OCPBUGS-31666: route: Fix insecureEdgeTerminationPolicy default

openapi/openapi.json

@@ -34626,7 +34626,7 @@
           "$ref": "#/definitions/com.github.openshift.api.route.v1.LocalObjectReference"
         },
         "insecureEdgeTerminationPolicy": {
-          "description": "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80.\n\n* Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+          "description": "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80.\n\nIf a route does not specify insecureEdgeTerminationPolicy, then the default behavior is \"None\".\n\n* Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only).\n\n* None - no traffic is allowed on the insecure port (default).\n\n* Redirect - clients are redirected to the secure port.",
           "type": "string"
         },
         "key": {

route/v1/types.go

@@ -447,8 +447,12 @@ type TLSConfig struct {
 	// insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While
 	// each router may make its own decisions on which ports to expose, this is normally port 80.
 	//
-	// * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default).
-	// * None - no traffic is allowed on the insecure port.
+	// If a route does not specify insecureEdgeTerminationPolicy, then the default behavior is "None".
+	//
+	// * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only).
+	//
+	// * None - no traffic is allowed on the insecure port (default).
+	//
 	// * Redirect - clients are redirected to the secure port.
 	//
 	// +kubebuilder:validation:Enum=Allow;None;Redirect;""

route/v1/zz_generated.crd-manifests/routes-CustomNoUpgrade.crd.yaml

@@ -519,10 +519,12 @@ spec:
                     description: "insecureEdgeTerminationPolicy indicates the desired
                       behavior for insecure connections to a route. While each router
                       may make its own decisions on which ports to expose, this is
-                      normally port 80. \n * Allow - traffic is sent to the server
-                      on the insecure port (edge/reencrypt terminations only) (default).
-                      * None - no traffic is allowed on the insecure port. * Redirect
-                      - clients are redirected to the secure port."
+                      normally port 80. \n If a route does not specify insecureEdgeTerminationPolicy,
+                      then the default behavior is \"None\". \n * Allow - traffic
+                      is sent to the server on the insecure port (edge/reencrypt terminations
+                      only). \n * None - no traffic is allowed on the insecure port
+                      (default). \n * Redirect - clients are redirected to the secure
+                      port."
                     enum:
                     - Allow
                     - None

route/v1/zz_generated.crd-manifests/routes-Default.crd.yaml

@@ -507,10 +507,12 @@ spec:
                     description: "insecureEdgeTerminationPolicy indicates the desired
                       behavior for insecure connections to a route. While each router
                       may make its own decisions on which ports to expose, this is
-                      normally port 80. \n * Allow - traffic is sent to the server
-                      on the insecure port (edge/reencrypt terminations only) (default).
-                      * None - no traffic is allowed on the insecure port. * Redirect
-                      - clients are redirected to the secure port."
+                      normally port 80. \n If a route does not specify insecureEdgeTerminationPolicy,
+                      then the default behavior is \"None\". \n * Allow - traffic
+                      is sent to the server on the insecure port (edge/reencrypt terminations
+                      only). \n * None - no traffic is allowed on the insecure port
+                      (default). \n * Redirect - clients are redirected to the secure
+                      port."
                     enum:
                     - Allow
                     - None

route/v1/zz_generated.crd-manifests/routes-DevPreviewNoUpgrade.crd.yaml

@@ -519,10 +519,12 @@ spec:
                     description: "insecureEdgeTerminationPolicy indicates the desired
                       behavior for insecure connections to a route. While each router
                       may make its own decisions on which ports to expose, this is
-                      normally port 80. \n * Allow - traffic is sent to the server
-                      on the insecure port (edge/reencrypt terminations only) (default).
-                      * None - no traffic is allowed on the insecure port. * Redirect
-                      - clients are redirected to the secure port."
+                      normally port 80. \n If a route does not specify insecureEdgeTerminationPolicy,
+                      then the default behavior is \"None\". \n * Allow - traffic
+                      is sent to the server on the insecure port (edge/reencrypt terminations
+                      only). \n * None - no traffic is allowed on the insecure port
+                      (default). \n * Redirect - clients are redirected to the secure
+                      port."
                     enum:
                     - Allow
                     - None

route/v1/zz_generated.crd-manifests/routes-TechPreviewNoUpgrade.crd.yaml

@@ -519,10 +519,12 @@ spec:
                     description: "insecureEdgeTerminationPolicy indicates the desired
                       behavior for insecure connections to a route. While each router
                       may make its own decisions on which ports to expose, this is
-                      normally port 80. \n * Allow - traffic is sent to the server
-                      on the insecure port (edge/reencrypt terminations only) (default).
-                      * None - no traffic is allowed on the insecure port. * Redirect
-                      - clients are redirected to the secure port."
+                      normally port 80. \n If a route does not specify insecureEdgeTerminationPolicy,
+                      then the default behavior is \"None\". \n * Allow - traffic
+                      is sent to the server on the insecure port (edge/reencrypt terminations
+                      only). \n * None - no traffic is allowed on the insecure port
+                      (default). \n * Redirect - clients are redirected to the secure
+                      port."
                     enum:
                     - Allow
                     - None

route/v1/zz_generated.featuregated-crd-manifests/routes.route.openshift.io/AAA_ungated.yaml

@@ -448,10 +448,12 @@ spec:
                     description: "insecureEdgeTerminationPolicy indicates the desired
                       behavior for insecure connections to a route. While each router
                       may make its own decisions on which ports to expose, this is
-                      normally port 80. \n * Allow - traffic is sent to the server
-                      on the insecure port (edge/reencrypt terminations only) (default).
-                      * None - no traffic is allowed on the insecure port. * Redirect
-                      - clients are redirected to the secure port."
+                      normally port 80. \n If a route does not specify insecureEdgeTerminationPolicy,
+                      then the default behavior is \"None\". \n * Allow - traffic
+                      is sent to the server on the insecure port (edge/reencrypt terminations
+                      only). \n * None - no traffic is allowed on the insecure port
+                      (default). \n * Redirect - clients are redirected to the secure
+                      port."
                     enum:
                     - Allow
                     - None

route/v1/zz_generated.featuregated-crd-manifests/routes.route.openshift.io/ExternalRouteCertificate.yaml

@@ -460,10 +460,12 @@ spec:
                     description: "insecureEdgeTerminationPolicy indicates the desired
                       behavior for insecure connections to a route. While each router
                       may make its own decisions on which ports to expose, this is
-                      normally port 80. \n * Allow - traffic is sent to the server
-                      on the insecure port (edge/reencrypt terminations only) (default).
-                      * None - no traffic is allowed on the insecure port. * Redirect
-                      - clients are redirected to the secure port."
+                      normally port 80. \n If a route does not specify insecureEdgeTerminationPolicy,
+                      then the default behavior is \"None\". \n * Allow - traffic
+                      is sent to the server on the insecure port (edge/reencrypt terminations
+                      only). \n * None - no traffic is allowed on the insecure port
+                      (default). \n * Redirect - clients are redirected to the secure
+                      port."
                     enum:
                     - Allow
                     - None