apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: bakery-ingress-https
  namespace: bakery-ia
  labels:
    app.kubernetes.io/name: bakery-ia
    app.kubernetes.io/component: ingress
  annotations:
    # Nginx ingress controller annotations
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
    nginx.ingress.kubernetes.io/proxy-body-size: "10m"
    nginx.ingress.kubernetes.io/proxy-connect-timeout: "600"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
    # SSE-specific configuration for long-lived connections
    nginx.ingress.kubernetes.io/proxy-buffering: "off"
    nginx.ingress.kubernetes.io/proxy-http-version: "1.1"
    nginx.ingress.kubernetes.io/upstream-keepalive-timeout: "3600"
    # CORS configuration for HTTPS and local development
    nginx.ingress.kubernetes.io/enable-cors: "true"
    nginx.ingress.kubernetes.io/cors-allow-origin: "https://bakery-ia.local,https://api.bakery-ia.local,https://monitoring.bakery-ia.local,https://localhost"
    nginx.ingress.kubernetes.io/cors-allow-methods: "GET, POST, PUT, DELETE, OPTIONS, PATCH"
    nginx.ingress.kubernetes.io/cors-allow-headers: "Content-Type, Authorization, X-Requested-With, Accept, Origin, Cache-Control"
    nginx.ingress.kubernetes.io/cors-allow-credentials: "true"
    # Cert-manager annotations for automatic certificate issuance
    cert-manager.io/cluster-issuer: "letsencrypt-staging"
    cert-manager.io/acme-challenge-type: http01
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - bakery-ia.local
    - api.bakery-ia.local
    - monitoring.bakery-ia.local
    secretName: bakery-ia-tls-cert
  rules:
  - host: bakery-ia.local
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: frontend-service
            port:
              number: 3000
      - path: /api
        pathType: Prefix
        backend:
          service:
            name: gateway-service
            port:
              number: 8000
  - host: api.bakery-ia.local
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: gateway-service
            port:
              number: 8000
  - host: monitoring.bakery-ia.local
    http:
      paths:
      - path: /grafana
        pathType: Prefix
        backend:
          service:
            name: grafana-service
            port:
              number: 3000
      - path: /prometheus
        pathType: Prefix
        backend:
          service:
            name: prometheus-service
            port:
              number: 9090