From dc9c63e6e02b65393c58d0f80fc09ca52b14bc31 Mon Sep 17 00:00:00 2001
From: Dreaded_X <tim@huizinga.dev>
Date: Sun, 30 Nov 2025 06:18:33 +0100
Subject: [PATCH] Added cert-manager

---
 artifacts.yaml                                | 16 ++++++++++++++
 clusters/testing/kustomization.yaml           |  6 ++++++
 configurations/helm-release.yaml              |  6 ++++++
 controllers/cert-manager/cert-manager.yaml    | 15 +++++++++++++
 controllers/cert-manager/helm-repository.yaml | 21 +++++++++++++++++++
 controllers/cert-manager/kustomization.yaml   | 15 +++++++++++++
 controllers/cert-manager/namespace.yaml       |  4 ++++
 controllers/cert-manager/oci-repository.yaml  | 13 ++++++++++++
 controllers/cert-manager/values.yaml          |  3 +++
 9 files changed, 99 insertions(+)
 create mode 100644 artifacts.yaml
 create mode 100644 clusters/testing/kustomization.yaml
 create mode 100644 configurations/helm-release.yaml
 create mode 100644 controllers/cert-manager/cert-manager.yaml
 create mode 100644 controllers/cert-manager/helm-repository.yaml
 create mode 100644 controllers/cert-manager/kustomization.yaml
 create mode 100644 controllers/cert-manager/namespace.yaml
 create mode 100644 controllers/cert-manager/oci-repository.yaml
 create mode 100644 controllers/cert-manager/values.yaml

diff --git a/artifacts.yaml b/artifacts.yaml
new file mode 100644
index 0000000..4079a8e
--- /dev/null
+++ b/artifacts.yaml
@@ -0,0 +1,16 @@
+apiVersion: source.extensions.fluxcd.io/v1beta1
+kind: ArtifactGenerator
+metadata:
+  name: flux-system
+  namespace: flux-system
+spec:
+  sources:
+    - alias: foundation
+      kind: GitRepository
+      name: flux-system
+  artifacts:
+    - name: cert-manager
+      originRevision: "@monorepo"
+      copy:
+        - from: "@foundation/controllers/cert-manager/**"
+          to: "@artifact/"
diff --git a/clusters/testing/kustomization.yaml b/clusters/testing/kustomization.yaml
new file mode 100644
index 0000000..819af54
--- /dev/null
+++ b/clusters/testing/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ./flux-system/
+  - ../../artifacts.yaml
+  - ../../controllers/cert-manager/cert-manager.yaml
diff --git a/configurations/helm-release.yaml b/configurations/helm-release.yaml
new file mode 100644
index 0000000..a80be15
--- /dev/null
+++ b/configurations/helm-release.yaml
@@ -0,0 +1,6 @@
+nameReference:
+  - kind: ConfigMap
+    version: v1
+    fieldSpecs:
+      - path: spec/valuesFrom/name
+        kind: HelmRelease
diff --git a/controllers/cert-manager/cert-manager.yaml b/controllers/cert-manager/cert-manager.yaml
new file mode 100644
index 0000000..8139a9c
--- /dev/null
+++ b/controllers/cert-manager/cert-manager.yaml
@@ -0,0 +1,15 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: cert-manager
+  namespace: flux-system
+spec:
+  interval: 1h
+  retryInterval: 2m
+  timeout: 5m
+  sourceRef:
+    kind: ExternalArtifact
+    name: cert-manager
+  path: ./
+  prune: true
+  wait: true
diff --git a/controllers/cert-manager/helm-repository.yaml b/controllers/cert-manager/helm-repository.yaml
new file mode 100644
index 0000000..1bd27d7
--- /dev/null
+++ b/controllers/cert-manager/helm-repository.yaml
@@ -0,0 +1,21 @@
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: cert-manager
+  namespace: cert-manager
+spec:
+  interval: 12h
+  install:
+    strategy:
+      name: RetryOnFailure
+      retryInterval: 2m
+  upgrade:
+    strategy:
+      name: RetryOnFailure
+      retryInterval: 3m
+  chartRef:
+    kind: OCIRepository
+    name: cert-manager
+  valuesFrom:
+    - kind: ConfigMap
+      name: values
diff --git a/controllers/cert-manager/kustomization.yaml b/controllers/cert-manager/kustomization.yaml
new file mode 100644
index 0000000..2f98746
--- /dev/null
+++ b/controllers/cert-manager/kustomization.yaml
@@ -0,0 +1,15 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ./namespace.yaml
+  - ./oci-repository.yaml
+  - ./helm-release.yaml
+
+configurations:
+  - ../../configurations/helm-release.yaml
+
+configMapGenerator:
+  - name: values
+    namespace: cert-manager
+    files:
+      - ./values.yaml
diff --git a/controllers/cert-manager/namespace.yaml b/controllers/cert-manager/namespace.yaml
new file mode 100644
index 0000000..c90416f
--- /dev/null
+++ b/controllers/cert-manager/namespace.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: cert-manager
diff --git a/controllers/cert-manager/oci-repository.yaml b/controllers/cert-manager/oci-repository.yaml
new file mode 100644
index 0000000..7c69c89
--- /dev/null
+++ b/controllers/cert-manager/oci-repository.yaml
@@ -0,0 +1,13 @@
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: OCIRepository
+metadata:
+  name: cert-manager
+  namespace: cert-manager
+spec:
+  interval: 24h
+  url: oci://quay.io/jetstack/charts/cert-manager
+  layerSelector:
+    mediaType: "application/vnd.cncf.helm.chart.content.v1.tar+gzip"
+    operation: copy
+  ref:
+    semver: "1.x"
diff --git a/controllers/cert-manager/values.yaml b/controllers/cert-manager/values.yaml
new file mode 100644
index 0000000..29c1355
--- /dev/null
+++ b/controllers/cert-manager/values.yaml
@@ -0,0 +1,3 @@
+crds:
+  enabled: true
+  keep: false