NO-JIRA: remove SupportsTLSProfile (#1089)

zhuje · web-flow · commit 5ec787a25084 · 2026-05-12T16:42:40.000Z
* fix: enable tls support for troubleshooting plugin

* feat: remove supports tls profile  flag because all uiplugin support tls now

* fix: lint
diff --git a/pkg/controllers/uiplugin/compatibility_matrix.go b/pkg/controllers/uiplugin/compatibility_matrix.go
@@ -29,85 +29,74 @@ type CompatibilityEntry struct {
 	ImageKey          string
 	SupportLevel      SupportLevel
 	Features          []string
-	// SupportsTLSProfile indicates whether this plugin image supports
-	// -tls-min-version and -tls-cipher-suites command flags.
-	SupportsTLSProfile bool
 }
 
 type ListFunction func(ctx context.Context, list client.ObjectList, opts ...client.ListOption) error
 
 var compatibilityMatrix = []CompatibilityEntry{
 	{
-		PluginType:         uiv1alpha1.TypeDashboards,
-		MinClusterVersion:  "v4.11",
-		MaxClusterVersion:  "",
-		ImageKey:           "ui-dashboards",
-		Features:           []string{},
-		SupportLevel:       DevPreview,
-		SupportsTLSProfile: true,
-	},
-	{
-		PluginType:         uiv1alpha1.TypeTroubleshootingPanel,
-		MinClusterVersion:  "v4.19",
-		MaxClusterVersion:  "v4.22",
-		ImageKey:           "ui-troubleshooting-panel-pf6",
-		SupportLevel:       GeneralAvailability,
-		Features:           []string{},
-		SupportsTLSProfile: false,
-	},
-	{
-		PluginType:         uiv1alpha1.TypeTroubleshootingPanel,
-		MinClusterVersion:  "v4.22",
-		MaxClusterVersion:  "",
-		ImageKey:           "ui-troubleshooting-panel",
-		SupportLevel:       GeneralAvailability,
-		Features:           []string{},
-		SupportsTLSProfile: false,
-	},
-	{
-		PluginType:         uiv1alpha1.TypeDistributedTracing,
-		MinClusterVersion:  "v4.11",
-		MaxClusterVersion:  "v4.15",
-		ImageKey:           "ui-distributed-tracing-pf4",
-		SupportLevel:       GeneralAvailability,
-		Features:           []string{},
-		SupportsTLSProfile: true,
-	},
-	{
-		PluginType:         uiv1alpha1.TypeDistributedTracing,
-		MinClusterVersion:  "v4.15",
-		MaxClusterVersion:  "v4.19",
-		ImageKey:           "ui-distributed-tracing-pf5",
-		SupportLevel:       GeneralAvailability,
-		Features:           []string{},
-		SupportsTLSProfile: true,
-	},
-	{
-		PluginType:         uiv1alpha1.TypeDistributedTracing,
-		MinClusterVersion:  "v4.19",
-		MaxClusterVersion:  "v4.22",
-		ImageKey:           "ui-distributed-tracing-pf6",
-		SupportLevel:       GeneralAvailability,
-		Features:           []string{},
-		SupportsTLSProfile: true,
-	},
-	{
-		PluginType:         uiv1alpha1.TypeDistributedTracing,
-		MinClusterVersion:  "v4.22",
-		MaxClusterVersion:  "",
-		ImageKey:           "ui-distributed-tracing",
-		SupportLevel:       GeneralAvailability,
-		Features:           []string{},
-		SupportsTLSProfile: true,
-	},
-	{
-		PluginType:         uiv1alpha1.TypeLogging,
-		MinClusterVersion:  "v4.11",
-		MaxClusterVersion:  "v4.12",
-		ImageKey:           "ui-logging-pf4",
-		SupportLevel:       GeneralAvailability,
-		Features:           []string{},
-		SupportsTLSProfile: true,
+		PluginType:        uiv1alpha1.TypeDashboards,
+		MinClusterVersion: "v4.11",
+		MaxClusterVersion: "",
+		ImageKey:          "ui-dashboards",
+		Features:          []string{},
+		SupportLevel:      DevPreview,
+	},
+	{
+		PluginType:        uiv1alpha1.TypeTroubleshootingPanel,
+		MinClusterVersion: "v4.19",
+		MaxClusterVersion: "v4.22",
+		ImageKey:          "ui-troubleshooting-panel-pf6",
+		SupportLevel:      GeneralAvailability,
+		Features:          []string{},
+	},
+	{
+		PluginType:        uiv1alpha1.TypeTroubleshootingPanel,
+		MinClusterVersion: "v4.22",
+		MaxClusterVersion: "",
+		ImageKey:          "ui-troubleshooting-panel",
+		SupportLevel:      GeneralAvailability,
+		Features:          []string{},
+	},
+	{
+		PluginType:        uiv1alpha1.TypeDistributedTracing,
+		MinClusterVersion: "v4.11",
+		MaxClusterVersion: "v4.15",
+		ImageKey:          "ui-distributed-tracing-pf4",
+		SupportLevel:      GeneralAvailability,
+		Features:          []string{},
+	},
+	{
+		PluginType:        uiv1alpha1.TypeDistributedTracing,
+		MinClusterVersion: "v4.15",
+		MaxClusterVersion: "v4.19",
+		ImageKey:          "ui-distributed-tracing-pf5",
+		SupportLevel:      GeneralAvailability,
+		Features:          []string{},
+	},
+	{
+		PluginType:        uiv1alpha1.TypeDistributedTracing,
+		MinClusterVersion: "v4.19",
+		MaxClusterVersion: "v4.22",
+		ImageKey:          "ui-distributed-tracing-pf6",
+		SupportLevel:      GeneralAvailability,
+		Features:          []string{},
+	},
+	{
+		PluginType:        uiv1alpha1.TypeDistributedTracing,
+		MinClusterVersion: "v4.22",
+		MaxClusterVersion: "",
+		ImageKey:          "ui-distributed-tracing",
+		SupportLevel:      GeneralAvailability,
+		Features:          []string{},
+	},
+	{
+		PluginType:        uiv1alpha1.TypeLogging,
+		MinClusterVersion: "v4.11",
+		MaxClusterVersion: "v4.12",
+		ImageKey:          "ui-logging-pf4",
+		SupportLevel:      GeneralAvailability,
+		Features:          []string{},
 	},
 	{
 		PluginType:        uiv1alpha1.TypeLogging,
@@ -118,7 +107,6 @@ var compatibilityMatrix = []CompatibilityEntry{
 		Features: []string{
 			"dev-console",
 		},
-		SupportsTLSProfile: true,
 	},
 	{
 		PluginType:        uiv1alpha1.TypeLogging,
@@ -130,7 +118,6 @@ var compatibilityMatrix = []CompatibilityEntry{
 			"dev-console",
 			"alerts",
 		},
-		SupportsTLSProfile: true,
 	},
 	{
 		PluginType:        uiv1alpha1.TypeLogging,
@@ -143,7 +130,6 @@ var compatibilityMatrix = []CompatibilityEntry{
 			"alerts",
 			"dev-alerts",
 		},
-		SupportsTLSProfile: true,
 	},
 	{
 		PluginType:        uiv1alpha1.TypeLogging,
@@ -156,7 +142,6 @@ var compatibilityMatrix = []CompatibilityEntry{
 			"alerts",
 			"dev-alerts",
 		},
-		SupportsTLSProfile: true,
 	},
 	{
 		PluginType:        uiv1alpha1.TypeLogging,
@@ -169,7 +154,6 @@ var compatibilityMatrix = []CompatibilityEntry{
 			"alerts",
 			"dev-alerts",
 		},
-		SupportsTLSProfile: true,
 	},
 	{
 		PluginType:        uiv1alpha1.TypeMonitoring,
@@ -179,8 +163,7 @@ var compatibilityMatrix = []CompatibilityEntry{
 		SupportLevel:      TechPreview,
 		// feature flags for montioring are dynamically injected
 		// based on the cluster version and and UIPlugin CR configurations
-		Features:           []string{},
-		SupportsTLSProfile: true,
+		Features: []string{},
 	},
 	{
 		PluginType:        uiv1alpha1.TypeMonitoring,
@@ -190,8 +173,7 @@ var compatibilityMatrix = []CompatibilityEntry{
 		SupportLevel:      GeneralAvailability,
 		// feature flags for montioring are dynamically injected
 		// based on the cluster version and and UIPlugin CR configurations
-		Features:           []string{},
-		SupportsTLSProfile: true,
+		Features: []string{},
 	},
 	{
 		PluginType:        uiv1alpha1.TypeMonitoring,
@@ -201,8 +183,7 @@ var compatibilityMatrix = []CompatibilityEntry{
 		SupportLevel:      GeneralAvailability,
 		// feature flags for montioring are dynamically injected
 		// based on the cluster version and and UIPlugin CR configurations
-		Features:           []string{},
-		SupportsTLSProfile: true,
+		Features: []string{},
 	},
 }
 
diff --git a/pkg/controllers/uiplugin/compatibility_matrix_test.go b/pkg/controllers/uiplugin/compatibility_matrix_test.go
@@ -417,92 +417,3 @@ func TestLookupImageAndFeatures(t *testing.T) {
 		})
 	}
 }
-
-func TestSupportsTLSProfile(t *testing.T) {
-	for _, tc := range []struct {
-		pluginType         uiv1alpha1.UIPluginType
-		clusterVersion     string
-		expectedTLSSupport bool
-		description        string
-	}{
-		{
-			pluginType:         uiv1alpha1.TypeDashboards,
-			clusterVersion:     "4.11",
-			expectedTLSSupport: true,
-			description:        "Dashboards plugin should support TLS profile",
-		},
-		{
-			pluginType:         uiv1alpha1.TypeLogging,
-			clusterVersion:     "4.11",
-			expectedTLSSupport: true,
-			description:        "Logging plugin should support TLS profile",
-		},
-		{
-			pluginType:         uiv1alpha1.TypeLogging,
-			clusterVersion:     "4.13",
-			expectedTLSSupport: true,
-			description:        "Logging plugin v4.13 should support TLS profile",
-		},
-		{
-			pluginType:         uiv1alpha1.TypeLogging,
-			clusterVersion:     "4.15",
-			expectedTLSSupport: true,
-			description:        "Logging plugin v4.15 should support TLS profile",
-		},
-		{
-			pluginType:         uiv1alpha1.TypeLogging,
-			clusterVersion:     "4.22",
-			expectedTLSSupport: true,
-			description:        "Logging plugin v4.22 should support TLS profile",
-		},
-		{
-			pluginType:         uiv1alpha1.TypeMonitoring,
-			clusterVersion:     "4.15",
-			expectedTLSSupport: true,
-			description:        "Monitoring plugin v4.15 should support TLS profile",
-		},
-		{
-			pluginType:         uiv1alpha1.TypeMonitoring,
-			clusterVersion:     "4.19",
-			expectedTLSSupport: true,
-			description:        "Monitoring plugin v4.19 should support TLS profile",
-		},
-		{
-			pluginType:         uiv1alpha1.TypeMonitoring,
-			clusterVersion:     "4.22",
-			expectedTLSSupport: true,
-			description:        "Monitoring plugin v4.22 should support TLS profile",
-		},
-		{
-			pluginType:         uiv1alpha1.TypeDistributedTracing,
-			clusterVersion:     "4.11",
-			expectedTLSSupport: true,
-			description:        "DistributedTracing plugin should support TLS profile",
-		},
-		{
-			pluginType:         uiv1alpha1.TypeDistributedTracing,
-			clusterVersion:     "4.22",
-			expectedTLSSupport: true,
-			description:        "DistributedTracing plugin v4.22 should support TLS profile",
-		},
-		{
-			pluginType:         uiv1alpha1.TypeTroubleshootingPanel,
-			clusterVersion:     "4.19",
-			expectedTLSSupport: false,
-			description:        "TroubleshootingPanel plugin should support TLS profile",
-		},
-		{
-			pluginType:         uiv1alpha1.TypeTroubleshootingPanel,
-			clusterVersion:     "4.22",
-			expectedTLSSupport: false,
-			description:        "TroubleshootingPanel plugin v4.22 should support TLS profile",
-		},
-	} {
-		t.Run(fmt.Sprintf("%s/%s", tc.pluginType, tc.clusterVersion), func(t *testing.T) {
-			info, err := lookupImageAndFeatures(tc.pluginType, tc.clusterVersion)
-			assert.NilError(t, err, "Should successfully lookup plugin info")
-
-			assert.Equal(t, tc.expectedTLSSupport, info.SupportsTLSProfile, tc.description)
-		})
-	}
-}
diff --git a/pkg/controllers/uiplugin/components_test.go b/pkg/controllers/uiplugin/components_test.go
@@ -168,66 +168,3 @@ func indexOfArg(args []string, target string) int {
 	}
 	return -1
 }
-
-func TestPluginComponentReconcilersTLSProfile(t *testing.T) {
-	testCases := []struct {
-		name          string
-		tlsMinVersion string
-		tlsCiphers    []string
-		expectTLS     bool
-	}{
-		{
-			name:          "TLS profile applied when SupportsTLSProfile populates fields",
-			tlsMinVersion: "VersionTLS12",
-			tlsCiphers:    []string{"TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384"},
-			expectTLS:     true,
-		},
-		{
-			name:          "no TLS args when plugin does not support TLS profile",
-			tlsMinVersion: "",
-			tlsCiphers:    nil,
-			expectTLS:     false,
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			info := UIPluginInfo{
-				Name:              "test-plugin",
-				ConsoleName:       "test-console-plugin",
-				Image:             "test-image:latest",
-				ResourceNamespace: "test-ns",
-				ExtraArgs:         []string{"-config-path=/opt/app-root/config"},
-				TLSMinVersion:     tc.tlsMinVersion,
-				TLSCiphers:        tc.tlsCiphers,
-			}
-
-			deploy := newDeployment(info, "test-ns", nil)
-			args := deploy.Spec.Template.Spec.Containers[0].Args
-
-			if tc.expectTLS {
-				assert.Assert(t, containsArg(args, "-tls-min-version="+tc.tlsMinVersion),
-					"expected -tls-min-version arg in %v", args)
-				assert.Assert(t, containsArgPrefix(args, "-tls-cipher-suites="),
-					"expected -tls-cipher-suites arg in %v", args)
-
-				// TLS args must come after plugin-specific extra args
-				extraIdx := indexOfArg(args, "-config-path=/opt/app-root/config")
-				tlsIdx := indexOfArg(args, "-tls-min-version="+tc.tlsMinVersion)
-				assert.Assert(t, extraIdx < tlsIdx,
-					"TLS args (idx %d) should appear after extra args (idx %d)", tlsIdx, extraIdx)
-			} else {
-				assert.Assert(t, !containsArgPrefix(args, "-tls-min-version="),
-					"unexpected -tls-min-version arg in %v", args)
-				assert.Assert(t, !containsArgPrefix(args, "-tls-cipher-suites="),
-					"unexpected -tls-cipher-suites arg in %v", args)
-			}
-
-			// Base args must always be present regardless of TLS
-			assert.Assert(t, containsArg(args, "-port=9443"))
-			assert.Assert(t, containsArg(args, "-cert=/var/serving-cert/tls.crt"))
-			assert.Assert(t, containsArg(args, "-key=/var/serving-cert/tls.key"))
-			assert.Assert(t, containsArg(args, "-config-path=/opt/app-root/config"))
-		})
-	}
-}
diff --git a/pkg/controllers/uiplugin/plugin_info_builder.go b/pkg/controllers/uiplugin/plugin_info_builder.go
@@ -114,15 +114,8 @@ func PluginInfoBuilder(ctx context.Context, k client.Client, dk dynamic.Interfac
 		return nil, fmt.Errorf("plugin type not supported: %s", plugin.Spec.Type)
 	}
 
-	if compatibilityInfo.SupportsTLSProfile {
-		pluginInfo.TLSMinVersion = string(pluginConf.TLSProfile.MinTLSVersion)
-		pluginInfo.TLSCiphers = libgocrypto.OpenSSLToIANACipherSuites(pluginConf.TLSProfile.Ciphers)
-	} else {
-		logger.Info("TLS profile not applied: plugin image does not support TLS profile flags",
-			"plugin", plugin.Name,
-			"pluginType", plugin.Spec.Type,
-			"imageKey", compatibilityInfo.ImageKey)
-	}
+	pluginInfo.TLSMinVersion = string(pluginConf.TLSProfile.MinTLSVersion)
+	pluginInfo.TLSCiphers = libgocrypto.OpenSSLToIANACipherSuites(pluginConf.TLSProfile.Ciphers)
 
 	return pluginInfo, err
 }
