Cert-Manager Integration

[eberlep]

Create a certificates.cert-manager.io resource and reference the creade secret in the postgresqls.acid.zalan.do manifest.

https://postgres-operator.readthedocs.io/en/latest/user/#custom-tls-certificates

[eberlep]

Might be possible to make use of Gardeners cert-manager where applicable, by adding some annotations to the Service:

  annotations:
    cert.gardener.cloud/purpose: managed
    cert.gardener.cloud/secretname: postgres-tls-secret
    dns.gardener.cloud/class: garden
    dns.gardener.cloud/dnsnames: x.y.z
    dns.gardener.cloud/ttl: "180"