Create missing ca certs
diff --git a/roles/libvirt/tasks/main.yml b/roles/libvirt/tasks/main.yml
index eb4b4d9..f0affe5 100644
--- a/roles/libvirt/tasks/main.yml
+++ b/roles/libvirt/tasks/main.yml
@@ -36,6 +36,32 @@
name: "{{ libvirt_helm_release_name }}"
namespace: "{{ libvirt_helm_release_namespace }}"
+- name: Create CA certificates
+ kubernetes.core.k8s:
+ state: present
+ definition:
+ - apiVersion: cert-manager.io/v1
+ kind: Certificate
+ metadata:
+ name: "{{ item }}-ca"
+ namespace: openstack
+ spec:
+ commonName: libvirt
+ duration: 87600h0m0s
+ isCA: true
+ issuerRef:
+ group: cert-manager.io
+ kind: ClusterIssuer
+ name: self-signed
+ privateKey:
+ algorithm: ECDSA
+ size: 256
+ renewBefore: 720h0m0s
+ secretName: "{{ item }}-ca"
+ loop:
+ - libvirt-vnc
+ - libvirt-api
+
- name: Create Issuers
kubernetes.core.k8s:
state: present