feat: Added cert-manager

2025-11-30 06:18:33 +01:00
parent 4550643bf3
commit dedfa503eb
7 changed files with 82 additions and 0 deletions
--- a/clusters/testing/kustomization.yaml
+++ b/clusters/testing/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - flux-system/
+  - ../../controllers/artifacts.yaml
+  - ../../controllers/cert-manager/cert-manager.yaml
--- a/controllers/artifacts.yaml
+++ b/controllers/artifacts.yaml
@@ -0,0 +1,16 @@
+apiVersion: source.extensions.fluxcd.io/v1beta1
+kind: ArtifactGenerator
+metadata:
+  name: controllers
+  namespace: flux-system
+spec:
+  sources:
+    - alias: foundation
+      kind: GitRepository
+      name: flux-system
+  artifacts:
+    - name: cert-manager
+      originRevision: "@foundation"
+      copy:
+        - from: "@foundation/controllers/cert-manager/**"
+          to: "@artifact/"
--- a/controllers/cert-manager/cert-manager.yaml
+++ b/controllers/cert-manager/cert-manager.yaml
@@ -0,0 +1,15 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: cert-manager
+  namespace: flux-system
+spec:
+  interval: 1h
+  retryInterval: 2m
+  timeout: 5m
+  sourceRef:
+    kind: ExternalArtifact
+    name: cert-manager
+  path: ./
+  prune: true
+  wait: true
--- a/controllers/cert-manager/helm-release.yaml
+++ b/controllers/cert-manager/helm-release.yaml
@@ -0,0 +1,22 @@
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: cert-manager
+  namespace: cert-manager
+spec:
+  interval: 12h
+  install:
+    strategy:
+      name: RetryOnFailure
+      retryInterval: 2m
+  upgrade:
+    strategy:
+      name: RetryOnFailure
+      retryInterval: 3m
+  chartRef:
+    kind: OCIRepository
+    name: cert-manager
+  values:
+    crds:
+      enabled: true
+      keep: false
--- a/controllers/cert-manager/kustomization.yaml
+++ b/controllers/cert-manager/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ./namespace.yaml
+  - ./oci-repository.yaml
+  - ./helm-release.yaml
--- a/controllers/cert-manager/namespace.yaml
+++ b/controllers/cert-manager/namespace.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: cert-manager
--- a/controllers/cert-manager/oci-repository.yaml
+++ b/controllers/cert-manager/oci-repository.yaml
@@ -0,0 +1,13 @@
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: OCIRepository
+metadata:
+  name: cert-manager
+  namespace: cert-manager
+spec:
+  interval: 24h
+  url: oci://quay.io/jetstack/charts/cert-manager
+  layerSelector:
+    mediaType: "application/vnd.cncf.helm.chart.content.v1.tar+gzip"
+    operation: copy
+  ref:
+    semver: "1.x"