From 7b35f967ff6219c73b81512e4b592babeae56069 Mon Sep 17 00:00:00 2001 From: Joshua Hoblitt Date: Tue, 26 Mar 2024 16:31:08 -0700 Subject: [PATCH] (TESTING) (fleet/cert-manager-conf) fake it until you make it --- fleet/lib/cert-manager-conf/fleet.yaml | 6 ++++++ .../ci/clusterissuer-letsencrypt-dev.yaml | 8 ++++++++ .../ci/clusterissuer-letsencrypt-staging.yaml | 8 ++++++++ .../overlays/ci/clusterissuer-letsencrypt.yaml | 8 ++++++++ .../overlays/ci/externalsecret-route53.yaml | 16 ++++++++++++++++ .../overlays/ci/kustomization.yaml | 8 ++++++++ 6 files changed, 54 insertions(+) create mode 100644 fleet/lib/cert-manager-conf/overlays/ci/clusterissuer-letsencrypt-dev.yaml create mode 100644 fleet/lib/cert-manager-conf/overlays/ci/clusterissuer-letsencrypt-staging.yaml create mode 100644 fleet/lib/cert-manager-conf/overlays/ci/clusterissuer-letsencrypt.yaml create mode 100644 fleet/lib/cert-manager-conf/overlays/ci/externalsecret-route53.yaml create mode 100644 fleet/lib/cert-manager-conf/overlays/ci/kustomization.yaml diff --git a/fleet/lib/cert-manager-conf/fleet.yaml b/fleet/lib/cert-manager-conf/fleet.yaml index 88b945028..cae08dca6 100644 --- a/fleet/lib/cert-manager-conf/fleet.yaml +++ b/fleet/lib/cert-manager-conf/fleet.yaml @@ -17,6 +17,12 @@ dependsOn: matchLabels: bundle: external-secrets-conf targetCustomizations: + - name: ci + clusterSelector: + matchLabels: + ci: "true" + kustomize: + dir: overlays/ci - name: konkong clusterName: konkong kustomize: diff --git a/fleet/lib/cert-manager-conf/overlays/ci/clusterissuer-letsencrypt-dev.yaml b/fleet/lib/cert-manager-conf/overlays/ci/clusterissuer-letsencrypt-dev.yaml new file mode 100644 index 000000000..1120060d5 --- /dev/null +++ b/fleet/lib/cert-manager-conf/overlays/ci/clusterissuer-letsencrypt-dev.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-dev + namespace: cert-manager +spec: + selfSigned: {} diff --git a/fleet/lib/cert-manager-conf/overlays/ci/clusterissuer-letsencrypt-staging.yaml b/fleet/lib/cert-manager-conf/overlays/ci/clusterissuer-letsencrypt-staging.yaml new file mode 100644 index 000000000..4b79e419a --- /dev/null +++ b/fleet/lib/cert-manager-conf/overlays/ci/clusterissuer-letsencrypt-staging.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-staging + namespace: cert-manager +spec: + selfSigned: {} diff --git a/fleet/lib/cert-manager-conf/overlays/ci/clusterissuer-letsencrypt.yaml b/fleet/lib/cert-manager-conf/overlays/ci/clusterissuer-letsencrypt.yaml new file mode 100644 index 000000000..cff8df54a --- /dev/null +++ b/fleet/lib/cert-manager-conf/overlays/ci/clusterissuer-letsencrypt.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt + namespace: cert-manager +spec: + selfSigned: {} diff --git a/fleet/lib/cert-manager-conf/overlays/ci/externalsecret-route53.yaml b/fleet/lib/cert-manager-conf/overlays/ci/externalsecret-route53.yaml new file mode 100644 index 000000000..cd205fa5f --- /dev/null +++ b/fleet/lib/cert-manager-conf/overlays/ci/externalsecret-route53.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: route53 + namespace: cert-manager +spec: + data: + - secretKey: AWS_ACCESS_KEY_ID + remoteRef: + key: it-dns-dev (aws) + property: username + - secretKey: AWS_SECRET_ACCESS_KEY + remoteRef: + key: it-dns-dev (aws) + property: password diff --git a/fleet/lib/cert-manager-conf/overlays/ci/kustomization.yaml b/fleet/lib/cert-manager-conf/overlays/ci/kustomization.yaml new file mode 100644 index 000000000..544ccc650 --- /dev/null +++ b/fleet/lib/cert-manager-conf/overlays/ci/kustomization.yaml @@ -0,0 +1,8 @@ +--- +resources: + - ../../base + - clusterissuer-letsencrypt-dev.yaml +patches: + - path: clusterissuer-letsencrypt-staging.yaml + - path: clusterissuer-letsencrypt.yaml + - path: externalsecret-route53.yaml