cluster: add admitomatic CA/certificate
Change-Id: Idb32dc38b897aa266b6d2d6fd57a5e38b47db7fc
diff --git a/cluster/clustercfg/clustercfg.py b/cluster/clustercfg/clustercfg.py
index 410635b..c5f5c6c 100644
--- a/cluster/clustercfg/clustercfg.py
+++ b/cluster/clustercfg/clustercfg.py
@@ -202,6 +202,10 @@
ca_kubefront = ca.CA(ss, certs_root, 'kubefront', 'kubernetes frontend CA')
ca_kubefront.make_cert('kubefront-apiserver', ou='Kubernetes Frontend', hosts=['apiserver'])
+ ## Make admitomatic (admission controller) certificates.
+ ca_admitomatic = ca.CA(ss, certs_root, 'admitomatic', 'admitomatic webhook CA')
+ ca_admitomatic.make_cert('admitomatic-webhook', ou='Admitomatic Webhook', hosts=['admitomatic.admitomatic.svc'])
+
subprocess.check_call(["nix", "run",
"-f", os.path.join(local_root, "cluster/nix/default.nix"),
"provision",