diff --git a/controllers/argocd/route.go b/controllers/argocd/route.go index f5e641ca0..eed157072 100644 --- a/controllers/argocd/route.go +++ b/controllers/argocd/route.go @@ -17,7 +17,6 @@ package argocd import ( "context" "fmt" - "strings" routev1 "github.com/openshift/api/route/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -29,12 +28,6 @@ import ( "github.com/argoproj-labs/argocd-operator/controllers/argoutil" ) -const ( - maxLabelLength = 63 - maxHostnameLength = 253 - minFirstLabelSize = 20 -) - var routeAPIFound = false // IsRouteAPIAvailable returns true if the Route API is present. @@ -255,13 +248,6 @@ func (r *ReconcileArgoCD) reconcileServerRoute(cr *argoproj.ArgoCD) error { route.Spec.Host = cr.Spec.Server.Host // TODO: What additional role needed for this? } - hostname, err := shortenHostname(route.Spec.Host) - if err != nil { - return err - } - - route.Spec.Host = hostname - if cr.Spec.Server.Insecure { // Disable TLS and rely on the cluster certificate. route.Spec.Port = &routev1.RoutePort{ @@ -339,17 +325,19 @@ func (r *ReconcileArgoCD) reconcileApplicationSetControllerWebhookRoute(cr *argo route.Spec.Host = cr.Spec.ApplicationSet.WebhookServer.Host } - hostname, err := shortenHostname(route.Spec.Host) - if err != nil { - return err + route.Spec.Port = &routev1.RoutePort{ + TargetPort: intstr.FromString("webhook"), } - route.Spec.Host = hostname + // Allow override of TLS options for the Route + if cr.Spec.ApplicationSet.WebhookServer.Route.TLS != nil { + tls := &routev1.TLSConfig{} - if cr.Spec.Server.Insecure { - // Disable TLS and rely on the cluster certificate. - route.Spec.Port = &routev1.RoutePort{ - TargetPort: intstr.FromString("webhook"), + // Set Termination + if cr.Spec.ApplicationSet.WebhookServer.Route.TLS.Termination != "" { + tls.Termination = cr.Spec.ApplicationSet.WebhookServer.Route.TLS.Termination + } else { + tls.Termination = routev1.TLSTerminationEdge } // Set Certificate @@ -404,48 +392,3 @@ func (r *ReconcileArgoCD) reconcileApplicationSetControllerWebhookRoute(cr *argo } return r.Client.Update(context.TODO(), route) } - -// The algorithm used by this function is: -// - If the FIRST label ("console-openshift-console" in the above case) is longer than 63 characters, shorten (truncate the end) it to 63. -// - If any other label is longer than 63 characters, return an error -// - After all the labels are 63 characters or less, check the length of the overall hostname: -// - If the overall hostname is > 255, then shorten the FIRST label until the host name is < 255 -// - After the FIRST label has been shortened, if it is < 20, then return an error (this is a sanity test to ensure the label is likely to be unique) -func shortenHostname(hostname string) (string, error) { - if hostname == "" { - return "", nil - } - - // Split the hostname into labels - labels := strings.Split(hostname, ".") - - // Check and truncate the FIRST label if longer than 63 characters - if len(labels[0]) > maxLabelLength { - labels[0] = labels[0][:maxLabelLength] - } - - // Check other labels and return an error if any is longer than 63 characters - for _, label := range labels[1:] { - if len(label) > maxLabelLength { - return "", fmt.Errorf("label length exceeds 63 characters") - } - } - - // Join the labels back into a hostname - resultHostname := strings.Join(labels, ".") - - // Check and shorten the overall hostname - if len(resultHostname) > maxHostnameLength { - // Shorten the first label until the length is less than 253 - for len(resultHostname) > maxHostnameLength && len(labels[0]) > 20 { - labels[0] = labels[0][:len(labels[0])-1] - resultHostname = strings.Join(labels, ".") - } - - // Check if the first label is still less than 20 characters - if len(labels[0]) < minFirstLabelSize { - return "", fmt.Errorf("shortened first label is less than 20 characters") - } - } - return resultHostname, nil -}