Improve CA certificate loading from kubernetes secret

pkg/provider/kubernetes/crd/fixtures/with_servers_transport.yml

@@ -1,11 +1,21 @@
 apiVersion: v1
 kind: Secret
+metadata:
+  name: rootCas0
+  namespace: foo
+
+data:
+  foobar: VEVTVFJPT1RDQVMw
+
+---
+apiVersion: v1
+kind: Secret
 metadata:
   name: rootCas1
   namespace: foo
 
 data:
-  tls.ca: VEVTVFJPT1RDQVM=
+  tls.ca: VEVTVFJPT1RDQVMx
 
 ---
 apiVersion: v1
@@ -17,6 +27,27 @@ metadata:
 data:
   tls.ca: VEVTVFJPT1RDQVMy
 
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: rootCas3
+  namespace: foo
+
+data:
+  ca.crt: VEVTVFJPT1RDQVMz
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: rootCas4
+  namespace: foo
+
+data:
+  ca.crt: VEVTVFJPT1RDQVM0
+  tls.ca: VEVTVFJPT1RDQVM1 # <-- This should be the prefered one.
+
 ---
 apiVersion: v1
 kind: Secret
@@ -39,6 +70,18 @@ data:
   tls.crt: VEVTVENFUlQy
   tls.key: VEVTVEtFWTI=
 
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: allcerts
+  namespace: foo
+
+data:
+  ca.crt: VEVTVEFMTENFUlRT
+  tls.crt: VEVTVENFUlQz
+  tls.key: VEVTVEtFWTM=
+
 ---
 apiVersion: traefik.containo.us/v1alpha1
 kind: ServersTransport
@@ -51,11 +94,16 @@ spec:
   insecureSkipVerify: true
   maxIdleConnsPerHost: 42
   rootCAsSecrets:
+  - rootCas0
   - rootCas1
   - rootCas2
+  - rootCas3
+  - rootCas4
+  - allcerts
   certificatesSecrets:
   - mtls1
   - mtls2
+  - allcerts
   forwardingTimeouts:
     dialTimeout: 42
     responseHeaderTimeout: 42s

pkg/provider/kubernetes/crd/fixtures/with_tls_options.yml

@@ -15,7 +15,7 @@ metadata:
   namespace: default
 
 data:
-  tls.ca: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
+  ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
 
 ---
 apiVersion: traefik.containo.us/v1alpha1