feat(ingress): add TLS to ingress

[cgpoh]

Fix for 3472

[Copilot]

Pull Request Overview

This PR adds TLS configuration support to ingress resources in the Apicurio Registry operator. The implementation allows configuring multiple TLS secrets with their associated hosts through a new tlsSecrets field.

• Adds a new tlsSecrets field to the IngressSpec class for mapping secrets to hosts
• Implements TLS configuration in both app and UI ingress resources
• Provides comprehensive test coverage for the new TLS functionality

Reviewed Changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
IngressSpec.java	Adds new tlsSecrets field with proper JSON annotations and documentation
ingress-tls.apicurioregistry3.yaml	Example configuration demonstrating TLS setup for both app and UI ingresses
IngressITTest.java	Comprehensive integration tests covering TLS configuration and updates
IngressUtils.java	Utility method to convert TLS configuration to Kubernetes IngressTLS objects
UIIngressResource.java	Integrates TLS configuration into UI ingress resource creation
AppIngressResource.java	Integrates TLS configuration into app ingress resource creation

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

The comment mentions precedence over 'secretName' and 'tlsHosts' fields, but these fields are not visible in the current diff. If these are existing fields in the class, the documentation should clarify the interaction between these fields and the new tlsSecrets field.

Suggested change

	* If tlsSecrets is specified, it takes precedence over both secretName and tlsHosts.
	*/
	@JsonProperty("tlsSecrets")
	@JsonPropertyDescription("""
	Configure TLS configuration with secret-to-hosts mapping. \
	This allows multiple hosts to share the same TLS secret. \
	Format: { "secret-name": ["host1", "host2"], "another-secret": ["host3"] } \
	If tlsSecrets is specified, it takes precedence over both secretName and tlsHosts.""")
	* If tlsSecrets is specified, it will be used for TLS configuration.
	*/
	@JsonProperty("tlsSecrets")
	@JsonPropertyDescription("""
	Configure TLS configuration with secret-to-hosts mapping. \
	This allows multiple hosts to share the same TLS secret. \
	Format: { "secret-name": ["host1", "host2"], "another-secret": ["host3"] } \
	If tlsSecrets is specified, it will be used for TLS configuration.""")

[Copilot]

Using .orElseGet(null) is unnecessary since orElse(null) or simply chaining without .orElse*() would achieve the same result. The lambda () -> null is redundant here.

Suggested change

	.map(AppSpec::getIngress).map(IngressSpec::getTlsSecrets).orElseGet(null);
	case COMPONENT_UI -> ofNullable(primary.getSpec()).map(ApicurioRegistry3Spec::getUi)
	.map(UiSpec::getIngress).map(IngressSpec::getTlsSecrets).orElseGet(null);
	.map(AppSpec::getIngress).map(IngressSpec::getTlsSecrets).orElse(null);
	case COMPONENT_UI -> ofNullable(primary.getSpec()).map(ApicurioRegistry3Spec::getUi)
	.map(UiSpec::getIngress).map(IngressSpec::getTlsSecrets).orElse(null);

[jsenko]

hi @cgpoh apologies for leaving your PR open for a long time. I have other work at the moment, but will focus on this when possible.

[cgpoh]

hi @cgpoh apologies for leaving your PR open for a long time. I have other work at the moment, but will focus on this when possible.

No worries! Thanks @jsenko