Skip to content

Commit

Permalink
fix: create secret if only name is specified
Browse files Browse the repository at this point in the history
  • Loading branch information
soniqua committed Sep 26, 2024
1 parent 99cbb66 commit 6c38f70
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 3 deletions.
6 changes: 3 additions & 3 deletions charts/snyk-broker/templates/broker_deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -87,12 +87,12 @@ spec:
mountPath: /home/node/private
readOnly: true
{{- end }}
{{- if or (.Values.caCert) (.Values.caCertFile) (and .Values.caCertFileSecret.key .Values.caCertFileSecret.name ) }}
{{- if or (.Values.caCert) (.Values.caCertFile) ( .Values.caCertFileSecret.name ) }}
- name: {{ include "snyk-broker.fullname" . }}-cacert-volume
mountPath: /home/node/cacert
readOnly: true
{{- end }}
{{- if or ( and (.Values.httpsCert) (.Values.httpsKey) ) (and .Values.httpsSecret.key .Values.httpsSecret.name ) }}
{{- if or ( and (.Values.httpsCert) (.Values.httpsKey) ) ( .Values.httpsSecret.name ) }}
- name: {{ include "snyk-broker.fullname" . }}-tls-secret-volume
mountPath: /home/node/tls-cert/
readOnly: true
Expand Down Expand Up @@ -219,7 +219,7 @@ spec:
configMap:
name: {{ include "snyk-broker.fullname" . }}-accept-configmap{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
{{- end }}
{{- if or (.Values.caCert) ( or ( and .Values.caCertFileSecret.name .Values.caCertFileSecret.key ) .Values.caCertFile) }}
{{- if or .Values.caCert .Values.caCertFileSecret.name .Values.caCertFile }}
- name: {{ include "snyk-broker.fullname" . }}-cacert-volume
secret:
secretName: {{ include "snyk-broker.caCertSecretName" . }}
Expand Down
25 changes: 25 additions & 0 deletions charts/snyk-broker/tests/broker_deployment_ca_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -296,3 +296,28 @@ tests:
mountPath: /home/node/cacert
readOnly: true
template: broker_deployment.yaml


- it: correctly mounts an external CA secret with default key
set:
useExternalSecrets: true
caCertFileSecret:
name: my-secret
asserts:
- contains:
path: spec.template.spec.volumes
content:
name: RELEASE-NAME-snyk-broker-cacert-volume
secret:
secretName: my-secret
template: broker_deployment.yaml
- exists:
path: spec.template.spec.containers[0].volumeMounts
template: broker_deployment.yaml
- contains:
path: spec.template.spec.containers[0].volumeMounts
content:
name: RELEASE-NAME-snyk-broker-cacert-volume
mountPath: /home/node/cacert
readOnly: true
template: broker_deployment.yaml

0 comments on commit 6c38f70

Please sign in to comment.