ci: add hetzner-webhook and clusterissuer

infrastructure/cert-manager-webhook-hetzner/helmrelease.yaml

@@ -0,0 +1,18 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta2
+kind: HelmRelease
+metadata:
+  name: cert-manager-webhook-hetzner
+  namespace: cert-manager
+spec:
+  interval: 15m
+  chart:
+    spec:
+      chart: cert-manager-webhook-hetzner
+      version: 1.3.3
+      sourceRef:
+        kind: HelmRepository
+        name: vadimkim-cert-manager-webhook-hetzner
+        namespace: flux-system
+  values:
+    groupName: patanix.de
+

infrastructure/cert-manager-webhook-hetzner/helmrepository.yaml

@@ -0,0 +1,8 @@
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: vadimkim-cert-manager-webhook-hetzner
+  namespace: flux-system
+spec:
+  interval: 30m
+  url: https://vadimkim.github.io/cert-manager-webhook-hetzner

infrastructure/cert-manager-webhook-hetzner/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - helmrepository.yaml
+  - helmrelease.yaml
+

infrastructure/cert-manager/kustomization.yaml

@@ -5,3 +5,4 @@ resources:
   - helmrepository.yaml
   - helmrelease.yaml
   - configmap-values.yaml
+  - letsencrypt-clusterissuer.yaml

infrastructure/cert-manager/letsencrypt-clusterissuer.yaml

@@ -0,0 +1,20 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-dns
+spec:
+  acme:
+    email: patryk-hegenberg@outlook.de
+    server: https://acme-v02.api.letsencrypt.org/directory
+    privateKeySecretRef:
+      name: letsencrypt-dns-key
+    solvers:
+      - dns01:
+          webhook:
+            groupName: patanix.de
+            solverName: hetzner
+            config:
+              apiTokenSecretRef:
+                name: hetzner-dns-api-token
+                key: token
+

infrastructure/kustomization.yaml

@@ -2,4 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - cert-manager/
+  - cert-manager-webhook-hetzner/
   # - monitoring/