From 8031b5d5dd3f4449bd9208453cdbd8bc1220d34f Mon Sep 17 00:00:00 2001
From: Haim Kortovich <haim.kortovich@topmanage.com>
Date: Wed, 8 May 2024 16:20:53 -0500
Subject: [PATCH] Add https scheme for initial zitadel client

[ZITADOPER-1]
---
 src/internal/controller/zitadelcluster_controller.go | 6 +++++-
 src/pkg/zitadel/zitadel.go                           | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/internal/controller/zitadelcluster_controller.go b/src/internal/controller/zitadelcluster_controller.go
index a4f22fe..758b757 100644
--- a/src/internal/controller/zitadelcluster_controller.go
+++ b/src/internal/controller/zitadelcluster_controller.go
@@ -426,7 +426,11 @@ func (r *ZitadelClusterReconciler) reconcileDefaultInstance(ctx context.Context,
 }
 
 func GetIssuer(zitadel *zitadelv1alpha1.ZitadelCluster) string {
-	return fmt.Sprintf("http://%s:%d", zitadel.Spec.Host, zitadel.Spec.ExternalPort)
+	scheme := "http"
+	if zitadel.Spec.ExternalSecure {
+		scheme = "https"
+	}
+	return fmt.Sprintf("%s://%s:%d", scheme, zitadel.Spec.Host, zitadel.Spec.ExternalPort)
 }
 
 func GetAPI(zitadel *zitadelv1alpha1.ZitadelCluster) string {
diff --git a/src/pkg/zitadel/zitadel.go b/src/pkg/zitadel/zitadel.go
index 017bbc7..6eee1b5 100644
--- a/src/pkg/zitadel/zitadel.go
+++ b/src/pkg/zitadel/zitadel.go
@@ -36,7 +36,7 @@ func NewClient(ctx context.Context, zitadelCluster *zitadelv1alpha1.ZitadelClust
 	if err != nil {
 		return nil, err
 	}
-	api, err := management.NewClient(GetIssuer(zitadelCluster), fmt.Sprintf("%s", GetAPI(zitadelCluster)), []string{oidc.ScopeOpenID, zitadel.ScopeZitadelAPI()}, zitadel.WithInsecure(), zitadel.WithJWTProfileTokenSource(Discover([]byte(machineKeyData), GetAPIUrl(zitadelCluster), GetAuthority(zitadelCluster), GetAPI(zitadelCluster))),
+	api, err := management.NewClient(GetIssuer(zitadelCluster), GetAPI(zitadelCluster)), []string{oidc.ScopeOpenID, zitadel.ScopeZitadelAPI()}, zitadel.WithInsecure(), zitadel.WithJWTProfileTokenSource(Discover([]byte(machineKeyData), GetAPIUrl(zitadelCluster), GetAuthority(zitadelCluster), GetAPI(zitadelCluster))),
 		zitadel.WithDialOptions(grpc.WithAuthority(GetAuthority(zitadelCluster))),
 	)