Remove constrains of multiple TLS on certificate auto-discovery

[jerryhe1999]

Co-authored-by: LechG lech.gorlewicz@gmail.com

Issue

Fixes: #1598

Description

This PR removes the constraint of single TLS certificate per host during auto-discovery. The controller will now unconditionally auto-discover all matching TLS certificates for the given host. Auto-discovery can still be disabled by specifying the certificates manually via annotation.

The controller is backwards compatible since existing ingresses/groups that are treated valid have only one TLS certificate.

Manual test has been done by creating multiple certificates on the ACM for the same host: mijerryapp.fortest.com, create an ingress for this host, verify ALB gets created and all of the certs get added to the listener. The old controller did not work with the multiple certificates in place.

Checklist

• Added tests that cover your change (if possible)
• Added/modified documentation as required (such as the README.md, or the docs directory)
• Manually tested
• Made sure the title of the PR is a good description that can go into the release notes

BONUS POINTS checklist: complete for good vibes and maybe prizes?! 🤯

• Backfilled missing tests for code in same general area 🎉
• Refactored something and made the world a better place 🌟

[k8s-ci-robot]

Hi @jerryhe1999. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 54.32%. Comparing base (fb96e58) to head (1858293).
Report is 270 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3028      +/-   ##
==========================================
+ Coverage   54.31%   54.32%   +0.01%     
==========================================
  Files         145      145              
  Lines        8412     8410       -2     
==========================================
  Hits         4569     4569              
+ Misses       3513     3511       -2     
  Partials      330      330              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[kishorj]

/ok-to-test

[kishorj]

Thanks for the contribution. Could you also document the manual tests?

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jerryhe1999, kishorj

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [kishorj]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[kishorj]

/lgtm