Certs are stored in vault, and some certs are mapped into the cluster using external secrets.
Lets create an ansible job that runs weekly to renew certs that expire soon.
Should be pretty straight forward, as req-cert-vault role and request-cert playbook already have all the functionality.
This would avoid bad surprises by expiered certs, which could become criticial when AAP, SSO, QUAY etc. are affected.
Certs are stored in vault, and some certs are mapped into the cluster using external secrets.
Lets create an ansible job that runs weekly to renew certs that expire soon.
Should be pretty straight forward, as req-cert-vault role and request-cert playbook already have all the functionality.
This would avoid bad surprises by expiered certs, which could become criticial when AAP, SSO, QUAY etc. are affected.