From 873dbd08ca63292312e5965b2d5d43daeaa7da4f Mon Sep 17 00:00:00 2001 From: "Leo J." <153937047+leiicamundi@users.noreply.github.com> Date: Fri, 13 Dec 2024 17:14:05 +0100 Subject: [PATCH] fix(zeebe-grpc-ingress): class check for openshift was not checked (#2678) --- charts/camunda-platform-8.6/templates/camunda/ingress.yaml | 3 +-- .../camunda-platform-8.6/templates/connectors/ingress.yaml | 3 +-- charts/camunda-platform-8.6/templates/console/ingress.yaml | 3 +-- .../templates/execution-identity/ingress.yaml | 3 +-- charts/camunda-platform-8.6/templates/identity/ingress.yaml | 3 +-- charts/camunda-platform-8.6/templates/operate/ingress.yaml | 3 +-- charts/camunda-platform-8.6/templates/optimize/ingress.yaml | 3 +-- charts/camunda-platform-8.6/templates/tasklist/ingress.yaml | 3 +-- .../camunda-platform-8.6/templates/web-modeler/ingress.yaml | 3 +-- .../templates/zeebe-gateway/ingress-grpc.yaml | 3 +-- .../templates/zeebe-gateway/ingress-rest.yaml | 3 +-- .../templates/camunda/ingress-grpc.yaml | 5 ++--- .../templates/camunda/ingress-http.yaml | 3 +-- 13 files changed, 14 insertions(+), 27 deletions(-) diff --git a/charts/camunda-platform-8.6/templates/camunda/ingress.yaml b/charts/camunda-platform-8.6/templates/camunda/ingress.yaml index 4071c56e62..5c1b511ecc 100644 --- a/charts/camunda-platform-8.6/templates/camunda/ingress.yaml +++ b/charts/camunda-platform-8.6/templates/camunda/ingress.yaml @@ -111,8 +111,7 @@ spec: {{- end }} {{- if .Values.global.ingress.tls.enabled }} {{- if and (not .Values.global.ingress.tls.secretName) (contains "openshift-" (default "" .Values.global.ingress.className)) }} - # The tls block is not applied because .Values.global.ingress.tls.secretName is empty - # and .Values.global.ingress.className contains "openshift-". + # The tls block is not applied because secretName is empty and className contains "openshift-". # This is necessary to use the certificate managed by the OpenShift Ingress operator, # which will automatically convert this Ingress into a Route (https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/security_and_compliance/configuring-certificates#replacing-default-ingress_replacing-default-ingress). {{- else }} diff --git a/charts/camunda-platform-8.6/templates/connectors/ingress.yaml b/charts/camunda-platform-8.6/templates/connectors/ingress.yaml index a9355abe46..20f2f174a9 100644 --- a/charts/camunda-platform-8.6/templates/connectors/ingress.yaml +++ b/charts/camunda-platform-8.6/templates/connectors/ingress.yaml @@ -29,8 +29,7 @@ spec: number: 8080 {{- if .Values.connectors.ingress.tls.enabled }} {{- if and (not .Values.connectors.ingress.tls.secretName) (contains "openshift-" (default "" .Values.connectors.ingress.className)) }} - # The tls block is not applied because .Values.connectors.ingress.tls.secretName is empty - # and .Values.connectors.ingress.className contains "openshift-". + # The tls block is not applied because secretName is empty and className contains "openshift-". # This is necessary to use the certificate managed by the OpenShift Ingress operator, # which will automatically convert this Ingress into a Route (https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/security_and_compliance/configuring-certificates#replacing-default-ingress_replacing-default-ingress). {{- else }} diff --git a/charts/camunda-platform-8.6/templates/console/ingress.yaml b/charts/camunda-platform-8.6/templates/console/ingress.yaml index d8d0e04579..4a36e03467 100644 --- a/charts/camunda-platform-8.6/templates/console/ingress.yaml +++ b/charts/camunda-platform-8.6/templates/console/ingress.yaml @@ -28,8 +28,7 @@ spec: number: 80 {{- if .Values.console.ingress.tls.enabled }} {{- if and (not .Values.console.ingress.tls.secretName) (contains "openshift-" (default "" .Values.console.ingress.className)) }} - # The tls block is not applied because .Values.console.ingress.tls.secretName is empty - # and .Values.console.ingress.className contains "openshift-". + # The tls block is not applied because secretName is empty and className contains "openshift-". # This is necessary to use the certificate managed by the OpenShift Ingress operator, # which will automatically convert this Ingress into a Route (https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/security_and_compliance/configuring-certificates#replacing-default-ingress_replacing-default-ingress). {{- else }} diff --git a/charts/camunda-platform-8.6/templates/execution-identity/ingress.yaml b/charts/camunda-platform-8.6/templates/execution-identity/ingress.yaml index 1ab597f469..846b04f165 100644 --- a/charts/camunda-platform-8.6/templates/execution-identity/ingress.yaml +++ b/charts/camunda-platform-8.6/templates/execution-identity/ingress.yaml @@ -28,8 +28,7 @@ spec: number: 80 {{- if .Values.executionIdentity.ingress.tls.enabled }} {{- if and (not .Values.executionIdentity.ingress.tls.secretName) (contains "openshift-" (default "" .Values.executionIdentity.ingress.className)) }} - # The tls block is not applied because .Values.executionIdentity.ingress.tls.secretName is empty - # and .Values.executionIdentity.ingress.className contains "openshift-". + # The tls block is not applied because secretName is empty and className contains "openshift-". # This is necessary to use the certificate managed by the OpenShift Ingress operator, # which will automatically convert this Ingress into a Route (https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/security_and_compliance/configuring-certificates#replacing-default-ingress_replacing-default-ingress). {{- else }} diff --git a/charts/camunda-platform-8.6/templates/identity/ingress.yaml b/charts/camunda-platform-8.6/templates/identity/ingress.yaml index 32e027588f..e3e1632b08 100644 --- a/charts/camunda-platform-8.6/templates/identity/ingress.yaml +++ b/charts/camunda-platform-8.6/templates/identity/ingress.yaml @@ -29,8 +29,7 @@ spec: number: 80 {{- if .Values.identity.ingress.tls.enabled }} {{- if and (not .Values.identity.ingress.tls.secretName) (contains "openshift-" (default "" .Values.identity.ingress.className)) }} - # The tls block is not applied because .Values.identity.ingress.tls.secretName is empty - # and .Values.identity.ingress.className contains "openshift-". + # The tls block is not applied because secretName is empty and className contains "openshift-". # This is necessary to use the certificate managed by the OpenShift Ingress operator, # which will automatically convert this Ingress into a Route (https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/security_and_compliance/configuring-certificates#replacing-default-ingress_replacing-default-ingress). {{- else }} diff --git a/charts/camunda-platform-8.6/templates/operate/ingress.yaml b/charts/camunda-platform-8.6/templates/operate/ingress.yaml index 0ef6d0848a..9b04732235 100644 --- a/charts/camunda-platform-8.6/templates/operate/ingress.yaml +++ b/charts/camunda-platform-8.6/templates/operate/ingress.yaml @@ -28,8 +28,7 @@ spec: number: 80 {{- if .Values.operate.ingress.tls.enabled }} {{- if and (not .Values.operate.ingress.tls.secretName) (contains "openshift-" (default "" .Values.operate.ingress.className)) }} - # The tls block is not applied because .Values.operate.ingress.tls.secretName is empty - # and .Values.operate.ingress.className contains "openshift-". + # The tls block is not applied because secretName is empty and className contains "openshift-". # This is necessary to use the certificate managed by the OpenShift Ingress operator, # which will automatically convert this Ingress into a Route (https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/security_and_compliance/configuring-certificates#replacing-default-ingress_replacing-default-ingress). {{- else }} diff --git a/charts/camunda-platform-8.6/templates/optimize/ingress.yaml b/charts/camunda-platform-8.6/templates/optimize/ingress.yaml index 36be2a7b06..3a2bc1ab11 100644 --- a/charts/camunda-platform-8.6/templates/optimize/ingress.yaml +++ b/charts/camunda-platform-8.6/templates/optimize/ingress.yaml @@ -28,8 +28,7 @@ spec: number: 80 {{- if .Values.optimize.ingress.tls.enabled }} {{- if and (not .Values.optimize.ingress.tls.secretName) (contains "openshift-" (default "" .Values.optimize.ingress.className)) }} - # The tls block is not applied because .Values.optimize.ingress.tls.secretName is empty - # and .Values.optimize.ingress.className contains "openshift-". + # The tls block is not applied because secretName is empty and className contains "openshift-". # This is necessary to use the certificate managed by the OpenShift Ingress operator, # which will automatically convert this Ingress into a Route (https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/security_and_compliance/configuring-certificates#replacing-default-ingress_replacing-default-ingress). {{- else }} diff --git a/charts/camunda-platform-8.6/templates/tasklist/ingress.yaml b/charts/camunda-platform-8.6/templates/tasklist/ingress.yaml index 850f00fa7f..59e2f4fa7e 100644 --- a/charts/camunda-platform-8.6/templates/tasklist/ingress.yaml +++ b/charts/camunda-platform-8.6/templates/tasklist/ingress.yaml @@ -28,8 +28,7 @@ spec: number: 80 {{- if .Values.tasklist.ingress.tls.enabled }} {{- if and (not .Values.tasklist.ingress.tls.secretName) (contains "openshift-" (default "" .Values.tasklist.ingress.className)) }} - # The tls block is not applied because .Values.tasklist.ingress.tls.secretName is empty - # and .Values.tasklist.ingress.className contains "openshift-". + # The tls block is not applied because secretName is empty and className contains "openshift-". # This is necessary to use the certificate managed by the OpenShift Ingress operator, # which will automatically convert this Ingress into a Route (https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/security_and_compliance/configuring-certificates#replacing-default-ingress_replacing-default-ingress). {{- else }} diff --git a/charts/camunda-platform-8.6/templates/web-modeler/ingress.yaml b/charts/camunda-platform-8.6/templates/web-modeler/ingress.yaml index af120587da..63e8e8e1a6 100644 --- a/charts/camunda-platform-8.6/templates/web-modeler/ingress.yaml +++ b/charts/camunda-platform-8.6/templates/web-modeler/ingress.yaml @@ -37,8 +37,7 @@ spec: (not .Values.webModeler.ingress.websockets.tls.secretName) (contains "openshift-" (default "" .Values.webModeler.ingress.className)) }} - # The tls block is not applied because both .Values.webModeler.ingress.webapp.tls.secretName and .Values.webModeler.ingress.websockets.tls.secretName are empty - # and .Values.webModeler.ingress.className contains "openshift-". + # The tls block is not applied because secretName is empty and className contains "openshift-". # This is necessary to use the certificate managed by the OpenShift Ingress operator, # which will automatically convert this Ingress into a Route (https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/security_and_compliance/configuring-certificates#replacing-default-ingress_replacing-default-ingress). {{- else }} diff --git a/charts/camunda-platform-8.6/templates/zeebe-gateway/ingress-grpc.yaml b/charts/camunda-platform-8.6/templates/zeebe-gateway/ingress-grpc.yaml index 9b7cfc70d2..b939128154 100644 --- a/charts/camunda-platform-8.6/templates/zeebe-gateway/ingress-grpc.yaml +++ b/charts/camunda-platform-8.6/templates/zeebe-gateway/ingress-grpc.yaml @@ -31,8 +31,7 @@ spec: (not .Values.zeebeGateway.ingress.grpc.tls.secretName) (contains "openshift-" (default "" .Values.zeebeGateway.ingress.grpc.className)) }} - # The tls block is not applied because .Values.zeebeGateway.ingress.grpc.tls.secretName is empty - # and .Values.zeebeGateway.ingress.className contains "openshift-". + # The tls block is not applied because secretName is empty and className contains "openshift-". # This is necessary to use the certificate managed by the OpenShift Ingress operator, # which will automatically convert this Ingress into a Route (https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/security_and_compliance/configuring-certificates#replacing-default-ingress_replacing-default-ingress). {{- else }} diff --git a/charts/camunda-platform-8.6/templates/zeebe-gateway/ingress-rest.yaml b/charts/camunda-platform-8.6/templates/zeebe-gateway/ingress-rest.yaml index 801b100ae8..936ead66aa 100644 --- a/charts/camunda-platform-8.6/templates/zeebe-gateway/ingress-rest.yaml +++ b/charts/camunda-platform-8.6/templates/zeebe-gateway/ingress-rest.yaml @@ -31,8 +31,7 @@ spec: (not .Values.zeebeGateway.ingress.rest.tls.secretName) (contains "openshift-" (default "" .Values.zeebeGateway.ingress.rest.className)) }} - # The tls block is not applied because .Values.zeebeGateway.ingress.rest.tls.secretName is empty - # and .Values.zeebeGateway.ingress.className contains "openshift-". + # The tls block is not applied because secretName is empty and className contains "openshift-". # This is necessary to use the certificate managed by the OpenShift Ingress operator, # which will automatically convert this Ingress into a Route (https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/security_and_compliance/configuring-certificates#replacing-default-ingress_replacing-default-ingress). {{- else }} diff --git a/charts/camunda-platform-alpha/templates/camunda/ingress-grpc.yaml b/charts/camunda-platform-alpha/templates/camunda/ingress-grpc.yaml index 317edc4d89..d4befe4877 100644 --- a/charts/camunda-platform-alpha/templates/camunda/ingress-grpc.yaml +++ b/charts/camunda-platform-alpha/templates/camunda/ingress-grpc.yaml @@ -29,10 +29,9 @@ spec: {{- if .Values.core.ingress.grpc.tls.enabled }} {{- if and (not .Values.core.ingress.grpc.tls.secretName) - (contains "openshift-" (default "" .Values.core.ingress.className)) + (contains "openshift-" (default "" .Values.core.ingress.grpc.className)) }} - # The tls block is not applied because .Values.core.ingress.grpc.tls.secretName is empty - # and .Values.core.ingress.className contains "openshift-". + # The tls block is not applied because secretName is empty and className contains "openshift-". # This is necessary to use the certificate managed by the OpenShift Ingress operator, # which will automatically convert this Ingress into a Route (https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/security_and_compliance/configuring-certificates#replacing-default-ingress_replacing-default-ingress). {{- else }} diff --git a/charts/camunda-platform-alpha/templates/camunda/ingress-http.yaml b/charts/camunda-platform-alpha/templates/camunda/ingress-http.yaml index d7da331719..fb7a9a85d6 100644 --- a/charts/camunda-platform-alpha/templates/camunda/ingress-http.yaml +++ b/charts/camunda-platform-alpha/templates/camunda/ingress-http.yaml @@ -99,8 +99,7 @@ spec: (not .Values.global.ingress.tls.secretName) (contains "openshift-" (default "" .Values.global.ingress.className)) }} - # The tls block is not applied because .Values.global.ingress.tls.secretName is empty - # and .Values.global.ingress.className contains "openshift-". + # The tls block is not applied because secretName is empty and className contains "openshift-". # This is necessary to use the certificate managed by the OpenShift Ingress operator, # which will automatically convert this Ingress into a Route (https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/security_and_compliance/configuring-certificates#replacing-default-ingress_replacing-default-ingress). {{- else }}