Add cert-manager

2025-08-13 22:39:06 +02:00 · 2024-03-17 13:01:08 +01:00
parent 9bb0b53a0b
commit 32f2087cea
8 changed files with 150 additions and 1 deletions
--- a/oci-managed/certmanager/main.tf
+++ b/oci-managed/certmanager/main.tf
@@ -0,0 +1,43 @@
+resource "helm_release" "cert-manager" {
+  namespace        = var.namespace
+  create_namespace = true
+  name             = "cert-manager"
+  repository       = "https://charts.jetstack.io"
+  chart            = "cert-manager"
+  version          = var.cert_manager_chart_version
+  cleanup_on_fail  = true
+
+  # Helm chart deployment can sometimes take longer than the default 5 minutes
+  timeout = var.timeout_seconds
+
+  set {
+    name  = "installCRDs"
+    value = "true"
+  }
+}
+
+resource "helm_release" "trust-manager" {
+  depends_on = [helm_release.cert-manager]
+
+  namespace        = var.namespace
+  create_namespace = true
+  name             = "trust-manager"
+  repository       = "https://charts.jetstack.io"
+  chart            = "trust-manager"
+  version          = var.trust_manager_chart_version
+  cleanup_on_fail  = true
+
+  # Helm chart deployment can sometimes take longer than the default 5 minutes
+  timeout = var.timeout_seconds
+}
+
+resource "kubectl_manifest" "cert-manager-cluster-issuer" {
+  depends_on = [helm_release.cert-manager, helm_release.trust-manager]
+
+  force_new = true
+  server_side_apply = true
+
+  yaml_body = templatefile("${path.module}/cluster_issuer.tfpl.yaml", {
+    namespace = var.namespace,
+  })
+}