{{ if .Values.istio }}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: {{ .Values.name }}-cert
  namespace: istio-system
spec:
  secretName: {{ .Values.name }}-cert
  commonName: {{ .Values.istio.commonName }}
  dnsNames:
    - {{ .Values.istio.commonName }}
{{- range .Values.istio.sans }}
    - {{ . }}
{{- end }}
  issuerRef:
    name: {{ .Values.istio.issuer }}
    kind: ClusterIssuer
    group: cert-manager.io
...
---
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
  name: {{ .Values.name }}-gateway
  namespace: {{ .Values.namespace }}
spec:
  selector:
    istio: {{ .Values.istio.ingressSelector }}
  servers:
  - port:
      number: 443
      name: https
      protocol: HTTPS
    tls:
      mode: SIMPLE
      credentialName: {{ .Values.name }}-cert
    hosts:
    - {{ .Values.istio.commonName }}
{{- range .Values.istio.sans }}
    - {{ . }}
{{- end }}
  - port:
      number: 80
      name: http
      protocol: HTTP
    tls:
      httpsRedirect: true
    hosts:
    - {{ .Values.istio.commonName }}
{{- range .Values.istio.sans }}
    - {{ . }}
{{- end }}
...
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
  name: {{ .Values.name }}
  namespace: {{ .Values.namespace }}
spec:
  hosts:
  - {{ .Values.istio.commonName }}
  gateways:
  - {{ .Values.name }}-gateway
  http:
  - match:
    - uri:
        prefix: /
    route:
    - destination:
        port:
          number: {{ .Values.istio.port }}
        host: {{ .Values.istio.backendHost }}
...
{{ end }}