ci: deploy cert-manager v1.17.2 via fluxcd

infrastructure/cert-manager/configmap-values.yaml

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: cert-manager-helm-values
+  namespace: cert-manager
+data:
+  values.yaml: |
+    installCRDs: true
+

infrastructure/cert-manager/helmrelease.yaml

@@ -1,14 +1,24 @@
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
+apiVersion: helm.toolkit.fluxcd.io/v2beta2
 kind: HelmRelease
 metadata:
   name: cert-manager
   namespace: cert-manager
 spec:
+  interval: 15m
   chart:
     spec:
       chart: cert-manager
+      version: v1.17.2
       sourceRef:
         kind: HelmRepository
-        name: cert-manager
-  values:
-    installCRDs: true
+        name: jetstack
+        namespace: flux-system
+  releaseName: cert-manager
+  valuesFrom:
+    - kind: ConfigMap
+      name: cert-manager-helm-values
+      valuesKey: values.yaml
+  install:
+    crds: CreateReplace
+  upgrade:
+    crds: CreateReplace

infrastructure/cert-manager/helmrepository.yaml

@@ -1,8 +1,8 @@
 apiVersion: source.toolkit.fluxcd.io/v1beta2
 kind: HelmRepository
 metadata:
-  name: cert-manager
+  name: jetstack
   namespace: flux-system
 spec:
-  interval: 1h
+  interval: 30m
   url: https://charts.jetstack.io

infrastructure/kustomization-cert-manager.yaml

@@ -0,0 +1,19 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: cert-manager
+  namespace: flux-system
+spec:
+  interval: 15m
+  path: ./infrastructure/cert-manager
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  dependsOn: []
+  healthChecks:
+    - apiVersion: apps/v1
+      kind: Deployment
+      name: cert-manager
+      namespace: cert-manager
+

notes/cert-manager.md

@@ -0,0 +1,40 @@
+# Schritt 1: cert-manager v1.17.2 mit FluxCD deployen
+
+## Verzeichnisstruktur
+infrastructure/
+  cert-manager/
+    namespace.yaml
+    helmrepository.yaml
+    configmap-values.yaml
+    helmrelease.yaml
+  kustomization-cert-manager.yaml
+
+## Vorgehen
+
+1. YAML-Dateien wie oben beschrieben im Git-Repository anlegen.
+2. Änderungen committen und pushen:
+```bash
+   git add infrastructure/cert-manager/*
+   git add infrastructure/kustomization-cert-manager.yaml
+   git commit -m "Deploy cert-manager v1.17.2 via FluxCD"
+   git push origin main
+```
+
+3. Flux synchronisiert automatisch. Manuelles Triggern:
+```bash
+   flux reconcile source git flux-system
+   flux get kustomizations
+   kubectl -n cert-manager get pods
+```
+
+4. Prüfen, ob cert-manager läuft:
+```bash
+   kubectl -n cert-manager get pods
+   kubectl -n cert-manager get deployments
+```
+
+5. Fehlerdiagnose:
+```bash
+   flux logs
+   kubectl -n cert-manager logs deploy/cert-manager
+```