From 6ee3d7766cb0429797f68474288f2716423a9b8f Mon Sep 17 00:00:00 2001
From: Chetan Banavikalmutt <chetanrns1997@gmail.com>
Date: Mon, 20 May 2024 15:35:08 +0530
Subject: [PATCH] Add a test to verify the TLS config

Signed-off-by: Chetan Banavikalmutt <chetanrns1997@gmail.com>
---
 api/v1beta1/argocd_types.go      |  4 ++-
 controllers/argocd/route_test.go | 56 ++++++++++++++++++++++++++++++++
 2 files changed, 59 insertions(+), 1 deletion(-)

diff --git a/api/v1beta1/argocd_types.go b/api/v1beta1/argocd_types.go
index 657133ac0..c2f7635b7 100644
--- a/api/v1beta1/argocd_types.go
+++ b/api/v1beta1/argocd_types.go
@@ -991,7 +991,9 @@ func (argocd *ArgoCD) IsDeletionFinalizerPresent() bool {
 	return false
 }
 
-// WantsAutoTLS returns true if the user has configured a route with reencrypt or we default to reencrypt.
+// WantsAutoTLS returns true if:
+// 1. user has configured a route with reencrypt.
+// 2. user has not configured TLS and we default to reencrypt.
 func (s *ArgoCDServerSpec) WantsAutoTLS() bool {
 	return s.Route.TLS == nil ||
 		(s.Route.TLS != nil && s.Route.TLS.Termination == routev1.TLSTerminationReencrypt)
diff --git a/controllers/argocd/route_test.go b/controllers/argocd/route_test.go
index 9fc187105..21d239e15 100644
--- a/controllers/argocd/route_test.go
+++ b/controllers/argocd/route_test.go
@@ -491,6 +491,62 @@ func TestReconcileRouteForShorteningHostname(t *testing.T) {
 	}
 }
 
+func TestReconcileRouteTLSConfig(t *testing.T) {
+	routeAPIFound = true
+	ctx := context.Background()
+	logf.SetLogger(ZapLogger(true))
+
+	tt := []struct {
+		name         string
+		want         routev1.TLSTerminationType
+		updateArgoCD func(cr *argoproj.ArgoCD)
+	}{
+		{
+			name: "should set the default termination policy to renencrypt",
+			want: routev1.TLSTerminationReencrypt,
+			updateArgoCD: func(cr *argoproj.ArgoCD) {
+				cr.Spec.Server.Route.Enabled = true
+			},
+		},
+		{
+			name: "shouldn't overwrite the TLS config if it's already configured",
+			want: routev1.TLSTerminationEdge,
+			updateArgoCD: func(cr *argoproj.ArgoCD) {
+				cr.Spec.Server.Route.Enabled = true
+				cr.Spec.Server.Route.TLS = &routev1.TLSConfig{
+					Termination: routev1.TLSTerminationEdge,
+				}
+			},
+		},
+	}
+
+	for _, test := range tt {
+		t.Run(test.name, func(t *testing.T) {
+			argoCD := makeArgoCD(test.updateArgoCD)
+
+			resObjs := []client.Object{argoCD}
+			subresObjs := []client.Object{argoCD}
+			runtimeObjs := []runtime.Object{}
+			sch := makeTestReconcilerScheme(argoproj.AddToScheme, configv1.Install, routev1.Install)
+			fakeClient := makeTestReconcilerClient(sch, resObjs, subresObjs, runtimeObjs)
+			reconciler := makeTestReconciler(fakeClient, sch)
+
+			req := reconcile.Request{
+				NamespacedName: testNamespacedName(testArgoCDName),
+			}
+
+			_, err := reconciler.Reconcile(ctx, req)
+			assert.Nil(t, err)
+
+			route := &routev1.Route{}
+			err = reconciler.Client.Get(ctx, types.NamespacedName{Name: argoCD.Name + "-server", Namespace: argoCD.Namespace}, route)
+			assert.Nil(t, err)
+			assert.Equal(t, test.want, route.Spec.TLS.Termination)
+
+		})
+	}
+}
+
 func makeReconciler(t *testing.T, acd *argoproj.ArgoCD, objs ...runtime.Object) *ReconcileArgoCD {
 	t.Helper()
 	s := scheme.Scheme