[ISSUE] OpenShift default router with TLS prevents route creation

[leiicamundi]

Issue:

The wildcard certificate used by default for router routes in OpenShift does not require a secret to be defined, unlike the ingress. This creates a situation where the Route cannot be translated to an Ingress as the Ingress object refers to a certificate not existing

Actual behavior:

When creating a route for a router with a wildcard certificate, OpenShift will not create the route because TLS is enabled by default, but there is no secret containing the certificate available to define it.

Expected behavior:

The route should still be created even when TLS is enabled by default and not setting a default certificate name

How to reproduce:

To reproduce this issue, follow these steps:

1. Create a values file with the following configuration:

global:
  ingress:
    tls:
      enabled: true

2. Use the host of the apps domain of the cluster
3. Observe that no route is created for the router, even though TLS is enabled by default.

(example https://github.com/camunda/camunda-deployment-references/blob/a5d35e771bb790eb7087bcb4bff39127d87833ad/aws/rosa-hcp/camunda-versions/8.7/procedure/install/helm-values/domain.yml#L9)

It can be fixed by disabling this section

camunda-platform-helm/charts/camunda-platform-8.6/templates/console/ingress.yaml

Line 29 in 02ebcf8

{{- if .Values.console.ingress.tls.enabled }}

, otherwise we will have to indicate in the documentation, that tls should not be configured to be enabled if we want to fallback on the router certificates

Logs:

Not applicable for this issue, as it does not produce any logs.

Environment:

• Platform: OpenShift
• Helm CLI version: [insert version]
• Chart version: 8.x.x
• Values file: [insert link to values file]