I'm trying to understand what are the available options of working in an ephemeral environment when it comes to sharing a root certificate authority file, mainly running a single node k8s cluster where I have traefik and pebble running and I want to be able to spin up pebble countless times. Obviously this will recreate the root certificate authority and I will have to update my traefik instance every single time. Is there a better way of doing this? Pebble exposes a URL path for getting the root CA, but I'm not sure that traefik's LEGO ACME client can be instructed to fetch it from there. Is this even a good idea?
For more details, I have my entire context written here