Enable TLS-e by default

TLS-e is intended to be on by default with an explict opt-out
when not required. This change has already been done for the
contolplane and this commit does the same for the dataplaneNodeSet

This change updates the dataplaneNodeset TLSEnabled default to true
the envtests are modifed to account for this change and
the dataplane-create-test kuttl test is exented to assert the default
behavior.

exisiting test covergeage fo tls supprot is unmodifed.

The base example cr is also updated to make it clear that tls is the
default however that change is not strictly requried.

With this change the tempest jobs should now default to useing
TLS unless they explictly opt out.

Related: OSPRH-2382

api/bases/dataplane.openstack.org_openstackdataplanenodesets.yaml

@@ -1944,7 +1944,7 @@ spec:
                   type: string
                 type: array
               tlsEnabled:
-                default: false
+                default: true
                 type: boolean
             required:
             - nodeTemplate

api/v1beta1/openstackdataplanenodeset_types.go

@@ -69,7 +69,7 @@ type OpenStackDataPlaneNodeSetSpec struct {
 
 	// TLSEnabled - Whether the node set has TLS enabled.
 	// +kubebuilder:validation:Optional
-	// +kubebuilder:default=false
+	// +kubebuilder:default=true
 	// +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
 	TLSEnabled bool `json:"tlsEnabled" yaml:"tlsEnabled"`
 

config/crd/bases/dataplane.openstack.org_openstackdataplanenodesets.yaml

@@ -1944,7 +1944,7 @@ spec:
                   type: string
                 type: array
               tlsEnabled:
-                default: false
+                default: true
                 type: boolean
             required:
             - nodeTemplate

examples/base/crs/openstackdataplanenodeset.yaml

@@ -3,6 +3,7 @@ kind: OpenStackDataPlaneNodeSet
 metadata:
   name: openstack-edpm
 spec:
+  TLSEnabled: true
   env:
     - name: ANSIBLE_FORCE_COLOR
       value: "True"

tests/functional/openstackdataplanenodeset_controller_test.go

@@ -635,8 +635,8 @@ var _ = Describe("Dataplane NodeSet Test", func() {
 			})
 		})
 	})
-	When("TLS is not enabled", func() {
-		tlsEnabled := false
+	When("TLS is not enabled explicitly its enabled by default", func() {
+		tlsEnabled := true
 		When("A Dataplane resorce is created with PreProvisioned nodes, no deployment", func() {
 			BeforeEach(func() {
 				DeferCleanup(th.DeleteInstance, CreateDataplaneNodeSet(dataplaneNodeSetName, DefaultDataPlaneNoNodeSetSpec(tlsEnabled)))

tests/kuttl/tests/dataplane-create-test/00-assert.yaml

@@ -76,6 +76,7 @@ spec:
     ansibleSSHPrivateKeySecret: dataplane-ansible-ssh-private-key-secret
     managementNetwork: ctlplane
   preProvisioned: true
+  tlsEnabled: true
   services:
   - download-cache
   - bootstrap

tests/kuttl/tests/dataplane-deploy-global-service-test/00-dataplane-create.yaml

@@ -118,6 +118,7 @@ metadata:
   name: edpm-compute-global
 spec:
   preProvisioned: true
+  tlsEnabled: false
   services:
   - download-cache
   - bootstrap

tests/kuttl/tests/dataplane-deploy-no-nodes-test/00-dataplane-create.yaml

@@ -65,6 +65,7 @@ metadata:
   name: edpm-compute-no-nodes
 spec:
   preProvisioned: true
+  tlsEnabled: false
   services:
   - download-cache
   - bootstrap