add cert-manager for easy cert issuing

k8s/flux.cue

@@ -2,6 +2,26 @@ bundle: {
 	apiVersion: "v1alpha1"
 	name:       "codebattle"
 	instances: {
+		"cert-manager": {
+			module: url: "oci://ghcr.io/stefanprodan/modules/flux-helm-release"
+			namespace: "flux-system"
+			values: {
+				repository: url: "https://charts.jetstack.io"
+				chart: {
+					name:    "cert-manager"
+					version: "v1.17.0"
+				}
+				sync: targetNamespace: "codebattle"
+				helmValues: {
+					crds: enabled: true
+					config: {
+						apiVersion:       "controller.config.cert-manager.io/v1alpha1"
+						kind:             "ControllerConfiguration"
+						enableGatewayAPI: true
+					}
+				}
+			}
+		}
 		"gateway": {
 			module: url: "oci://ghcr.io/stefanprodan/modules/flux-helm-release"
 			namespace: "flux-system"
@@ -26,17 +46,23 @@ bundle: {
 					username: string @timoni(runtime:string:GITHUB_USERNAME)
 					password: string @timoni(runtime:string:GITHUB_TOKEN)
 				}
+				_hostname: string @timoni(runtime:string:CODEBATTLE_HOSTNAME)
 				patches: [{
-					apiVersion: "gateway.networking.k8s.io/v1"
-					kind:       "HTTPRoute"
-					metadata: {
-						name:      "codebattle"
+					patch: [{
+						op:    "add"
+						path:  "/spec/listeners/0/hostname"
+						value: _hostname
+					}, {
+						op:    "add"
+						path:  "/spec/listeners/1/hostname"
+						value: _hostname
+					}]
+					target: {
+						group:     "gateway.networking.k8s.io"
+						kind:      "Gateway"
+						name:      "gateway"
 						namespace: "codebattle"
 					}
-					spec: {
-						_hostname: string @timoni(runtime:string:CODEBATTLE_HOSTNAME)
-						hostnames: [_hostname]
-					}
 				}]
 			}
 		}