[SC2] Clear redundant endpoint idauth

[YangShyrMei]

Issue: https://github.ibm.com/IBMPrivateCloud/roadmap/issues/61141
Parent issue: https://github.ibm.com/IBMPrivateCloud/roadmap/issues/60011

The redundant endpoint "\idauth" is not needed as it redirects to the next endpoint in the route. Therefore, causing an increase in number of security issues.

[YangShyrMei]

Tested the changes in a fyre cluster with SC2 4.6.8 installed. The routes initially had platform-id-auth route which was deleted after the image was replaced. Adding the iam-operator logs

1. platform-id-auth successfully deleted.

{"level":"info","ts":"2024-10-17T12:36:04Z","logger":"controller_authentication","msg":"Determined platform-id-auth Route should not exist; removing if present","func":"ReconcileRoute","namespace":"ibm-common-services"}
{"level":"info","ts":"2024-10-17T12:36:04Z","logger":"controller_authentication","msg":"Successfully deleted platform-id-auth Route","func":"ReconcileRoute","namespace":"ibm-common-services"}
{"level":"info","ts":"2024-10-17T12:36:04Z","logger":"controller_authentication","msg":"Comparing current and desired routes","func":"ReconcileRoute","name":"saml-ui-callback","namespace":"ibm-common-services"}
{"level":"info","ts":"2024-10-17T12:36:04Z","logger":"controller_authentication","msg":"Routes are equal","func":"IsRouteEqual","name":"saml-ui-callback","namespace":"ibm-common-services"}
{"level":"info","ts":"2024-10-17T12:36:04Z","logger":"controller_authentication","msg":"Reconciling route","func":"ReconcileRoute","name":"social-login-callback","namespace":"ibm-common-services","annotations":{"haproxy.router.openshift.io/balance":"source","haproxy.router.openshift.io/hsts_header":"max-age=31536000;includeSubDomains","haproxy.router.openshift.io/pod-concurrent-connections":"200","haproxy.router.openshift.io/rate-limit-connections":"true","haproxy.router.openshift.io/rate-limit-connections.concurrent-tcp":"200","haproxy.router.openshift.io/rate-limit-connections.rate-http":"200","haproxy.router.openshift.io/rate-limit-connections.rate-tcp":"200","haproxy.router.openshift.io/rewrite-target":"/ibm/api/social-login","haproxy.router.openshift.io/timeout":"180s"},"routeHost":"cp-console-ibm-common-services.apps.o1-804733.cp.fyre.ibm.com","routePath":"/ibm/api/social-login"}

2. After the first successful delete, on reconciling - as idauth route is removed, it displays an error as route not found

{"level":"info","ts":"2024-10-17T12:36:04Z","logger":"controller_authentication","msg":"Determined platform-id-auth Route should not exist; removing if present","func":"ReconcileRoute","namespace":"ibm-common-services"}
{"level":"error","ts":"2024-10-17T12:36:04Z","logger":"controller_authentication","msg":"Failed to delete platform-id-auth Route","func":"ReconcileRoute","namespace":"ibm-common-services","error":"routes.route.openshift.io \"platform-id-auth\" not found","stacktrace":"github.com/IBM/ibm-iam-operator/controllers/operator.(*AuthenticationReconciler).removeIdauth\n\t/root/test/ibm-iam-operator/controllers/operator/routes.go:282\ngithub.com/IBM/ibm-iam-operator/controllers/operator.(*AuthenticationReconciler).reconcileRoute\n\t/root/test/ibm-iam-operator/controllers/operator/routes.go:296\ngithub.com/IBM/ibm-iam-operator/controllers/operator.(*AuthenticationReconciler).handleRoutes\n\t/root/test/ibm-iam-operator/controllers/operator/routes.go:259\ngithub.com/IBM/ibm-iam-operator/controllers/operator.(*AuthenticationReconciler).Reconcile\n\t/root/test/ibm-iam-operator/controllers/operator/authentication_controller.go:916\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Reconcile\n\t/root/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:119\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/root/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:316\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/root/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/root/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:227"}
{"level":"error","ts":"2024-10-17T12:36:04Z","logger":"controller_authentication","msg":"Error deleting platform-id-auth Route","func":"ReconcileRoute","name":"social-login-callback","namespace":"ibm-common-services","error":"routes.route.openshift.io \"platform-id-auth\" not found","stacktrace":"github.com/IBM/ibm-iam-operator/controllers/operator.(*AuthenticationReconciler).reconcileRoute\n\t/root/test/ibm-iam-operator/controllers/operator/routes.go:299\ngithub.com/IBM/ibm-iam-operator/controllers/operator.(*AuthenticationReconciler).handleRoutes\n\t/root/test/ibm-iam-operator/controllers/operator/routes.go:259\ngithub.com/IBM/ibm-iam-operator/controllers/operator.(*AuthenticationReconciler).Reconcile\n\t/root/test/ibm-iam-operator/controllers/operator/authentication_controller.go:916\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Reconcile\n\t/root/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:119\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/root/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:316\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/root/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:266\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/root/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:227"}
{"level":"info","ts":"2024-10-17T12:36:04Z","logger":"controller_authentication","msg":"Ensure EDB datastore configuration resources available","Request.Namespace":"ibm-common-services","Request.Name":"example-authentication","subreconciler":"ensureDatastoreSecretAndCM"}

[YangShyrMei]

Ran regression with the built image:
Travis job: https://v3.travis.ibm.com/github/IBMPrivateCloud/security-test-automation/builds/27879606
Regression: 100 failed so ran regression locally for the failed test cases. All passed locally. Thus all test cases passed in regression job.

119 specs, 0 failures
Finished in 579.972 seconds

Executed 119 of 119 specs SUCCESS in 9 mins 40 secs.
All specs have passed
[15:54:10] Finished 'scim' after 9.67 min

Scim: 1 failed which is the expected baseline in failed test cases fro SCIM job

[ibm-ci-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: ujjwalchk-it, YangShyrMei
Once this PR has been reviewed and has the lgtm label, please assign rashmi43 for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment