tyk-operator [TT-5181] Added support of client mTLS

[TT-5181] Added support of client mTLS

Open komalsukhani opened this issue 2 years ago • 1 comments

Added support of new APIDefinition fields for client MTLS
1. use_mutual_tls_auth type: bool Description: It is used to enable mutual TLS auth mode.
2. client_certificates: type: array of string Description: List of Tyk client certificate IDs
3. client_certificates_refs: type: array of string Description: List of k8s TLS secrets which stores certificate.
Added certificate client for CE mode. All the tests using certificate can be run for CE mode.
Added sample manifests
Added integration tests
Enabled Integration tests for Certificate Pinning and Upstream MTLS in CE mode.

TT-5181 Resolves #447

This feature will enable MTLS auth between Tyk gateway and client.

[ ] Bug fix (non-breaking change which fixes an issue)
[x] New feature (non-breaking change which adds functionality)
[ ] Breaking change (fix or feature that would cause existing functionality to change)

[x] Make sure you are requesting to pull a topic/feature/bugfix branch (right side). If PRing from your fork, don't come from your master!
[x] Make sure you are making a pull request against our master branch (left side). Also, it would be best if you started your change off our latest master.
[x] Make sure you are updating CHANGELOG.md based on your changes.
[ ] My change requires a change to the documentation.
- [ ] If you've changed APIs, describe what needs to be updated in the documentation.
[ ] I have updated the documentation accordingly.
[x] I have added tests to cover my changes.
[x] All new and existing tests passed.
[x] Check your code additions will not fail linting checks:
- [x] gofmt -s -w .
- [x] go vet ./...
- [x] golangci-lint run