Fix defaulter for openshift, allow create ingress (#532)

* fix defauler for openshift, allow create ingress Signed-off-by: Ruben Vargas <ruben.vp8510@gmail.com> * create constant for default route termination Signed-off-by: Ruben Vargas <ruben.vp8510@gmail.com> * update api docs Signed-off-by: Andreas Gerstmayr <agerstmayr@redhat.com> * restore default gateway route TLS termination Signed-off-by: Ruben Vargas <ruben.vp8510@gmail.com> * fix docs Signed-off-by: Ruben Vargas <ruben.vp8510@gmail.com> --------- Signed-off-by: Ruben Vargas <ruben.vp8510@gmail.com> Signed-off-by: Andreas Gerstmayr <agerstmayr@redhat.com> Co-authored-by: Andreas Gerstmayr <agerstmayr@redhat.com>
grafana · Aug 1, 2023 · 4891106 · 4891106
1 parent 2e973db
commit 4891106
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 7 deletions.
diff --git a/apis/tempo/v1alpha1/tempostack_webhook.go b/apis/tempo/v1alpha1/tempostack_webhook.go
@@ -35,6 +35,8 @@ var (
 )
 
 const maxLabelLength = 63
+const defaultRouteGatewayTLSTermination = TLSRouteTerminationTypePassthrough
+const defaultUITLSTermination = TLSRouteTerminationTypeEdge
 
 // SetupWebhookWithManager initializes the webhook.
 func (r *TempoStack) SetupWebhookWithManager(mgr ctrl.Manager, ctrlConfig v1alpha1.ProjectConfig) error {
@@ -137,17 +139,19 @@ func (d *Defaulter) Default(ctx context.Context, obj runtime.Object) error {
 		r.Spec.ReplicationFactor = defaultReplicationFactor
 	}
 
-	// Terminate TLS of the JaegerQuery Route on the Edge by default
-	if r.Spec.Template.QueryFrontend.JaegerQuery.Ingress.Type == IngressTypeRoute && r.Spec.Template.QueryFrontend.JaegerQuery.Ingress.Route.Termination == "" {
-		r.Spec.Template.QueryFrontend.JaegerQuery.Ingress.Route.Termination = TLSRouteTerminationTypeEdge
-	}
-
 	// if tenant mode is Openshift, ingress type should be route by default.
-	if r.Spec.Tenants != nil && r.Spec.Tenants.Mode == OpenShift {
+	if r.Spec.Tenants != nil && r.Spec.Tenants.Mode == OpenShift && r.Spec.Template.Gateway.Ingress.Type == "" {
 		r.Spec.Template.Gateway.Ingress.Type = IngressTypeRoute
-		r.Spec.Template.Gateway.Ingress.Route.Termination = TLSRouteTerminationTypePassthrough
 	}
 
+	if r.Spec.Template.Gateway.Ingress.Type == IngressTypeRoute && r.Spec.Template.Gateway.Ingress.Route.Termination == "" {
+		r.Spec.Template.Gateway.Ingress.Route.Termination = defaultRouteGatewayTLSTermination
+	}
+
+	// Terminate TLS of the JaegerQuery Route on the Edge by default
+	if r.Spec.Template.QueryFrontend.JaegerQuery.Ingress.Type == IngressTypeRoute && r.Spec.Template.QueryFrontend.JaegerQuery.Ingress.Route.Termination == "" {
+		r.Spec.Template.QueryFrontend.JaegerQuery.Ingress.Route.Termination = defaultUITLSTermination
+	}
 	return nil
 }
 

diff --git a/docs/operator/api.md b/docs/operator/api.md
@@ -2762,6 +2762,14 @@ responsible for decrypting traffic.</p>
 and re-encrypt using a new certificate.</p>
 </td>
 
+</tr><tr><td><p>&#34;passthrough&#34;</p></td>
+
+<td></td>
+
+</tr><tr><td><p>&#34;edge&#34;</p></td>
+
+<td></td>
+
 </tr></tbody>
 </table>