diff --git a/api/v1alpha1/backstage_types.go b/api/v1alpha1/backstage_types.go index 0facd95a..61332c55 100644 --- a/api/v1alpha1/backstage_types.go +++ b/api/v1alpha1/backstage_types.go @@ -260,6 +260,8 @@ type TLS struct { // chain. Do not include a CA certificate. The secret referenced should // be present in the same namespace as that of the Route. // Forbidden when `certificate` is set. + // Note that securing Routes with external certificates in TLS secrets is a Technology Preview feature in OpenShift, + // and requires enabling the `RouteExternalCertificate` OpenShift Feature Gate and might not be functionally complete. // +optional ExternalCertificateSecretName string `json:"externalCertificateSecretName,omitempty"` diff --git a/api/v1alpha2/backstage_types.go b/api/v1alpha2/backstage_types.go index a1288242..d94976a5 100644 --- a/api/v1alpha2/backstage_types.go +++ b/api/v1alpha2/backstage_types.go @@ -275,6 +275,8 @@ type TLS struct { // chain. Do not include a CA certificate. The secret referenced should // be present in the same namespace as that of the Route. // Forbidden when `certificate` is set. + // Note that securing Routes with external certificates in TLS secrets is a Technology Preview feature in OpenShift, + // and requires enabling the `RouteExternalCertificate` OpenShift Feature Gate and might not be functionally complete. // +optional ExternalCertificateSecretName string `json:"externalCertificateSecretName,omitempty"` diff --git a/bundle/manifests/backstage-operator.clusterserviceversion.yaml b/bundle/manifests/backstage-operator.clusterserviceversion.yaml index 9578ec6d..59f474c3 100644 --- a/bundle/manifests/backstage-operator.clusterserviceversion.yaml +++ b/bundle/manifests/backstage-operator.clusterserviceversion.yaml @@ -21,7 +21,7 @@ metadata: } ] capabilities: Seamless Upgrades - createdAt: "2024-07-16T20:47:15Z" + createdAt: "2024-07-25T11:50:13Z" operatorframework.io/suggested-namespace: backstage-system operators.operatorframework.io/builder: operator-sdk-v1.33.0 operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 diff --git a/bundle/manifests/rhdh.redhat.com_backstages.yaml b/bundle/manifests/rhdh.redhat.com_backstages.yaml index 8acba889..2ae9d8ee 100644 --- a/bundle/manifests/rhdh.redhat.com_backstages.yaml +++ b/bundle/manifests/rhdh.redhat.com_backstages.yaml @@ -260,7 +260,11 @@ spec: serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. - Forbidden when `certificate` is set. + Forbidden when `certificate` is set. Note that securing + Routes with external certificates in TLS secrets is + a Technology Preview feature in OpenShift, and requires + enabling the `RouteExternalCertificate` OpenShift Feature + Gate and might not be functionally complete. type: string key: description: key provides key file contents @@ -622,7 +626,11 @@ spec: serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. - Forbidden when `certificate` is set. + Forbidden when `certificate` is set. Note that securing + Routes with external certificates in TLS secrets is + a Technology Preview feature in OpenShift, and requires + enabling the `RouteExternalCertificate` OpenShift Feature + Gate and might not be functionally complete. type: string key: description: key provides key file contents diff --git a/config/crd/bases/rhdh.redhat.com_backstages.yaml b/config/crd/bases/rhdh.redhat.com_backstages.yaml index e42a54e1..5930c075 100644 --- a/config/crd/bases/rhdh.redhat.com_backstages.yaml +++ b/config/crd/bases/rhdh.redhat.com_backstages.yaml @@ -261,7 +261,11 @@ spec: serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. - Forbidden when `certificate` is set. + Forbidden when `certificate` is set. Note that securing + Routes with external certificates in TLS secrets is + a Technology Preview feature in OpenShift, and requires + enabling the `RouteExternalCertificate` OpenShift Feature + Gate and might not be functionally complete. type: string key: description: key provides key file contents @@ -623,7 +627,11 @@ spec: serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. - Forbidden when `certificate` is set. + Forbidden when `certificate` is set. Note that securing + Routes with external certificates in TLS secrets is + a Technology Preview feature in OpenShift, and requires + enabling the `RouteExternalCertificate` OpenShift Feature + Gate and might not be functionally complete. type: string key: description: key provides key file contents