chore: Use safe example domains defined in RFC 2606 (argoproj#16389)

AmadeusITGroup · Jun 16, 2024 · cc7c9da · cc7c9da
1 parent c13efca
commit cc7c9da
Show file tree

Hide file tree

Showing 31 changed files with 97 additions and 97 deletions.
diff --git a/applicationset/services/pull_request/azure_devops_test.go b/applicationset/services/pull_request/azure_devops_test.go
@@ -206,9 +206,9 @@ func TestBuildURL(t *testing.T) {
 		},
 		{
 			name:         "Provided custom URL and organization",
-			url:          "https://azuredevops.mycompany.com/",
+			url:          "https://azuredevops.example.com/",
 			organization: "myorganization",
-			expected:     "https://azuredevops.mycompany.com/myorganization",
+			expected:     "https://azuredevops.example.com/myorganization",
 		},
 	}
 

diff --git a/controller/cache/info_test.go b/controller/cache/info_test.go
@@ -52,7 +52,7 @@ var (
     resourceVersion: "123"
     uid: "4"
     annotations:
-      link.argocd.argoproj.io/external-link: http://my-grafana.com/pre-generated-link
+      link.argocd.argoproj.io/external-link: http://my-grafana.example.com/pre-generated-link
   spec:
     selector:
       app: guestbook
@@ -74,7 +74,7 @@ var (
       serviceName: not-found-service
       servicePort: 443
     rules:
-    - host: helm-guestbook.com
+    - host: helm-guestbook.example.com
       http:
         paths:
         - backend:
@@ -86,7 +86,7 @@ var (
             servicePort: https
           path: /
     tls:
-    - host: helm-guestbook.com
+    - host: helm-guestbook.example.com
     secretName: my-tls-secret
   status:
     loadBalancer:
@@ -101,13 +101,13 @@ var (
     namespace: default
     uid: "4"
     annotations:
-      link.argocd.argoproj.io/external-link: http://my-grafana.com/ingress-link
+      link.argocd.argoproj.io/external-link: http://my-grafana.example.com/ingress-link
   spec:
     backend:
       serviceName: not-found-service
       servicePort: 443
     rules:
-    - host: helm-guestbook.com
+    - host: helm-guestbook.example.com
       http:
         paths:
         - backend:
@@ -119,7 +119,7 @@ var (
             servicePort: https
           path: /
     tls:
-    - host: helm-guestbook.com
+    - host: helm-guestbook.example.com
     secretName: my-tls-secret
   status:
     loadBalancer:
@@ -138,7 +138,7 @@ var (
       serviceName: not-found-service
       servicePort: 443
     rules:
-    - host: helm-guestbook.com
+    - host: helm-guestbook.example.com
       http:
         paths:
         - backend:
@@ -150,7 +150,7 @@ var (
             servicePort: https
           path: /*
     tls:
-    - host: helm-guestbook.com
+    - host: helm-guestbook.example.com
     secretName: my-tls-secret
   status:
     loadBalancer:
@@ -169,7 +169,7 @@ var (
       serviceName: not-found-service
       servicePort: 443
     rules:
-    - host: helm-guestbook.com
+    - host: helm-guestbook.example.com
       http:
         paths:
         - backend:
@@ -199,7 +199,7 @@ var (
         port:
           number: 443
     rules:
-    - host: helm-guestbook.com
+    - host: helm-guestbook.example.com
       http:
         paths:
         - backend:
@@ -215,7 +215,7 @@ var (
                 name: https
           path: /
     tls:
-    - host: helm-guestbook.com
+    - host: helm-guestbook.example.com
     secretName: my-tls-secret
   status:
     loadBalancer:
@@ -327,7 +327,7 @@ func TestGetLinkAnnotatedServiceInfo(t *testing.T) {
 	assert.Equal(t, &v1alpha1.ResourceNetworkingInfo{
 		TargetLabels: map[string]string{"app": "guestbook"},
 		Ingress:      []v1.LoadBalancerIngress{{Hostname: "localhost"}},
-		ExternalURLs: []string{"http://my-grafana.com/pre-generated-link"},
+		ExternalURLs: []string{"http://my-grafana.example.com/pre-generated-link"},
 	}, info.NetworkingInfo)
 }
 
@@ -381,7 +381,7 @@ func TestGetIngressInfo(t *testing.T) {
 				Kind:      kube.ServiceKind,
 				Name:      "helm-guestbook",
 			}},
-			ExternalURLs: []string{"https://helm-guestbook.com/"},
+			ExternalURLs: []string{"https://helm-guestbook.example.com/"},
 		}, info.NetworkingInfo)
 	}
 }
@@ -406,7 +406,7 @@ func TestGetLinkAnnotatedIngressInfo(t *testing.T) {
 			Kind:      kube.ServiceKind,
 			Name:      "helm-guestbook",
 		}},
-		ExternalURLs: []string{"http://my-grafana.com/ingress-link", "https://helm-guestbook.com/"},
+		ExternalURLs: []string{"http://my-grafana.example.com/ingress-link", "https://helm-guestbook.example.com/"},
 	}, info.NetworkingInfo)
 }
 
@@ -430,7 +430,7 @@ func TestGetIngressInfoWildCardPath(t *testing.T) {
 			Kind:      kube.ServiceKind,
 			Name:      "helm-guestbook",
 		}},
-		ExternalURLs: []string{"https://helm-guestbook.com/"},
+		ExternalURLs: []string{"https://helm-guestbook.example.com/"},
 	}, info.NetworkingInfo)
 }
 
@@ -454,7 +454,7 @@ func TestGetIngressInfoWithoutTls(t *testing.T) {
 			Kind:      kube.ServiceKind,
 			Name:      "helm-guestbook",
 		}},
-		ExternalURLs: []string{"http://helm-guestbook.com/"},
+		ExternalURLs: []string{"http://helm-guestbook.example.com/"},
 	}, info.NetworkingInfo)
 }
 
@@ -563,7 +563,7 @@ func TestExternalUrlWithMultipleSubPaths(t *testing.T) {
     namespace: default
   spec:
     rules:
-    - host: helm-guestbook.com
+    - host: helm-guestbook.example.com
       http:
         paths:
         - backend:
@@ -587,7 +587,7 @@ func TestExternalUrlWithMultipleSubPaths(t *testing.T) {
 	info := &ResourceInfo{}
 	populateNodeInfo(ingress, info, []string{})
 
-	expectedExternalUrls := []string{"https://helm-guestbook.com/my/sub/path/", "https://helm-guestbook.com/my/sub/path/2", "https://helm-guestbook.com"}
+	expectedExternalUrls := []string{"https://helm-guestbook.example.com/my/sub/path/", "https://helm-guestbook.example.com/my/sub/path/2", "https://helm-guestbook.example.com"}
 	actualURLs := info.NetworkingInfo.ExternalURLs
 	sort.Strings(expectedExternalUrls)
 	sort.Strings(actualURLs)

diff --git a/docs/operator-manual/custom-styles.md b/docs/operator-manual/custom-styles.md
@@ -21,7 +21,7 @@ metadata:
   ...
   name: argocd-cm
 data:
-  ui.cssurl: "https://www.myhost.com/my-styles.css"
+  ui.cssurl: "https://www.example.com/my-styles.css"
 ```
 
 ## Adding Styles Via Volume Mounts

diff --git a/docs/operator-manual/declarative-setup.md b/docs/operator-manual/declarative-setup.md
@@ -590,8 +590,8 @@ metadata:
     argocd.argoproj.io/secret-type: cluster
 type: Opaque
 stringData:
-  name: mycluster.com
-  server: https://mycluster.com
+  name: mycluster.example.com
+  server: https://mycluster.example.com
   config: |
     {
       "bearerToken": "<authentication token>",
@@ -615,8 +615,8 @@ metadata:
     argocd.argoproj.io/secret-type: cluster
 type: Opaque
 stringData:
-  name: "mycluster.com"
-  server: "https://mycluster.com"
+  name: "mycluster.example.com"
+  server: "https://mycluster.example.com"
   config: |
     {
       "awsAuthConfig": {
@@ -742,8 +742,8 @@ metadata:
     argocd.argoproj.io/secret-type: cluster
 type: Opaque
 stringData:
-  name: mycluster.com
-  server: https://mycluster.com
+  name: mycluster.example.com
+  server: https://mycluster.example.com
   config: |
     {
       "execProviderConfig": {
@@ -795,8 +795,8 @@ metadata:
     argocd.argoproj.io/secret-type: cluster
 type: Opaque
 stringData:
-  name: mycluster.com
-  server: https://mycluster.com
+  name: mycluster.example.com
+  server: https://mycluster.example.com
   config: |
     {
       "execProviderConfig": {
@@ -830,8 +830,8 @@ metadata:
     argocd.argoproj.io/secret-type: cluster
 type: Opaque
 stringData:
-  name: mycluster.com
-  server: https://mycluster.com
+  name: mycluster.example.com
+  server: https://mycluster.example.com
   config: |
     {
       "execProviderConfig": {

diff --git a/docs/operator-manual/high_availability.md b/docs/operator-manual/high_availability.md
@@ -98,8 +98,8 @@ metadata:
 type: Opaque
 stringData:
   shard: 1
-  name: mycluster.com
-  server: https://mycluster.com
+  name: mycluster.example.com
+  server: https://mycluster.example.com
   config: |
     {
       "bearerToken": "<authentication token>",

diff --git a/docs/operator-manual/ingress.md b/docs/operator-manual/ingress.md
@@ -661,9 +661,9 @@ metadata:
     networking.gke.io/v1beta1.FrontendConfig: argocd-frontend-config
 spec:
   tls:
-    - secretName: secret-yourdomain-com
+    - secretName: secret-example-com
   rules:
-    - host: argocd.yourdomain.com
+    - host: argocd.example.com
       http:
         paths:
         - pathType: ImplementationSpecific
@@ -686,9 +686,9 @@ metadata:
     networking.gke.io/v1beta1.FrontendConfig: argocd-frontend-config
 spec:
   tls:
-    - secretName: secret-yourdomain-com
+    - secretName: secret-example-com
   rules:
-    - host: argocd.yourdomain.com
+    - host: argocd.example.com
       http:
         paths:
         - pathType: Prefix
@@ -700,7 +700,7 @@ spec:
                 number: 80
 ```
 
-As you may know already, it can take some minutes to deploy the load balancer and become ready to accept connections. Once it's ready, get the public IP address for your Load Balancer, go to your DNS server (Google or third party) and point your domain or subdomain (i.e. argocd.yourdomain.com) to that IP address.
+As you may know already, it can take some minutes to deploy the load balancer and become ready to accept connections. Once it's ready, get the public IP address for your Load Balancer, go to your DNS server (Google or third party) and point your domain or subdomain (i.e. argocd.example.com) to that IP address.
 
 You can get that IP address describing the Ingress object like this:
 

diff --git a/docs/operator-manual/user-management/index.md b/docs/operator-manual/user-management/index.md
@@ -201,7 +201,7 @@ data:
         id: acme-github
         name: Acme GitHub
         config:
-          hostName: github.acme.com
+          hostName: github.acme.example.com
           clientID: abcdefghijklmnopqrst
           clientSecret: $dex.acme.clientSecret  # Alternatively $<some_K8S_secret>:dex.acme.clientSecret
           orgs:
@@ -242,7 +242,7 @@ data:
         id: oidc
         name: OIDC
         config:
-          issuer: https://example-OIDC-provider.com
+          issuer: https://example-OIDC-provider.example.com
           clientID: aaaabbbbccccddddeee
           clientSecret: $dex.oidc.clientSecret
 ```
@@ -264,7 +264,7 @@ data:
         id: oidc
         name: OIDC
         config:
-          issuer: https://example-OIDC-provider.com
+          issuer: https://example-OIDC-provider.example.com
           clientID: aaaabbbbccccddddeee
           clientSecret: $dex.oidc.clientSecret
           insecureEnableGroups: true
@@ -294,7 +294,7 @@ data:
         id: oidc
         name: OIDC
         config:
-          issuer: https://example-OIDC-provider.com
+          issuer: https://example-OIDC-provider.example.com
           clientID: aaaabbbbccccddddeee
           clientSecret: $dex.oidc.clientSecret
           insecureEnableGroups: true
@@ -395,18 +395,18 @@ any active session post logout, you can do so by specifying it as follows:
 ```yaml
   oidc.config: |
     name: example-OIDC-provider
-    issuer: https://example-OIDC-provider.com
+    issuer: https://example-OIDC-provider.example.com
     clientID: xxxxxxxxx
     clientSecret: xxxxxxxxx
     requestedScopes: ["openid", "profile", "email", "groups"]
     requestedIDTokenClaims: {"groups": {"essential": true}}
-    logoutURL: https://example-OIDC-provider.com/logout?id_token_hint={{token}}
+    logoutURL: https://example-OIDC-provider.example.com/logout?id_token_hint={{token}}
 ```
 By default, this would take the user to their OIDC provider's login page after logout. If you also wish to redirect the user back to Argo CD after logout, you can specify the logout URL as follows:
 
 ```yaml
 ...
-    logoutURL: https://example-OIDC-provider.com/logout?id_token_hint={{token}}&post_logout_redirect_uri={{logoutRedirectURL}}
+    logoutURL: https://example-OIDC-provider.example.com/logout?id_token_hint={{token}}&post_logout_redirect_uri={{logoutRedirectURL}}
 ```
 
 You are not required to specify a logoutRedirectURL as this is automatically generated by ArgoCD as your base ArgoCD url + Rootpath