creates proxy TLS secret in the runtime

Author: aorcholski

doc/e2e/features.md

@@ -219,15 +219,15 @@ import "github.com/Dynatrace/dynatrace-operator/test/features/cloudnative/codemo
 
 <a name="ImageHasBeenDownloaded"></a>
 
-## func [ImageHasBeenDownloaded](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L488>)
+## func [ImageHasBeenDownloaded](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L493>)
 
 ```go
 func ImageHasBeenDownloaded(dk dynakube.DynaKube) features.Func
 ```
 
 <a name="InstallFromImage"></a>
 
-## func [InstallFromImage](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L69>)
+## func [InstallFromImage](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L68>)
 
 ```go
 func InstallFromImage(t *testing.T) features.Feature
@@ -237,15 +237,15 @@ Verification that the storage in the CSI driver directory does not increase when
 
 <a name="VolumesAreMountedCorrectly"></a>
 
-## func [VolumesAreMountedCorrectly](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L574>)
+## func [VolumesAreMountedCorrectly](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L579>)
 
 ```go
 func VolumesAreMountedCorrectly(sampleApp sample.App) features.Func
 ```
 
 <a name="WithProxy"></a>
 
-## func [WithProxy](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L138>)
+## func [WithProxy](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L137>)
 
 ```go
 func WithProxy(t *testing.T, proxySpec *value.Source) features.Feature
@@ -261,31 +261,31 @@ Connectivity in the dynatrace namespace and sample application namespace is rest
 
 <a name="WithProxyAndAGCert"></a>
 
-## func [WithProxyAndAGCert](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L207>)
+## func [WithProxyAndAGCert](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L206>)
 
 ```go
 func WithProxyAndAGCert(t *testing.T, proxySpec *value.Source) features.Feature
 ```
 
 <a name="WithProxyAndAutomaticAGCert"></a>
 
-## func [WithProxyAndAutomaticAGCert](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L272>)
+## func [WithProxyAndAutomaticAGCert](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L271>)
 
 ```go
 func WithProxyAndAutomaticAGCert(t *testing.T, proxySpec *value.Source) features.Feature
 ```
 
 <a name="WithProxyCAAndAGCert"></a>
 
-## func [WithProxyCAAndAGCert](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L334>)
+## func [WithProxyCAAndAGCert](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L333>)
 
 ```go
 func WithProxyCAAndAGCert(t *testing.T, proxySpec *value.Source) features.Feature
 ```
 
 <a name="WithProxyCAAndAutomaticAGCert"></a>
 
-## func [WithProxyCAAndAutomaticAGCert](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L407>)
+## func [WithProxyCAAndAutomaticAGCert](<https://github.com/Dynatrace/dynatrace-operator/blob/main/test/features/cloudnative/codemodules/codemodules.go#L409>)
 
 ```go
 func WithProxyCAAndAutomaticAGCert(t *testing.T, proxySpec *value.Source) features.Feature

test/features/cloudnative/codemodules/codemodules.go

@@ -58,7 +58,6 @@ const (
 
 	agSecretName                    = "ag-ca"
 	configMapName                   = "proxy-ca"
-	proxyCertificate                = "custom-cas/custom.pem"
 	agCertificate                   = "custom-cas/agcrt.pem"
 	agCertificateAndPrivateKey      = "custom-cas/agcrtkey.p12"
 	agCertificateAndPrivateKeyField = "server.p12"
@@ -367,14 +366,17 @@ func WithProxyCAAndAGCert(t *testing.T, proxySpec *value.Source) features.Featur
 		})
 	builder.Assess("create AG TLS secret", secret.Create(agSecret))
 
+	proxyCert, proxyPk, err := proxy.CreateProxyTLSCertAndKey()
+	require.NoError(t, err, "failed to create proxy TLS secret")
+
 	// Add customCA config map
-	trustedCa, _ := os.ReadFile(path.Join(project.TestDataDir(), proxyCertificate))
+	trustedCa := proxyCert
 	caConfigMap := configmap.New(configMapName, cloudNativeDynakube.Namespace,
 		map[string]string{dynakube.TrustedCAKey: string(trustedCa)})
 	builder.Assess("create trusted CAs config map", configmap.Create(caConfigMap))
 
 	// Register proxy create and delete
-	proxy.SetupProxyWithCustomCAandTeardown(t, builder, cloudNativeDynakube)
+	proxy.SetupProxyWithCustomCAandTeardown(t, builder, cloudNativeDynakube, proxyCert, proxyPk)
 	proxy.CutOffDynatraceNamespace(builder, proxySpec)
 	proxy.IsDynatraceNamespaceCutOff(builder, cloudNativeDynakube)
 
@@ -428,14 +430,17 @@ func WithProxyCAAndAutomaticAGCert(t *testing.T, proxySpec *value.Source) featur
 
 	builder.Assess("create sample namespace", sampleApp.InstallNamespace())
 
+	proxyCert, proxyPk, err := proxy.CreateProxyTLSCertAndKey()
+	require.NoError(t, err, "failed to create proxy TLS secret")
+
 	// Add customCA config map
-	trustedCa, _ := os.ReadFile(path.Join(project.TestDataDir(), proxyCertificate))
+	trustedCa := proxyCert
 	caConfigMap := configmap.New(configMapName, cloudNativeDynakube.Namespace,
 		map[string]string{dynakube.TrustedCAKey: string(trustedCa)})
 	builder.Assess("create trusted CAs config map", configmap.Create(caConfigMap))
 
 	// Register proxy create and delete
-	proxy.SetupProxyWithCustomCAandTeardown(t, builder, cloudNativeDynakube)
+	proxy.SetupProxyWithCustomCAandTeardown(t, builder, cloudNativeDynakube, proxyCert, proxyPk)
 	proxy.CutOffDynatraceNamespace(builder, proxySpec)
 	proxy.IsDynatraceNamespaceCutOff(builder, cloudNativeDynakube)
 

test/helpers/proxy/proxy.go

@@ -4,6 +4,7 @@ package proxy
 
 import (
 	"context"
+	"crypto/x509"
 	"fmt"
 	"path"
 	"path/filepath"
@@ -12,6 +13,8 @@ import (
 	"github.com/Dynatrace/dynatrace-operator/pkg/api/shared/value"
 	"github.com/Dynatrace/dynatrace-operator/pkg/api/v1beta4/dynakube"
 	"github.com/Dynatrace/dynatrace-operator/pkg/injection/codemodule/installer/common"
+	"github.com/Dynatrace/dynatrace-operator/pkg/util/certificates"
+	"github.com/Dynatrace/dynatrace-operator/pkg/util/timeprovider"
 	"github.com/Dynatrace/dynatrace-operator/pkg/webhook"
 	oamutation "github.com/Dynatrace/dynatrace-operator/pkg/webhook/mutation/pod/v1/oneagent"
 	"github.com/Dynatrace/dynatrace-operator/test/helpers"
@@ -20,6 +23,7 @@ import (
 	"github.com/Dynatrace/dynatrace-operator/test/helpers/kubeobjects/manifests"
 	"github.com/Dynatrace/dynatrace-operator/test/helpers/kubeobjects/namespace"
 	"github.com/Dynatrace/dynatrace-operator/test/helpers/kubeobjects/pod"
+	"github.com/Dynatrace/dynatrace-operator/test/helpers/kubeobjects/secret"
 	"github.com/Dynatrace/dynatrace-operator/test/helpers/platform"
 	"github.com/Dynatrace/dynatrace-operator/test/helpers/sample"
 	"github.com/Dynatrace/dynatrace-operator/test/helpers/shell"
@@ -45,9 +49,10 @@ const (
 var (
 	dynatraceNetworkPolicy = path.Join(project.TestDataDir(), "network/dynatrace-denial.yaml")
 
-	proxyDeploymentPath             = path.Join(project.TestDataDir(), "network/proxy.yaml")
-	proxyWithCustomCADeploymentPath = path.Join(project.TestDataDir(), "network/proxy-ssl.yaml")
-	proxySCCPath                    = path.Join(project.TestDataDir(), "network/proxy-scc.yaml")
+	proxyDeploymentPath                      = path.Join(project.TestDataDir(), "network/proxy.yaml")
+	proxyWithCustomCADeploymentPath          = path.Join(project.TestDataDir(), "network/proxy-ssl.yaml")
+	proxyNamespaceWithCustomCADeploymentPath = path.Join(project.TestDataDir(), "network/proxy-ssl-namespace.yaml")
+	proxySCCPath                             = path.Join(project.TestDataDir(), "network/proxy-scc.yaml")
 
 	ProxySpec = &value.Source{
 		Value: "http://squid.proxy.svc.cluster.local:3128",
@@ -67,8 +72,11 @@ func SetupProxyWithTeardown(t *testing.T, builder *features.FeatureBuilder, test
 	}
 }
 
-func SetupProxyWithCustomCAandTeardown(t *testing.T, builder *features.FeatureBuilder, testDynakube dynakube.DynaKube) {
+func SetupProxyWithCustomCAandTeardown(t *testing.T, builder *features.FeatureBuilder, testDynakube dynakube.DynaKube, pemCert []byte, pemPk []byte) {
 	if testDynakube.Spec.Proxy != nil {
+		builder.Assess("create proxy namespace", helpers.ToFeatureFunc(manifests.InstallFromFile(proxyNamespaceWithCustomCADeploymentPath), true))
+		proxySecret := createProxyTLSSecret(pemCert, pemPk)
+		builder.Assess("create proxy TLS secret", secret.Create(proxySecret))
 		installProxySCC(builder, t)
 		builder.Assess("install proxy", helpers.ToFeatureFunc(manifests.InstallFromFile(proxyWithCustomCADeploymentPath), true))
 		builder.Assess("proxy started", helpers.ToFeatureFunc(deployment.WaitFor(proxyDeploymentName, proxyNamespaceName), true))
@@ -141,3 +149,43 @@ func CheckRuxitAgentProcFileHasProxySetting(sampleApp sample.App, proxySpec *val
 func getWebhookServiceUrl(dk dynakube.DynaKube) string {
 	return fmt.Sprintf("%s.%s.svc.cluster.local", webhook.DeploymentName, dk.Namespace)
 }
+
+func createProxyTLSSecret(pemCert []byte, pemPK []byte) corev1.Secret {
+	pem := pemCert
+	pem = append(pem, byte('\n'))
+	pem = append(pem, pemPK...)
+
+	secretData := map[string][]byte{
+		"squid-ca-cert.pem": pem,
+	}
+
+	proxySecret := secret.New("proxy-ca", "proxy", secretData)
+	proxySecret.Type = corev1.SecretTypeOpaque
+
+	return proxySecret
+}
+
+func CreateProxyTLSCertAndKey() (pemCert []byte, pemKey []byte, err error) {
+	cert, err := certificates.New(timeprovider.New())
+	if err != nil {
+		return nil, nil, err
+	}
+
+	cert.Cert.DNSNames = []string{
+		"squid.proxy",
+		"squid.proxy.svc",
+		"squid.proxy.svc.cluster.local",
+	}
+	cert.Cert.KeyUsage = x509.KeyUsageKeyEncipherment | x509.KeyUsageDataEncipherment
+	cert.Cert.ExtKeyUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}
+	cert.Cert.Subject.CommonName = "squid.proxy"
+	cert.Cert.IsCA = true
+	cert.Cert.BasicConstraintsValid = true
+
+	err = cert.SelfSign()
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return cert.ToPEM()
+}

test/testdata/custom-cas/custom.pem

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: proxy
+  annotations:
+    dynatrace.com/inject: "false"
+  labels:
+    app: squid

test/testdata/network/proxy-ssl-namespace.yaml

@@ -1,28 +1,10 @@
 apiVersion: v1
-kind: Namespace
-metadata:
-  name: proxy
-  annotations:
-    dynatrace.com/inject: "false"
-  labels:
-    app: squid
----
-apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: proxy
   namespace: proxy
 ---
 apiVersion: v1
-kind: Secret
-metadata:
-  name: proxy-ca
-  namespace: proxy
-data:
-  squid-ca-cert.pem: |
-    LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZWRENDQXp5Z0F3SUJBZ0lVUGlSSnphM0tVMnBYenVtVnB2eUhpNjduSXRrd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0ZqRVVNQklHQTFVRUF3d0xjM0YxYVdRdWNISnZlSGt3SGhjTk1qVXdNakF6TVRJeE1qUXlXaGNOTWpZdwpNakF6TVRJeE1qUXlXakFXTVJRd0VnWURWUVFEREF0emNYVnBaQzV3Y205NGVUQ0NBaUl3RFFZSktvWklodmNOCkFRRUJCUUFEZ2dJUEFEQ0NBZ29DZ2dJQkFNRk9ualdzcERGR0ppc3pXSDh3S25lVlFQTnFMb1hLMGV3bS9BaHkKWUxEQVc0amlSQmVJOUoyZTZ2OEpkdlp6d2lIR1lidEpRbll6Q2RQYWg3cWRlTEkzUko2akxBMWlCWWp1YWpJNgpEb2RnZi9paFQ5ejB2d1M0VXBKOEZOQjk4UUR1Z25ndzJkblR6TmJDRjFIeHh4WGhXbVRIUktQdjc5cVdHZzJRCk1xSzd3M210S1BONmhhNURaaE5WNmVqZGNtSlpVNEw5bU9tQ0pJWkVPa1UvS0tNM2huV1FUd1QwSXpxeHBwT2cKY2hDWFh0c09aV1AxSlNXZ0dlYkN5ZTJ5TlFRSWtzQnVIWW5qWlFjOWcvOTE5c293Q0daYkVaYzE5a2d2YWErSQpqTk5BQWg1UEgrVXVTemp1cGQrSEpHWnR6MzlVL3B2UW16L0ltdW50d0daRUVNTENZMUx3K0gzTzJXN2JLQWFjCmhNNFFEYWg1SjVFbjc3K2xGaytjZTBkbmN0UTc2aUwxd3cwVERpTFM1QzdvWjVsR2ZnaWRYZ0lZYnBzSVZoVUgKZWU4RWkwWmM2SzNzbU1NNGRYc3FKdHdXRVJoczBHMnUvQ3ZKMXI0Z3hlSUFmNStiaWhYUEdJOWxNdFBSSGEvMQozMVNuNlVUeVphb2l6alNZeVltSXVJZllNVkM1WCtEdEZVYjN3RysvVXlTdHFEcUZYUExEUzN5SHloajQyejhPClNBeDgydlpEUE8rQ0lWRHpzcWhyeGcyRzlzNWdCRnp2L3hTYWNFbFpFd3pFTGEwZmNyQXJhOEJMamtGVmdkaE0KTnNOWjRDWU9oRjJpdURDOWFRbXNXS0Iwak5CdWpkTW0vRVBKS1VETEtnMCtKNHJEYTg1WU5EOTZOYUtMWktVMgpjNk5kQWdNQkFBR2pnWmt3Z1pZd0hRWURWUjBPQkJZRUZBZjhOaDZENVpHUFBoVkNmOFBYOFM0cCtHcE9NQjhHCkExVWRJd1FZTUJhQUZBZjhOaDZENVpHUFBoVkNmOFBYOFM0cCtHcE9NRVlHQTFVZEVRUS9NRDJDQzNOeGRXbGsKTG5CeWIzaDVnZzl6Y1hWcFpDNXdjbTk0ZVM1emRtT0NIWE54ZFdsa0xuQnliM2g1TG5OMll5NWpiSFZ6ZEdWeQpMbXh2WTJGc01Bd0dBMVVkRXdRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0lCQUNzYThMNGJvRkltCkxaVHp0VVpkUUFIWm51SmlNSEhzMnZidmJLM256aWFGZDl5Z2YwZi94L3hKNGI5QWU1bXpBc0MrdE42NVB3UnQKTDlua1lyOEttV0hVaERqY0IweWE3NFliTllqbGJiT2ZQa0R0SDIxSEd1T1JEVEJlMER3OWFjTW1YeTBhcmRZdQpjbTQveDBJMWlBRmNPbDFPWDYxVTlsYjc1RzJGaitXT2JPeldWWEJEQ0pWRGtUWjJETittNGZTL1JJRWhTcm1rCmNDTWFJcjYwc0tNT2lQWGdBSXBRR1ZYRVYxNDJSbThiZHVjb00yeG81ZmZVK1BaN1pVbk8rdXAzNXdHU0NEcHEKYm9HcEpUSUxxQTY4WGhzUGFvSEY2T0YvcERSTzlveFE1YVlIUWw3UmF4Tml6c2YwVHFoVWJZeGc1L1hVUnZTagpnSDE3T2MwRlFpaG9xU1NtRVZlVXE5aUUxOHVITENlMjdlVWNsL1VqK29PQlg0cXZIeXNkSmRGSWNQY2VOcllxCkVkU0ZGek5pckprVDlodG56YlhHZXhXdUJCQW9pWnlGaUJqU0kvaHlna0w5QzQzYUhSK2V6dU9lZHlVRm9XKzEKeGgvNGdXYUVlMDFXczVVbjhYcUdleE5UdWtQcjkrMlJ0R3R2d1htOWZVbGhZaEpLSEVzcTdZaDFUelNleWxMSwppSEUzZ2FicXk5SEh3SzJpcWhSODM0NUY4aXJGQys3QVJIVHE1NVVJdldOb2p6YVc1bndXSkR4YXkrYm1QKzZyCkVqdFAzNlVVaEg4RXhBUjRkNTlGQWVUaTZnSC85TkZOZjFEV0h0ZDRDbmRpeHM5VkVLa1FaMUx4MXpiSUhGTmgKaUpWUlNaczJIWlZqUEF4R3V5ZFJIcDlKOWI3SmthNkMKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQotLS0tLUJFR0lOIFBSSVZBVEUgS0VZLS0tLS0KTUlJSlFnSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NDU3d3Z2drb0FnRUFBb0lDQVFEQlRwNDFyS1F4UmlZcgpNMWgvTUNwM2xVRHphaTZGeXRIc0p2d0ljbUN3d0Z1STRrUVhpUFNkbnVyL0NYYjJjOEloeG1HN1NVSjJNd25UCjJvZTZuWGl5TjBTZW95d05ZZ1dJN21veU9nNkhZSC80b1UvYzlMOEV1RktTZkJUUWZmRUE3b0o0TU5uWjA4elcKd2hkUjhjY1Y0VnBreDBTajcrL2FsaG9Oa0RLaXU4TjVyU2p6ZW9XdVEyWVRWZW5vM1hKaVdWT0MvWmpwZ2lTRwpSRHBGUHlpak40WjFrRThFOUNNNnNhYVRvSElRbDE3YkRtVmo5U1Vsb0JubXdzbnRzalVFQ0pMQWJoMko0MlVIClBZUC9kZmJLTUFobVd4R1hOZlpJTDJtdmlJelRRQUllVHgvbExrczQ3cVhmaHlSbWJjOS9WUDZiMEpzL3lKcnAKN2NCbVJCREN3bU5TOFBoOXp0bHUyeWdHbklUT0VBMm9lU2VSSisrL3BSWlBuSHRIWjNMVU8rb2k5Y01ORXc0aQowdVF1NkdlWlJuNEluVjRDR0c2YkNGWVZCM252Qkl0R1hPaXQ3SmpET0hWN0tpYmNGaEVZYk5CdHJ2d3J5ZGErCklNWGlBSCtmbTRvVnp4aVBaVExUMFIydjlkOVVwK2xFOG1XcUlzNDBtTW1KaUxpSDJERlF1Vi9nN1JWRzk4QnYKdjFNa3JhZzZoVnp5dzB0OGg4b1krTnMvRGtnTWZOcjJRenp2Z2lGUTg3S29hOFlOaHZiT1lBUmM3LzhVbW5CSgpXUk1NeEMydEgzS3dLMnZBUzQ1QlZZSFlURGJEV2VBbURvUmRvcmd3dldrSnJGaWdkSXpRYm8zVEp2eER5U2xBCnl5b05QaWVLdzJ2T1dEUS9laldpaTJTbE5uT2pYUUlEQVFBQkFvSUNBQzV6K3hjQTd0QWNnRzJmUUNRSWFod2sKbE9BcDR4WXB3RHFVdjdvejZrSnZaMC9FdUFKRDJpektsTVJHL1B5S290dEU5aFZ3ckhVRkhOWjVUR2F2RXVNWQozdmVVVkxDK25uL2ljMGl3cE84cFpIZFdKSC8vbkt2QXM2OFovRktDQVZsczk1TjBnZFdUelVUS2pab1dsUFlRCkdvM2ZTUUp3VlY1YzlkUE9sQ3lCSEo5djJraHdhQkdSaHNVY3YwSkRmUXBmVnU5Q2krMkpaY2VTTzhLS1EvUzkKRWlYTVVRRHF2bENMZ25FMWZGTzZYSVFkdUlYRjBuQnhRZWd2WlNFbTB4Q3VFcjRGZURtN21IcWQ4TXVDQ0pWYgo1NWpaUjZmand0UmorR3pEVHJ3eFJKRU9DS2NsY2RRem5VN1RCZzlMVWpMU05RRXlweXd6dys1MVFPZ1NjVWhCCkJjWTJzcitXeml3R3lhMC9KdUZGaTFQam9sckpRSmxLRW9sZVVHeGZxUGN3ZWI4OUluOFE3dVlRSHNscmJ2M1AKYzdyWFJQLzkydWd1bS9ocTNJcURWcUhSVUIrUUkwTWdabHlkTi9RbENVaFNUbmxkZUhKbFNrOEwvdXZTTmVhaApXRnV4ZHdBZnBMUUE3ZXo2Z1BSandtRXAzZ3BnVkduRVpNcWIzaGtJbm9ZWnlrVW1TNUI4eHRDV3RXenhITUFDCnl0RU52N1RoeUUwWkdkZkhZRXBmQ2dFYnp5MUZDK0FXZGc3N3VyTE1ORWpvakRKOTZydHd2anUwMk9uRmVDaTAKUm15emEvaEJQanhzRUEzY3JZQXkxQlNMM0l2TGNGUC9nRXM4a0FqaWt3cURsNWNxeVcvYzdGN2VTTXBkeWY5QwplaXMrNHpIRDZORnpFYzBPNWhQaEFvSUJBUUR2Szh1UzBYdXB5aXZreThUVDVveGR5SnlNUk1xZW9DVWRGYndjClg4cUdmZnYxdlo4SkJKRHZGdHFZWnF4YlpTVmVBbTdWeTFCVGs3TlhhbmdoRi9tL05aM0dIRUVmWHZxY3lsdzYKL21QRXRLYXcwRU1DOC9tZFNMNjFramdlT2JiWVl4bW5Hd2QzYXJ4VEtacEJkOWFUcWZGUWdjQTdSZWVWa3hFWAo5N0F0TzZ1Qzk5OTJrRVdWS1dNRGtKbjNGSTBQTWN4WVN2bi9ORi95M1RncHJSTTZ0UDlGUWNtWC9OVElYb2l1CmhoM0x2bEU1MlhKQnpweC84SnhreGpPSkI5QXdLUC85endlVG1ncW1peUVJcWhlM0lUNjMzdDltV2hQR29JZVUKT0FkcFVBNHg1UmlLWGVaelUzZm4wQW83WlZVdjN3UWRkOFVhTThXZVcxVVA3clhaQW9JQkFRRE82S3dEMzJxcgo4bzdYWWhlS0toZHRMUnkzcFpHUlZheVlqWHZObFFQb1hQb1BvNjkxSk9OZWQrQWhrdVNNYzBJdFNBMGtMaXRUCmdyaVhpemhsNHpZMkptdENoRzhDRXRVVXhzbGY3UkY5SlNlN1p3ekhxeWVRVlNvdVF5aFllK1VKTWYwdTR6QTAKMWNTWTlFUGNweG1ja01nZ3dkc0NRbEpNYnJaMWRLeFNBTTBFRXlPcnFXdU9wd1hBWkhLRVdwcXh5M0Z4SGlZVgpXYVZ0K2ZzOERsODhwZU9tMVZaeXk4TllMSHl3VlFzS2s0UFpUL0hwZStMMHhyUGdxNXJyWHBjVWRmL3RmZGVoCjBxc3h4cmRSSmliMUFmdGh2ME5Mb1F0TUxxaXJjU1o4S1hxWFEwVG5PQ0JYTm9XSWNXUmlrM0ZlN1BGYXMrS0EKdkVEVXV5Z3ZMbE1sQW9JQkFBaExpNDczQndQM2lCZ3lYUXhBWmNQbTdrOExINy9xcS83YlB4LzR6b3hsbURTSQp0QmhhK1MvaHFnazVIbWM1RmRleDIrZzhXZmZjR285QW1SUUV3ZHU0MzFUOHErR0xxTU9CWFR1S2tTbEVYcmVwCk1Ybkx2bStQRTFZMjBRMXpVUDBtU3NCNTlvTlV4MTFYQnd1WVBXLzNwKy96NEJmdUw3OEhUOE4yQ3IwMjRaYjAKUStMWDFDSDlRbnJnTEFiZXhwbXRUM29NZDZrN1JzeWtrWXNZZnA4OW9kRGtIRHJTUVFzR0JGV1JQejFPeDRCcgpJMFJYQnlTRTB0Zkg3QWVucHJmVTVEUUlWeW51WU1vdjd5QmV6ZDNESUdxK0p4OWtwbVR3TW1PWW9lRXNMcUhhCllVU0RSemZld0R6aEFVbllGT0ZKS2RwZnlnMURtR29LbnVPamt0a0NnZ0VBWlVzYkN6cFJLcVN3c1ZqZ1ZVK04KOEhEcFlpNjRPUUpNWU5MRERUNHFqNU1WQ0pzRnhyK3NZQThudHNnSEE0dFpsbmx6bFliVXh5bHozUnpYRzJwRQptL1hyQk1GNDV2YjVRaGFmZDByRUNSUXJnMTlMcm1Sb0ZnemJmWko3S2ZaZGhrYm13QkdSQkF5ekZuNWV5cU16CnNxWmVrMHJVUVNMZXozUlQ5dVNMaUFuRVZINWFOQ3ZZOEJsc2cyZXBlSW95dVYvenhZRVErOXJMVmkvUGd2TTIKUkthaDhJYjRyM0o1eTZ6YnppZVVKRFZia3dQRVZwM0Qyamw4emp5MHR3Mnp3TnlUMGx5Tk9EZStmN3ZjK3VsRwpvU083UVhzMUlzMVFqcGM1RTlWdEZkUG9wQ3pXaXF1N2lYYXpvTHlDZkkvYUxMS3E1ZEN5em50YThjbytQZnJiCjBRS0NBUUVBcktXSThDOW1ENnlRdWZIQVBCRDJLTXhnUTJVdjNaUHZqNU5kcUppMjFweThNSjNyNWQ4RFFsQWcKQ2w3RURoNml0alY2cFhCeGdsL0Nha1lMcURtczh4aG1KVkhWSmtlZ0E4OW53QXMxekx3d21tUmpyU3U2R0F3VgphOWpNdEJWK3dhY09kWHQwUVRlbVVhbzdNY1gzVy9PU1l6WXBlS1dEemQwUy9qeDZadHJkM2lGQ20vMTBydkYyCmJ1QTlJTWE2Q041QytHTTFhZ2xrb2s0Z1VWYWtHSk1uMXJRc3F3b0JlVkpxSkFHRVRWcExKY0hhbzNhVFh6ckgKU2gvVGFxUEVZUzlpRnV6NWhsc3ZNWUFFZUtML0VZNGo4Vi9EMlljYTJMTG5HV1BzS2VMQ2FMWkhucU1ieWtHeQo3ZEVQdGVZRTlrVFZqcmtwV2t6SGYyelQ4d3NxNkE9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg==
----
-apiVersion: v1
 kind: ConfigMap
 metadata:
   name: configfile