[BUG] Error: Ingress should allow https only. tls configuration and annotation nginx.ingress.kubernetes.io/force-ssl-redirect=true are required for graphrag

[MemmoB]

Describe the bug There seems to be some missing TLS-configuration in the values.yaml for the graphrag Helm-chart. When running the deploy script I get the following error:

....
Downloading ingress-nginx from repo https://kubernetes.github.io/ingress-nginx
Deleting outdated charts
+ helm upgrade -i graphrag ./helm/graphrag -f ./helm/graphrag/values.yaml --namespace graphrag --create-namespace --set serviceAccount.name=graphrag-workload-sa.....................  
Error: UPGRADE FAILED: failed to create resource: admission webhook "validation.gatekeeper.sh" denied the request: [azurepolicy-k8sazurev1ingresshttpsonly-980db8fee45c3818ccf6] Ingress should allow https only. tls configuration and annotation nginx.ingress.kubernetes.io/force-ssl-redirect=true are required for graphrag
[azurepolicy-k8sazurev1ingresshttpsonly-c20fbb798eee2ae9864a] Ingress should allow https only. tls configuration and annotation nginx.ingress.kubernetes.io/force-ssl-redirect=true are required for graphrag
+ local helmResult=1
+ true
+ set +x
Error deploying helm chart, exiting...

Desktop (please complete the following information): VsCode dev-container.

[MemmoB]

This seems to be related to default Policy settings for our Azure Subscription. Disabling the Policy Add-on temporarily solved this error. However, a certificate validation error happens instead:
Internal error occurred: failed calling webhook "validate.nginx.ingress.kubernetes.io": failed to call webhook: Post "https://graphrag-ingress-nginx-controller-admission.graphrag.svc:443/networking/v1/ingresses?timeout=10s": tls: failed to verify certificate: x509: certificate signed by unknown authority

[MemmoB]

Removing validation webhooks for the ingress makes the deploy script deploy the Helm chart and finish the setup.