From f637a01156d85283f682c8181aab488be6618ff9 Mon Sep 17 00:00:00 2001
From: Michael Martin <michaelmartin@seed-innovations.com>
Date: Mon, 18 Oct 2021 22:38:33 +0000
Subject: [PATCH] istio-control-plane http to https redirects

---
 chart/templates/istio/controlplane/values.yaml |  2 ++
 chart/values.yaml                              | 11 ++++++++++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/chart/templates/istio/controlplane/values.yaml b/chart/templates/istio/controlplane/values.yaml
index 0d0d3bc48f..a1114e04dd 100644
--- a/chart/templates/istio/controlplane/values.yaml
+++ b/chart/templates/istio/controlplane/values.yaml
@@ -47,6 +47,8 @@ gateways:
   {{ $name | nindent 2 }}:
     selector:
       app: {{ $values.ingressGateway }}
+    autoHttpRedirect:
+      enabled: {{ dig "autoHttpRedirect" "enabled" "true" $values }}
     servers:
     - hosts:
       {{ tpl ($values.hosts | default (list) | toYaml) $ | nindent 8 }}
diff --git a/chart/values.yaml b/chart/values.yaml
index 764b8619a6..6625e6bf8e 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -118,7 +118,7 @@ istio:
   git:
     repo: https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-controlplane.git
     path: "./chart"
-    tag: "1.11.2-bb.0"
+    tag: "1.11.2-bb.1"
 
   # Ingress gateways are created based on the key name.  Adding more keys will add ingress gateways.
   # Ingress gateways are setup in a Horizontal Pod Autoscaler with 1 to 5 replicas
@@ -148,6 +148,9 @@ istio:
       ingressGateway: "public-ingressgateway"
       hosts:
       - "*.{{ .Values.domain }}"
+      # -- Controls default HTTP/8080 server entry with HTTP to HTTPS Redirect.
+      autoHttpRedirect:
+        enabled: true
       tls:
         key: ""
         cert: ""
@@ -155,6 +158,9 @@ istio:
     #   ingressGateway: "private-ingressgateway"
     #   hosts:
     #   - "*.{{ .Values.domain }}"
+    #   # -- Controls default HTTP/8080 server entry with HTTP to HTTPS Redirect.
+    #   autoHttpRedirect:
+    #     enabled: true
     #   tls:
     #     key: ""
     #     cert: ""
@@ -162,6 +168,9 @@ istio:
     #   ingressGateway: "passthrough-ingressgateway"
     #   hosts:
     #   - "*.{{ .Values.domain }}"
+    #   # -- Controls default HTTP/8080 server entry with HTTP to HTTPS Redirect.
+    #   autoHttpRedirect:
+    #     enabled: true
     #   tls:
     #     mode: "PASSTHROUGH"
 
-- 
GitLab