From 11c9c0f1bc22514b4846343849631628a58c2e73 Mon Sep 17 00:00:00 2001 From: Julia McGhee Date: Fri, 20 Mar 2026 19:26:25 +0000 Subject: [PATCH] Add Certificate resources for internal IngressRoutes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit cert-manager annotations don't work on Traefik IngressRoutes — explicit Certificate resources are needed to trigger Let's Encrypt issuance. --- .../traefik/certificate-internal.yaml | 38 +++++++++++++++++++ .../platform/traefik/kustomization.yaml | 1 + 2 files changed, 39 insertions(+) create mode 100644 infra/kubernetes/platform/traefik/certificate-internal.yaml diff --git a/infra/kubernetes/platform/traefik/certificate-internal.yaml b/infra/kubernetes/platform/traefik/certificate-internal.yaml new file mode 100644 index 0000000..5d31ca6 --- /dev/null +++ b/infra/kubernetes/platform/traefik/certificate-internal.yaml @@ -0,0 +1,38 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: argocd-tls + namespace: platform +spec: + secretName: argocd-tls + issuerRef: + name: letsencrypt-production + kind: ClusterIssuer + dnsNames: + - argocd.coreworlds.io +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: grafana-tls + namespace: platform +spec: + secretName: grafana-tls + issuerRef: + name: letsencrypt-production + kind: ClusterIssuer + dnsNames: + - grafana.coreworlds.io +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: longhorn-tls + namespace: platform +spec: + secretName: longhorn-tls + issuerRef: + name: letsencrypt-production + kind: ClusterIssuer + dnsNames: + - longhorn.coreworlds.io diff --git a/infra/kubernetes/platform/traefik/kustomization.yaml b/infra/kubernetes/platform/traefik/kustomization.yaml index 1d1aede..8107300 100644 --- a/infra/kubernetes/platform/traefik/kustomization.yaml +++ b/infra/kubernetes/platform/traefik/kustomization.yaml @@ -7,3 +7,4 @@ resources: - ingressroute-argocd.yaml - ingressroute-grafana.yaml - ingressroute-longhorn.yaml + - certificate-internal.yaml