diff --git a/bundle/manifests/argoproj.io_argocds.yaml b/bundle/manifests/argoproj.io_argocds.yaml index 71c07e737..80f034363 100644 --- a/bundle/manifests/argoproj.io_argocds.yaml +++ b/bundle/manifests/argoproj.io_argocds.yaml @@ -352,7 +352,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -362,25 +364,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -920,7 +961,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -930,25 +973,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -1470,7 +1552,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -1480,25 +1564,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -6646,7 +6769,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -6656,25 +6781,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -7412,7 +7576,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -7422,25 +7588,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -12205,7 +12410,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -12215,25 +12422,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -12755,7 +13001,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -12765,25 +13013,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -19268,7 +19555,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -19278,25 +19567,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. diff --git a/bundle/manifests/gitops-operator.clusterserviceversion.yaml b/bundle/manifests/gitops-operator.clusterserviceversion.yaml index 18f99a4b5..f7901222f 100644 --- a/bundle/manifests/gitops-operator.clusterserviceversion.yaml +++ b/bundle/manifests/gitops-operator.clusterserviceversion.yaml @@ -164,7 +164,7 @@ metadata: capabilities: Deep Insights console.openshift.io/plugins: '["gitops-plugin"]' containerImage: quay.io/redhat-developer/gitops-operator - createdAt: "2024-10-23T05:35:38Z" + createdAt: "2024-10-31T05:49:03Z" description: Enables teams to adopt GitOps principles for managing cluster configurations and application delivery across hybrid multi-cluster Kubernetes environments. features.operators.openshift.io/disconnected: "true" diff --git a/config/crd/bases/argoproj.io_argocds.yaml b/config/crd/bases/argoproj.io_argocds.yaml index f7c0e7181..30486dd91 100644 --- a/config/crd/bases/argoproj.io_argocds.yaml +++ b/config/crd/bases/argoproj.io_argocds.yaml @@ -341,7 +341,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -351,25 +353,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -909,7 +950,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -919,25 +962,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -1459,7 +1541,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -1469,25 +1553,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -6635,7 +6758,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -6645,25 +6770,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -7401,7 +7565,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -7411,25 +7577,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -12194,7 +12399,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -12204,25 +12411,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -12744,7 +12990,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -12754,25 +13002,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. @@ -19257,7 +19544,9 @@ spec: certificate contents type: string certificate: - description: certificate provides certificate contents + description: |- + certificate provides certificate contents. This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. type: string destinationCACertificate: description: |- @@ -19267,25 +19556,64 @@ spec: the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. type: string + externalCertificate: + description: |- + externalCertificate provides certificate contents as a secret reference. + This should be a single serving certificate, not a certificate + chain. Do not include a CA certificate. The secret referenced should + be present in the same namespace as that of the Route. + Forbidden when `certificate` is set. + properties: + name: + description: |- + name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + type: object + x-kubernetes-map-type: atomic insecureEdgeTerminationPolicy: description: |- insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. - * Allow - traffic is sent to the server on the insecure port (default) - * Disable - no traffic is allowed on the insecure port. + * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). + * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port. + enum: + - Allow + - None + - Redirect + - "" type: string key: description: key provides key file contents type: string termination: - description: termination indicates termination type. + description: |- + termination indicates termination type. + + + * edge - TLS termination is done by the router and http is used to communicate with the backend (default) + * passthrough - Traffic is sent straight to the destination without the router providing TLS termination + * reencrypt - TLS termination is done by the router and https is used to communicate with the backend + + + Note: passthrough termination is incompatible with httpHeader actions + enum: + - edge + - reencrypt + - passthrough type: string required: - termination type: object + x-kubernetes-validations: + - message: 'cannot have both spec.tls.termination: passthrough + and spec.tls.insecureEdgeTerminationPolicy: Allow' + rule: 'has(self.termination) && has(self.insecureEdgeTerminationPolicy) + ? !((self.termination==''passthrough'') && (self.insecureEdgeTerminationPolicy==''Allow'')) + : true' wildcardPolicy: description: WildcardPolicy if any for the route. Currently only 'Subdomain' or 'None' is allowed. diff --git a/go.mod b/go.mod index 6c0bbfef6..474c49678 100644 --- a/go.mod +++ b/go.mod @@ -4,14 +4,14 @@ go 1.21.0 require ( github.com/argoproj-labs/argo-rollouts-manager v0.0.5-0.20241023053239-85db81b64541 - github.com/argoproj-labs/argocd-operator v0.12.0-rc3 + github.com/argoproj-labs/argocd-operator v0.12.0-rc1.0.20241031054316-c658393241a5 github.com/coreos/prometheus-operator v0.40.0 github.com/go-logr/logr v1.4.2 github.com/google/go-cmp v0.6.0 github.com/hashicorp/go-version v1.6.0 github.com/onsi/ginkgo v1.16.5 github.com/onsi/gomega v1.34.0 - github.com/openshift/api v3.9.1-0.20190916204813-cdbe64fb0c91+incompatible + github.com/openshift/api v0.0.0-20240906151052-5d963dce87aa github.com/operator-framework/api v0.17.5 github.com/stretchr/testify v1.9.0 go.uber.org/zap v1.27.0 @@ -96,7 +96,6 @@ replace ( cloud.google.com/go => cloud.google.com/go v0.100.2 github.com/onsi/ginkgo => github.com/onsi/ginkgo v1.16.4 github.com/onsi/gomega => github.com/onsi/gomega v1.14.0 - github.com/openshift/api => github.com/openshift/api v0.0.0-20220929131120-2bde012f248a github.com/openshift/client-go => github.com/openshift/client-go v0.0.0-20200325131901-f7baeb993edb k8s.io/api => k8s.io/api v0.28.3 k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.28.3 diff --git a/go.sum b/go.sum index 4f96717f4..5dafcbc42 100644 --- a/go.sum +++ b/go.sum @@ -622,8 +622,8 @@ github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb github.com/apache/thrift v0.16.0/go.mod h1:PHK3hniurgQaNMZYaCLEqXKsYK8upmhPbmdP2FXSqgU= github.com/argoproj-labs/argo-rollouts-manager v0.0.5-0.20241023053239-85db81b64541 h1:T4JSu0lAPWsxmbPut0h08JFQz4Q1NFXCJraXisNgKMw= github.com/argoproj-labs/argo-rollouts-manager v0.0.5-0.20241023053239-85db81b64541/go.mod h1:seR9B+tx6AbGaya+JA61HDBFciKx7FM7t/1IMhOwXlM= -github.com/argoproj-labs/argocd-operator v0.12.0-rc3 h1:UqHQFeaZKWY8IqsAgLU3CwjRymcYCsJ01Wysqf7nDiY= -github.com/argoproj-labs/argocd-operator v0.12.0-rc3/go.mod h1:+yvFAnSJZL8iOTWI3cTQ9qwXfh40lLyOI4ghDFqM8S0= +github.com/argoproj-labs/argocd-operator v0.12.0-rc1.0.20241031054316-c658393241a5 h1:6s5vBXemQNRKrFCfun8qdhHrhyanWpIffQv4T7d7/l4= +github.com/argoproj-labs/argocd-operator v0.12.0-rc1.0.20241031054316-c658393241a5/go.mod h1:TYDl+YVuzr6mTcSjKn6+qLd14QwVcihUW9REiVVt2Us= github.com/argoproj/argo-cd/v2 v2.12.3 h1:Bi4QahHTnKl3esU5MplQP1wraGhaTpvgAV4GsMqc3Zc= github.com/argoproj/argo-cd/v2 v2.12.3/go.mod h1:2fh6q4NX/cylbH6Ktx/KjJsX7sOBwF3jbGnO0IZyNOc= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= @@ -723,11 +723,7 @@ github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7Do github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= -github.com/dave/dst v0.26.2/go.mod h1:UMDJuIRPfyUCC78eFuB+SV/WI8oDeyFDvM/JR6NI3IU= -github.com/dave/gopackages v0.0.0-20170318123100-46e7023ec56e/go.mod h1:i00+b/gKdIDIxuLDFob7ustLAVqhsZRk2qVZrArELGQ= github.com/dave/jennifer v1.2.0/go.mod h1:fIb+770HOpJ2fmN9EPPKOqm1vMGhB+TwXKMZhrIygKg= -github.com/dave/kerr v0.0.0-20170318121727-bc25dd6abe8e/go.mod h1:qZqlPyPvfsDJt+3wHJ1EvSXDuVjFTK0j2p/ca+gtsb8= -github.com/dave/rebecca v0.9.1/go.mod h1:N6XYdMD/OKw3lkF3ywh8Z6wPGuwNFDNtWYEMFWEmXBA= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= @@ -847,7 +843,6 @@ github.com/go-openapi/jsonpointer v0.17.2/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwds github.com/go-openapi/jsonpointer v0.18.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= github.com/go-openapi/jsonpointer v0.20.2 h1:mQc3nmndL8ZBzStEo3JYF8wzmeWffDH4VbXz58sAx6Q= github.com/go-openapi/jsonpointer v0.20.2/go.mod h1:bHen+N0u1KEO3YlmqOjTT9Adn1RfD91Ar825/PuiRVs= @@ -856,7 +851,6 @@ github.com/go-openapi/jsonreference v0.17.2/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3Hfo github.com/go-openapi/jsonreference v0.18.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= -github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= github.com/go-openapi/jsonreference v0.20.1/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= github.com/go-openapi/jsonreference v0.20.4 h1:bKlDxQxQJgwpUSgOENiMPzCTBVuc7vTdXSSgNeAhojU= @@ -896,7 +890,6 @@ github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.7/go.mod h1:ao+8BpOPyKdpQz3AOJfbeEVpLmWAvlT1IfTe5McPyhY= github.com/go-openapi/swag v0.19.9/go.mod h1:ao+8BpOPyKdpQz3AOJfbeEVpLmWAvlT1IfTe5McPyhY= -github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-openapi/swag v0.22.9 h1:XX2DssF+mQKM2DHsbgZK74y/zj4mo9I99+89xUmuZCE= github.com/go-openapi/swag v0.22.9/go.mod h1:3/OXnFfnMAwBD099SwYRk7GD3xOrr1iL7d/XNLXVVwE= @@ -995,7 +988,6 @@ github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9 github.com/google/cel-go v0.16.1/go.mod h1:HXZKzB0LXqer5lHHgfWAnlYwJaQBDKMjxjulNQzhwhY= github.com/google/flatbuffers v1.11.0/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= github.com/google/flatbuffers v2.0.8+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= -github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -1019,7 +1011,6 @@ github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= github.com/google/martian/v3 v3.3.2/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= -github.com/google/pprof v0.0.0-20181127221834-b4f47329b966/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20190723021845-34ac40c74b70/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20200417002340-c6e0a841f49a/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200507031123-427632fa3b1c/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= @@ -1220,7 +1211,6 @@ github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/mailru/easyjson v0.7.1/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= -github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= @@ -1293,7 +1283,6 @@ github.com/nats-io/nats.go v1.9.1/go.mod h1:ZjDU1L/7fJ09jvUSRVBR2e7+RnLiiIQyqyzE github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w= github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w= github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/oklog/oklog v0.3.2/go.mod h1:FCV+B7mhrz4o+ueLpx+KqkyXRGMWOYEvfiXtdGtbWGs= @@ -1313,9 +1302,10 @@ github.com/onsi/ginkgo/v2 v2.14.0/go.mod h1:JkUdW7JkN0V6rFvsHcJ478egV3XH9NxpD27H github.com/onsi/gomega v1.14.0 h1:ep6kpPVwmr/nTbklSx2nrLNSIO62DoYAhnPNIMhK8gI= github.com/onsi/gomega v1.14.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= -github.com/openshift/api v0.0.0-20220929131120-2bde012f248a h1:+39B2Z9dLpsi8Bea7Fc9Qc/LEHNQYG3OBd4o7vxkQLM= -github.com/openshift/api v0.0.0-20220929131120-2bde012f248a/go.mod h1:HJAEIh4gLXPDdWxgCbvmJjzd9QIxyPZJtPU0u2W4vH4= -github.com/openshift/build-machinery-go v0.0.0-20220913142420-e25cf57ea46d/go.mod h1:b1BuldmJlbA/xYtdZvKi+7j5YGB44qJUJDZ9zwiNCfE= +github.com/openshift/api v0.0.0-20200324160301-f91f52aea878/go.mod h1:7k3+uZYOir97walbYUqApHUA2OPhkQpVJHt0n7GJ6P4= +github.com/openshift/api v0.0.0-20240906151052-5d963dce87aa h1:RMI6Xa+l8KriyoxsRO/swMDPyCwrxJNA9H67K0Jod/w= +github.com/openshift/api v0.0.0-20240906151052-5d963dce87aa/go.mod h1:yimSGmjsI+XF1mr+AKBs2//fSXIOhhetHGbMlBEfXbs= +github.com/openshift/build-machinery-go v0.0.0-20200211121458-5e3d6e570160/go.mod h1:1CkcsT3aVebzRBzVTSbiKSkJMsC/CASqxesfqEMfJEc= github.com/openshift/client-go v0.0.0-20200325131901-f7baeb993edb h1:h/pmujsUIaL6f/9U83Hiyb02wUuY+Hn7vNk4UZSsRVU= github.com/openshift/client-go v0.0.0-20200325131901-f7baeb993edb/go.mod h1:rAML9NXVUNqFcjFAxml+MtOS0ia2Tp3mjlvfofyurss= github.com/opentracing-contrib/go-observer v0.0.0-20170622124052-a52f23424492/go.mod h1:Ngi6UdF0k5OKD5t5wlmGhe/EDKPoUM3BXZSSfIuJbis= @@ -1635,7 +1625,6 @@ go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= -golang.org/x/arch v0.0.0-20180920145803-b19384d3c130/go.mod h1:cYlCBUl1MsqxdiKgmc4uh7TxZfWSFLOGSRR090WDxt8= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -1833,7 +1822,6 @@ golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180903190138-2b024373dcd9/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -2022,11 +2010,11 @@ golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapK golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200108203644-89082a384178/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200115044656-831fdb1e1868/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= golang.org/x/tools v0.0.0-20200422205258-72e4a01eba43/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200509030707-2212a7e161a5/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200603131246-cc40288be839/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20201124115921-2c860bdd6e78/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= @@ -2133,7 +2121,6 @@ google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod h1:55QSHmfG google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/genproto v0.0.0-20200603110839-e855014d5736/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= -google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210329143202-679c6ae281ee/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= @@ -2285,7 +2272,6 @@ gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLks gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= @@ -2301,7 +2287,6 @@ gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24 gopkg.in/natefinch/lumberjack.v2 v2.2.1/go.mod h1:YD8tP3GAjkrDg1eZH7EGmyESg/lsYskCTPBJVb9jqSc= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/src-d/go-billy.v4 v4.3.0/go.mod h1:tm33zBoOwxjYHZIE+OV8bxTWFMJLrconzFMd38aARFk= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= @@ -2318,7 +2303,6 @@ gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200603094226-e3079894b1e8/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= @@ -2345,14 +2329,12 @@ k8s.io/code-generator v0.28.3/go.mod h1:A2EAHTRYvCvBrb/MM2zZBNipeCk3f8NtpdNIKawC k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI= k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8= k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/gengo v0.0.0-20211129171323-c02415ce4185/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20220902162205-c0856e24416d/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v0.4.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= @@ -2365,7 +2347,6 @@ k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4Va k8s.io/utils v0.0.0-20191114200735-6ca3b61696b6/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= k8s.io/utils v0.0.0-20200414100711-2df71ebbae66/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ= k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= @@ -2410,7 +2391,6 @@ sigs.k8s.io/controller-runtime v0.17.2 h1:FwHwD1CTUemg0pW2otk7/U5/i5m2ymzvOXdbeG sigs.k8s.io/controller-runtime v0.17.2/go.mod h1:+MngTvIQQQhfXtwfdGw/UOQ/aIaqsYywfCINOtwMO/s= sigs.k8s.io/gateway-api v1.0.0 h1:iPTStSv41+d9p0xFydll6d7f7MOBGuqXM6p2/zVYMAs= sigs.k8s.io/gateway-api v1.0.0/go.mod h1:4cUgr0Lnp5FZ0Cdq8FdRwCvpiWws7LVhLHGIudLlf4c= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= diff --git a/test/openshift/e2e/parallel/1-005_validate_route_tls/01-assert.yaml b/test/openshift/e2e/parallel/1-005_validate_route_tls/01-assert.yaml new file mode 100644 index 000000000..6e489fbc9 --- /dev/null +++ b/test/openshift/e2e/parallel/1-005_validate_route_tls/01-assert.yaml @@ -0,0 +1,34 @@ +apiVersion: argoproj.io/v1beta1 +kind: ArgoCD +metadata: + name: example +status: + phase: Available + applicationSetController: Running + server: Running +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: example-server +spec: + to: + kind: Service + name: example-server + weight: 100 + tls: + insecureEdgeTerminationPolicy: Redirect + termination: reencrypt +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: example-applicationset-controller-webhook +spec: + to: + kind: Service + name: example-applicationset-controller + weight: 100 + tls: + termination: edge + insecureEdgeTerminationPolicy: Redirect diff --git a/test/openshift/e2e/parallel/1-005_validate_route_tls/01-install.yaml b/test/openshift/e2e/parallel/1-005_validate_route_tls/01-install.yaml new file mode 100644 index 000000000..8dd4cb5b2 --- /dev/null +++ b/test/openshift/e2e/parallel/1-005_validate_route_tls/01-install.yaml @@ -0,0 +1,14 @@ +apiVersion: argoproj.io/v1beta1 +kind: ArgoCD +metadata: + name: example +spec: + server: + route: + enabled: true + applicationSet: + enabled: true + webhookServer: + host: example.com + route: + enabled: true \ No newline at end of file diff --git a/test/openshift/e2e/parallel/1-005_validate_route_tls/02-assert.yaml b/test/openshift/e2e/parallel/1-005_validate_route_tls/02-assert.yaml new file mode 100644 index 000000000..4ae649f0e --- /dev/null +++ b/test/openshift/e2e/parallel/1-005_validate_route_tls/02-assert.yaml @@ -0,0 +1,168 @@ +apiVersion: argoproj.io/v1beta1 +kind: ArgoCD +metadata: + name: example +status: + phase: Available + applicationSetController: Running + server: Running +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: example-server +spec: + to: + kind: Service + name: example-server + weight: 100 + tls: + termination: reencrypt + certificate: |- + -----BEGIN CERTIFICATE----- + MIIEbTCCAtWgAwIBAgIUA80/UfgNcx8tYz/XXlo6X8DJzXQwDQYJKoZIhvcNAQEL + BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM + GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwNDM4MjdaGA8yMTIz + MDQyMDA0MzgyN1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx + ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCAaIwDQYJKoZIhvcN + AQEBBQADggGPADCCAYoCggGBAJUuv+nO7S02+BHo5zkVg/IwUNSqQhsgKe3Djzsm + ISctrzNgrtUPqxYU0XDPXIS/v4wrtXrbXjlEaVgpTToqt/DRITH/I9FZzFQRQWKb + Gx0g3aH/LFJHHix4KCMPzEcykXba3zJqZei4NeJ7ym/Z5g/gJjGOE2SDVJN7YA9p + WKEgf/+TB6uPkEcgNc+8rFKbwQ63IhqOnHZq0mFaT/DWQUWYqLNZOHIiXjIELjGe + RjzmxlTQd9hWrC+FP1fOz9Ahpnw8oJ+wEpMUSpsAd3FFYUDZW/bj3jwWLT3WtmTb + d5ehpeE/zM5twy4rZXzT43+fsO/ns2YDxsSiujrtwm/Ar5k86S2XTkWro6f/t/Ml + dcIGzUZm2lSRacX1brIhNryHU2ZyVsEKJbS4/7N/wHTqhctSZlJRXkfjPiIC2KHV + YngPAtJ+fSmdULd7rIWcaxsrpnyozVpzYm5U8XRGm/pj2FFHVKPdSBoo2GrkVMyh + oU3+YiFno57wNbrm9ROzMIHhhwIDAQABo1MwUTAdBgNVHQ4EFgQUTbU3O3JsKBC6 + jCLjxTX4zWEAgc8wHwYDVR0jBBgwFoAUTbU3O3JsKBC6jCLjxTX4zWEAgc8wDwYD + VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAYEAMthyYhEUf5GdrKSMBuWR + +QlsBau/6N2nSxRxM2g4oexQOGUny1r76KrW6o/2V/PYyz/3WgOgSB/4sZxNoeu8 + rsjY9sp/bCWJ6jEmhm2kkVeb3Arix0iNt7BviOCjoVchc31R20JLP0a6WK+KtiV2 + C8qbuOQEkVWY/NVy+buHKqJjNZXyj8ADX0It8rAmaEGMEGkEFtYTnjEYHdkPWfYx + 6P9C12PrZySu9+L3eGmylKeDU7dWvBAONbHfHL8W/8pxG1CwObfkTEpzVTlR0SfI + W1dZ9YXb7S5F/0j6GLeUSgvnQZxH4rbc699wC9Y/kt5EozT1xvmKgZ6G6vaU2Mhb + jZnrbB4swXCVf98HDAy8PWrn7BWky9G8SbM5kS6Mj9pQwZnnfF6VLg+uWBBjMh7g + 0Ntf+Lv/IC5v+jC7TDKRPCAUGYzBRLMbT0WvK0BVXhp6swCi4qtME/BTsqXA6zzk + 5PfEh1b+yuqxbF3bU8rII1LIsXxr96lssl+H0HxPpQKv + -----END CERTIFICATE----- + key: |- + -----BEGIN PRIVATE KEY----- + MIIG/QIBADANBgkqhkiG9w0BAQEFAASCBucwggbjAgEAAoIBgQCVLr/pzu0tNvgR + 6Oc5FYPyMFDUqkIbICntw487JiEnLa8zYK7VD6sWFNFwz1yEv7+MK7V62145RGlY + KU06Krfw0SEx/yPRWcxUEUFimxsdIN2h/yxSRx4seCgjD8xHMpF22t8yamXouDXi + e8pv2eYP4CYxjhNkg1STe2APaVihIH//kwerj5BHIDXPvKxSm8EOtyIajpx2atJh + Wk/w1kFFmKizWThyIl4yBC4xnkY85sZU0HfYVqwvhT9Xzs/QIaZ8PKCfsBKTFEqb + AHdxRWFA2Vv24948Fi091rZk23eXoaXhP8zObcMuK2V80+N/n7Dv57NmA8bEoro6 + 7cJvwK+ZPOktl05Fq6On/7fzJXXCBs1GZtpUkWnF9W6yITa8h1NmclbBCiW0uP+z + f8B06oXLUmZSUV5H4z4iAtih1WJ4DwLSfn0pnVC3e6yFnGsbK6Z8qM1ac2JuVPF0 + Rpv6Y9hRR1Sj3UgaKNhq5FTMoaFN/mIhZ6Oe8DW65vUTszCB4YcCAwEAAQKCAYBJ + 9tTF6odjTIav8oZ5ofY6ZMQevI9r/YVsUfI4xE3Zq+falEv6bPtJRmcVBGp9ksg4 + ig8/a3YK9KU6Rbf5Z+as6jMII9SxXlFVOPzvE7HcvkfEosxpusL2D1jvEU0Z27ON + dzUEPQZr3LEyqmeTDzjmlB67oRJyWj7bpGbbHUMJGCD+KPq7j8Fb0ld7uLLDfl+4 + mQm6mwxuFcZa6DkMUl4oUGkMCudWhz2mlLYGec+fMFgTAwz4YPib0ve15F7adWPh + EYqE8cqz3p1r2b9O6MNu0GTK16+388AFVSULImag/525pddohZgPHU8BJAKffGL6 + XCCfQrQBbe6geYsNANx8E34M3fbmkeby41oLY8v8PJOMHvoDREqD7tgqlPgozlD0 + BXlDaxTYLAwbyK+jARvQT60a4V744MMhsJ57GMC69R/YDW7Qbd4hiD3P4XEmqHBz + a/dhsNsJylgTMLFOIr4RnH/82yXyG3J0WTtZP+kRxq1aHaTduSif1SQkFqhr+MkC + gcEAxxmX9UAChk+DuOPsYYtx+kl/0aR8B5tvVQRQDxfij0Km9nXEyTsRE34sFlAk + RxgVUb+DjARPn5OuST/v3HHemGUU2x/L5BYYgtn9waI6vpTA3lllPzTYIr6aZfkb + yaX6UbHk5C9af/0F+xq4pNoSpcafdrE5dJ9JyM/20Q3DRxCN+RY2alezO/UCe0Sf + 3OH7Qk2RYgbP1lADV/58oqGpU079N1M4yt6ziyltPC8y/laGOAA00ZGFBPzySs2J + 3yXbAoHBAL/RI4s2WsX8ERaa/GXo85q0/LK2Wq8LICm/jxrMAZrVK1u9kSEKgps2 + pGV9hE73y7gBgstrfrUKghSsqwtIwQCXVYFKEzu4l2fojukJ13eCR7YSBqGTM3Jn + PhyjvxoAcmBsKjkoaXAt5+6DtuTVlQmElJB1s/A8us6rwy2GaXAWTHhNGJ5xuSAd + h3nW1Bsg84f5J6Vx0mnW85kAipB16LZFKUSqHpWYZ+Qe9yT0+iS0Fexz/dHmX4WA + eBZ0rulAxQKBwAutkKAt9PfzygIaPE8sYq8PiJO/VhcMIueVrSx1djB49FoYZkZ3 + VHUUPXnBkZ8p5nY5CXo49oKhouNhAKypcSj3JNYFc2wZb66dIqks3s025GkmTS37 + 54GCNIQurFaTia8pBAfuTxyatrMXyiTBNb7Le6b2liwk+6rvp8ZzTDTq36jwiJiM + NFMb991LFSVbi+VDr3dUdvRXFRsgLidL3Caqx2drVjVwAo/zChkxm4gXgx/dwztX + kbnNLFj+3UtdaQKBwBfHGRzctAvu3z9qHveTFP+Mh/avXDZurqH+OQMdXuWOnz1U + FnV+FAqhj2d1U71mQj6hEVGeFarjjpR5gwp3DlXAbL0GLbQtgbdDwNNqgOczoygS + u/ezg6Ee4zgxpDLY81S4k9NaCxf42NNcSIO9Zigz4ya1MIULQiz0ZdFy5Acc/IW9 + KNwbRNOSVYTo+IoUX5vvata7cVXla3T/+C1IMHzHvgHhBMGOjvJcVE6kf42lNUKG + bmRiplyqPDisZjJL8QKBwQCupVWTNeEy0YZ+7mwyJZ1DLURRlgUOKx7LhkO1MDn4 + YyjJrDm1Ne3XjNXq/wjaQX5KuUdkXoqAp1emo2nKGqqVjwSkWX6ordO6mLYhGDiA + vDydisaLX4I8x6NZFIabzqpZbmf6pWlxXVsEptXdAeALpxNZ/r/P34UOgF/g5jZB + /r8qFYC5HnDCY72bY52UXON3ktVmhC7PK3JNmruJgunEfC/yOk8YB9Eks7+3+9SR + HkXkOt1cAbJWZruf4j13X4s= + -----END PRIVATE KEY----- +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: example-applicationset-controller-webhook +spec: + to: + kind: Service + name: example-applicationset-controller + weight: 100 + tls: + termination: reencrypt + certificate: |- + -----BEGIN CERTIFICATE----- + MIIEbTCCAtWgAwIBAgIUA80/UfgNcx8tYz/XXlo6X8DJzXQwDQYJKoZIhvcNAQEL + BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM + GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwNDM4MjdaGA8yMTIz + MDQyMDA0MzgyN1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx + ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCAaIwDQYJKoZIhvcN + AQEBBQADggGPADCCAYoCggGBAJUuv+nO7S02+BHo5zkVg/IwUNSqQhsgKe3Djzsm + ISctrzNgrtUPqxYU0XDPXIS/v4wrtXrbXjlEaVgpTToqt/DRITH/I9FZzFQRQWKb + Gx0g3aH/LFJHHix4KCMPzEcykXba3zJqZei4NeJ7ym/Z5g/gJjGOE2SDVJN7YA9p + WKEgf/+TB6uPkEcgNc+8rFKbwQ63IhqOnHZq0mFaT/DWQUWYqLNZOHIiXjIELjGe + RjzmxlTQd9hWrC+FP1fOz9Ahpnw8oJ+wEpMUSpsAd3FFYUDZW/bj3jwWLT3WtmTb + d5ehpeE/zM5twy4rZXzT43+fsO/ns2YDxsSiujrtwm/Ar5k86S2XTkWro6f/t/Ml + dcIGzUZm2lSRacX1brIhNryHU2ZyVsEKJbS4/7N/wHTqhctSZlJRXkfjPiIC2KHV + YngPAtJ+fSmdULd7rIWcaxsrpnyozVpzYm5U8XRGm/pj2FFHVKPdSBoo2GrkVMyh + oU3+YiFno57wNbrm9ROzMIHhhwIDAQABo1MwUTAdBgNVHQ4EFgQUTbU3O3JsKBC6 + jCLjxTX4zWEAgc8wHwYDVR0jBBgwFoAUTbU3O3JsKBC6jCLjxTX4zWEAgc8wDwYD + VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAYEAMthyYhEUf5GdrKSMBuWR + +QlsBau/6N2nSxRxM2g4oexQOGUny1r76KrW6o/2V/PYyz/3WgOgSB/4sZxNoeu8 + rsjY9sp/bCWJ6jEmhm2kkVeb3Arix0iNt7BviOCjoVchc31R20JLP0a6WK+KtiV2 + C8qbuOQEkVWY/NVy+buHKqJjNZXyj8ADX0It8rAmaEGMEGkEFtYTnjEYHdkPWfYx + 6P9C12PrZySu9+L3eGmylKeDU7dWvBAONbHfHL8W/8pxG1CwObfkTEpzVTlR0SfI + W1dZ9YXb7S5F/0j6GLeUSgvnQZxH4rbc699wC9Y/kt5EozT1xvmKgZ6G6vaU2Mhb + jZnrbB4swXCVf98HDAy8PWrn7BWky9G8SbM5kS6Mj9pQwZnnfF6VLg+uWBBjMh7g + 0Ntf+Lv/IC5v+jC7TDKRPCAUGYzBRLMbT0WvK0BVXhp6swCi4qtME/BTsqXA6zzk + 5PfEh1b+yuqxbF3bU8rII1LIsXxr96lssl+H0HxPpQKv + -----END CERTIFICATE----- + key: |- + -----BEGIN PRIVATE KEY----- + MIIG/QIBADANBgkqhkiG9w0BAQEFAASCBucwggbjAgEAAoIBgQCVLr/pzu0tNvgR + 6Oc5FYPyMFDUqkIbICntw487JiEnLa8zYK7VD6sWFNFwz1yEv7+MK7V62145RGlY + KU06Krfw0SEx/yPRWcxUEUFimxsdIN2h/yxSRx4seCgjD8xHMpF22t8yamXouDXi + e8pv2eYP4CYxjhNkg1STe2APaVihIH//kwerj5BHIDXPvKxSm8EOtyIajpx2atJh + Wk/w1kFFmKizWThyIl4yBC4xnkY85sZU0HfYVqwvhT9Xzs/QIaZ8PKCfsBKTFEqb + AHdxRWFA2Vv24948Fi091rZk23eXoaXhP8zObcMuK2V80+N/n7Dv57NmA8bEoro6 + 7cJvwK+ZPOktl05Fq6On/7fzJXXCBs1GZtpUkWnF9W6yITa8h1NmclbBCiW0uP+z + f8B06oXLUmZSUV5H4z4iAtih1WJ4DwLSfn0pnVC3e6yFnGsbK6Z8qM1ac2JuVPF0 + Rpv6Y9hRR1Sj3UgaKNhq5FTMoaFN/mIhZ6Oe8DW65vUTszCB4YcCAwEAAQKCAYBJ + 9tTF6odjTIav8oZ5ofY6ZMQevI9r/YVsUfI4xE3Zq+falEv6bPtJRmcVBGp9ksg4 + ig8/a3YK9KU6Rbf5Z+as6jMII9SxXlFVOPzvE7HcvkfEosxpusL2D1jvEU0Z27ON + dzUEPQZr3LEyqmeTDzjmlB67oRJyWj7bpGbbHUMJGCD+KPq7j8Fb0ld7uLLDfl+4 + mQm6mwxuFcZa6DkMUl4oUGkMCudWhz2mlLYGec+fMFgTAwz4YPib0ve15F7adWPh + EYqE8cqz3p1r2b9O6MNu0GTK16+388AFVSULImag/525pddohZgPHU8BJAKffGL6 + XCCfQrQBbe6geYsNANx8E34M3fbmkeby41oLY8v8PJOMHvoDREqD7tgqlPgozlD0 + BXlDaxTYLAwbyK+jARvQT60a4V744MMhsJ57GMC69R/YDW7Qbd4hiD3P4XEmqHBz + a/dhsNsJylgTMLFOIr4RnH/82yXyG3J0WTtZP+kRxq1aHaTduSif1SQkFqhr+MkC + gcEAxxmX9UAChk+DuOPsYYtx+kl/0aR8B5tvVQRQDxfij0Km9nXEyTsRE34sFlAk + RxgVUb+DjARPn5OuST/v3HHemGUU2x/L5BYYgtn9waI6vpTA3lllPzTYIr6aZfkb + yaX6UbHk5C9af/0F+xq4pNoSpcafdrE5dJ9JyM/20Q3DRxCN+RY2alezO/UCe0Sf + 3OH7Qk2RYgbP1lADV/58oqGpU079N1M4yt6ziyltPC8y/laGOAA00ZGFBPzySs2J + 3yXbAoHBAL/RI4s2WsX8ERaa/GXo85q0/LK2Wq8LICm/jxrMAZrVK1u9kSEKgps2 + pGV9hE73y7gBgstrfrUKghSsqwtIwQCXVYFKEzu4l2fojukJ13eCR7YSBqGTM3Jn + PhyjvxoAcmBsKjkoaXAt5+6DtuTVlQmElJB1s/A8us6rwy2GaXAWTHhNGJ5xuSAd + h3nW1Bsg84f5J6Vx0mnW85kAipB16LZFKUSqHpWYZ+Qe9yT0+iS0Fexz/dHmX4WA + eBZ0rulAxQKBwAutkKAt9PfzygIaPE8sYq8PiJO/VhcMIueVrSx1djB49FoYZkZ3 + VHUUPXnBkZ8p5nY5CXo49oKhouNhAKypcSj3JNYFc2wZb66dIqks3s025GkmTS37 + 54GCNIQurFaTia8pBAfuTxyatrMXyiTBNb7Le6b2liwk+6rvp8ZzTDTq36jwiJiM + NFMb991LFSVbi+VDr3dUdvRXFRsgLidL3Caqx2drVjVwAo/zChkxm4gXgx/dwztX + kbnNLFj+3UtdaQKBwBfHGRzctAvu3z9qHveTFP+Mh/avXDZurqH+OQMdXuWOnz1U + FnV+FAqhj2d1U71mQj6hEVGeFarjjpR5gwp3DlXAbL0GLbQtgbdDwNNqgOczoygS + u/ezg6Ee4zgxpDLY81S4k9NaCxf42NNcSIO9Zigz4ya1MIULQiz0ZdFy5Acc/IW9 + KNwbRNOSVYTo+IoUX5vvata7cVXla3T/+C1IMHzHvgHhBMGOjvJcVE6kf42lNUKG + bmRiplyqPDisZjJL8QKBwQCupVWTNeEy0YZ+7mwyJZ1DLURRlgUOKx7LhkO1MDn4 + YyjJrDm1Ne3XjNXq/wjaQX5KuUdkXoqAp1emo2nKGqqVjwSkWX6ordO6mLYhGDiA + vDydisaLX4I8x6NZFIabzqpZbmf6pWlxXVsEptXdAeALpxNZ/r/P34UOgF/g5jZB + /r8qFYC5HnDCY72bY52UXON3ktVmhC7PK3JNmruJgunEfC/yOk8YB9Eks7+3+9SR + HkXkOt1cAbJWZruf4j13X4s= + -----END PRIVATE KEY----- \ No newline at end of file diff --git a/test/openshift/e2e/parallel/1-005_validate_route_tls/02-embedded-tls-data.yaml b/test/openshift/e2e/parallel/1-005_validate_route_tls/02-embedded-tls-data.yaml new file mode 100644 index 000000000..19ea5f180 --- /dev/null +++ b/test/openshift/e2e/parallel/1-005_validate_route_tls/02-embedded-tls-data.yaml @@ -0,0 +1,154 @@ +apiVersion: argoproj.io/v1beta1 +kind: ArgoCD +metadata: + name: example +spec: + server: + route: + enabled: true + tls: + termination: reencrypt + certificate: |- + -----BEGIN CERTIFICATE----- + MIIEbTCCAtWgAwIBAgIUA80/UfgNcx8tYz/XXlo6X8DJzXQwDQYJKoZIhvcNAQEL + BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM + GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwNDM4MjdaGA8yMTIz + MDQyMDA0MzgyN1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx + ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCAaIwDQYJKoZIhvcN + AQEBBQADggGPADCCAYoCggGBAJUuv+nO7S02+BHo5zkVg/IwUNSqQhsgKe3Djzsm + ISctrzNgrtUPqxYU0XDPXIS/v4wrtXrbXjlEaVgpTToqt/DRITH/I9FZzFQRQWKb + Gx0g3aH/LFJHHix4KCMPzEcykXba3zJqZei4NeJ7ym/Z5g/gJjGOE2SDVJN7YA9p + WKEgf/+TB6uPkEcgNc+8rFKbwQ63IhqOnHZq0mFaT/DWQUWYqLNZOHIiXjIELjGe + RjzmxlTQd9hWrC+FP1fOz9Ahpnw8oJ+wEpMUSpsAd3FFYUDZW/bj3jwWLT3WtmTb + d5ehpeE/zM5twy4rZXzT43+fsO/ns2YDxsSiujrtwm/Ar5k86S2XTkWro6f/t/Ml + dcIGzUZm2lSRacX1brIhNryHU2ZyVsEKJbS4/7N/wHTqhctSZlJRXkfjPiIC2KHV + YngPAtJ+fSmdULd7rIWcaxsrpnyozVpzYm5U8XRGm/pj2FFHVKPdSBoo2GrkVMyh + oU3+YiFno57wNbrm9ROzMIHhhwIDAQABo1MwUTAdBgNVHQ4EFgQUTbU3O3JsKBC6 + jCLjxTX4zWEAgc8wHwYDVR0jBBgwFoAUTbU3O3JsKBC6jCLjxTX4zWEAgc8wDwYD + VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAYEAMthyYhEUf5GdrKSMBuWR + +QlsBau/6N2nSxRxM2g4oexQOGUny1r76KrW6o/2V/PYyz/3WgOgSB/4sZxNoeu8 + rsjY9sp/bCWJ6jEmhm2kkVeb3Arix0iNt7BviOCjoVchc31R20JLP0a6WK+KtiV2 + C8qbuOQEkVWY/NVy+buHKqJjNZXyj8ADX0It8rAmaEGMEGkEFtYTnjEYHdkPWfYx + 6P9C12PrZySu9+L3eGmylKeDU7dWvBAONbHfHL8W/8pxG1CwObfkTEpzVTlR0SfI + W1dZ9YXb7S5F/0j6GLeUSgvnQZxH4rbc699wC9Y/kt5EozT1xvmKgZ6G6vaU2Mhb + jZnrbB4swXCVf98HDAy8PWrn7BWky9G8SbM5kS6Mj9pQwZnnfF6VLg+uWBBjMh7g + 0Ntf+Lv/IC5v+jC7TDKRPCAUGYzBRLMbT0WvK0BVXhp6swCi4qtME/BTsqXA6zzk + 5PfEh1b+yuqxbF3bU8rII1LIsXxr96lssl+H0HxPpQKv + -----END CERTIFICATE----- + key: |- + -----BEGIN PRIVATE KEY----- + MIIG/QIBADANBgkqhkiG9w0BAQEFAASCBucwggbjAgEAAoIBgQCVLr/pzu0tNvgR + 6Oc5FYPyMFDUqkIbICntw487JiEnLa8zYK7VD6sWFNFwz1yEv7+MK7V62145RGlY + KU06Krfw0SEx/yPRWcxUEUFimxsdIN2h/yxSRx4seCgjD8xHMpF22t8yamXouDXi + e8pv2eYP4CYxjhNkg1STe2APaVihIH//kwerj5BHIDXPvKxSm8EOtyIajpx2atJh + Wk/w1kFFmKizWThyIl4yBC4xnkY85sZU0HfYVqwvhT9Xzs/QIaZ8PKCfsBKTFEqb + AHdxRWFA2Vv24948Fi091rZk23eXoaXhP8zObcMuK2V80+N/n7Dv57NmA8bEoro6 + 7cJvwK+ZPOktl05Fq6On/7fzJXXCBs1GZtpUkWnF9W6yITa8h1NmclbBCiW0uP+z + f8B06oXLUmZSUV5H4z4iAtih1WJ4DwLSfn0pnVC3e6yFnGsbK6Z8qM1ac2JuVPF0 + Rpv6Y9hRR1Sj3UgaKNhq5FTMoaFN/mIhZ6Oe8DW65vUTszCB4YcCAwEAAQKCAYBJ + 9tTF6odjTIav8oZ5ofY6ZMQevI9r/YVsUfI4xE3Zq+falEv6bPtJRmcVBGp9ksg4 + ig8/a3YK9KU6Rbf5Z+as6jMII9SxXlFVOPzvE7HcvkfEosxpusL2D1jvEU0Z27ON + dzUEPQZr3LEyqmeTDzjmlB67oRJyWj7bpGbbHUMJGCD+KPq7j8Fb0ld7uLLDfl+4 + mQm6mwxuFcZa6DkMUl4oUGkMCudWhz2mlLYGec+fMFgTAwz4YPib0ve15F7adWPh + EYqE8cqz3p1r2b9O6MNu0GTK16+388AFVSULImag/525pddohZgPHU8BJAKffGL6 + XCCfQrQBbe6geYsNANx8E34M3fbmkeby41oLY8v8PJOMHvoDREqD7tgqlPgozlD0 + BXlDaxTYLAwbyK+jARvQT60a4V744MMhsJ57GMC69R/YDW7Qbd4hiD3P4XEmqHBz + a/dhsNsJylgTMLFOIr4RnH/82yXyG3J0WTtZP+kRxq1aHaTduSif1SQkFqhr+MkC + gcEAxxmX9UAChk+DuOPsYYtx+kl/0aR8B5tvVQRQDxfij0Km9nXEyTsRE34sFlAk + RxgVUb+DjARPn5OuST/v3HHemGUU2x/L5BYYgtn9waI6vpTA3lllPzTYIr6aZfkb + yaX6UbHk5C9af/0F+xq4pNoSpcafdrE5dJ9JyM/20Q3DRxCN+RY2alezO/UCe0Sf + 3OH7Qk2RYgbP1lADV/58oqGpU079N1M4yt6ziyltPC8y/laGOAA00ZGFBPzySs2J + 3yXbAoHBAL/RI4s2WsX8ERaa/GXo85q0/LK2Wq8LICm/jxrMAZrVK1u9kSEKgps2 + pGV9hE73y7gBgstrfrUKghSsqwtIwQCXVYFKEzu4l2fojukJ13eCR7YSBqGTM3Jn + PhyjvxoAcmBsKjkoaXAt5+6DtuTVlQmElJB1s/A8us6rwy2GaXAWTHhNGJ5xuSAd + h3nW1Bsg84f5J6Vx0mnW85kAipB16LZFKUSqHpWYZ+Qe9yT0+iS0Fexz/dHmX4WA + eBZ0rulAxQKBwAutkKAt9PfzygIaPE8sYq8PiJO/VhcMIueVrSx1djB49FoYZkZ3 + VHUUPXnBkZ8p5nY5CXo49oKhouNhAKypcSj3JNYFc2wZb66dIqks3s025GkmTS37 + 54GCNIQurFaTia8pBAfuTxyatrMXyiTBNb7Le6b2liwk+6rvp8ZzTDTq36jwiJiM + NFMb991LFSVbi+VDr3dUdvRXFRsgLidL3Caqx2drVjVwAo/zChkxm4gXgx/dwztX + kbnNLFj+3UtdaQKBwBfHGRzctAvu3z9qHveTFP+Mh/avXDZurqH+OQMdXuWOnz1U + FnV+FAqhj2d1U71mQj6hEVGeFarjjpR5gwp3DlXAbL0GLbQtgbdDwNNqgOczoygS + u/ezg6Ee4zgxpDLY81S4k9NaCxf42NNcSIO9Zigz4ya1MIULQiz0ZdFy5Acc/IW9 + KNwbRNOSVYTo+IoUX5vvata7cVXla3T/+C1IMHzHvgHhBMGOjvJcVE6kf42lNUKG + bmRiplyqPDisZjJL8QKBwQCupVWTNeEy0YZ+7mwyJZ1DLURRlgUOKx7LhkO1MDn4 + YyjJrDm1Ne3XjNXq/wjaQX5KuUdkXoqAp1emo2nKGqqVjwSkWX6ordO6mLYhGDiA + vDydisaLX4I8x6NZFIabzqpZbmf6pWlxXVsEptXdAeALpxNZ/r/P34UOgF/g5jZB + /r8qFYC5HnDCY72bY52UXON3ktVmhC7PK3JNmruJgunEfC/yOk8YB9Eks7+3+9SR + HkXkOt1cAbJWZruf4j13X4s= + -----END PRIVATE KEY----- + applicationSet: + enabled: true + webhookServer: + host: example.com + route: + enabled: true + tls: + termination: reencrypt + certificate: |- + -----BEGIN CERTIFICATE----- + MIIEbTCCAtWgAwIBAgIUA80/UfgNcx8tYz/XXlo6X8DJzXQwDQYJKoZIhvcNAQEL + BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM + GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwNDM4MjdaGA8yMTIz + MDQyMDA0MzgyN1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx + ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCAaIwDQYJKoZIhvcN + AQEBBQADggGPADCCAYoCggGBAJUuv+nO7S02+BHo5zkVg/IwUNSqQhsgKe3Djzsm + ISctrzNgrtUPqxYU0XDPXIS/v4wrtXrbXjlEaVgpTToqt/DRITH/I9FZzFQRQWKb + Gx0g3aH/LFJHHix4KCMPzEcykXba3zJqZei4NeJ7ym/Z5g/gJjGOE2SDVJN7YA9p + WKEgf/+TB6uPkEcgNc+8rFKbwQ63IhqOnHZq0mFaT/DWQUWYqLNZOHIiXjIELjGe + RjzmxlTQd9hWrC+FP1fOz9Ahpnw8oJ+wEpMUSpsAd3FFYUDZW/bj3jwWLT3WtmTb + d5ehpeE/zM5twy4rZXzT43+fsO/ns2YDxsSiujrtwm/Ar5k86S2XTkWro6f/t/Ml + dcIGzUZm2lSRacX1brIhNryHU2ZyVsEKJbS4/7N/wHTqhctSZlJRXkfjPiIC2KHV + YngPAtJ+fSmdULd7rIWcaxsrpnyozVpzYm5U8XRGm/pj2FFHVKPdSBoo2GrkVMyh + oU3+YiFno57wNbrm9ROzMIHhhwIDAQABo1MwUTAdBgNVHQ4EFgQUTbU3O3JsKBC6 + jCLjxTX4zWEAgc8wHwYDVR0jBBgwFoAUTbU3O3JsKBC6jCLjxTX4zWEAgc8wDwYD + VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAYEAMthyYhEUf5GdrKSMBuWR + +QlsBau/6N2nSxRxM2g4oexQOGUny1r76KrW6o/2V/PYyz/3WgOgSB/4sZxNoeu8 + rsjY9sp/bCWJ6jEmhm2kkVeb3Arix0iNt7BviOCjoVchc31R20JLP0a6WK+KtiV2 + C8qbuOQEkVWY/NVy+buHKqJjNZXyj8ADX0It8rAmaEGMEGkEFtYTnjEYHdkPWfYx + 6P9C12PrZySu9+L3eGmylKeDU7dWvBAONbHfHL8W/8pxG1CwObfkTEpzVTlR0SfI + W1dZ9YXb7S5F/0j6GLeUSgvnQZxH4rbc699wC9Y/kt5EozT1xvmKgZ6G6vaU2Mhb + jZnrbB4swXCVf98HDAy8PWrn7BWky9G8SbM5kS6Mj9pQwZnnfF6VLg+uWBBjMh7g + 0Ntf+Lv/IC5v+jC7TDKRPCAUGYzBRLMbT0WvK0BVXhp6swCi4qtME/BTsqXA6zzk + 5PfEh1b+yuqxbF3bU8rII1LIsXxr96lssl+H0HxPpQKv + -----END CERTIFICATE----- + key: |- + -----BEGIN PRIVATE KEY----- + MIIG/QIBADANBgkqhkiG9w0BAQEFAASCBucwggbjAgEAAoIBgQCVLr/pzu0tNvgR + 6Oc5FYPyMFDUqkIbICntw487JiEnLa8zYK7VD6sWFNFwz1yEv7+MK7V62145RGlY + KU06Krfw0SEx/yPRWcxUEUFimxsdIN2h/yxSRx4seCgjD8xHMpF22t8yamXouDXi + e8pv2eYP4CYxjhNkg1STe2APaVihIH//kwerj5BHIDXPvKxSm8EOtyIajpx2atJh + Wk/w1kFFmKizWThyIl4yBC4xnkY85sZU0HfYVqwvhT9Xzs/QIaZ8PKCfsBKTFEqb + AHdxRWFA2Vv24948Fi091rZk23eXoaXhP8zObcMuK2V80+N/n7Dv57NmA8bEoro6 + 7cJvwK+ZPOktl05Fq6On/7fzJXXCBs1GZtpUkWnF9W6yITa8h1NmclbBCiW0uP+z + f8B06oXLUmZSUV5H4z4iAtih1WJ4DwLSfn0pnVC3e6yFnGsbK6Z8qM1ac2JuVPF0 + Rpv6Y9hRR1Sj3UgaKNhq5FTMoaFN/mIhZ6Oe8DW65vUTszCB4YcCAwEAAQKCAYBJ + 9tTF6odjTIav8oZ5ofY6ZMQevI9r/YVsUfI4xE3Zq+falEv6bPtJRmcVBGp9ksg4 + ig8/a3YK9KU6Rbf5Z+as6jMII9SxXlFVOPzvE7HcvkfEosxpusL2D1jvEU0Z27ON + dzUEPQZr3LEyqmeTDzjmlB67oRJyWj7bpGbbHUMJGCD+KPq7j8Fb0ld7uLLDfl+4 + mQm6mwxuFcZa6DkMUl4oUGkMCudWhz2mlLYGec+fMFgTAwz4YPib0ve15F7adWPh + EYqE8cqz3p1r2b9O6MNu0GTK16+388AFVSULImag/525pddohZgPHU8BJAKffGL6 + XCCfQrQBbe6geYsNANx8E34M3fbmkeby41oLY8v8PJOMHvoDREqD7tgqlPgozlD0 + BXlDaxTYLAwbyK+jARvQT60a4V744MMhsJ57GMC69R/YDW7Qbd4hiD3P4XEmqHBz + a/dhsNsJylgTMLFOIr4RnH/82yXyG3J0WTtZP+kRxq1aHaTduSif1SQkFqhr+MkC + gcEAxxmX9UAChk+DuOPsYYtx+kl/0aR8B5tvVQRQDxfij0Km9nXEyTsRE34sFlAk + RxgVUb+DjARPn5OuST/v3HHemGUU2x/L5BYYgtn9waI6vpTA3lllPzTYIr6aZfkb + yaX6UbHk5C9af/0F+xq4pNoSpcafdrE5dJ9JyM/20Q3DRxCN+RY2alezO/UCe0Sf + 3OH7Qk2RYgbP1lADV/58oqGpU079N1M4yt6ziyltPC8y/laGOAA00ZGFBPzySs2J + 3yXbAoHBAL/RI4s2WsX8ERaa/GXo85q0/LK2Wq8LICm/jxrMAZrVK1u9kSEKgps2 + pGV9hE73y7gBgstrfrUKghSsqwtIwQCXVYFKEzu4l2fojukJ13eCR7YSBqGTM3Jn + PhyjvxoAcmBsKjkoaXAt5+6DtuTVlQmElJB1s/A8us6rwy2GaXAWTHhNGJ5xuSAd + h3nW1Bsg84f5J6Vx0mnW85kAipB16LZFKUSqHpWYZ+Qe9yT0+iS0Fexz/dHmX4WA + eBZ0rulAxQKBwAutkKAt9PfzygIaPE8sYq8PiJO/VhcMIueVrSx1djB49FoYZkZ3 + VHUUPXnBkZ8p5nY5CXo49oKhouNhAKypcSj3JNYFc2wZb66dIqks3s025GkmTS37 + 54GCNIQurFaTia8pBAfuTxyatrMXyiTBNb7Le6b2liwk+6rvp8ZzTDTq36jwiJiM + NFMb991LFSVbi+VDr3dUdvRXFRsgLidL3Caqx2drVjVwAo/zChkxm4gXgx/dwztX + kbnNLFj+3UtdaQKBwBfHGRzctAvu3z9qHveTFP+Mh/avXDZurqH+OQMdXuWOnz1U + FnV+FAqhj2d1U71mQj6hEVGeFarjjpR5gwp3DlXAbL0GLbQtgbdDwNNqgOczoygS + u/ezg6Ee4zgxpDLY81S4k9NaCxf42NNcSIO9Zigz4ya1MIULQiz0ZdFy5Acc/IW9 + KNwbRNOSVYTo+IoUX5vvata7cVXla3T/+C1IMHzHvgHhBMGOjvJcVE6kf42lNUKG + bmRiplyqPDisZjJL8QKBwQCupVWTNeEy0YZ+7mwyJZ1DLURRlgUOKx7LhkO1MDn4 + YyjJrDm1Ne3XjNXq/wjaQX5KuUdkXoqAp1emo2nKGqqVjwSkWX6ordO6mLYhGDiA + vDydisaLX4I8x6NZFIabzqpZbmf6pWlxXVsEptXdAeALpxNZ/r/P34UOgF/g5jZB + /r8qFYC5HnDCY72bY52UXON3ktVmhC7PK3JNmruJgunEfC/yOk8YB9Eks7+3+9SR + HkXkOt1cAbJWZruf4j13X4s= + -----END PRIVATE KEY----- \ No newline at end of file diff --git a/test/openshift/e2e/parallel/1-005_validate_route_tls/03-assert.yaml b/test/openshift/e2e/parallel/1-005_validate_route_tls/03-assert.yaml new file mode 100644 index 000000000..accab332a --- /dev/null +++ b/test/openshift/e2e/parallel/1-005_validate_route_tls/03-assert.yaml @@ -0,0 +1,206 @@ +apiVersion: argoproj.io/v1beta1 +kind: ArgoCD +metadata: + name: example +status: + phase: Available + applicationSetController: Running + server: Running +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: example-server +spec: + to: + kind: Service + name: example-server + weight: 100 + tls: + termination: reencrypt + certificate: |- + -----BEGIN CERTIFICATE----- + MIIFrjCCA5agAwIBAgIUbM9O0W6IdumLQodDCDqyckYDr2IwDQYJKoZIhvcNAQEL + BQAwTTELMAkGA1UEBhMCVVMxDTALBgNVBAgMBFRlc3QxDTALBgNVBAoMBFRlc3Qx + DTALBgNVBAsMBFRlc3QxETAPBgNVBAMMCHRlc3QuY29tMCAXDTIzMTEyNjIyMTg0 + N1oYDzIxMjMxMTI3MjIxODQ3WjBNMQswCQYDVQQGEwJVUzENMAsGA1UECAwEVGVz + dDENMAsGA1UECgwEVGVzdDENMAsGA1UECwwEVGVzdDERMA8GA1UEAwwIdGVzdC5j + b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDbgAmnUjFux9u2Xzhi + mno5zjA/YsoXr3eFtK9XtByQMLLyT0hbXoa9gpTeafOs3IkCotPdN+omxm2tN9UA + ebAq+EamWyIF28EA3UbCWWULghveezrmAKSMcqQqby3knbcbGng+ZZjRdC3xc0uz + /sd4FqaLt0UHBDMlpxRskj/S3CDetfyIrKYQcZ5NQjx75aRN8At5OPC1NiWTmlsv + ppa4LLV0HR6AJzq+C6RAmJTcHQOFAq33wZEHHIpoQoGWHHPpT0ut54KIiVTRJ2o4 + MEV4KlBBgL3ux4+v7R0RfVmzgaMEDG1fC9tX8pIofv7wP7WX/5XHTjyAiv8gbpUW + nLiU8FoTDZWxZN+MiCkUvZl8KqotbcUPjhnRdnq4anFwywY1lKILnCIayqzI7mPW + 12h39fNwprFz9YFYbLLoQHekir2nLw8ZH83nNyD82YQ3EFm7UnOld6zw/8aURRuQ + C0oOEHyAXsvIyaWAb6lWvplDdCUGQWWr7MVp5YPPhWdtAv7B4QLDUNHGQMU/1Qrq + VBH22lcU7XrCh6GXrRVm+gF7kAuJzkuae0txvk9mHc+8Y0C4/i9C3xU2qHjWcElw + etcHbqOZjDtC8+n8mDD4hDYEMGV54VhXCKwoFLneT2no27S3SVPvNbMfyyNuUa2i + 5azKnIf439Cmfww7ImxIpOR5nQIDAQABo4GDMIGAMB0GA1UdDgQWBBQfe95iWKlT + K6BGFov9JFXQTQN0ZjAfBgNVHSMEGDAWgBQfe95iWKlTK6BGFov9JFXQTQN0ZjAP + BgNVHRMBAf8EBTADAQH/MC0GA1UdEQQmMCSCB3dlYmhvb2uCDndlYmhvb2stc2Vy + dmVygglsb2NhbGhvc3QwDQYJKoZIhvcNAQELBQADggIBAH7Vv+Iar1UbF41c9I88 + oIu8iWfLVnAfe/64tULy77x4nfEQiukBJDoZ9m19KEVdPqsFzT6lFB7Fu1oc9A28 + 5b1+PEynHcopNK41zF4n4FnIy9h8zJfaPYYCPPMT0v9LzuT5zyF5sXCz0o4KwQJ6 + zrggZme8udl9sWyDxZyFoFPLWtnQFY7vJ9LSM2Gt+XUIuYNwDkvGFs6RfBYJGarX + qq7YHYj0H2x/us3KQCXGX5GzSmM9ewHvaScRpFcCdVwszKwWF0vMvdnh+3P72/Yy + dQvZXyfNiwqaIdznJn/AjzR9K4dHfbY7wMm83WHwWyjzV6CybHbtWpoUIlZtW3TT + gz6MP2z+BhOdMiQA33aO38J2TX/CMkEvkagEiZdS9t3xtpF2LOb5bRIdlENtZU0i + LnhgWEpJmswxBtuJ0d/zcyUlvK7FYoJZB7pT3YX/321HXZVCKyw+xrinwQoI3RnX + 7u0TZ3MqtSKEwCyDWYRJDbs6XUX1G0q7jXBf1+3cd+lBdOZ4Kl5B4YSU9hcFxAuO + 4a1eFXBdmT8PnwoTizFvag3IgBXkf8PqcKNvSMU6UKcD5LYTwRGK3JVl1L79gkrb + LmWEfOXFHgSlMIZkEs41TiopXy8p/LSera8NR86Q3mTZ7rRdEveOb6ZLJksRqaqr + UVwpFuaKz5vTCD36Gmmy/u8y + -----END CERTIFICATE----- + key: |- + -----BEGIN PRIVATE KEY----- + MIIJQAIBADANBgkqhkiG9w0BAQEFAASCCSowggkmAgEAAoICAQDbgAmnUjFux9u2 + Xzhimno5zjA/YsoXr3eFtK9XtByQMLLyT0hbXoa9gpTeafOs3IkCotPdN+omxm2t + N9UAebAq+EamWyIF28EA3UbCWWULghveezrmAKSMcqQqby3knbcbGng+ZZjRdC3x + c0uz/sd4FqaLt0UHBDMlpxRskj/S3CDetfyIrKYQcZ5NQjx75aRN8At5OPC1NiWT + mlsvppa4LLV0HR6AJzq+C6RAmJTcHQOFAq33wZEHHIpoQoGWHHPpT0ut54KIiVTR + J2o4MEV4KlBBgL3ux4+v7R0RfVmzgaMEDG1fC9tX8pIofv7wP7WX/5XHTjyAiv8g + bpUWnLiU8FoTDZWxZN+MiCkUvZl8KqotbcUPjhnRdnq4anFwywY1lKILnCIayqzI + 7mPW12h39fNwprFz9YFYbLLoQHekir2nLw8ZH83nNyD82YQ3EFm7UnOld6zw/8aU + RRuQC0oOEHyAXsvIyaWAb6lWvplDdCUGQWWr7MVp5YPPhWdtAv7B4QLDUNHGQMU/ + 1QrqVBH22lcU7XrCh6GXrRVm+gF7kAuJzkuae0txvk9mHc+8Y0C4/i9C3xU2qHjW + cElwetcHbqOZjDtC8+n8mDD4hDYEMGV54VhXCKwoFLneT2no27S3SVPvNbMfyyNu + Ua2i5azKnIf439Cmfww7ImxIpOR5nQIDAQABAoIB/2wImLfBvJLJy1n3g8kEPyQ0 + V4rbFJyTwEAOrj58Z5KQZYLdgr91xtt/acYOX+C0qrqhaaV338c14sVetXeGbS65 + BAzczeIURuol/q2pUhJX91+JR3Ps3RBDXImGLxBWj8jHPmd3mb99bx9nn9r3izWP + 8GjTyyWo64OcuHC3irI9pe/3olOiphlx0ng0IZDZdgTmIL+JRu/ptpTvY/IQDB6Z + 4rVDn79zj3X6RN2GO74aiaDtsLJAkyDs6zJliWJYnrQ2UwlE6PpKnXRT8fO1zntW + WCnlM5ZSomX0TlpNV9kB9ToI48vkChE/UrCb0N5ufPJS2WU/HIgn4WoVA0wd1rqO + OYfJB1IMY2RoWR9CXO0U51tCji+M83ATq+Fl0Xbxl8grn/q0PWlhmUvS9/Fe8aPA + yVTkEjT2j7MQGtqAO7L+xTUfVfGpFkDUn+QkM8BgNcygagN5ViOfWDFgMgjaFLrd + RZMh9kBi3Qjigj0NP4RaK4/ixURMT/FfwiRwEaH/1O1KXB3a0vanVuiXj5+oCrSE + gRBXdRt2+5FOtli8asre7NLk9unTDY1iEiIsVY8nIV+zmWhf2mR5MB34EoTEIunb + OaP9kbiJI6MctKoCsfsWNHfUDPsvriQevG65WETZ1/JKxxjxYlv/Xg702Cnk91Qv + DPrdZCbunMTP3pk5KMECggEBAO0W6hWye+r6e8aBX431Vhv78FDE/suE4iWeCCbA + to7gTnwWZfAB9ynp61bJDS7jXon7Vk0ExkB6nxNTIEj+Yn86M3+UjjuoadCL6hhL + h6xpkc1h1mj5A4IR/yi7RQgHmjKGHURgKyFIwAMYPXNVYD1Ozn9DyGmhG4LcGVQS + zfqclJu5oBCegAkf8EjIaDqMZGJZefxp8UYQy9FjAH1zzG/DXiEWgSPuwoeAu8Ep + SCKsc8EbmxLl9HvJCwvrVaqfuUygLESc/hZZoUFN6fAOQst2B5FS/ZklUECCGiiW + 7/8nnL7wbILV+AcGYVQrUBij9CtUzBZpcMMkHREkmZeN6wkCggEBAO0B+C+kAoat + UCfFG5I2Ds4Cro71AEpuWvEl6wtp5WKiZYuHR4ssGDUOshD4uLb44y4mqTphTiU+ + REV0RLQ/9mgFEmErK2glqkRKdskophbPTGQgwxgmfdQWe0Q42yuo47ljNZVEO201 + SxgpOrHlRYzOQ9XGJmuduKxnrarOYfEXJu1WiGbsiEtY/mrMOov6rcbNsZqsWYqG + kmE5Msg1PsuFvlQ9ndVmE+pd3rEIhYxicD8pyFvonvi2uMmR8HmNShWKi1FZxq8e + OlIgdsY4BuqnNUrnQprhm0hG5cGwcl5auL2+Jc5Uagm/egvtwxPhx+pVYcimKOL9 + CutpY7BeuvUCggEAC6UrfENXCNSizb4/Bkb9osQ+KolyhmaRgQ2BEv42OVBVKo0j + FqXSERH3SDz508rBMv/QXloUrsgXFijoFg3AosUmEGcokU+VWvP0XJshH9vTmIXs + tR0+Cd5+bO691kYhUcf6mggrNihPnhdLtWWFI53CUMfwiRertULAT7vYuC2Gsxtr + /ET8vvX9pGWLkQyiRZ5lenttqWZbzH4TYRYV/YtYDUIAt9YbYfJ1xmgTrfhQezSy + 6ju3RXk7fKtjesz7mgLoCbq4VDq0y/NawTrCFyJF/uJXqHUHuxNo24OGaD722P4Q + JmECHL44e5zhA0TSUmqI17T4H+2fK99jV+lVmQKCAQB2nTi3pw54ln56GOSOjS1l + nuP7udQWbBppe7+ha7MYZQwLA34jwcKvsxYc9k2DjRYtf73L8OzqKLqERAcqaqSI + NJmZNcC4k7keCmJelFBjNAYYSmk5SfJJVaMFZqsRs6mcm3Eyrf5LzpMxmVi9tW/U + Y1qBv3R1AW9uIUlCJZ3QyfR6bYdAc3pWs0hI7MMUUTXtO/552W3KrUTPEZA/sJ4n + v1yczmWSak7nSWltEkW8F3vzsJaMoOQGt3PNtZMzUinUlAzbfuG3vJoVhhfLZjjX + 8Szzur+Twfsz9f+Aqyzh2eeBVouXMpoLHOAY3jp2VdX2ihqxD6+AwoFXhdwVZaON + AoIBAF0/qvwsFThhB9a1wnXuGx1OBY+9owIoinIF2qNcHuqeontxfLWBg1izelJg + gxaATIMvpXgt7y5cBx6fLnylpLgl+TNXCrsrcLnXwJz0Neg/gcSZfcnqwhAhTio9 + iYLVJiK8wnh0pXONutGSasgq3tJLyrzT2+1L5jYKUaFkojIR16sHjo3/MJMPTHvL + fF1DX7y6acz3JXrGJYQsqcrVodSfcGZK/RJQkdvrSdBRZYgWq+CBYViOxkN7cscr + ruQ/DZH/ZCIxVckbuVsAMqdCqAO0gX83eEp7elfAVlnLhvxPluxISuXaJmhJNafr + Xq+NinfrqOLJkIZ/u/PJu4KqN3M= + -----END PRIVATE KEY----- +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: example-applicationset-controller-webhook +spec: + to: + kind: Service + name: example-applicationset-controller + weight: 100 + tls: + termination: reencrypt + certificate: |- + -----BEGIN CERTIFICATE----- + MIIFrjCCA5agAwIBAgIUbM9O0W6IdumLQodDCDqyckYDr2IwDQYJKoZIhvcNAQEL + BQAwTTELMAkGA1UEBhMCVVMxDTALBgNVBAgMBFRlc3QxDTALBgNVBAoMBFRlc3Qx + DTALBgNVBAsMBFRlc3QxETAPBgNVBAMMCHRlc3QuY29tMCAXDTIzMTEyNjIyMTg0 + N1oYDzIxMjMxMTI3MjIxODQ3WjBNMQswCQYDVQQGEwJVUzENMAsGA1UECAwEVGVz + dDENMAsGA1UECgwEVGVzdDENMAsGA1UECwwEVGVzdDERMA8GA1UEAwwIdGVzdC5j + b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDbgAmnUjFux9u2Xzhi + mno5zjA/YsoXr3eFtK9XtByQMLLyT0hbXoa9gpTeafOs3IkCotPdN+omxm2tN9UA + ebAq+EamWyIF28EA3UbCWWULghveezrmAKSMcqQqby3knbcbGng+ZZjRdC3xc0uz + /sd4FqaLt0UHBDMlpxRskj/S3CDetfyIrKYQcZ5NQjx75aRN8At5OPC1NiWTmlsv + ppa4LLV0HR6AJzq+C6RAmJTcHQOFAq33wZEHHIpoQoGWHHPpT0ut54KIiVTRJ2o4 + MEV4KlBBgL3ux4+v7R0RfVmzgaMEDG1fC9tX8pIofv7wP7WX/5XHTjyAiv8gbpUW + nLiU8FoTDZWxZN+MiCkUvZl8KqotbcUPjhnRdnq4anFwywY1lKILnCIayqzI7mPW + 12h39fNwprFz9YFYbLLoQHekir2nLw8ZH83nNyD82YQ3EFm7UnOld6zw/8aURRuQ + C0oOEHyAXsvIyaWAb6lWvplDdCUGQWWr7MVp5YPPhWdtAv7B4QLDUNHGQMU/1Qrq + VBH22lcU7XrCh6GXrRVm+gF7kAuJzkuae0txvk9mHc+8Y0C4/i9C3xU2qHjWcElw + etcHbqOZjDtC8+n8mDD4hDYEMGV54VhXCKwoFLneT2no27S3SVPvNbMfyyNuUa2i + 5azKnIf439Cmfww7ImxIpOR5nQIDAQABo4GDMIGAMB0GA1UdDgQWBBQfe95iWKlT + K6BGFov9JFXQTQN0ZjAfBgNVHSMEGDAWgBQfe95iWKlTK6BGFov9JFXQTQN0ZjAP + BgNVHRMBAf8EBTADAQH/MC0GA1UdEQQmMCSCB3dlYmhvb2uCDndlYmhvb2stc2Vy + dmVygglsb2NhbGhvc3QwDQYJKoZIhvcNAQELBQADggIBAH7Vv+Iar1UbF41c9I88 + oIu8iWfLVnAfe/64tULy77x4nfEQiukBJDoZ9m19KEVdPqsFzT6lFB7Fu1oc9A28 + 5b1+PEynHcopNK41zF4n4FnIy9h8zJfaPYYCPPMT0v9LzuT5zyF5sXCz0o4KwQJ6 + zrggZme8udl9sWyDxZyFoFPLWtnQFY7vJ9LSM2Gt+XUIuYNwDkvGFs6RfBYJGarX + qq7YHYj0H2x/us3KQCXGX5GzSmM9ewHvaScRpFcCdVwszKwWF0vMvdnh+3P72/Yy + dQvZXyfNiwqaIdznJn/AjzR9K4dHfbY7wMm83WHwWyjzV6CybHbtWpoUIlZtW3TT + gz6MP2z+BhOdMiQA33aO38J2TX/CMkEvkagEiZdS9t3xtpF2LOb5bRIdlENtZU0i + LnhgWEpJmswxBtuJ0d/zcyUlvK7FYoJZB7pT3YX/321HXZVCKyw+xrinwQoI3RnX + 7u0TZ3MqtSKEwCyDWYRJDbs6XUX1G0q7jXBf1+3cd+lBdOZ4Kl5B4YSU9hcFxAuO + 4a1eFXBdmT8PnwoTizFvag3IgBXkf8PqcKNvSMU6UKcD5LYTwRGK3JVl1L79gkrb + LmWEfOXFHgSlMIZkEs41TiopXy8p/LSera8NR86Q3mTZ7rRdEveOb6ZLJksRqaqr + UVwpFuaKz5vTCD36Gmmy/u8y + -----END CERTIFICATE----- + key: |- + -----BEGIN PRIVATE KEY----- + MIIJQAIBADANBgkqhkiG9w0BAQEFAASCCSowggkmAgEAAoICAQDbgAmnUjFux9u2 + Xzhimno5zjA/YsoXr3eFtK9XtByQMLLyT0hbXoa9gpTeafOs3IkCotPdN+omxm2t + N9UAebAq+EamWyIF28EA3UbCWWULghveezrmAKSMcqQqby3knbcbGng+ZZjRdC3x + c0uz/sd4FqaLt0UHBDMlpxRskj/S3CDetfyIrKYQcZ5NQjx75aRN8At5OPC1NiWT + mlsvppa4LLV0HR6AJzq+C6RAmJTcHQOFAq33wZEHHIpoQoGWHHPpT0ut54KIiVTR + J2o4MEV4KlBBgL3ux4+v7R0RfVmzgaMEDG1fC9tX8pIofv7wP7WX/5XHTjyAiv8g + bpUWnLiU8FoTDZWxZN+MiCkUvZl8KqotbcUPjhnRdnq4anFwywY1lKILnCIayqzI + 7mPW12h39fNwprFz9YFYbLLoQHekir2nLw8ZH83nNyD82YQ3EFm7UnOld6zw/8aU + RRuQC0oOEHyAXsvIyaWAb6lWvplDdCUGQWWr7MVp5YPPhWdtAv7B4QLDUNHGQMU/ + 1QrqVBH22lcU7XrCh6GXrRVm+gF7kAuJzkuae0txvk9mHc+8Y0C4/i9C3xU2qHjW + cElwetcHbqOZjDtC8+n8mDD4hDYEMGV54VhXCKwoFLneT2no27S3SVPvNbMfyyNu + Ua2i5azKnIf439Cmfww7ImxIpOR5nQIDAQABAoIB/2wImLfBvJLJy1n3g8kEPyQ0 + V4rbFJyTwEAOrj58Z5KQZYLdgr91xtt/acYOX+C0qrqhaaV338c14sVetXeGbS65 + BAzczeIURuol/q2pUhJX91+JR3Ps3RBDXImGLxBWj8jHPmd3mb99bx9nn9r3izWP + 8GjTyyWo64OcuHC3irI9pe/3olOiphlx0ng0IZDZdgTmIL+JRu/ptpTvY/IQDB6Z + 4rVDn79zj3X6RN2GO74aiaDtsLJAkyDs6zJliWJYnrQ2UwlE6PpKnXRT8fO1zntW + WCnlM5ZSomX0TlpNV9kB9ToI48vkChE/UrCb0N5ufPJS2WU/HIgn4WoVA0wd1rqO + OYfJB1IMY2RoWR9CXO0U51tCji+M83ATq+Fl0Xbxl8grn/q0PWlhmUvS9/Fe8aPA + yVTkEjT2j7MQGtqAO7L+xTUfVfGpFkDUn+QkM8BgNcygagN5ViOfWDFgMgjaFLrd + RZMh9kBi3Qjigj0NP4RaK4/ixURMT/FfwiRwEaH/1O1KXB3a0vanVuiXj5+oCrSE + gRBXdRt2+5FOtli8asre7NLk9unTDY1iEiIsVY8nIV+zmWhf2mR5MB34EoTEIunb + OaP9kbiJI6MctKoCsfsWNHfUDPsvriQevG65WETZ1/JKxxjxYlv/Xg702Cnk91Qv + DPrdZCbunMTP3pk5KMECggEBAO0W6hWye+r6e8aBX431Vhv78FDE/suE4iWeCCbA + to7gTnwWZfAB9ynp61bJDS7jXon7Vk0ExkB6nxNTIEj+Yn86M3+UjjuoadCL6hhL + h6xpkc1h1mj5A4IR/yi7RQgHmjKGHURgKyFIwAMYPXNVYD1Ozn9DyGmhG4LcGVQS + zfqclJu5oBCegAkf8EjIaDqMZGJZefxp8UYQy9FjAH1zzG/DXiEWgSPuwoeAu8Ep + SCKsc8EbmxLl9HvJCwvrVaqfuUygLESc/hZZoUFN6fAOQst2B5FS/ZklUECCGiiW + 7/8nnL7wbILV+AcGYVQrUBij9CtUzBZpcMMkHREkmZeN6wkCggEBAO0B+C+kAoat + UCfFG5I2Ds4Cro71AEpuWvEl6wtp5WKiZYuHR4ssGDUOshD4uLb44y4mqTphTiU+ + REV0RLQ/9mgFEmErK2glqkRKdskophbPTGQgwxgmfdQWe0Q42yuo47ljNZVEO201 + SxgpOrHlRYzOQ9XGJmuduKxnrarOYfEXJu1WiGbsiEtY/mrMOov6rcbNsZqsWYqG + kmE5Msg1PsuFvlQ9ndVmE+pd3rEIhYxicD8pyFvonvi2uMmR8HmNShWKi1FZxq8e + OlIgdsY4BuqnNUrnQprhm0hG5cGwcl5auL2+Jc5Uagm/egvtwxPhx+pVYcimKOL9 + CutpY7BeuvUCggEAC6UrfENXCNSizb4/Bkb9osQ+KolyhmaRgQ2BEv42OVBVKo0j + FqXSERH3SDz508rBMv/QXloUrsgXFijoFg3AosUmEGcokU+VWvP0XJshH9vTmIXs + tR0+Cd5+bO691kYhUcf6mggrNihPnhdLtWWFI53CUMfwiRertULAT7vYuC2Gsxtr + /ET8vvX9pGWLkQyiRZ5lenttqWZbzH4TYRYV/YtYDUIAt9YbYfJ1xmgTrfhQezSy + 6ju3RXk7fKtjesz7mgLoCbq4VDq0y/NawTrCFyJF/uJXqHUHuxNo24OGaD722P4Q + JmECHL44e5zhA0TSUmqI17T4H+2fK99jV+lVmQKCAQB2nTi3pw54ln56GOSOjS1l + nuP7udQWbBppe7+ha7MYZQwLA34jwcKvsxYc9k2DjRYtf73L8OzqKLqERAcqaqSI + NJmZNcC4k7keCmJelFBjNAYYSmk5SfJJVaMFZqsRs6mcm3Eyrf5LzpMxmVi9tW/U + Y1qBv3R1AW9uIUlCJZ3QyfR6bYdAc3pWs0hI7MMUUTXtO/552W3KrUTPEZA/sJ4n + v1yczmWSak7nSWltEkW8F3vzsJaMoOQGt3PNtZMzUinUlAzbfuG3vJoVhhfLZjjX + 8Szzur+Twfsz9f+Aqyzh2eeBVouXMpoLHOAY3jp2VdX2ihqxD6+AwoFXhdwVZaON + AoIBAF0/qvwsFThhB9a1wnXuGx1OBY+9owIoinIF2qNcHuqeontxfLWBg1izelJg + gxaATIMvpXgt7y5cBx6fLnylpLgl+TNXCrsrcLnXwJz0Neg/gcSZfcnqwhAhTio9 + iYLVJiK8wnh0pXONutGSasgq3tJLyrzT2+1L5jYKUaFkojIR16sHjo3/MJMPTHvL + fF1DX7y6acz3JXrGJYQsqcrVodSfcGZK/RJQkdvrSdBRZYgWq+CBYViOxkN7cscr + ruQ/DZH/ZCIxVckbuVsAMqdCqAO0gX83eEp7elfAVlnLhvxPluxISuXaJmhJNafr + Xq+NinfrqOLJkIZ/u/PJu4KqN3M= + -----END PRIVATE KEY----- \ No newline at end of file diff --git a/test/openshift/e2e/parallel/1-005_validate_route_tls/03-secret-tls-data.yaml b/test/openshift/e2e/parallel/1-005_validate_route_tls/03-secret-tls-data.yaml new file mode 100644 index 000000000..08a91b149 --- /dev/null +++ b/test/openshift/e2e/parallel/1-005_validate_route_tls/03-secret-tls-data.yaml @@ -0,0 +1,116 @@ +apiVersion: argoproj.io/v1beta1 +kind: ArgoCD +metadata: + name: example +spec: + server: + route: + enabled: true + tls: + externalCertificate: + name: tls-data-secret + termination: reencrypt + applicationSet: + enabled: true + webhookServer: + host: example.com + route: + enabled: true + tls: + externalCertificate: + name: tls-data-secret + termination: reencrypt +--- +apiVersion: v1 +kind: Secret +metadata: + name: tls-data-secret +type: kubernetes.io/tls +stringData: + tls.crt: |- + -----BEGIN CERTIFICATE----- + MIIFrjCCA5agAwIBAgIUbM9O0W6IdumLQodDCDqyckYDr2IwDQYJKoZIhvcNAQEL + BQAwTTELMAkGA1UEBhMCVVMxDTALBgNVBAgMBFRlc3QxDTALBgNVBAoMBFRlc3Qx + DTALBgNVBAsMBFRlc3QxETAPBgNVBAMMCHRlc3QuY29tMCAXDTIzMTEyNjIyMTg0 + N1oYDzIxMjMxMTI3MjIxODQ3WjBNMQswCQYDVQQGEwJVUzENMAsGA1UECAwEVGVz + dDENMAsGA1UECgwEVGVzdDENMAsGA1UECwwEVGVzdDERMA8GA1UEAwwIdGVzdC5j + b20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDbgAmnUjFux9u2Xzhi + mno5zjA/YsoXr3eFtK9XtByQMLLyT0hbXoa9gpTeafOs3IkCotPdN+omxm2tN9UA + ebAq+EamWyIF28EA3UbCWWULghveezrmAKSMcqQqby3knbcbGng+ZZjRdC3xc0uz + /sd4FqaLt0UHBDMlpxRskj/S3CDetfyIrKYQcZ5NQjx75aRN8At5OPC1NiWTmlsv + ppa4LLV0HR6AJzq+C6RAmJTcHQOFAq33wZEHHIpoQoGWHHPpT0ut54KIiVTRJ2o4 + MEV4KlBBgL3ux4+v7R0RfVmzgaMEDG1fC9tX8pIofv7wP7WX/5XHTjyAiv8gbpUW + nLiU8FoTDZWxZN+MiCkUvZl8KqotbcUPjhnRdnq4anFwywY1lKILnCIayqzI7mPW + 12h39fNwprFz9YFYbLLoQHekir2nLw8ZH83nNyD82YQ3EFm7UnOld6zw/8aURRuQ + C0oOEHyAXsvIyaWAb6lWvplDdCUGQWWr7MVp5YPPhWdtAv7B4QLDUNHGQMU/1Qrq + VBH22lcU7XrCh6GXrRVm+gF7kAuJzkuae0txvk9mHc+8Y0C4/i9C3xU2qHjWcElw + etcHbqOZjDtC8+n8mDD4hDYEMGV54VhXCKwoFLneT2no27S3SVPvNbMfyyNuUa2i + 5azKnIf439Cmfww7ImxIpOR5nQIDAQABo4GDMIGAMB0GA1UdDgQWBBQfe95iWKlT + K6BGFov9JFXQTQN0ZjAfBgNVHSMEGDAWgBQfe95iWKlTK6BGFov9JFXQTQN0ZjAP + BgNVHRMBAf8EBTADAQH/MC0GA1UdEQQmMCSCB3dlYmhvb2uCDndlYmhvb2stc2Vy + dmVygglsb2NhbGhvc3QwDQYJKoZIhvcNAQELBQADggIBAH7Vv+Iar1UbF41c9I88 + oIu8iWfLVnAfe/64tULy77x4nfEQiukBJDoZ9m19KEVdPqsFzT6lFB7Fu1oc9A28 + 5b1+PEynHcopNK41zF4n4FnIy9h8zJfaPYYCPPMT0v9LzuT5zyF5sXCz0o4KwQJ6 + zrggZme8udl9sWyDxZyFoFPLWtnQFY7vJ9LSM2Gt+XUIuYNwDkvGFs6RfBYJGarX + qq7YHYj0H2x/us3KQCXGX5GzSmM9ewHvaScRpFcCdVwszKwWF0vMvdnh+3P72/Yy + dQvZXyfNiwqaIdznJn/AjzR9K4dHfbY7wMm83WHwWyjzV6CybHbtWpoUIlZtW3TT + gz6MP2z+BhOdMiQA33aO38J2TX/CMkEvkagEiZdS9t3xtpF2LOb5bRIdlENtZU0i + LnhgWEpJmswxBtuJ0d/zcyUlvK7FYoJZB7pT3YX/321HXZVCKyw+xrinwQoI3RnX + 7u0TZ3MqtSKEwCyDWYRJDbs6XUX1G0q7jXBf1+3cd+lBdOZ4Kl5B4YSU9hcFxAuO + 4a1eFXBdmT8PnwoTizFvag3IgBXkf8PqcKNvSMU6UKcD5LYTwRGK3JVl1L79gkrb + LmWEfOXFHgSlMIZkEs41TiopXy8p/LSera8NR86Q3mTZ7rRdEveOb6ZLJksRqaqr + UVwpFuaKz5vTCD36Gmmy/u8y + -----END CERTIFICATE----- + tls.key: |- + -----BEGIN PRIVATE KEY----- + MIIJQAIBADANBgkqhkiG9w0BAQEFAASCCSowggkmAgEAAoICAQDbgAmnUjFux9u2 + Xzhimno5zjA/YsoXr3eFtK9XtByQMLLyT0hbXoa9gpTeafOs3IkCotPdN+omxm2t + N9UAebAq+EamWyIF28EA3UbCWWULghveezrmAKSMcqQqby3knbcbGng+ZZjRdC3x + c0uz/sd4FqaLt0UHBDMlpxRskj/S3CDetfyIrKYQcZ5NQjx75aRN8At5OPC1NiWT + mlsvppa4LLV0HR6AJzq+C6RAmJTcHQOFAq33wZEHHIpoQoGWHHPpT0ut54KIiVTR + J2o4MEV4KlBBgL3ux4+v7R0RfVmzgaMEDG1fC9tX8pIofv7wP7WX/5XHTjyAiv8g + bpUWnLiU8FoTDZWxZN+MiCkUvZl8KqotbcUPjhnRdnq4anFwywY1lKILnCIayqzI + 7mPW12h39fNwprFz9YFYbLLoQHekir2nLw8ZH83nNyD82YQ3EFm7UnOld6zw/8aU + RRuQC0oOEHyAXsvIyaWAb6lWvplDdCUGQWWr7MVp5YPPhWdtAv7B4QLDUNHGQMU/ + 1QrqVBH22lcU7XrCh6GXrRVm+gF7kAuJzkuae0txvk9mHc+8Y0C4/i9C3xU2qHjW + cElwetcHbqOZjDtC8+n8mDD4hDYEMGV54VhXCKwoFLneT2no27S3SVPvNbMfyyNu + Ua2i5azKnIf439Cmfww7ImxIpOR5nQIDAQABAoIB/2wImLfBvJLJy1n3g8kEPyQ0 + V4rbFJyTwEAOrj58Z5KQZYLdgr91xtt/acYOX+C0qrqhaaV338c14sVetXeGbS65 + BAzczeIURuol/q2pUhJX91+JR3Ps3RBDXImGLxBWj8jHPmd3mb99bx9nn9r3izWP + 8GjTyyWo64OcuHC3irI9pe/3olOiphlx0ng0IZDZdgTmIL+JRu/ptpTvY/IQDB6Z + 4rVDn79zj3X6RN2GO74aiaDtsLJAkyDs6zJliWJYnrQ2UwlE6PpKnXRT8fO1zntW + WCnlM5ZSomX0TlpNV9kB9ToI48vkChE/UrCb0N5ufPJS2WU/HIgn4WoVA0wd1rqO + OYfJB1IMY2RoWR9CXO0U51tCji+M83ATq+Fl0Xbxl8grn/q0PWlhmUvS9/Fe8aPA + yVTkEjT2j7MQGtqAO7L+xTUfVfGpFkDUn+QkM8BgNcygagN5ViOfWDFgMgjaFLrd + RZMh9kBi3Qjigj0NP4RaK4/ixURMT/FfwiRwEaH/1O1KXB3a0vanVuiXj5+oCrSE + gRBXdRt2+5FOtli8asre7NLk9unTDY1iEiIsVY8nIV+zmWhf2mR5MB34EoTEIunb + OaP9kbiJI6MctKoCsfsWNHfUDPsvriQevG65WETZ1/JKxxjxYlv/Xg702Cnk91Qv + DPrdZCbunMTP3pk5KMECggEBAO0W6hWye+r6e8aBX431Vhv78FDE/suE4iWeCCbA + to7gTnwWZfAB9ynp61bJDS7jXon7Vk0ExkB6nxNTIEj+Yn86M3+UjjuoadCL6hhL + h6xpkc1h1mj5A4IR/yi7RQgHmjKGHURgKyFIwAMYPXNVYD1Ozn9DyGmhG4LcGVQS + zfqclJu5oBCegAkf8EjIaDqMZGJZefxp8UYQy9FjAH1zzG/DXiEWgSPuwoeAu8Ep + SCKsc8EbmxLl9HvJCwvrVaqfuUygLESc/hZZoUFN6fAOQst2B5FS/ZklUECCGiiW + 7/8nnL7wbILV+AcGYVQrUBij9CtUzBZpcMMkHREkmZeN6wkCggEBAO0B+C+kAoat + UCfFG5I2Ds4Cro71AEpuWvEl6wtp5WKiZYuHR4ssGDUOshD4uLb44y4mqTphTiU+ + REV0RLQ/9mgFEmErK2glqkRKdskophbPTGQgwxgmfdQWe0Q42yuo47ljNZVEO201 + SxgpOrHlRYzOQ9XGJmuduKxnrarOYfEXJu1WiGbsiEtY/mrMOov6rcbNsZqsWYqG + kmE5Msg1PsuFvlQ9ndVmE+pd3rEIhYxicD8pyFvonvi2uMmR8HmNShWKi1FZxq8e + OlIgdsY4BuqnNUrnQprhm0hG5cGwcl5auL2+Jc5Uagm/egvtwxPhx+pVYcimKOL9 + CutpY7BeuvUCggEAC6UrfENXCNSizb4/Bkb9osQ+KolyhmaRgQ2BEv42OVBVKo0j + FqXSERH3SDz508rBMv/QXloUrsgXFijoFg3AosUmEGcokU+VWvP0XJshH9vTmIXs + tR0+Cd5+bO691kYhUcf6mggrNihPnhdLtWWFI53CUMfwiRertULAT7vYuC2Gsxtr + /ET8vvX9pGWLkQyiRZ5lenttqWZbzH4TYRYV/YtYDUIAt9YbYfJ1xmgTrfhQezSy + 6ju3RXk7fKtjesz7mgLoCbq4VDq0y/NawTrCFyJF/uJXqHUHuxNo24OGaD722P4Q + JmECHL44e5zhA0TSUmqI17T4H+2fK99jV+lVmQKCAQB2nTi3pw54ln56GOSOjS1l + nuP7udQWbBppe7+ha7MYZQwLA34jwcKvsxYc9k2DjRYtf73L8OzqKLqERAcqaqSI + NJmZNcC4k7keCmJelFBjNAYYSmk5SfJJVaMFZqsRs6mcm3Eyrf5LzpMxmVi9tW/U + Y1qBv3R1AW9uIUlCJZ3QyfR6bYdAc3pWs0hI7MMUUTXtO/552W3KrUTPEZA/sJ4n + v1yczmWSak7nSWltEkW8F3vzsJaMoOQGt3PNtZMzUinUlAzbfuG3vJoVhhfLZjjX + 8Szzur+Twfsz9f+Aqyzh2eeBVouXMpoLHOAY3jp2VdX2ihqxD6+AwoFXhdwVZaON + AoIBAF0/qvwsFThhB9a1wnXuGx1OBY+9owIoinIF2qNcHuqeontxfLWBg1izelJg + gxaATIMvpXgt7y5cBx6fLnylpLgl+TNXCrsrcLnXwJz0Neg/gcSZfcnqwhAhTio9 + iYLVJiK8wnh0pXONutGSasgq3tJLyrzT2+1L5jYKUaFkojIR16sHjo3/MJMPTHvL + fF1DX7y6acz3JXrGJYQsqcrVodSfcGZK/RJQkdvrSdBRZYgWq+CBYViOxkN7cscr + ruQ/DZH/ZCIxVckbuVsAMqdCqAO0gX83eEp7elfAVlnLhvxPluxISuXaJmhJNafr + Xq+NinfrqOLJkIZ/u/PJu4KqN3M= + -----END PRIVATE KEY----- \ No newline at end of file diff --git a/test/openshift/e2e/parallel/1-005_validate_route_tls/04-assert.yaml b/test/openshift/e2e/parallel/1-005_validate_route_tls/04-assert.yaml new file mode 100644 index 000000000..281015a8e --- /dev/null +++ b/test/openshift/e2e/parallel/1-005_validate_route_tls/04-assert.yaml @@ -0,0 +1,170 @@ +apiVersion: argoproj.io/v1beta1 +kind: ArgoCD +metadata: + name: example +status: + phase: Available + applicationSetController: Running + server: Running +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: example-server +spec: + to: + kind: Service + name: example-server + weight: 100 + tls: + termination: reencrypt + # latest data from secret + certificate: |- + -----BEGIN CERTIFICATE----- + MIIEbTCCAtWgAwIBAgIUA80/UfgNcx8tYz/XXlo6X8DJzXQwDQYJKoZIhvcNAQEL + BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM + GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwNDM4MjdaGA8yMTIz + MDQyMDA0MzgyN1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx + ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCAaIwDQYJKoZIhvcN + AQEBBQADggGPADCCAYoCggGBAJUuv+nO7S02+BHo5zkVg/IwUNSqQhsgKe3Djzsm + ISctrzNgrtUPqxYU0XDPXIS/v4wrtXrbXjlEaVgpTToqt/DRITH/I9FZzFQRQWKb + Gx0g3aH/LFJHHix4KCMPzEcykXba3zJqZei4NeJ7ym/Z5g/gJjGOE2SDVJN7YA9p + WKEgf/+TB6uPkEcgNc+8rFKbwQ63IhqOnHZq0mFaT/DWQUWYqLNZOHIiXjIELjGe + RjzmxlTQd9hWrC+FP1fOz9Ahpnw8oJ+wEpMUSpsAd3FFYUDZW/bj3jwWLT3WtmTb + d5ehpeE/zM5twy4rZXzT43+fsO/ns2YDxsSiujrtwm/Ar5k86S2XTkWro6f/t/Ml + dcIGzUZm2lSRacX1brIhNryHU2ZyVsEKJbS4/7N/wHTqhctSZlJRXkfjPiIC2KHV + YngPAtJ+fSmdULd7rIWcaxsrpnyozVpzYm5U8XRGm/pj2FFHVKPdSBoo2GrkVMyh + oU3+YiFno57wNbrm9ROzMIHhhwIDAQABo1MwUTAdBgNVHQ4EFgQUTbU3O3JsKBC6 + jCLjxTX4zWEAgc8wHwYDVR0jBBgwFoAUTbU3O3JsKBC6jCLjxTX4zWEAgc8wDwYD + VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAYEAMthyYhEUf5GdrKSMBuWR + +QlsBau/6N2nSxRxM2g4oexQOGUny1r76KrW6o/2V/PYyz/3WgOgSB/4sZxNoeu8 + rsjY9sp/bCWJ6jEmhm2kkVeb3Arix0iNt7BviOCjoVchc31R20JLP0a6WK+KtiV2 + C8qbuOQEkVWY/NVy+buHKqJjNZXyj8ADX0It8rAmaEGMEGkEFtYTnjEYHdkPWfYx + 6P9C12PrZySu9+L3eGmylKeDU7dWvBAONbHfHL8W/8pxG1CwObfkTEpzVTlR0SfI + W1dZ9YXb7S5F/0j6GLeUSgvnQZxH4rbc699wC9Y/kt5EozT1xvmKgZ6G6vaU2Mhb + jZnrbB4swXCVf98HDAy8PWrn7BWky9G8SbM5kS6Mj9pQwZnnfF6VLg+uWBBjMh7g + 0Ntf+Lv/IC5v+jC7TDKRPCAUGYzBRLMbT0WvK0BVXhp6swCi4qtME/BTsqXA6zzk + 5PfEh1b+yuqxbF3bU8rII1LIsXxr96lssl+H0HxPpQKv + -----END CERTIFICATE----- + key: |- + -----BEGIN PRIVATE KEY----- + MIIG/QIBADANBgkqhkiG9w0BAQEFAASCBucwggbjAgEAAoIBgQCVLr/pzu0tNvgR + 6Oc5FYPyMFDUqkIbICntw487JiEnLa8zYK7VD6sWFNFwz1yEv7+MK7V62145RGlY + KU06Krfw0SEx/yPRWcxUEUFimxsdIN2h/yxSRx4seCgjD8xHMpF22t8yamXouDXi + e8pv2eYP4CYxjhNkg1STe2APaVihIH//kwerj5BHIDXPvKxSm8EOtyIajpx2atJh + Wk/w1kFFmKizWThyIl4yBC4xnkY85sZU0HfYVqwvhT9Xzs/QIaZ8PKCfsBKTFEqb + AHdxRWFA2Vv24948Fi091rZk23eXoaXhP8zObcMuK2V80+N/n7Dv57NmA8bEoro6 + 7cJvwK+ZPOktl05Fq6On/7fzJXXCBs1GZtpUkWnF9W6yITa8h1NmclbBCiW0uP+z + f8B06oXLUmZSUV5H4z4iAtih1WJ4DwLSfn0pnVC3e6yFnGsbK6Z8qM1ac2JuVPF0 + Rpv6Y9hRR1Sj3UgaKNhq5FTMoaFN/mIhZ6Oe8DW65vUTszCB4YcCAwEAAQKCAYBJ + 9tTF6odjTIav8oZ5ofY6ZMQevI9r/YVsUfI4xE3Zq+falEv6bPtJRmcVBGp9ksg4 + ig8/a3YK9KU6Rbf5Z+as6jMII9SxXlFVOPzvE7HcvkfEosxpusL2D1jvEU0Z27ON + dzUEPQZr3LEyqmeTDzjmlB67oRJyWj7bpGbbHUMJGCD+KPq7j8Fb0ld7uLLDfl+4 + mQm6mwxuFcZa6DkMUl4oUGkMCudWhz2mlLYGec+fMFgTAwz4YPib0ve15F7adWPh + EYqE8cqz3p1r2b9O6MNu0GTK16+388AFVSULImag/525pddohZgPHU8BJAKffGL6 + XCCfQrQBbe6geYsNANx8E34M3fbmkeby41oLY8v8PJOMHvoDREqD7tgqlPgozlD0 + BXlDaxTYLAwbyK+jARvQT60a4V744MMhsJ57GMC69R/YDW7Qbd4hiD3P4XEmqHBz + a/dhsNsJylgTMLFOIr4RnH/82yXyG3J0WTtZP+kRxq1aHaTduSif1SQkFqhr+MkC + gcEAxxmX9UAChk+DuOPsYYtx+kl/0aR8B5tvVQRQDxfij0Km9nXEyTsRE34sFlAk + RxgVUb+DjARPn5OuST/v3HHemGUU2x/L5BYYgtn9waI6vpTA3lllPzTYIr6aZfkb + yaX6UbHk5C9af/0F+xq4pNoSpcafdrE5dJ9JyM/20Q3DRxCN+RY2alezO/UCe0Sf + 3OH7Qk2RYgbP1lADV/58oqGpU079N1M4yt6ziyltPC8y/laGOAA00ZGFBPzySs2J + 3yXbAoHBAL/RI4s2WsX8ERaa/GXo85q0/LK2Wq8LICm/jxrMAZrVK1u9kSEKgps2 + pGV9hE73y7gBgstrfrUKghSsqwtIwQCXVYFKEzu4l2fojukJ13eCR7YSBqGTM3Jn + PhyjvxoAcmBsKjkoaXAt5+6DtuTVlQmElJB1s/A8us6rwy2GaXAWTHhNGJ5xuSAd + h3nW1Bsg84f5J6Vx0mnW85kAipB16LZFKUSqHpWYZ+Qe9yT0+iS0Fexz/dHmX4WA + eBZ0rulAxQKBwAutkKAt9PfzygIaPE8sYq8PiJO/VhcMIueVrSx1djB49FoYZkZ3 + VHUUPXnBkZ8p5nY5CXo49oKhouNhAKypcSj3JNYFc2wZb66dIqks3s025GkmTS37 + 54GCNIQurFaTia8pBAfuTxyatrMXyiTBNb7Le6b2liwk+6rvp8ZzTDTq36jwiJiM + NFMb991LFSVbi+VDr3dUdvRXFRsgLidL3Caqx2drVjVwAo/zChkxm4gXgx/dwztX + kbnNLFj+3UtdaQKBwBfHGRzctAvu3z9qHveTFP+Mh/avXDZurqH+OQMdXuWOnz1U + FnV+FAqhj2d1U71mQj6hEVGeFarjjpR5gwp3DlXAbL0GLbQtgbdDwNNqgOczoygS + u/ezg6Ee4zgxpDLY81S4k9NaCxf42NNcSIO9Zigz4ya1MIULQiz0ZdFy5Acc/IW9 + KNwbRNOSVYTo+IoUX5vvata7cVXla3T/+C1IMHzHvgHhBMGOjvJcVE6kf42lNUKG + bmRiplyqPDisZjJL8QKBwQCupVWTNeEy0YZ+7mwyJZ1DLURRlgUOKx7LhkO1MDn4 + YyjJrDm1Ne3XjNXq/wjaQX5KuUdkXoqAp1emo2nKGqqVjwSkWX6ordO6mLYhGDiA + vDydisaLX4I8x6NZFIabzqpZbmf6pWlxXVsEptXdAeALpxNZ/r/P34UOgF/g5jZB + /r8qFYC5HnDCY72bY52UXON3ktVmhC7PK3JNmruJgunEfC/yOk8YB9Eks7+3+9SR + HkXkOt1cAbJWZruf4j13X4s= + -----END PRIVATE KEY----- +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: example-applicationset-controller-webhook +spec: + to: + kind: Service + name: example-applicationset-controller + weight: 100 + tls: + termination: reencrypt + # latest data from secret + certificate: |- + -----BEGIN CERTIFICATE----- + MIIEbTCCAtWgAwIBAgIUA80/UfgNcx8tYz/XXlo6X8DJzXQwDQYJKoZIhvcNAQEL + BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM + GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwNDM4MjdaGA8yMTIz + MDQyMDA0MzgyN1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx + ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCAaIwDQYJKoZIhvcN + AQEBBQADggGPADCCAYoCggGBAJUuv+nO7S02+BHo5zkVg/IwUNSqQhsgKe3Djzsm + ISctrzNgrtUPqxYU0XDPXIS/v4wrtXrbXjlEaVgpTToqt/DRITH/I9FZzFQRQWKb + Gx0g3aH/LFJHHix4KCMPzEcykXba3zJqZei4NeJ7ym/Z5g/gJjGOE2SDVJN7YA9p + WKEgf/+TB6uPkEcgNc+8rFKbwQ63IhqOnHZq0mFaT/DWQUWYqLNZOHIiXjIELjGe + RjzmxlTQd9hWrC+FP1fOz9Ahpnw8oJ+wEpMUSpsAd3FFYUDZW/bj3jwWLT3WtmTb + d5ehpeE/zM5twy4rZXzT43+fsO/ns2YDxsSiujrtwm/Ar5k86S2XTkWro6f/t/Ml + dcIGzUZm2lSRacX1brIhNryHU2ZyVsEKJbS4/7N/wHTqhctSZlJRXkfjPiIC2KHV + YngPAtJ+fSmdULd7rIWcaxsrpnyozVpzYm5U8XRGm/pj2FFHVKPdSBoo2GrkVMyh + oU3+YiFno57wNbrm9ROzMIHhhwIDAQABo1MwUTAdBgNVHQ4EFgQUTbU3O3JsKBC6 + jCLjxTX4zWEAgc8wHwYDVR0jBBgwFoAUTbU3O3JsKBC6jCLjxTX4zWEAgc8wDwYD + VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAYEAMthyYhEUf5GdrKSMBuWR + +QlsBau/6N2nSxRxM2g4oexQOGUny1r76KrW6o/2V/PYyz/3WgOgSB/4sZxNoeu8 + rsjY9sp/bCWJ6jEmhm2kkVeb3Arix0iNt7BviOCjoVchc31R20JLP0a6WK+KtiV2 + C8qbuOQEkVWY/NVy+buHKqJjNZXyj8ADX0It8rAmaEGMEGkEFtYTnjEYHdkPWfYx + 6P9C12PrZySu9+L3eGmylKeDU7dWvBAONbHfHL8W/8pxG1CwObfkTEpzVTlR0SfI + W1dZ9YXb7S5F/0j6GLeUSgvnQZxH4rbc699wC9Y/kt5EozT1xvmKgZ6G6vaU2Mhb + jZnrbB4swXCVf98HDAy8PWrn7BWky9G8SbM5kS6Mj9pQwZnnfF6VLg+uWBBjMh7g + 0Ntf+Lv/IC5v+jC7TDKRPCAUGYzBRLMbT0WvK0BVXhp6swCi4qtME/BTsqXA6zzk + 5PfEh1b+yuqxbF3bU8rII1LIsXxr96lssl+H0HxPpQKv + -----END CERTIFICATE----- + key: |- + -----BEGIN PRIVATE KEY----- + MIIG/QIBADANBgkqhkiG9w0BAQEFAASCBucwggbjAgEAAoIBgQCVLr/pzu0tNvgR + 6Oc5FYPyMFDUqkIbICntw487JiEnLa8zYK7VD6sWFNFwz1yEv7+MK7V62145RGlY + KU06Krfw0SEx/yPRWcxUEUFimxsdIN2h/yxSRx4seCgjD8xHMpF22t8yamXouDXi + e8pv2eYP4CYxjhNkg1STe2APaVihIH//kwerj5BHIDXPvKxSm8EOtyIajpx2atJh + Wk/w1kFFmKizWThyIl4yBC4xnkY85sZU0HfYVqwvhT9Xzs/QIaZ8PKCfsBKTFEqb + AHdxRWFA2Vv24948Fi091rZk23eXoaXhP8zObcMuK2V80+N/n7Dv57NmA8bEoro6 + 7cJvwK+ZPOktl05Fq6On/7fzJXXCBs1GZtpUkWnF9W6yITa8h1NmclbBCiW0uP+z + f8B06oXLUmZSUV5H4z4iAtih1WJ4DwLSfn0pnVC3e6yFnGsbK6Z8qM1ac2JuVPF0 + Rpv6Y9hRR1Sj3UgaKNhq5FTMoaFN/mIhZ6Oe8DW65vUTszCB4YcCAwEAAQKCAYBJ + 9tTF6odjTIav8oZ5ofY6ZMQevI9r/YVsUfI4xE3Zq+falEv6bPtJRmcVBGp9ksg4 + ig8/a3YK9KU6Rbf5Z+as6jMII9SxXlFVOPzvE7HcvkfEosxpusL2D1jvEU0Z27ON + dzUEPQZr3LEyqmeTDzjmlB67oRJyWj7bpGbbHUMJGCD+KPq7j8Fb0ld7uLLDfl+4 + mQm6mwxuFcZa6DkMUl4oUGkMCudWhz2mlLYGec+fMFgTAwz4YPib0ve15F7adWPh + EYqE8cqz3p1r2b9O6MNu0GTK16+388AFVSULImag/525pddohZgPHU8BJAKffGL6 + XCCfQrQBbe6geYsNANx8E34M3fbmkeby41oLY8v8PJOMHvoDREqD7tgqlPgozlD0 + BXlDaxTYLAwbyK+jARvQT60a4V744MMhsJ57GMC69R/YDW7Qbd4hiD3P4XEmqHBz + a/dhsNsJylgTMLFOIr4RnH/82yXyG3J0WTtZP+kRxq1aHaTduSif1SQkFqhr+MkC + gcEAxxmX9UAChk+DuOPsYYtx+kl/0aR8B5tvVQRQDxfij0Km9nXEyTsRE34sFlAk + RxgVUb+DjARPn5OuST/v3HHemGUU2x/L5BYYgtn9waI6vpTA3lllPzTYIr6aZfkb + yaX6UbHk5C9af/0F+xq4pNoSpcafdrE5dJ9JyM/20Q3DRxCN+RY2alezO/UCe0Sf + 3OH7Qk2RYgbP1lADV/58oqGpU079N1M4yt6ziyltPC8y/laGOAA00ZGFBPzySs2J + 3yXbAoHBAL/RI4s2WsX8ERaa/GXo85q0/LK2Wq8LICm/jxrMAZrVK1u9kSEKgps2 + pGV9hE73y7gBgstrfrUKghSsqwtIwQCXVYFKEzu4l2fojukJ13eCR7YSBqGTM3Jn + PhyjvxoAcmBsKjkoaXAt5+6DtuTVlQmElJB1s/A8us6rwy2GaXAWTHhNGJ5xuSAd + h3nW1Bsg84f5J6Vx0mnW85kAipB16LZFKUSqHpWYZ+Qe9yT0+iS0Fexz/dHmX4WA + eBZ0rulAxQKBwAutkKAt9PfzygIaPE8sYq8PiJO/VhcMIueVrSx1djB49FoYZkZ3 + VHUUPXnBkZ8p5nY5CXo49oKhouNhAKypcSj3JNYFc2wZb66dIqks3s025GkmTS37 + 54GCNIQurFaTia8pBAfuTxyatrMXyiTBNb7Le6b2liwk+6rvp8ZzTDTq36jwiJiM + NFMb991LFSVbi+VDr3dUdvRXFRsgLidL3Caqx2drVjVwAo/zChkxm4gXgx/dwztX + kbnNLFj+3UtdaQKBwBfHGRzctAvu3z9qHveTFP+Mh/avXDZurqH+OQMdXuWOnz1U + FnV+FAqhj2d1U71mQj6hEVGeFarjjpR5gwp3DlXAbL0GLbQtgbdDwNNqgOczoygS + u/ezg6Ee4zgxpDLY81S4k9NaCxf42NNcSIO9Zigz4ya1MIULQiz0ZdFy5Acc/IW9 + KNwbRNOSVYTo+IoUX5vvata7cVXla3T/+C1IMHzHvgHhBMGOjvJcVE6kf42lNUKG + bmRiplyqPDisZjJL8QKBwQCupVWTNeEy0YZ+7mwyJZ1DLURRlgUOKx7LhkO1MDn4 + YyjJrDm1Ne3XjNXq/wjaQX5KuUdkXoqAp1emo2nKGqqVjwSkWX6ordO6mLYhGDiA + vDydisaLX4I8x6NZFIabzqpZbmf6pWlxXVsEptXdAeALpxNZ/r/P34UOgF/g5jZB + /r8qFYC5HnDCY72bY52UXON3ktVmhC7PK3JNmruJgunEfC/yOk8YB9Eks7+3+9SR + HkXkOt1cAbJWZruf4j13X4s= + -----END PRIVATE KEY----- \ No newline at end of file diff --git a/test/openshift/e2e/parallel/1-005_validate_route_tls/04-update-secret-tls-data.yaml b/test/openshift/e2e/parallel/1-005_validate_route_tls/04-update-secret-tls-data.yaml new file mode 100644 index 000000000..47f0599cd --- /dev/null +++ b/test/openshift/e2e/parallel/1-005_validate_route_tls/04-update-secret-tls-data.yaml @@ -0,0 +1,79 @@ +apiVersion: v1 +kind: Secret +metadata: + name: tls-data-secret +type: kubernetes.io/tls +stringData: + tls.crt: |- + -----BEGIN CERTIFICATE----- + MIIEbTCCAtWgAwIBAgIUA80/UfgNcx8tYz/XXlo6X8DJzXQwDQYJKoZIhvcNAQEL + BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM + GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAgFw0yNDA5MjUwNDM4MjdaGA8yMTIz + MDQyMDA0MzgyN1owRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx + ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCAaIwDQYJKoZIhvcN + AQEBBQADggGPADCCAYoCggGBAJUuv+nO7S02+BHo5zkVg/IwUNSqQhsgKe3Djzsm + ISctrzNgrtUPqxYU0XDPXIS/v4wrtXrbXjlEaVgpTToqt/DRITH/I9FZzFQRQWKb + Gx0g3aH/LFJHHix4KCMPzEcykXba3zJqZei4NeJ7ym/Z5g/gJjGOE2SDVJN7YA9p + WKEgf/+TB6uPkEcgNc+8rFKbwQ63IhqOnHZq0mFaT/DWQUWYqLNZOHIiXjIELjGe + RjzmxlTQd9hWrC+FP1fOz9Ahpnw8oJ+wEpMUSpsAd3FFYUDZW/bj3jwWLT3WtmTb + d5ehpeE/zM5twy4rZXzT43+fsO/ns2YDxsSiujrtwm/Ar5k86S2XTkWro6f/t/Ml + dcIGzUZm2lSRacX1brIhNryHU2ZyVsEKJbS4/7N/wHTqhctSZlJRXkfjPiIC2KHV + YngPAtJ+fSmdULd7rIWcaxsrpnyozVpzYm5U8XRGm/pj2FFHVKPdSBoo2GrkVMyh + oU3+YiFno57wNbrm9ROzMIHhhwIDAQABo1MwUTAdBgNVHQ4EFgQUTbU3O3JsKBC6 + jCLjxTX4zWEAgc8wHwYDVR0jBBgwFoAUTbU3O3JsKBC6jCLjxTX4zWEAgc8wDwYD + VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAYEAMthyYhEUf5GdrKSMBuWR + +QlsBau/6N2nSxRxM2g4oexQOGUny1r76KrW6o/2V/PYyz/3WgOgSB/4sZxNoeu8 + rsjY9sp/bCWJ6jEmhm2kkVeb3Arix0iNt7BviOCjoVchc31R20JLP0a6WK+KtiV2 + C8qbuOQEkVWY/NVy+buHKqJjNZXyj8ADX0It8rAmaEGMEGkEFtYTnjEYHdkPWfYx + 6P9C12PrZySu9+L3eGmylKeDU7dWvBAONbHfHL8W/8pxG1CwObfkTEpzVTlR0SfI + W1dZ9YXb7S5F/0j6GLeUSgvnQZxH4rbc699wC9Y/kt5EozT1xvmKgZ6G6vaU2Mhb + jZnrbB4swXCVf98HDAy8PWrn7BWky9G8SbM5kS6Mj9pQwZnnfF6VLg+uWBBjMh7g + 0Ntf+Lv/IC5v+jC7TDKRPCAUGYzBRLMbT0WvK0BVXhp6swCi4qtME/BTsqXA6zzk + 5PfEh1b+yuqxbF3bU8rII1LIsXxr96lssl+H0HxPpQKv + -----END CERTIFICATE----- + tls.key: |- + -----BEGIN PRIVATE KEY----- + MIIG/QIBADANBgkqhkiG9w0BAQEFAASCBucwggbjAgEAAoIBgQCVLr/pzu0tNvgR + 6Oc5FYPyMFDUqkIbICntw487JiEnLa8zYK7VD6sWFNFwz1yEv7+MK7V62145RGlY + KU06Krfw0SEx/yPRWcxUEUFimxsdIN2h/yxSRx4seCgjD8xHMpF22t8yamXouDXi + e8pv2eYP4CYxjhNkg1STe2APaVihIH//kwerj5BHIDXPvKxSm8EOtyIajpx2atJh + Wk/w1kFFmKizWThyIl4yBC4xnkY85sZU0HfYVqwvhT9Xzs/QIaZ8PKCfsBKTFEqb + AHdxRWFA2Vv24948Fi091rZk23eXoaXhP8zObcMuK2V80+N/n7Dv57NmA8bEoro6 + 7cJvwK+ZPOktl05Fq6On/7fzJXXCBs1GZtpUkWnF9W6yITa8h1NmclbBCiW0uP+z + f8B06oXLUmZSUV5H4z4iAtih1WJ4DwLSfn0pnVC3e6yFnGsbK6Z8qM1ac2JuVPF0 + Rpv6Y9hRR1Sj3UgaKNhq5FTMoaFN/mIhZ6Oe8DW65vUTszCB4YcCAwEAAQKCAYBJ + 9tTF6odjTIav8oZ5ofY6ZMQevI9r/YVsUfI4xE3Zq+falEv6bPtJRmcVBGp9ksg4 + ig8/a3YK9KU6Rbf5Z+as6jMII9SxXlFVOPzvE7HcvkfEosxpusL2D1jvEU0Z27ON + dzUEPQZr3LEyqmeTDzjmlB67oRJyWj7bpGbbHUMJGCD+KPq7j8Fb0ld7uLLDfl+4 + mQm6mwxuFcZa6DkMUl4oUGkMCudWhz2mlLYGec+fMFgTAwz4YPib0ve15F7adWPh + EYqE8cqz3p1r2b9O6MNu0GTK16+388AFVSULImag/525pddohZgPHU8BJAKffGL6 + XCCfQrQBbe6geYsNANx8E34M3fbmkeby41oLY8v8PJOMHvoDREqD7tgqlPgozlD0 + BXlDaxTYLAwbyK+jARvQT60a4V744MMhsJ57GMC69R/YDW7Qbd4hiD3P4XEmqHBz + a/dhsNsJylgTMLFOIr4RnH/82yXyG3J0WTtZP+kRxq1aHaTduSif1SQkFqhr+MkC + gcEAxxmX9UAChk+DuOPsYYtx+kl/0aR8B5tvVQRQDxfij0Km9nXEyTsRE34sFlAk + RxgVUb+DjARPn5OuST/v3HHemGUU2x/L5BYYgtn9waI6vpTA3lllPzTYIr6aZfkb + yaX6UbHk5C9af/0F+xq4pNoSpcafdrE5dJ9JyM/20Q3DRxCN+RY2alezO/UCe0Sf + 3OH7Qk2RYgbP1lADV/58oqGpU079N1M4yt6ziyltPC8y/laGOAA00ZGFBPzySs2J + 3yXbAoHBAL/RI4s2WsX8ERaa/GXo85q0/LK2Wq8LICm/jxrMAZrVK1u9kSEKgps2 + pGV9hE73y7gBgstrfrUKghSsqwtIwQCXVYFKEzu4l2fojukJ13eCR7YSBqGTM3Jn + PhyjvxoAcmBsKjkoaXAt5+6DtuTVlQmElJB1s/A8us6rwy2GaXAWTHhNGJ5xuSAd + h3nW1Bsg84f5J6Vx0mnW85kAipB16LZFKUSqHpWYZ+Qe9yT0+iS0Fexz/dHmX4WA + eBZ0rulAxQKBwAutkKAt9PfzygIaPE8sYq8PiJO/VhcMIueVrSx1djB49FoYZkZ3 + VHUUPXnBkZ8p5nY5CXo49oKhouNhAKypcSj3JNYFc2wZb66dIqks3s025GkmTS37 + 54GCNIQurFaTia8pBAfuTxyatrMXyiTBNb7Le6b2liwk+6rvp8ZzTDTq36jwiJiM + NFMb991LFSVbi+VDr3dUdvRXFRsgLidL3Caqx2drVjVwAo/zChkxm4gXgx/dwztX + kbnNLFj+3UtdaQKBwBfHGRzctAvu3z9qHveTFP+Mh/avXDZurqH+OQMdXuWOnz1U + FnV+FAqhj2d1U71mQj6hEVGeFarjjpR5gwp3DlXAbL0GLbQtgbdDwNNqgOczoygS + u/ezg6Ee4zgxpDLY81S4k9NaCxf42NNcSIO9Zigz4ya1MIULQiz0ZdFy5Acc/IW9 + KNwbRNOSVYTo+IoUX5vvata7cVXla3T/+C1IMHzHvgHhBMGOjvJcVE6kf42lNUKG + bmRiplyqPDisZjJL8QKBwQCupVWTNeEy0YZ+7mwyJZ1DLURRlgUOKx7LhkO1MDn4 + YyjJrDm1Ne3XjNXq/wjaQX5KuUdkXoqAp1emo2nKGqqVjwSkWX6ordO6mLYhGDiA + vDydisaLX4I8x6NZFIabzqpZbmf6pWlxXVsEptXdAeALpxNZ/r/P34UOgF/g5jZB + /r8qFYC5HnDCY72bY52UXON3ktVmhC7PK3JNmruJgunEfC/yOk8YB9Eks7+3+9SR + HkXkOt1cAbJWZruf4j13X4s= + -----END PRIVATE KEY----- +--- +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: +- script: sleep 10