There are a number of packages that are still adding specific tlsConfig to use istio sidecar certificates for scraping. In sidecar mode this was done to support scraping with mTLS. With the introduction of ambient this is no longer necessary. We need to update the existing conditional logic to account for the possibility of ambient being enabled. ## Example of current logic ```yaml {{- if and $istioEnabled (eq (dig "istio" "mtls" "mode" "STRICT" .Values.loki.values) "STRICT") }} scheme: https tlsConfig: caFile: /etc/prom-certs/root-cert.pem certFile: /etc/prom-certs/cert-chain.pem keyFile: /etc/prom-certs/key.pem insecureSkipVerify: true {{- end }} ```