https://github.com/argoproj-labs/argocd-operator/pull/1363 changed the default termination policy from passthrough to reencrypt. However, there could be some users who have configured the old passthrough Route with a custom certificate before the upgrade. We don't want to overwrite their configuration once they upgrade the operator.
This PR introduces logic to update the Route to renencrypt only if the "argocd-server-tls` secret is not present.
Have you updated the necessary documentation?
[ ] Documentation update is required by this PR.
[ ] Documentation has been updated.
Which issue(s) this PR fixes:
Fixes #?
How to test changes / Special notes to the reviewer:
Install/Run an older version of the operator that still has Passthrough as default.
Verify that the Route is using the Passthrough policy. Configure a custom TLS secret "argocd-server-tls" using OpenSSL.
chetan-rns
commented
1 month ago
What type of PR is this?
/kind bug
What does this PR do / why we need it:
https://github.com/argoproj-labs/argocd-operator/pull/1363 changed the default termination policy from passthrough to reencrypt. However, there could be some users who have configured the old passthrough Route with a custom certificate before the upgrade. We don't want to overwrite their configuration once they upgrade the operator.
This PR introduces logic to update the Route to renencrypt only if the "argocd-server-tls` secret is not present.
Have you updated the necessary documentation?
Which issue(s) this PR fixes:
Fixes #?
How to test changes / Special notes to the reviewer: