From 5fabb0cad3bd50599d00052d23b9db4688759704 Mon Sep 17 00:00:00 2001
From: Ben Hardill <ben@flowforge.com>
Date: Fri, 14 Jul 2023 14:08:39 +0100
Subject: [PATCH 1/2] Add tls block to ingress

Also set annonations and ingressClass on the broker
---
 helm/flowforge/README.md                      |  1 +
 helm/flowforge/templates/broker.yaml          | 14 ++++++++++++++
 helm/flowforge/templates/service-ingress.yaml |  8 ++++++++
 helm/flowforge/values.schema.json             |  3 +++
 4 files changed, 26 insertions(+)

diff --git a/helm/flowforge/README.md b/helm/flowforge/README.md
index c9a561a9..dcd70f0c 100644
--- a/helm/flowforge/README.md
+++ b/helm/flowforge/README.md
@@ -25,6 +25,7 @@ If using an external PostgreSQL Database you will need to create the database an
  - `forge.domain` the domain instances will be hosted on
  - `forge.entryPoint` if the admin app is hosted on a different domain
  - `forge.https` is the Forge App accessed via HTTPS (default `true`)
+ - `forge.tlsSecretName` is the name of the kubernetes secret that holds the HTTPS certificate, it should be a wildcard cert for the `forge.domain` value
  - `forge.registry` the container registry to find Project templates (default Docker Hub)
  - `forge.dbUsername` (default `forge`)
  - `forge.dbPassword` (default `Zai1Wied`)
diff --git a/helm/flowforge/templates/broker.yaml b/helm/flowforge/templates/broker.yaml
index a4b1a606..7fde1d8d 100644
--- a/helm/flowforge/templates/broker.yaml
+++ b/helm/flowforge/templates/broker.yaml
@@ -131,7 +131,13 @@ metadata:
   labels:
     app: flowforge-broker
   annotations:
+  {{- if .Values.ingress.annotations }}
+    {{- toYaml .Values.ingress.annotations | nindent 4 }}
+  {{- end }}
 spec:
+  {{- if and $.Values.ingress.className (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+  ingressClassName: {{ $.Values.ingress.className }}
+  {{- end }}
   rules:
     - host: mqtt.{{ .Values.forge.domain }}
       http:
@@ -143,6 +149,14 @@ spec:
                 name: flowforge-broker
                 port:
                   number: 1884
+  {{- if .Values.forge.https }}
+  tls:
+    - hosts:
+      - mqtt.{{ .Values.forge.domain }}
+      {{- if .Values.forge.tlsSecretName }}
+      secretName: {{ .Values.forge.tlsSecretName}}
+      {{- end }}
+  {{- end }}
 # ---
 # apiVersion: v1
 # kind: Service
diff --git a/helm/flowforge/templates/service-ingress.yaml b/helm/flowforge/templates/service-ingress.yaml
index 10038fed..08f84c7f 100644
--- a/helm/flowforge/templates/service-ingress.yaml
+++ b/helm/flowforge/templates/service-ingress.yaml
@@ -37,3 +37,11 @@ spec:
             name: forge
             port:
               number: 80
+  {{- if .Values.forge.https }}
+  tls:
+  - hosts:
+    - {{ .Values.forge.entryPoint }}
+    {{- if .Values.forge.tlsSecretName }}
+    secretName: {{ .Values.forge.tlsSecretName }}
+    {{- end }}
+  {{- end }}
\ No newline at end of file
diff --git a/helm/flowforge/values.schema.json b/helm/flowforge/values.schema.json
index ae749c8f..62f28fda 100644
--- a/helm/flowforge/values.schema.json
+++ b/helm/flowforge/values.schema.json
@@ -275,6 +275,9 @@
                 },
                 "branding": {
                     "type": "object"
+                },
+                "tlsSecretName": {
+                    "type": "string"
                 }
             },
             "required": [

From c0660ec902c00095b4b195d5c0762c00a2c6a404 Mon Sep 17 00:00:00 2001
From: Ben Hardill <ben@flowforge.com>
Date: Fri, 14 Jul 2023 14:21:13 +0100
Subject: [PATCH 2/2] Add missing new line

---
 helm/flowforge/templates/service-ingress.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/helm/flowforge/templates/service-ingress.yaml b/helm/flowforge/templates/service-ingress.yaml
index 08f84c7f..154ca410 100644
--- a/helm/flowforge/templates/service-ingress.yaml
+++ b/helm/flowforge/templates/service-ingress.yaml
@@ -44,4 +44,5 @@ spec:
     {{- if .Values.forge.tlsSecretName }}
     secretName: {{ .Values.forge.tlsSecretName }}
     {{- end }}
-  {{- end }}
\ No newline at end of file
+  {{- end }}
+  
\ No newline at end of file