use helm clusterissuer instead of kustomize

charts/fp/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 name: fp
 description: The Galaxy's Best VTuber Hentai Site
-version: 0.0.26
+version: 0.0.27
 keywords:
   - fp
   - futureporn

charts/fp/templates/cert-manager.yaml

@@ -96,7 +96,6 @@ spec:
             apiSecretRef:
               name: exoscale
               key: apiSecret
-         
 {{ end }}
 
 {{ if eq .Values.environment "production" }} 
@@ -107,7 +106,6 @@ metadata:
   name: letsencrypt-prod
 spec:
   acme:
-    # server: https://acme-staging-v02.api.letsencrypt.org/directory
     server: https://acme-v02.api.letsencrypt.org/directory
     email: {{ .Values.adminEmail }}
     privateKeySecretRef:

clusters/staging/infrastructure.yaml

@@ -15,42 +15,42 @@ spec:
   prune: true
   wait: true
 
----
+# ---
-apiVersion: kustomize.toolkit.fluxcd.io/v1
+# apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
+# kind: Kustomization
-metadata:
+# metadata:
-  name: infra-configs
+#   name: infra-configs
-  namespace: flux-system
+#   namespace: flux-system
-spec:
+# spec:
-  dependsOn:
+#   dependsOn:
-    - name: infra-controllers
+#     - name: infra-controllers
-  interval: 1h
+#   interval: 1h
-  retryInterval: 1m
+#   retryInterval: 1m
-  timeout: 5m
+#   timeout: 5m
-  sourceRef:
+#   sourceRef:
-    kind: GitRepository
+#     kind: GitRepository
-    name: flux-system
+#     name: flux-system
-  path: ./infrastructure/configs
+#   path: ./infrastructure/configs
-  prune: true
+#   prune: true
-  patches:
+#   patches:
-    - patch: |
+#     - patch: |
-        - op: replace
+#         - op: replace
-          path: /spec/acme/server
+#           path: /spec/acme/server
-          value: https://acme-staging-v02.api.letsencrypt.org/directory
+#           value: https://acme-staging-v02.api.letsencrypt.org/directory
-      target:
+#       target:
-        kind: ClusterIssuer
+#         kind: ClusterIssuer
-        name: letsencrypt
+#         name: letsencrypt
-    - patch: |
+#     - patch: |
-        - op: replace
+#         - op: replace
-          path: /metadata/name
+#           path: /metadata/name
-          value: letsencrypt-staging
+#           value: letsencrypt-staging
-      target:
+#       target:
-        kind: ClusterIssuer
+#         kind: ClusterIssuer
-        name: letsencrypt
+#         name: letsencrypt
-    - patch: |
+#     - patch: |
-        - op: replace
+#         - op: replace
-          path: /spec/acme/privateKeySecretRef/name
+#           path: /spec/acme/privateKeySecretRef/name
-          value: letsencrypt-staging
+#           value: letsencrypt-staging
-      target:
+#       target:
-        kind: ClusterIssuer
+#         kind: ClusterIssuer
-        name: letsencrypt
+#         name: letsencrypt

infrastructure/configs/kustomization.yaml

@@ -1,3 +1,10 @@
+
+# DEPRECATED. this is referenced in ../../clusters/{staging,production}/infrastructure.yaml
+# and it's commented out which makes it not active.
+# It's easier to reason and understand if we create the cluster-issuers in charts/fp/templates
+# because if we do it here, we must make it Helm adoptable using annotations.
+# why not just invoke it from Helm? seems better suited for there.
+
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:

infrastructure/controllers/kustomization.yaml

@@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   # - external-dns.yaml
-  - cert-manager.yaml
+  # - cert-manager.yaml
   - ingress-traefik.yaml
   - grafana-k8s-dashboards.yaml
   - kube-prometheus-stack.yaml