{{- define "istio-values" }}

{{- if .Values.global.highAvailable }}
global:
  defaultPodDisruptionBudget:
    enabled: true
  {{- if ne .Values.global.platform "gke" }}
  priorityClassName: "system-cluster-critical"
  {{- end }}
{{- end }}

istiod:
  telemetry:
    enabled: {{ $.Values.metrics.enabled }}
  pilot:
{{- if eq .Values.global.platform "aws" }}
    nodeSelector:
      node-role.kubernetes.io/control-plane: ""
    tolerations:
    - key: node-role.kubernetes.io/control-plane
      effect: NoSchedule
{{- end }}
{{- if .Values.global.highAvailable }}
    replicaCount: 2
{{- else }}
    extraContainerArgs:
    - --leader-elect=false
{{- end }}

{{- with  index .Values "istio" "kiali-server" }}
kiali-server:
  {{- toYaml . | nindent 2 }}
{{- end }}

{{- with .Values.istio.rateLimiting }}
rateLimiting:
  {{- toYaml . | nindent 2 }}
{{- end }}
{{- end }}


{{- define "istio-argo" }}
  ignoreDifferences:
  - group: apiextensions.k8s.io
    kind: CustomResourceDefinition
    jsonPointers:
    - /metadata/labels
    - /spec/additionalPrinterColumns
  - group: admissionregistration.k8s.io
    kind: ValidatingWebhookConfiguration
    jsonPointers:
    - /webhooks/0/failurePolicy
    - /webhooks/1/failurePolicy

{{- end }}

{{ include "kubezero-app.app" . }}