From f3956f82a730c8322e80b8692836f4d27acbce6f Mon Sep 17 00:00:00 2001
From: natalia <natalianowakowska@mail.com>
Date: Fri, 24 Nov 2023 16:36:54 +0100
Subject: [PATCH] feat: add dev flag for http(s) scheme

---
 config.yaml  | 7 +++++++
 src/charm.py | 9 ++++++++-
 2 files changed, 15 insertions(+), 1 deletion(-)
 create mode 100644 config.yaml

diff --git a/config.yaml b/config.yaml
new file mode 100644
index 00000000..104514df
--- /dev/null
+++ b/config.yaml
@@ -0,0 +1,7 @@
+options:
+  dev:
+    description: |
+      Run Oathkeeper in dev mode. This option is needed if no internal ingress is configured and https is not set up.
+      This should only be used for development purposes.
+    type: boolean
+    default: False
diff --git a/src/charm.py b/src/charm.py
index 0f538f3e..2a7c3b3f 100755
--- a/src/charm.py
+++ b/src/charm.py
@@ -38,6 +38,7 @@
 from ops.charm import (
     ActionEvent,
     CharmBase,
+    ConfigChangedEvent,
     HookEvent,
     InstallEvent,
     PebbleReadyEvent,
@@ -120,6 +121,7 @@ def __init__(self, *args):
 
         self.framework.observe(self.on.oathkeeper_pebble_ready, self._on_oathkeeper_pebble_ready)
         self.framework.observe(self.on.install, self._on_install)
+        self.framework.observe(self.on.config_changed, self._on_config_changed)
         self.framework.observe(self.on.remove, self._on_remove)
 
         self.framework.observe(
@@ -189,8 +191,10 @@ def _oathkeeper_service_is_running(self) -> bool:
 
     @property
     def _forward_auth_config(self) -> ForwardAuthConfig:
+        scheme = "http" if self.config["dev"] else "https"
+        decisions_url = f"{scheme}://{self.app.name}.{self.model.name}.svc.cluster.local:{OATHKEEPER_API_PORT}/decisions"
         return ForwardAuthConfig(
-            decisions_address=f"http://{self.app.name}.{self.model.name}.svc.cluster.local:{OATHKEEPER_API_PORT}/decisions",
+            decisions_address=decisions_url,
             app_names=self.auth_proxy.get_app_names(),
             headers=self.auth_proxy.get_headers(),
         )
@@ -329,6 +333,9 @@ def _on_oathkeeper_pebble_ready(self, event: PebbleReadyEvent) -> None:
         self._patch_statefulset()
         self._handle_status_update_config(event)
 
+    def _on_config_changed(self, event: ConfigChangedEvent):
+        self.forward_auth.update_forward_auth_config(self._forward_auth_config)
+
     def _on_remove(self, event: RemoveEvent) -> None:
         if not self.unit.is_leader():
             return