Deduplicated certificates config

Substitute cluster env variable
2025-12-02 00:22:29 +01:00 · 2025-12-02 00:21:57 +01:00
11 changed files with 39 additions and 33 deletions
--- a/clusters/testing/flux-system/kustomization.yaml
+++ b/clusters/testing/flux-system/kustomization.yaml
@@ -3,3 +3,13 @@ kind: Kustomization
 resources:
  - gotk-components.yaml
  - gotk-sync.yaml
 patches:
  - patch: |
      - op: add
        path: /spec/postBuild
        value:
          substitute:
            cluster_env: staging
    target:
      kind: Kustomization
      name: flux-system
--- a/clusters/testing/kustomization.yaml
+++ b/clusters/testing/kustomization.yaml
@@ -6,4 +6,4 @@ resources:
  - ../../controllers/cert-manager/cert-manager.yaml
  - ../../configs/artifacts.yaml
  - ../../configs/letsencrypt/letsencrypt.yaml
-  - ../../configs/certificates/staging/certificates.yaml
+  - ../../configs/certificates/certificates.yaml
--- a/configs/certificates/base/certificate-huizinga-dev.yaml
+++ b/configs/certificates/base/certificate-huizinga-dev.yaml
@@ -0,0 +1,10 @@
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
  name: huizinga-dev
  namespace: certificates
 spec:
  secretName: huizinga-dev-tls
  issuerRef:
    name: letsencrypt
    kind: ClusterIssuer
--- a/configs/certificates/base/kustomization.yaml
+++ b/configs/certificates/base/kustomization.yaml
@@ -0,0 +1,5 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - namespace.yaml
  - certificate-huizinga-dev.yaml
--- a/configs/certificates/base/namespace.yaml
+++ b/configs/certificates/base/namespace.yaml
--- a/configs/certificates/production/certificates.yaml
+++ b/configs/certificates/production/certificates.yaml
@@ -12,6 +12,6 @@ spec:
  sourceRef:
    kind: ExternalArtifact
    name: certificates
-  path: ./production
+  path: ./${cluster_env}
  prune: true
  wait: true
--- a/configs/certificates/production/certificate-huizinga-dev.yaml
+++ b/configs/certificates/production/certificate-huizinga-dev.yaml
@@ -4,10 +4,6 @@ metadata:
  name: huizinga-dev
  namespace: certificates
 spec:
  secretName: huizinga-dev-tls
  issuerRef:
    name: letsencrypt
    kind: ClusterIssuer
  commonName: "huizinga.dev"
  dnsNames:
    - "huizinga.dev"
--- a/configs/certificates/production/kustomization.yaml
+++ b/configs/certificates/production/kustomization.yaml
@@ -1,5 +1,8 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - ../namespace.yaml
+  - ../base
-  - certificate-huizinga-dev.yaml
+patches:
  - path: certificate-huizinga-dev.yaml
    target:
      kind: Certificate
--- a/configs/certificates/staging/certificate-huizinga-dev.yaml
+++ b/configs/certificates/staging/certificate-huizinga-dev.yaml
@@ -4,10 +4,6 @@ metadata:
  name: huizinga-dev
  namespace: certificates
 spec:
  secretName: huizinga-dev-tls
  issuerRef:
    name: letsencrypt
    kind: ClusterIssuer
  commonName: "staging.huizinga.dev"
  dnsNames:
    - "staging.huizinga.dev"
--- a/configs/certificates/staging/certificates.yaml
+++ b/configs/certificates/staging/certificates.yaml
@@ -1,17 +0,0 @@
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
  name: certificates
  namespace: flux-system
 spec:
  interval: 1h
  retryInterval: 2m
  timeout: 5m
  dependsOn:
    - name: cert-manager
  sourceRef:
    kind: ExternalArtifact
    name: certificates
  path: ./staging
  prune: true
  wait: true
--- a/configs/certificates/staging/kustomization.yaml
+++ b/configs/certificates/staging/kustomization.yaml
@@ -1,5 +1,8 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - ../namespace.yaml
+  - ../base
-  - certificate-huizinga-dev.yaml
+patches:
  - path: certificate-huizinga-dev.yaml
    target:
      kind: Certificate
Author	SHA1	Message	Date
Dreaded_X	e1e6349201	Deduplicated certificates config	2025-12-02 00:22:29 +01:00
Dreaded_X	8df322cfea	Substitute cluster env variable	2025-12-02 00:21:57 +01:00