELEASE_CERT_MANAGER_VALUES,
+        ),
         # monitoring
         v1.ApplyNamespaceTask(name=constants.NAMESPACE_MONITORING),
         flux.ApplyHelmRepositoryTask(
@@ -59,6 +67,15 @@
             name=constants.HELM_REPOSITORY_BITNAMI,
             url="https://charts.bitnami.com/bitnami",
         ),
+        flux.ApplyHelmReleaseTask(
+            namespace=constants.NAMESPACE_OPENSTACK,
+            name=constants.HELM_RELEASE_RABBITMQ_OPERATOR_NAME,
+            repository=constants.HELM_REPOSITORY_BITNAMI,
+            chart=constants.HELM_RELEASE_RABBITMQ_OPERATOR_NAME,
+            version=constants.HELM_RELEASE_RABBITMQ_OPERATOR_VERSION,
+            values=constants.HELM_RELEASE_RABBITMQ_OPERATOR_VALUES,
+            requires=constants.HELM_RELEASE_RABBITMQ_OPERATOR_REQUIRES,
+        ),
         flux.ApplyHelmRepositoryTask(
             namespace=constants.NAMESPACE_OPENSTACK,
             name=constants.HELM_REPOSITORY_PERCONA,
diff --git a/atmosphere/tasks/constants.py b/atmosphere/tasks/constants.py
index 531a065..215d1e8 100644
--- a/atmosphere/tasks/constants.py
+++ b/atmosphere/tasks/constants.py
@@ -18,10 +18,73 @@
 HELM_REPOSITORY_PERCONA = "percona"
 HELM_REPOSITORY_PROMETHEUS_COMMUINTY = "prometheus-community"
 
+HELM_RELEASE_CERT_MANAGER_NAME = "cert-manager"
+HELM_RELEASE_CERT_MANAGER_VERSION = "v1.7.1"
+HELM_RELEASE_CERT_MANAGER_VALUES = {
+    "installCRDs": True,
+    "volumes": [
+        {
+            "name": "etc-ssl-certs",
+            "hostPath": {
+                "path": "/etc/ssl/certs",
+            },
+        }
+    ],
+    "volumeMounts": [
+        {
+            "name": "etc-ssl-certs",
+            "mountPath": "/etc/ssl/certs",
+            "readOnly": True,
+        }
+    ],
+    "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
+    "webhook": {
+        "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
+    },
+    "cainjector": {
+        "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
+    },
+    "startupapicheck": {
+        "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
+    },
+}
+HELM_RELEASE_RABBITMQ_OPERATOR_REQUIRES = set(
+    [
+        f"helm-release-{NAMESPACE_CERT_MANAGER}-{HELM_RELEASE_CERT_MANAGER_NAME}",
+    ]
+)
+
 HELM_RELEASE_NODE_FEATURE_DISCOVERY_VALUES = {
     "master": {"nodeSelector": NODE_SELECTOR_CONTROL_PLANE}
 }
 
+HELM_RELEASE_RABBITMQ_OPERATOR_NAME = "rabbitmq-cluster-operator"
+HELM_RELEASE_RABBITMQ_OPERATOR_VERSION = "2.5.2"
+HELM_RELEASE_RABBITMQ_OPERATOR_VALUES = {
+    "rabbitmqImage": {"repository": "library/rabbitmq", "tag": "3.10.2-management"},
+    "credentialUpdaterImage": {
+        "repository": "rabbitmqoperator/default-user-credential-updater",
+        "tag": "1.0.2",
+    },
+    "clusterOperator": {
+        "fullnameOverride": "rabbitmq-cluster-operator",
+        "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
+        "image": {
+            "repository": "rabbitmqoperator/cluster-operator",
+            "tag": "1.13.1",
+        },
+    },
+    "msgTopologyOperator": {
+        "fullnameOverride": "rabbitmq-messaging-topology-operator",
+        "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
+        "image": {
+            "repository": "rabbitmqoperator/messaging-topology-operator",
+            "tag": "1.6.0",
+        },
+    },
+    "useCertManager": True,
+}
+
 HELM_RELEASE_PXC_OPERATOR_NAME = "pxc-operator"
 HELM_RELEASE_PXC_OPERATOR_VERSION = "1.10.0"
 HELM_RELEASE_PXC_OPERATOR_VALUES = {
diff --git a/playbooks/openstack.yml b/playbooks/openstack.yml
index c1da7f5..e16fdb7 100644
--- a/playbooks/openstack.yml
+++ b/playbooks/openstack.yml
@@ -64,10 +64,6 @@
       tags:
         - keepalived
 
-    - role: rabbitmq_operator
-      tags:
-        - rabbitmq-operator
-
     - role: openstack_helm_keystone
       tags:
         - openstack-helm-keystone
diff --git a/roles/cert_manager/tasks/main.yml b/roles/cert_manager/tasks/main.yml
index e6516ab..c9c0901 100644
--- a/roles/cert_manager/tasks/main.yml
+++ b/roles/cert_manager/tasks/main.yml
@@ -12,50 +12,6 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
-- name: Deploy Helm chart
-  kubernetes.core.k8s:
-    state: present
-    definition:
-      - apiVersion: helm.toolkit.fluxcd.io/v2beta1
-        kind: HelmRelease
-        metadata:
-          name: cert-manager
-          namespace: cert-manager
-        spec:
-          interval: 60s
-          chart:
-            spec:
-              chart: cert-manager
-              version: v1.7.1
-              sourceRef:
-                kind: HelmRepository
-                name: jetstack
-          install:
-            crds: CreateReplace
-          upgrade:
-            crds: CreateReplace
-          values:
-            installCRDs: true
-            volumes:
-              - name: etc-ssl-certs
-                hostPath:
-                  path: /etc/ssl/certs
-            volumeMounts:
-              - name: etc-ssl-certs
-                mountPath: /etc/ssl/certs
-                readOnly: true
-            nodeSelector:
-              openstack-control-plane: enabled
-            webhook:
-              nodeSelector:
-                openstack-control-plane: enabled
-            cainjector:
-              nodeSelector:
-                openstack-control-plane: enabled
-            startupapicheck:
-              nodeSelector:
-                openstack-control-plane: enabled
-
 - name: Create Issuer
   kubernetes.core.k8s:
     state: present
diff --git a/roles/rabbitmq/meta/main.yml b/roles/rabbitmq/meta/main.yml
index f3d8797..ac177b0 100644
--- a/roles/rabbitmq/meta/main.yml
+++ b/roles/rabbitmq/meta/main.yml
@@ -24,4 +24,4 @@
         - focal
 
 dependencies:
-  - role: rabbitmq_operator
+  - role: atmosphere
diff --git a/roles/rabbitmq_operator/README.md b/roles/rabbitmq_operator/README.md
deleted file mode 100644
index 20ba0d8..0000000
--- a/roles/rabbitmq_operator/README.md
+++ /dev/null
@@ -1 +0,0 @@
-# `rabbitmq_operator`
diff --git a/roles/rabbitmq_operator/meta/main.yml b/roles/rabbitmq_operator/meta/main.yml
deleted file mode 100644
index e57b0da..0000000
--- a/roles/rabbitmq_operator/meta/main.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-# Copyright (c) 2022 VEXXHOST, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-galaxy_info:
-  author: VEXXHOST, Inc.
-  description: Ansible role for RabbitMQ operator
-  license: Apache-2.0
-  min_ansible_version: 5.5.0
-  standalone: false
-  platforms:
-    - name: Ubuntu
-      versions:
-        - focal
-
-dependencies:
-  - role: atmosphere
diff --git a/roles/rabbitmq_operator/tasks/main.yml b/roles/rabbitmq_operator/tasks/main.yml
deleted file mode 100644
index 2ba1c90..0000000
--- a/roles/rabbitmq_operator/tasks/main.yml
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright (c) 2022 VEXXHOST, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-- name: Deploy Helm chart
-  kubernetes.core.k8s:
-    state: present
-    definition:
-      - apiVersion: helm.toolkit.fluxcd.io/v2beta1
-        kind: HelmRelease
-        metadata:
-          name: rabbitmq-cluster-operator
-          namespace: openstack
-        spec:
-          interval: 60s
-          chart:
-            spec:
-              chart: rabbitmq-cluster-operator
-              version: 2.5.2
-              sourceRef:
-                kind: HelmRepository
-                name: bitnami
-          install:
-            crds: CreateReplace
-          upgrade:
-            crds: CreateReplace
-          values:
-            rabbitmqImage:
-              repository: library/rabbitmq
-              tag: 3.10.2-management
-            credentialUpdaterImage:
-              repository: rabbitmqoperator/default-user-credential-updater
-              tag: 1.0.2
-            clusterOperator:
-              image:
-                repository: rabbitmqoperator/cluster-operator
-                tag: 1.13.1
-              fullnameOverride: rabbitmq-cluster-operator
-              nodeSelector:
-                openstack-control-plane: enabled
-            msgTopologyOperator:
-              image:
-                repository: rabbitmqoperator/messaging-topology-operator
-                tag: 1.6.0
-              fullnameOverride: rabbitmq-messaging-topology-operator
-              nodeSelector:
-                openstack-control-plane: enabled
-            useCertManager: true