Create missing ca certs

commit: 04f9c42273a6035ad4cfdaf78cd13bec78af96a3 [log] [tgz]
author: okozachenko1203 <okozachenko1203@users.noreply.github.com> Fri Sep 01 23:35:23 2023 +1000
committer: Oleksandr Kozachenko <okozachenko1203@gmail.com> Wed Sep 06 11:22:07 2023 +0200
tree: 071bc66df4db6eaec726cc86a7605b1137b9636a
parent: 7d02fa704a2deba7ae9399b6f49579e610151c1c [diff]
diff --git a/roles/libvirt/tasks/main.yml b/roles/libvirt/tasks/main.yml
index eb4b4d9..f0affe5 100644
--- a/roles/libvirt/tasks/main.yml
+++ b/roles/libvirt/tasks/main.yml

@@ -36,6 +36,32 @@
         name: "{{ libvirt_helm_release_name }}"
         namespace: "{{ libvirt_helm_release_namespace }}"
 
+- name: Create CA certificates
+  kubernetes.core.k8s:
+    state: present
+    definition:
+      - apiVersion: cert-manager.io/v1
+        kind: Certificate
+        metadata:
+          name: "{{ item }}-ca"
+          namespace: openstack
+        spec:
+          commonName: libvirt
+          duration: 87600h0m0s
+          isCA: true
+          issuerRef:
+            group: cert-manager.io
+            kind: ClusterIssuer
+            name: self-signed
+          privateKey:
+            algorithm: ECDSA
+            size: 256
+          renewBefore: 720h0m0s
+          secretName: "{{ item }}-ca"
+  loop:
+    - libvirt-vnc
+    - libvirt-api
+
 - name: Create Issuers
   kubernetes.core.k8s:
     state: present
commit	04f9c42273a6035ad4cfdaf78cd13bec78af96a3	[log] [tgz]
author	okozachenko1203 <okozachenko1203@users.noreply.github.com>	Fri Sep 01 23:35:23 2023 +1000
committer	Oleksandr Kozachenko <okozachenko1203@gmail.com>	Wed Sep 06 11:22:07 2023 +0200
tree	071bc66df4db6eaec726cc86a7605b1137b9636a
parent	7d02fa704a2deba7ae9399b6f49579e610151c1c [diff]