🌱 OPRUN-4574: test: add TLS profile unit and e2e tests

[tmshort]

Explicitly tests the --tls-custom arguments, so that we can be sure that they work as expected.

• Unit tests in tlsprofiles package verify cipher negotiation, cipher rejection, min-version enforcement, and curve acceptance/rejection by starting a local TLS server with a custom profile and connecting to it with a restricted client config.
• e2e feature (tls.feature) patches the catalogd deployment with specific custom TLS settings for each scenario, asserts the expected connection behaviour, then restores the original args on cleanup. Covers min-version enforcement (TLSv1.3), cipher negotiation and rejection (TLS 1.2 + ECDHE_ECDSA), and curve enforcement (prime256v1 accepted, secp521r1 rejected).
• GODOG_ARGS variable added to the e2e Makefile target so a single feature file can be run with: make test-e2e GODOG_ARGS=features/tls.feature

Description

Reviewer Checklist

• API Go Documentation
• Tests: Unit Tests (and E2E Tests, if appropriate)
• Comprehensive Commit Messages
• Links to related GitHub Issue(s)

[netlify]

✅ Deploy Preview for olmv1 ready!

Name	Link
🔨 Latest commit	d92c0f6
🔍 Latest deploy log	https://app.netlify.com/projects/olmv1/deploys/69e130c150a3490008f70ff5
😎 Deploy Preview	https://deploy-preview-2653--olmv1.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign perdasilva for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[Copilot]

Pull request overview

Adds explicit test coverage (unit + e2e) for custom TLS profile flags (--tls-custom-*) to validate version, cipher, and curve enforcement.

Changes:

• Added tlsprofiles unit tests that stand up a local TLS server and validate negotiation/enforcement behaviors.
• Added new e2e Godog steps + a tls.feature file that patches the catalogd deployment TLS args and asserts expected connection outcomes.
• Extended the make test-e2e target to accept GODOG_ARGS for running a subset of features/scenarios.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
test/e2e/steps/tls_steps.go	Implements e2e step helpers for patching deployments and asserting TLS negotiation/rejection against metrics endpoints.
test/e2e/steps/steps.go	Registers new TLS-related Godog steps.
test/e2e/steps/hooks.go	Adds scenario cleanup support to restore modified deployment args after each scenario.
test/e2e/features/tls.feature	New e2e feature scenarios covering TLS min-version, cipher enforcement, and curve enforcement.
internal/shared/util/tlsprofiles/tlsprofiles_connection_test.go	New unit tests validating custom TLS profile behavior via real TLS handshakes.
Makefile	Adds GODOG_ARGS passthrough to the e2e test runner.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 68.89%. Comparing base (29debc7) to head (d92c0f6).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2653   +/-   ##
=======================================
  Coverage   68.89%   68.89%           
=======================================
  Files         141      141           
  Lines       10009    10009           
=======================================
  Hits         6896     6896           
  Misses       2596     2596           
  Partials      517      517           

Flag	Coverage Δ
e2e	37.37% <ø> (+0.02%)	⬆️
experimental-e2e	52.51% <ø> (+0.02%)	⬆️
unit	53.67% <ø> (+0.03%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 6 out of 6 changed files in this pull request and generated no new comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.