I work in a project where environments are very dynamic: every CI build creates a new testing environment from scratch (and every build uses unique DNS name) and every developer creates and destroys environments daily.
Dynamic environments all share few top-level domains, however they use unique subdomains each. Every environment needs to secure a number of endpoints.
What are the best practices for issuing LE certificates in this situation?
Maybe there is a ready-made package that requests and renews certificates for those top-level domains, and makes it available for other environments to use?
We use Kubernetes, and every environment is a separate Kubernetes cluster.