From e755fe945cdeed93d2bac33a5f541247a1bc6749 Mon Sep 17 00:00:00 2001
From: Jonathan Christison <jochrist@redhat.com>
Date: Wed, 14 Jun 2023 14:32:31 +0100
Subject: [PATCH] Use edge TLS termination

Quarkus < 3.x doesn't support some of the route options, we need to
apply this YAML instead and disable auto route enable

still todo, combine yaml's into one for easier oc apply -f <COMBINED> or
have quarkus apply the snippets for us
---
 k8s/stage/edgeroute.yml                   | 20 ++++++++++++++++++++
 k8s/{ => stage}/kerberos-config.yaml      |  0
 src/main/resources/application.properties |  9 +++++++--
 3 files changed, 27 insertions(+), 2 deletions(-)
 create mode 100644 k8s/stage/edgeroute.yml
 rename k8s/{ => stage}/kerberos-config.yaml (100%)

diff --git a/k8s/stage/edgeroute.yml b/k8s/stage/edgeroute.yml
new file mode 100644
index 0000000..b7b22b0
--- /dev/null
+++ b/k8s/stage/edgeroute.yml
@@ -0,0 +1,20 @@
+apiVersion: route.openshift.io/v1
+kind: Route
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/name: osh
+    app.kubernetes.io/version: 1.0.0-SNAPSHOT
+    app.openshift.io/runtime: quarkus
+    env: stage
+  name: osh
+spec:
+  port:
+    targetPort: http
+  tls:
+    termination: edge
+  to:
+    kind: ""
+    name: osh
+    weight: null
+status: {}
diff --git a/k8s/kerberos-config.yaml b/k8s/stage/kerberos-config.yaml
similarity index 100%
rename from k8s/kerberos-config.yaml
rename to k8s/stage/kerberos-config.yaml
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index cfe76d7..5edad7b 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -12,8 +12,14 @@
 
 %stage.quarkus.openshift.name=osh
 %stage.quarkus.openshift.labels.env=stage
+%stage.quarkus.log.level=DEBUG
+
+#Only in Quarkus > 3.x 
 %stage.quarkus.openshift.route.tls.termination=edge
-%stage.quarkus.openshift.route.expose=true
+#As we cant create a edge terminated route (quarkus <3.x) lets disable route creation for now
+%stage.quarkus.openshift.route.expose=false
+%stage.quarkus.openshift.route.target-port=https
+%stage.quarkus.openshift.route.tls.insecure-edge-termination-policy=redirect
 
 ##########################################
 #   Kerberos Specifics                   #
@@ -31,5 +37,4 @@
 %stage.quarkus.openshift.mounts.osh-wrapper-config-vol.read-only=true
 
 
-%stage.quarkus.log.level=DEBUG