From 85b6fc9a97c24d908bf0725ed20e127d43bfb2e2 Mon Sep 17 00:00:00 2001
From: Steve Kriss <skriss@redhat.com>
Date: Thu, 2 Oct 2025 09:13:07 -0400
Subject: [PATCH 1/2] set trustBundleName in Istio global values

Sets trustBundleName in order to customize the
name of the configmap containing the CA cert so
it doesn't clash with a standalone OSSM instance.

Follow-up to #1243.

Signed-off-by: Steve Kriss <skriss@redhat.com>
---
 pkg/operator/controller/gatewayclass/controller_test.go | 2 ++
 pkg/operator/controller/gatewayclass/istio.go           | 1 +
 2 files changed, 3 insertions(+)

diff --git a/pkg/operator/controller/gatewayclass/controller_test.go b/pkg/operator/controller/gatewayclass/controller_test.go
index 0ae79ba8d0..a0a0487d44 100644
--- a/pkg/operator/controller/gatewayclass/controller_test.go
+++ b/pkg/operator/controller/gatewayclass/controller_test.go
@@ -23,6 +23,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
 	"sigs.k8s.io/controller-runtime/pkg/reconcile"
 
+	"github.com/openshift/cluster-ingress-operator/pkg/operator/controller"
 	testutil "github.com/openshift/cluster-ingress-operator/pkg/operator/controller/test/util"
 )
 
@@ -68,6 +69,7 @@ func Test_Reconcile(t *testing.T) {
 						},
 						IstioNamespace:    ptr.To("openshift-ingress"),
 						PriorityClassName: ptr.To("system-cluster-critical"),
+						TrustBundleName:   ptr.To(controller.OpenShiftGatewayCARootCertName),
 					},
 					Pilot: &sailv1.PilotConfig{
 						Cni: &sailv1.CNIUsageConfig{
diff --git a/pkg/operator/controller/gatewayclass/istio.go b/pkg/operator/controller/gatewayclass/istio.go
index e3dd859714..4e1a1c2b40 100644
--- a/pkg/operator/controller/gatewayclass/istio.go
+++ b/pkg/operator/controller/gatewayclass/istio.go
@@ -166,6 +166,7 @@ func desiredIstio(name types.NamespacedName, ownerRef metav1.OwnerReference, ist
 					},
 					IstioNamespace:    ptr.To(controller.DefaultOperandNamespace),
 					PriorityClassName: ptr.To(systemClusterCriticalPriorityClassName),
+					TrustBundleName:   ptr.To(controller.OpenShiftGatewayCARootCertName),
 				},
 				Pilot: &sailv1.PilotConfig{
 					Cni: &sailv1.CNIUsageConfig{

From 056f80f342db80e6dab0f20803df07edf3345fb5 Mon Sep 17 00:00:00 2001
From: Steve Kriss <skriss@redhat.com>
Date: Thu, 23 Oct 2025 09:32:25 -0400
Subject: [PATCH 2/2] don't use constant in unit test

Signed-off-by: Steve Kriss <skriss@redhat.com>
---
 pkg/operator/controller/gatewayclass/controller_test.go | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/pkg/operator/controller/gatewayclass/controller_test.go b/pkg/operator/controller/gatewayclass/controller_test.go
index a0a0487d44..f3c193c2ee 100644
--- a/pkg/operator/controller/gatewayclass/controller_test.go
+++ b/pkg/operator/controller/gatewayclass/controller_test.go
@@ -23,7 +23,6 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
 	"sigs.k8s.io/controller-runtime/pkg/reconcile"
 
-	"github.com/openshift/cluster-ingress-operator/pkg/operator/controller"
 	testutil "github.com/openshift/cluster-ingress-operator/pkg/operator/controller/test/util"
 )
 
@@ -69,7 +68,7 @@ func Test_Reconcile(t *testing.T) {
 						},
 						IstioNamespace:    ptr.To("openshift-ingress"),
 						PriorityClassName: ptr.To("system-cluster-critical"),
-						TrustBundleName:   ptr.To(controller.OpenShiftGatewayCARootCertName),
+						TrustBundleName:   ptr.To("openshift-gw-ca-root-cert"),
 					},
 					Pilot: &sailv1.PilotConfig{
 						Cni: &sailv1.CNIUsageConfig{