From 690337c55133470f75d3696fa8c89d0fc200a4aa Mon Sep 17 00:00:00 2001
From: Lukas Grundmann <lukas.grundmann@finleap.com>
Date: Mon, 25 Jul 2022 16:32:55 +0200
Subject: [PATCH 01/10] Use most recent Ambassador / Emissary-Ingress

Signed-off-by: Lukas Grundmann <lukas.grundmann@finleap.com>
---
 build/package/helm/monoskope/Chart.yaml  | 5 +++--
 build/package/helm/monoskope/values.yaml | 6 +++---
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/build/package/helm/monoskope/Chart.yaml b/build/package/helm/monoskope/Chart.yaml
index 464ca520e..03d52fbe7 100644
--- a/build/package/helm/monoskope/Chart.yaml
+++ b/build/package/helm/monoskope/Chart.yaml
@@ -51,8 +51,9 @@ dependencies: # A list of the chart requirements
     version: 8.32.2
     repository: https://charts.bitnami.com/bitnami
     condition: rabbitmq.enabled,global.rabbitmq.enabled
-  - name: ambassador
-    version: 6.9.4
+  - helm: emissary-ingress
+    alias: ambassador
+    version: 8.0.0
     repository: https://getambassador.io
     condition: ambassador.deploy,global.ambassador.deploy
 
diff --git a/build/package/helm/monoskope/values.yaml b/build/package/helm/monoskope/values.yaml
index 23103fc39..71f2a9108 100644
--- a/build/package/helm/monoskope/values.yaml
+++ b/build/package/helm/monoskope/values.yaml
@@ -183,8 +183,8 @@ ambassador:
   deploy: true
   replicaCount: 1
   image:
-    repository: datawire/ambassador
-    tag: 1.14.3
+    repository: docker.io/emissaryingress/emissary
+    tag: 3.0.0
   enableAES: false
   agent:
     enabled: false
@@ -211,4 +211,4 @@ ambassador:
     create: false
 
 scimserver:
-  enabled: false
\ No newline at end of file
+  enabled: false

From c64230a1687eb9c3a9eea9524e35bd9f3388eb9b Mon Sep 17 00:00:00 2001
From: Lukas Grundmann <lukas.grundmann@finleap.com>
Date: Mon, 25 Jul 2022 16:41:55 +0200
Subject: [PATCH 02/10] Fixed field in dependency list

Signed-off-by: Lukas Grundmann <lukas.grundmann@finleap.com>
---
 build/package/helm/monoskope/Chart.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build/package/helm/monoskope/Chart.yaml b/build/package/helm/monoskope/Chart.yaml
index 03d52fbe7..ad54b0a32 100644
--- a/build/package/helm/monoskope/Chart.yaml
+++ b/build/package/helm/monoskope/Chart.yaml
@@ -51,7 +51,7 @@ dependencies: # A list of the chart requirements
     version: 8.32.2
     repository: https://charts.bitnami.com/bitnami
     condition: rabbitmq.enabled,global.rabbitmq.enabled
-  - helm: emissary-ingress
+  - name: emissary-ingress
     alias: ambassador
     version: 8.0.0
     repository: https://getambassador.io

From 3928ce772455247bc7b249c88ff7661c89c98e73 Mon Sep 17 00:00:00 2001
From: Jan Steffen <jan.steffen@finleap.com>
Date: Wed, 27 Jul 2022 10:21:28 +0200
Subject: [PATCH 03/10] Use older ambassador for now

Signed-off-by: Jan Steffen <jan.steffen@finleap.com>
---
 .gitignore                               |  1 -
 build/package/helm/monoskope/Chart.lock  | 27 ++++++++++++++++++++++++
 build/package/helm/monoskope/values.yaml | 10 ++++-----
 3 files changed, 32 insertions(+), 6 deletions(-)
 create mode 100644 build/package/helm/monoskope/Chart.lock

diff --git a/.gitignore b/.gitignore
index 974f4ba4f..b07ccf33b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -29,6 +29,5 @@ project.dict
 
 /gateway
 
-build/package/helm/monoskope/Chart.lock
 build/package/helm/monoskope/charts/**
 .dccache
diff --git a/build/package/helm/monoskope/Chart.lock b/build/package/helm/monoskope/Chart.lock
new file mode 100644
index 000000000..19364c195
--- /dev/null
+++ b/build/package/helm/monoskope/Chart.lock
@@ -0,0 +1,27 @@
+dependencies:
+- name: gateway
+  repository: file://../gateway
+  version: 0.0.1-local
+- name: eventstore
+  repository: file://../eventstore
+  version: 0.0.1-local
+- name: commandhandler
+  repository: file://../commandhandler
+  version: 0.0.1-local
+- name: queryhandler
+  repository: file://../queryhandler
+  version: 0.0.1-local
+- name: scimserver
+  repository: file://../scimserver
+  version: 0.0.1-local
+- name: cockroachdb
+  repository: https://charts.cockroachdb.com/
+  version: 7.0.1
+- name: rabbitmq
+  repository: https://charts.bitnami.com/bitnami
+  version: 8.32.2
+- name: emissary-ingress
+  repository: https://getambassador.io
+  version: 8.0.0
+digest: sha256:76299ec2f3da8693fe07db6183dc3183ef8a56e30007a5388d04e25d6bca8f0c
+generated: "2022-07-27T09:56:50.706907+02:00"
diff --git a/build/package/helm/monoskope/values.yaml b/build/package/helm/monoskope/values.yaml
index 71f2a9108..35bb46e31 100644
--- a/build/package/helm/monoskope/values.yaml
+++ b/build/package/helm/monoskope/values.yaml
@@ -72,12 +72,12 @@ eventstore:
     tlsSecret: *msgBusClientAuthCertSecretName
   storeDatabase:
     configSecret: "m8-db-client-config"
-    tlsSecret:  "m8-db-client-auth-cert"
+    tlsSecret: "m8-db-client-auth-cert"
 
 commandhandler:
   enabled: true
   replicaCount: 1
-  
+
 queryhandler:
   enabled: true
   replicaCount: 1
@@ -151,7 +151,7 @@ rabbitmq:
   loadDefinition:
     enabled: true
     existingSecret: m8-rabbitmq-load-definition
-  extraPlugins: 'rabbitmq_auth_mechanism_ssl'
+  extraPlugins: "rabbitmq_auth_mechanism_ssl"
   extraConfiguration: |-
     auth_mechanisms.1 = EXTERNAL
     ssl_cert_login_from = common_name
@@ -164,7 +164,7 @@ rabbitmq:
     tlsPort: 5671
   auth:
     username: eventstore # admin user with read/write access
-    password: "w1!!b3r3pl4c3d"  # in case you use VaultOperator this will be overwritten by the load definition which takes the password from a generated secret
+    password: "w1!!b3r3pl4c3d" # in case you use VaultOperator this will be overwritten by the load definition which takes the password from a generated secret
     # -- Name of the secret containing the erlang secret
     # If vaultOperator.enabled:true the secret will eb auto generated
     existingErlangSecret: m8-rabbitmq-erlang-cookie
@@ -184,7 +184,7 @@ ambassador:
   replicaCount: 1
   image:
     repository: docker.io/emissaryingress/emissary
-    tag: 3.0.0
+    tag: 2.3.1
   enableAES: false
   agent:
     enabled: false

From c49792dc48e3c9c4887231278c21f1d648527d6f Mon Sep 17 00:00:00 2001
From: Jan Steffen <jan.steffen@finleap.com>
Date: Wed, 27 Jul 2022 10:39:56 +0200
Subject: [PATCH 04/10] Remove old default values

Signed-off-by: Jan Steffen <jan.steffen@finleap.com>
---
 build/package/helm/monoskope/values.yaml | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/build/package/helm/monoskope/values.yaml b/build/package/helm/monoskope/values.yaml
index 35bb46e31..6f9ee329c 100644
--- a/build/package/helm/monoskope/values.yaml
+++ b/build/package/helm/monoskope/values.yaml
@@ -185,25 +185,14 @@ ambassador:
   image:
     repository: docker.io/emissaryingress/emissary
     tag: 2.3.1
-  enableAES: false
   agent:
     enabled: false
-  crds:
-    create: false
-    enabled: false
   rbac:
     create: false
   serviceAccount:
     create: true
   scope:
     singleNamespace: true
-  resources:
-    limits:
-      cpu: 4
-      memory: 1000Mi
-    requests:
-      cpu: 100m
-      memory: 512Mi
   metrics:
     serviceMonitor:
       enabled: false

From 863480627a4228035236d77c2f16dc123597fdb1 Mon Sep 17 00:00:00 2001
From: Jan Steffen <jan.steffen@finleap.com>
Date: Wed, 27 Jul 2022 10:47:14 +0200
Subject: [PATCH 05/10] Add hostname

Signed-off-by: Jan Steffen <jan.steffen@finleap.com>
---
 .../ambassador/mappings/commandhandler.yaml          |  4 ++--
 .../templates/ambassador/mappings/gateway.yaml       |  8 ++++----
 .../templates/ambassador/mappings/queryhandler.yaml  | 12 ++++++------
 3 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/build/package/helm/monoskope/templates/ambassador/mappings/commandhandler.yaml b/build/package/helm/monoskope/templates/ambassador/mappings/commandhandler.yaml
index 7bff46b69..3397cd747 100644
--- a/build/package/helm/monoskope/templates/ambassador/mappings/commandhandler.yaml
+++ b/build/package/helm/monoskope/templates/ambassador/mappings/commandhandler.yaml
@@ -10,7 +10,7 @@ metadata:
     {{- include "monoskope.labels" . | nindent 4 }}
 spec:
   grpc: true
-  timeout_ms: 20000
+  hostname: "*"
   prefix: /eventsourcing.CommandHandler/
   rewrite: /eventsourcing.CommandHandler/
   service: {{.Release.Name}}-commandhandler:{{.Values.commandhandler.ports.api}}
@@ -24,7 +24,7 @@ metadata:
     {{- include "monoskope.labels" . | nindent 4 }}
 spec:
   grpc: true
-  timeout_ms: 20000
+  hostname: "*"
   prefix: /domain.CommandHandlerExtensions/
   rewrite: /domain.CommandHandlerExtensions/
   service: {{.Release.Name}}-commandhandler:{{.Values.commandhandler.ports.api}}
diff --git a/build/package/helm/monoskope/templates/ambassador/mappings/gateway.yaml b/build/package/helm/monoskope/templates/ambassador/mappings/gateway.yaml
index d097808f0..0ff7385ec 100644
--- a/build/package/helm/monoskope/templates/ambassador/mappings/gateway.yaml
+++ b/build/package/helm/monoskope/templates/ambassador/mappings/gateway.yaml
@@ -13,7 +13,7 @@ metadata:
     {{- end }}
 spec:
   grpc: true
-  timeout_ms: 20000
+  hostname: "*"
   prefix: /gateway.Gateway/
   rewrite: /gateway.Gateway/
   service: {{.Release.Name}}-gateway:{{.Values.gateway.service.grpcApiPort}}
@@ -30,7 +30,7 @@ metadata:
     {{- end }}
 spec:
   grpc: true
-  timeout_ms: 20000
+  hostname: "*"
   prefix: /gateway.ClusterAuth/
   rewrite: /gateway.ClusterAuth/
   service: {{.Release.Name}}-gateway:{{.Values.gateway.service.grpcApiPort}}
@@ -44,7 +44,7 @@ metadata:
     {{- include "monoskope.labels" . | nindent 4 }}
 spec:
   grpc: true
-  timeout_ms: 20000
+  hostname: "*"
   prefix: /common.ServiceInformationService/
   rewrite: /common.ServiceInformationService/
   service: {{.Release.Name}}-gateway:{{.Values.gateway.service.grpcApiPort}}
@@ -87,7 +87,7 @@ metadata:
     {{- end }}
 spec:
   grpc: true
-  timeout_ms: 20000
+  hostname: "*"
   prefix: /gateway.APIToken/
   rewrite: /gateway.APIToken/
   service: {{.Release.Name}}-gateway:{{.Values.gateway.service.grpcApiPort}}
diff --git a/build/package/helm/monoskope/templates/ambassador/mappings/queryhandler.yaml b/build/package/helm/monoskope/templates/ambassador/mappings/queryhandler.yaml
index 2fb9c774a..7c0ad1012 100644
--- a/build/package/helm/monoskope/templates/ambassador/mappings/queryhandler.yaml
+++ b/build/package/helm/monoskope/templates/ambassador/mappings/queryhandler.yaml
@@ -10,7 +10,7 @@ metadata:
     {{- include "monoskope.labels" . | nindent 4 }}
 spec:
   grpc: true
-  timeout_ms: 20000
+  hostname: "*"
   prefix: /domain.User/
   rewrite: /domain.User/
   service: {{.Release.Name}}-queryhandler:{{.Values.queryhandler.ports.api}}
@@ -24,7 +24,7 @@ metadata:
     {{- include "monoskope.labels" . | nindent 4 }}
 spec:
   grpc: true
-  timeout_ms: 20000
+  hostname: "*"
   prefix: /domain.Tenant/
   rewrite: /domain.Tenant/
   service: {{.Release.Name}}-queryhandler:{{.Values.queryhandler.ports.api}}
@@ -38,7 +38,7 @@ metadata:
     {{- include "monoskope.labels" . | nindent 4 }}
 spec:
   grpc: true
-  timeout_ms: 20000
+  hostname: "*"
   prefix: /domain.Cluster/
   rewrite: /domain.Cluster/
   service: {{.Release.Name}}-queryhandler:{{.Values.queryhandler.ports.api}}
@@ -52,7 +52,7 @@ metadata:
     {{- include "monoskope.labels" . | nindent 4 }}
 spec:
   grpc: true
-  timeout_ms: 20000
+  hostname: "*"
   prefix: /domain.ClusterAccess/
   rewrite: /domain.ClusterAccess/
   service: {{.Release.Name}}-queryhandler:{{.Values.queryhandler.ports.api}}
@@ -66,7 +66,7 @@ metadata:
     {{- include "monoskope.labels" . | nindent 4 }}
 spec:
   grpc: true
-  timeout_ms: 20000
+  hostname: "*"
   prefix: /domain.Certificate/
   rewrite: /domain.Certificate/
   service: {{.Release.Name}}-queryhandler:{{.Values.queryhandler.ports.api}}
@@ -80,7 +80,7 @@ metadata:
     {{- include "monoskope.labels" . | nindent 4 }}
 spec:
   grpc: true
-  timeout_ms: 20000
+  hostname: "*"
   prefix: /domain.AuditLog/
   rewrite: /domain.AuditLog/
   service: {{.Release.Name}}-queryhandler:{{.Values.queryhandler.ports.api}}

From 3e261607d24d2a0bb5199185fad15f8a0f5cbcc7 Mon Sep 17 00:00:00 2001
From: Jan Steffen <jan.steffen@finleap.com>
Date: Wed, 27 Jul 2022 11:06:53 +0200
Subject: [PATCH 06/10] Fix hosting with newer emissary

Signed-off-by: Jan Steffen <jan.steffen@finleap.com>
---
 .../helm/monoskope/templates/_helpers.tpl     |  8 ------
 .../templates/ambassador/ambassador-cert.yaml | 28 -------------------
 .../templates/ambassador/ambassador-host.yaml | 26 ++++-------------
 .../ambassador/mappings/commandhandler.yaml   |  1 -
 .../ambassador/mappings/gateway.yaml          |  1 -
 .../ambassador/mappings/queryhandler.yaml     |  1 -
 .../ambassador/mappings/scimserver.yaml       |  1 -
 7 files changed, 5 insertions(+), 61 deletions(-)

diff --git a/build/package/helm/monoskope/templates/_helpers.tpl b/build/package/helm/monoskope/templates/_helpers.tpl
index 89cd85bdd..4719e084e 100644
--- a/build/package/helm/monoskope/templates/_helpers.tpl
+++ b/build/package/helm/monoskope/templates/_helpers.tpl
@@ -69,10 +69,6 @@ Create the name of the service account to use
 {{- printf "%s-tls-cert" (include "monoskope.fullname" .) }}
 {{- end }}
 
-{{- define "monoskope.mtlsSecretName" -}}
-{{- printf "%s-mtls-cert" (include "monoskope.fullname" .) }}
-{{- end }}
-
 {{- define "monoskope.identityCAName" -}}
 {{- printf "%s-identity" (include "monoskope.fullname" .) }}
 {{- end }}
@@ -81,10 +77,6 @@ Create the name of the service account to use
 {{- required "a value for .Values.hosting.domain has to be provided" .Values.hosting.domain }}
 {{- end }}
 
-{{- define "monoskope.mtlsDomain" -}}
-{{- printf "mapi.%s" .Values.hosting.domain }}
-{{- end }}
-
 {{- define "monoskope.tlsDomain" -}}
 {{- printf "api.%s" .Values.hosting.domain }}
 {{- end }}
diff --git a/build/package/helm/monoskope/templates/ambassador/ambassador-cert.yaml b/build/package/helm/monoskope/templates/ambassador/ambassador-cert.yaml
index f9bbf34a9..7769cc990 100644
--- a/build/package/helm/monoskope/templates/ambassador/ambassador-cert.yaml
+++ b/build/package/helm/monoskope/templates/ambassador/ambassador-cert.yaml
@@ -1,8 +1,6 @@
 {{- if .Values.ambassador.enabled }}
 {{- $tlsSecretName := (include "monoskope.tlsSecretName" .) }}
 {{- $tlsDomain := (include "monoskope.tlsDomain" .) }}
-{{- $mtlsSecretName := (include "monoskope.mtlsSecretName" .) }}
-{{- $mtlsDomain := (include "monoskope.mtlsDomain" .) }}
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
@@ -20,30 +18,4 @@ spec:
     kind: ClusterIssuer
   dnsNames:
   - {{ $tlsDomain }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: {{ $mtlsSecretName }}
-  namespace: {{ .Release.Namespace }}
-  labels:
-    {{- include "monoskope.labels" . | nindent 4 }}
-    {{- with (.Values.labels | default .Values.global.labels) }}
-    {{- toYaml . | nindent 4 }}
-    {{- end }}
-spec:
-  secretName: {{ $mtlsSecretName }}
-  duration: {{ .Values.pki.certificates.duration }}
-  renewBefore: {{ .Values.pki.certificates.renewBefore }}
-  issuerRef:
-    name: {{ .Values.pki.issuer.name }}
-    kind: Issuer
-  subject:
-    organizations:
-      - Monoskope
-  dnsNames:
-  - {{ $mtlsDomain }}
-  usages:
-  - client auth
-  - server auth
 {{- end }}
diff --git a/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml b/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml
index f82efe0c1..550c84542 100644
--- a/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml
+++ b/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml
@@ -1,8 +1,6 @@
 {{- if .Values.ambassador.enabled }}
 {{- $tlsSecretName := (include "monoskope.tlsSecretName" .) }}
-{{- $mtlsSecretName := (include "monoskope.mtlsSecretName" .) }}
 {{- $tlsDomain := (include "monoskope.tlsDomain" .) }}
-{{- $mtlsDomain := (include "monoskope.mtlsDomain" .) }}
 {{- if ne $tlsDomain "" }}
 apiVersion: getambassador.io/v2
 kind: Host
@@ -18,30 +16,16 @@ spec:
   hostname: {{ $tlsDomain }}
   acmeProvider:
     authority: none
-  tlsSecret:
-    name: {{ $tlsSecretName }}
-  tls:
-    min_tls_version: v1.2
 ---
-{{- end }}
-{{- if ne $mtlsDomain "" }}
-apiVersion: getambassador.io/v2
+apiVersion: getambassador.io/v3alpha1
 kind: TLSContext
 metadata:
-  name: {{ include "monoskope.fullname" . }}-mtls
-  namespace: {{ .Release.Namespace }}
-  labels:
-    {{- include "monoskope.labels" . | nindent 4 }}
-    {{- with (.Values.labels | default .Values.global.labels) }}
-    {{- toYaml . | nindent 4 }}
-    {{- end }}
+  name: tls
 spec:
   hosts:
-  - {{ $mtlsDomain }}
-  - {{ $mtlsDomain }}:443
-  secret: {{ $mtlsSecretName }}
-  ca_secret: {{ .Values.pki.issuer.ca.existingTrustAnchorSecretName | default (printf "%s-trust-anchor" (include "monoskope.fullname" .)) }}
-  cert_required: true
+  - "*"
+  secret: {{ $tlsSecretName }}
+  alpn_protocols: h2
   min_tls_version: v1.2
 {{- end }}
 {{- end }}
diff --git a/build/package/helm/monoskope/templates/ambassador/mappings/commandhandler.yaml b/build/package/helm/monoskope/templates/ambassador/mappings/commandhandler.yaml
index 3397cd747..3c0bceb62 100644
--- a/build/package/helm/monoskope/templates/ambassador/mappings/commandhandler.yaml
+++ b/build/package/helm/monoskope/templates/ambassador/mappings/commandhandler.yaml
@@ -1,5 +1,4 @@
 {{- if .Values.ambassador.enabled }}
-{{- $mtlsDomain := (include "monoskope.mtlsDomain" .) }}
 {{- if .Values.commandhandler.enabled }}
 apiVersion: getambassador.io/v2
 kind: Mapping
diff --git a/build/package/helm/monoskope/templates/ambassador/mappings/gateway.yaml b/build/package/helm/monoskope/templates/ambassador/mappings/gateway.yaml
index 0ff7385ec..bd3d5582b 100644
--- a/build/package/helm/monoskope/templates/ambassador/mappings/gateway.yaml
+++ b/build/package/helm/monoskope/templates/ambassador/mappings/gateway.yaml
@@ -1,5 +1,4 @@
 {{- if .Values.ambassador.enabled }}
-{{- $mtlsDomain := (include "monoskope.mtlsDomain" .) }}
 {{- if .Values.gateway.enabled }}
 apiVersion: getambassador.io/v2
 kind: Mapping
diff --git a/build/package/helm/monoskope/templates/ambassador/mappings/queryhandler.yaml b/build/package/helm/monoskope/templates/ambassador/mappings/queryhandler.yaml
index 7c0ad1012..7370eb16a 100644
--- a/build/package/helm/monoskope/templates/ambassador/mappings/queryhandler.yaml
+++ b/build/package/helm/monoskope/templates/ambassador/mappings/queryhandler.yaml
@@ -1,5 +1,4 @@
 {{- if .Values.ambassador.enabled }}
-{{- $mtlsDomain := (include "monoskope.mtlsDomain" .) }}
 {{- if .Values.queryhandler.enabled }}
 apiVersion: getambassador.io/v2
 kind: Mapping
diff --git a/build/package/helm/monoskope/templates/ambassador/mappings/scimserver.yaml b/build/package/helm/monoskope/templates/ambassador/mappings/scimserver.yaml
index 4e1abe347..3b38674f3 100644
--- a/build/package/helm/monoskope/templates/ambassador/mappings/scimserver.yaml
+++ b/build/package/helm/monoskope/templates/ambassador/mappings/scimserver.yaml
@@ -1,5 +1,4 @@
 {{- if .Values.ambassador.enabled }}
-{{- $mtlsDomain := (include "monoskope.mtlsDomain" .) }}
 {{- if .Values.scimserver.enabled }}
 apiVersion: getambassador.io/v2
 kind: Mapping

From 8a7368fb534cb39088a804dc2262460e42faa1cb Mon Sep 17 00:00:00 2001
From: Jan Steffen <jan.steffen@finleap.com>
Date: Wed, 27 Jul 2022 11:21:02 +0200
Subject: [PATCH 07/10] Fix host

Signed-off-by: Jan Steffen <jan.steffen@finleap.com>
---
 .../monoskope/templates/ambassador/ambassador-host.yaml   | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml b/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml
index 550c84542..5ac252050 100644
--- a/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml
+++ b/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml
@@ -5,7 +5,7 @@
 apiVersion: getambassador.io/v2
 kind: Host
 metadata:
-  name: {{ include "monoskope.fullname" . }}-tls
+  name: {{ include "monoskope.fullname" . }}
   namespace: {{ .Release.Namespace }}
   labels:
     {{- include "monoskope.labels" . | nindent 4 }}
@@ -16,11 +16,15 @@ spec:
   hostname: {{ $tlsDomain }}
   acmeProvider:
     authority: none
+  tlsSecret:
+    name: {{ $tlsSecretName }}
+  tlsContext:
+    name: {{ include "monoskope.fullname" . }}-tls
 ---
 apiVersion: getambassador.io/v3alpha1
 kind: TLSContext
 metadata:
-  name: tls
+  name: {{ include "monoskope.fullname" . }}-tls
 spec:
   hosts:
   - "*"

From c1cdba9f026140d7f61d35728489e081641afb5e Mon Sep 17 00:00:00 2001
From: Jan Steffen <jan.steffen@finleap.com>
Date: Wed, 27 Jul 2022 11:36:33 +0200
Subject: [PATCH 08/10] Rewrite protocol

Signed-off-by: Jan Steffen <jan.steffen@finleap.com>
---
 .../monoskope/templates/ambassador/ambassador-host.yaml    | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml b/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml
index 5ac252050..26f764634 100644
--- a/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml
+++ b/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml
@@ -14,8 +14,6 @@ metadata:
     {{- end }}
 spec:
   hostname: {{ $tlsDomain }}
-  acmeProvider:
-    authority: none
   tlsSecret:
     name: {{ $tlsSecretName }}
   tlsContext:
@@ -26,10 +24,9 @@ kind: TLSContext
 metadata:
   name: {{ include "monoskope.fullname" . }}-tls
 spec:
-  hosts:
-  - "*"
   secret: {{ $tlsSecretName }}
-  alpn_protocols: h2
+  hosts: ["*"]
+  alpn_protocols: h2,http/1.1
   min_tls_version: v1.2
 {{- end }}
 {{- end }}

From 9ffcb119cf9e55854df1334b33aebd4d4c2fc950 Mon Sep 17 00:00:00 2001
From: Jan Steffen <jan.steffen@finleap.com>
Date: Wed, 27 Jul 2022 12:04:27 +0200
Subject: [PATCH 09/10] Fix host conf

Signed-off-by: Jan Steffen <jan.steffen@finleap.com>
---
 .../helm/monoskope/templates/ambassador/ambassador-host.yaml   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml b/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml
index 26f764634..0d098e0a2 100644
--- a/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml
+++ b/build/package/helm/monoskope/templates/ambassador/ambassador-host.yaml
@@ -25,7 +25,8 @@ metadata:
   name: {{ include "monoskope.fullname" . }}-tls
 spec:
   secret: {{ $tlsSecretName }}
-  hosts: ["*"]
+  hosts:
+    - {{ $tlsDomain }}
   alpn_protocols: h2,http/1.1
   min_tls_version: v1.2
 {{- end }}

From 5b430c0af82ef0a0c01af0c9991fe29281dfc3cd Mon Sep 17 00:00:00 2001
From: Jan Steffen <jan.steffen@finleap.com>
Date: Wed, 27 Jul 2022 12:28:35 +0200
Subject: [PATCH 10/10] Add values to let emissary work in newer version with
 grpc

Signed-off-by: Jan Steffen <jan.steffen@finleap.com>
---
 build/package/helm/monoskope/values.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/build/package/helm/monoskope/values.yaml b/build/package/helm/monoskope/values.yaml
index 6f9ee329c..b26c4fd69 100644
--- a/build/package/helm/monoskope/values.yaml
+++ b/build/package/helm/monoskope/values.yaml
@@ -184,7 +184,7 @@ ambassador:
   replicaCount: 1
   image:
     repository: docker.io/emissaryingress/emissary
-    tag: 2.3.1
+    tag: 3.0.0
   agent:
     enabled: false
   rbac:
@@ -198,6 +198,8 @@ ambassador:
       enabled: false
   adminService:
     create: false
+  module:
+    strip_matching_host_port: true # necessary for gRPC, see https://www.getambassador.io/docs/emissary/latest/howtos/grpc/#mappings-with-hosts
 
 scimserver:
   enabled: false