feat: Put ClusterIssuer under certificates

2025-12-17 00:30:01 +01:00
parent 8a83ae3ab3
commit cfa317caf4
8 changed files with 7 additions and 33 deletions
--- a/clusters/testing/kustomization.yaml
+++ b/clusters/testing/kustomization.yaml
@@ -12,7 +12,6 @@ resources:
  - ../../controllers/cnpg/cnpg.yaml

  - ../../configs/artifacts.yaml
-  - ../../configs/letsencrypt/letsencrypt.yaml
  - ../../configs/certificates/certificates.yaml
  - ../../configs/alerts/alerts.yaml
  - ../../configs/longhorn-jobs/longhorn-jobs.yaml
--- a/configs/artifacts.yaml
+++ b/configs/artifacts.yaml
@@ -9,11 +9,6 @@ spec:
      kind: GitRepository
      name: flux-system
  artifacts:
-    - name: letsencrypt
-      originRevision: "@foundation"
-      copy:
-        - from: "@foundation/configs/letsencrypt/**"
-          to: "@artifact/"
    - name: certificates
      originRevision: "@foundation"
      copy:
--- a/configs/certificates/base/cluster-issuer.yaml
+++ b/configs/certificates/base/cluster-issuer.yaml
--- a/configs/certificates/base/kustomization.yaml
+++ b/configs/certificates/base/kustomization.yaml
@@ -3,3 +3,5 @@ kind: Kustomization
 resources:
  - namespace.yaml
  - certificate-huizinga-dev.yaml
+  - secret-cloudflare-token.enc.yaml
+  - cluster-issuer.yaml
--- a/configs/certificates/base/secret-cloudflare-token.enc.yaml
+++ b/configs/certificates/base/secret-cloudflare-token.enc.yaml
--- a/configs/certificates/certificates.yaml
+++ b/configs/certificates/certificates.yaml
@@ -8,10 +8,14 @@ spec:
  retryInterval: 2m
  timeout: 15m
  dependsOn:
-    - name: letsencrypt
+    - name: cert-manager
  sourceRef:
    kind: ExternalArtifact
    name: certificates
+  decryption:
+    provider: sops
+    secretRef:
+      name: sops-gpg
  path: ./${cluster_env}
  prune: true
  wait: true
--- a/configs/letsencrypt/kustomization.yaml
+++ b/configs/letsencrypt/kustomization.yaml
@@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - secret-cloudflare-token.enc.yaml
-  - cluster-issuer.yaml
--- a/configs/letsencrypt/letsencrypt.yaml
+++ b/configs/letsencrypt/letsencrypt.yaml
@@ -1,21 +0,0 @@
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: letsencrypt
-  namespace: flux-system
-spec:
-  interval: 1h
-  retryInterval: 2m
-  timeout: 5m
-  dependsOn:
-    - name: cert-manager
-  sourceRef:
-    kind: ExternalArtifact
-    name: letsencrypt
-  decryption:
-    provider: sops
-    secretRef:
-      name: sops-gpg
-  path: ./
-  prune: true
-  wait: true