From de3000452d83b27edaae0b6961634dee4e59e251 Mon Sep 17 00:00:00 2001
From: Gerald Pape <gerald@giantswarm.io>
Date: Wed, 27 Sep 2023 15:08:37 +0200
Subject: [PATCH] Add ClusterIssuerName configuration option

---
 CHANGELOG.md                                      | 4 ++++
 helm/promxy-app/templates/ingress-basic-auth.yaml | 3 +++
 helm/promxy-app/templates/ingress-oauth.yaml      | 3 +++
 helm/promxy-app/values.schema.json                | 3 +++
 helm/promxy-app/values.yaml                       | 1 +
 5 files changed, 14 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8fd5f71..44e064a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Added
+
+- Possibility to configure used ClusterIssuer name for Ingresses.
+
 ## [1.20.0] - 2023-07-04
 
 ### Changed
diff --git a/helm/promxy-app/templates/ingress-basic-auth.yaml b/helm/promxy-app/templates/ingress-basic-auth.yaml
index 97e96a0..8ea7d6b 100644
--- a/helm/promxy-app/templates/ingress-basic-auth.yaml
+++ b/helm/promxy-app/templates/ingress-basic-auth.yaml
@@ -10,6 +10,9 @@ metadata:
   annotations:
     {{- if .Values.monitoring.prometheus.letsencrypt }}
     kubernetes.io/tls-acme: "true"
+    {{- with .Values.monitoring.prometheus.clusterIssuerName }}
+    cert-manager.io/cluster-issuer: "{{ . }}"
+    {{- end }}
     {{- end }}
     nginx.ingress.kubernetes.io/rewrite-target: /$2
     # basic-auth for global Promxy to be able to access all installation-level
diff --git a/helm/promxy-app/templates/ingress-oauth.yaml b/helm/promxy-app/templates/ingress-oauth.yaml
index 3d072be..4fe6431 100644
--- a/helm/promxy-app/templates/ingress-oauth.yaml
+++ b/helm/promxy-app/templates/ingress-oauth.yaml
@@ -10,6 +10,9 @@ metadata:
   annotations:
     {{- if .Values.monitoring.prometheus.letsencrypt }}
     kubernetes.io/tls-acme: "true"
+    {{- with .Values.monitoring.prometheus.clusterIssuerName }}
+    cert-manager.io/cluster-issuer: "{{ . }}"
+    {{- end }}
     {{- end }}
     # OAuth2 SSO access for humans
     nginx.ingress.kubernetes.io/auth-signin: https://$host/oauth2/start?rd=$escaped_request_uri
diff --git a/helm/promxy-app/values.schema.json b/helm/promxy-app/values.schema.json
index c4728c0..9770a0c 100644
--- a/helm/promxy-app/values.schema.json
+++ b/helm/promxy-app/values.schema.json
@@ -27,6 +27,9 @@
                 "prometheus": {
                     "type": "object",
                     "properties": {
+                        "clusterIssuerName": {
+                            "type": "string"
+                        },
                         "host": {
                             "type": "string"
                         },
diff --git a/helm/promxy-app/values.yaml b/helm/promxy-app/values.yaml
index ac30201..a8761e9 100644
--- a/helm/promxy-app/values.yaml
+++ b/helm/promxy-app/values.yaml
@@ -7,6 +7,7 @@ monitoring:
   prometheus:
     host: ""
     letsencrypt: true
+    clusterIssuerName: ""
   promxy:
     htpasswd: ""