######################################
# Install cert-manager in cluster    #
######################################
---
- name: Read cert-manager values
  include_vars:
    file: ../vars/k8s_cluster/cert_manager/certManager.yml

- name: Create cert-manager namespace
  k8s:
    state: present
    definition:
      apiVersion: v1
      kind: Namespace
      metadata:
        name: "{{ namespace }}"
        annotations:
          linkerd.io/inject: 'enabled'

- name: Add cert-manager repo
  kubernetes.core.helm_repository:
    name: "{{ helm.releaseName }}"
    repo_url: "{{ helm.repoUrl }}"

- name: Install CRDs for cert-manager
  kubernetes.core.k8s:
    state: present
    definition: "{{ lookup('template', '../templates/k8s_cluster/cert_manager/cert_manager_crds.yaml') | from_yaml_all }}"


- name: Deploy cert-manager from helm chart
  kubernetes.core.helm:
   name: "{{ helm.releaseName }}"
   state: present
   chart_ref: "{{ helm.chart }}"
   release_namespace: "{{ namespace }}"
   chart_version: "{{ helm.chartVersion }}"
   update_repo_cache: "true"

- name: Pause for 1.5 minutes and wait for cert-manager webhook
  ansible.builtin.pause:
    seconds: 90

- name: Deploy cert-manager lets-encrypt staging config file
  kubernetes.core.k8s:
    state: present
    definition: "{{ lookup('template', '../templates/k8s_cluster/cert_manager/lets_encrypt_staging.yml.j2') | from_yaml_all }}"

- name: Deploy cert-manager lets-encrypt production config file
  kubernetes.core.k8s:
    state: present
    definition: "{{ lookup('template', '../templates/k8s_cluster/cert_manager/lets_encrypt_production.yml.j2') | from_yaml_all }}"