extend health check spec

[maksymvavilov]

Transfer healthcheck spec from policy to the record properly

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 6 lines in your changes missing coverage. Please review.

Project coverage is 81.06%. Comparing base (63f1d28) to head (39a4b4c).
Report is 18 commits behind head on main.

Files with missing lines	Patch %	Lines
controllers/dnspolicy_dnsrecords.go	0.00%	6 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #936      +/-   ##
==========================================
- Coverage   81.49%   81.06%   -0.44%     
==========================================
  Files         102      117      +15     
  Lines        7177     7752     +575     
==========================================
+ Hits         5849     6284     +435     
- Misses        898     1026     +128     
- Partials      430      442      +12     

Flag	Coverage Δ
bare-k8s-integration	10.11% <0.00%> (+1.21%)	⬆️
controllers-integration	71.43% <0.00%> (+6.11%)	⬆️
envoygateway-integration	49.04% <0.00%> (-1.26%)	⬇️
gatewayapi-integration	14.48% <0.00%> (+0.07%)	⬆️
istio-integration	51.74% <0.00%> (-1.77%)	⬇️
unit	30.33% <0.00%> (+1.99%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
api/v1beta1 (u)	90.90% <ø> (ø)
api/v1beta2 (u)	86.61% <ø> (ø)
pkg/common (u)	88.13% <ø> (ø)
pkg/istio (u)	71.51% <100.00%> (ø)
pkg/log (u)	94.73% <ø> (ø)
pkg/reconcilers (u)	∅ <ø> (∅)
pkg/rlptools (u)	85.55% <ø> (-0.28%)	⬇️
controllers (i)	82.23% <79.11%> (-0.83%)	⬇️

Files with missing lines	Coverage Δ
controllers/dnspolicy_dnsrecords.go	64.34% <0.00%> (-0.51%)	⬇️

... and 14 files with indirect coverage changes

[maleck13]

I am kinda wondering does this make sense in the API. Or would it be better to make it an explicit option when starting the DNS operator? --insecure-health-checks that just always set that flag for health checks. It being in the API feels like it could accidently get set for one policy and not noticed?

[maksymvavilov]

Removed insecure checks from code. On the dns-operator side will also remove it from API (the probe-worker PR) We could wait with this PR and I will use it to update dnspolicy API and introduce flags for local dev to allow probes and insecure certs