# DEPRECATED: This file is kept for reference but no longer used
# Certificate creation is now managed via GitOps through ArgoCD
# See manifests/30-landing/templates/certificate.yaml for the certificate definition

# ---
# # Task to create the root domain certificate
# 
# - name: Create root domain certificate
#   kubernetes.core.k8s:
#     state: present
#     definition:
#       apiVersion: cert-manager.io/v1
#       kind: Certificate
#       metadata:
#         name: container-mom-root
#         namespace: openshift-ingress
#       spec:
#         dnsNames:
#         - 'container.mom'
#         - 'www.container.mom'
#         duration: 2160h  # 90 days
#         renewBefore: 720h  # 30 days
#         issuerRef:
#           kind: ClusterIssuer
#           name: letsencrypt-prod
#         secretName: container-mom-root-tls
#     kubeconfig: "{{ k8s_auth_params.kubeconfig }}"
#     validate_certs: "{{ k8s_auth_params.validate_certs }}"
#   tags:
#     - certificates
#     - root-domain
# 
# - name: Wait for root domain certificate to be ready
#   kubernetes.core.k8s_info:
#     api_version: cert-manager.io/v1
#     kind: Certificate
#     name: container-mom-root
#     namespace: openshift-ingress
#     kubeconfig: "{{ k8s_auth_params.kubeconfig }}"
#     validate_certs: "{{ k8s_auth_params.validate_certs }}"
#   register: root_cert_status
#   until: root_cert_status.resources is defined and root_cert_status.resources | length > 0 and root_cert_status.resources[0].status.conditions is defined and root_cert_status.resources[0].status.conditions | selectattr('type', 'equalto', 'Ready') | selectattr('status', 'equalto', 'True') | list | length > 0
#   retries: 30
#   delay: 10
#   tags:
#     - certificates
#     - root-domain