cert 2

deployment/certificate.yml

@@ -0,0 +1,24 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: exim-forwarder-cert
+spec:
+  secretName: exim-forwarder-cert
+  duration: 2160h
+  renewBefore: 360h
+  subject:
+    organizations:
+      - hottis-de
+  isCA: false
+  privateKey:
+    algorithm: RSA
+    encoding: PKCS1
+    size: 2048
+  usages:
+    - server auth
+  dnsNames:
+    - mx.hottis.de
+  issuerRef:
+    name: letsencrypt-staging-http
+    kind: ClusterIssuer
+    group: cert-manager.io

deployment/deploy-yml.tmpl

@@ -1,28 +1,3 @@
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: exim-forwarder-cert
-spec:
-  secretName: exim-forwarder-cert
-  duration: 2160h
-  renewBefore: 360h
-  subject:
-    organizations:
-      - hottis-de
-  isCA: false
-  privateKey:
-    algorithm: RSA
-    encoding: PKCS1
-    size: 2048
-  usages:
-    - server auth
-  dnsNames:
-    - mx.hottis.de
-  issuerRef:
-    name: letsencrypt-staging-http
-    kind: ClusterIssuer
-    group: cert-manager.io
----
 apiVersion: v1
 kind: ConfigMap
 metadata:

deployment/deploy.sh

@@ -17,7 +17,18 @@ kubectl create namespace $NAMESPACE \
   -o yaml | \
   kubectl -f - apply
 
+echo "Applying certificate..."
+kubectl apply -f $DEPLOYMENT_DIR/certificate.yml -n $NAMESPACE
 
+echo "Waiting for certificate secret to be created..."
+kubectl wait --for=condition=Ready certificate/exim-forwarder-cert -n $NAMESPACE --timeout=300s
+
+if [ $? -ne 0 ]; then
+  echo "Certificate secret creation failed or timed out"
+  exit 1
+fi
+
+echo "Certificate ready, applying deployment..."
 cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \
   sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \
   kubectl apply -f - -n $NAMESPACE