feat(kubernetes): add initial setup for ArgoCD, Cert-Manager, MetalLB, and Traefik

Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>

roles/kubernetes_cert_manager/tasks/main.yml

@@ -0,0 +1,69 @@
+---
+- name: Ensure cert-manager namespace exists
+  kubernetes.core.k8s:
+    name: cert-manager
+    api_version: v1
+    kind: Namespace
+    state: present
+  tags:
+    - cert_manager
+    - namespace
+
+- name: Create netcup-secret
+  kubernetes.core.k8s:
+    namespace: cert-manager
+    definition: "{{ lookup('ansible.builtin.template', 'netcup.yml.j2') | from_yaml }}"
+
+- name: Add a repository
+  kubernetes.core.helm_repository:
+    name: cert-manager-webhook-netcup
+    repo_url: https://aellwein.github.io/cert-manager-webhook-netcup/charts/
+
+- name: Install NetCup Webhook
+  kubernetes.core.helm:
+    name: my-cert-manager-webhook-netcup
+    chart_ref: cert-manager-webhook-netcup/cert-manager-webhook-netcup
+    release_namespace: cert-manager
+    create_namespace: true
+
+- name: Download cert-manager manifest
+  ansible.builtin.get_url:
+    url: "{{ cert_manager_manifest }}"
+    dest: "/tmp/cert-manager.yaml"
+    mode: "0644"
+    validate_certs: true
+  tags:
+    - cert_manager
+    - download
+
+- name: Apply cert-manager core manifests
+  kubernetes.core.k8s:
+    src: "/tmp/cert-manager.yaml"
+    state: present
+  tags:
+    - cert_manager
+    - apply_manifest
+
+- name: Wait for cert-manager deployments to be ready
+  kubernetes.core.k8s_info:
+    api_version: apps/v1
+    kind: Deployment
+    namespace: cert-manager
+    name: "{{ item }}"
+    wait: true
+    wait_timeout: 300
+  loop:
+    - cert-manager
+    - cert-manager-cainjector
+    - cert-manager-webhook
+  tags:
+    - cert_manager
+    - wait_ready
+
+- name: Create Let's Encrypt ClusterIssuer
+  kubernetes.core.k8s:
+    state: present
+    definition: "{{ lookup('ansible.builtin.template', 'clusterissuer.yml.j2') | from_yaml }}"
+  tags:
+    - cert_manager
+    - cluster_issuer