From b883ca0f7ce5601fdf5ed257dab8d14832e6e329 Mon Sep 17 00:00:00 2001
From: Pavel Sorokin <60606414+pavel-snyk@users.noreply.github.com>
Date: Tue, 16 Jan 2024 13:28:03 +0100
Subject: [PATCH] fix: do not render envvar for scm token when using external
 credential pooling

---
 charts/snyk-broker/templates/broker_deployment.yaml         | 6 ++++++
 .../broker_deployment_scm_token_pool_test.yaml.snap         | 5 -----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/charts/snyk-broker/templates/broker_deployment.yaml b/charts/snyk-broker/templates/broker_deployment.yaml
index e11a857..b102721 100644
--- a/charts/snyk-broker/templates/broker_deployment.yaml
+++ b/charts/snyk-broker/templates/broker_deployment.yaml
@@ -108,11 +108,13 @@ spec:
                 secretKeyRef:
                   name: {{ .Values.scmType}}-broker-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
                   key: "{{ .Values.scmType}}-broker-token-key"
+            {{- if not .Values.useExternalSecretScmTokenPool }}
             - name: GITHUB_TOKEN
               valueFrom:
                 secretKeyRef:
                   name: {{ .Values.scmType}}-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
                   key: "{{ .Values.scmType}}-token-key"
+            {{- end }}
             {{- if or (.Values.scmTokenPool) (.Values.useExternalSecretScmTokenPool) }}
             - name: GITHUB_TOKEN_POOL
               valueFrom:
@@ -132,11 +134,13 @@ spec:
                 secretKeyRef:
                   name: {{ .Values.scmType}}-broker-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
                   key: "{{ .Values.scmType}}-broker-token-key"
+            {{- if not .Values.useExternalSecretScmTokenPool }}
             - name: GITHUB_TOKEN
               valueFrom:
                 secretKeyRef:
                   name: {{ .Values.scmType}}-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
                   key: "{{ .Values.scmType}}-token-key"
+            {{- end }}
             {{- if or (.Values.scmTokenPool) (.Values.useExternalSecretScmTokenPool) }}
             - name: GITHUB_TOKEN_POOL
               valueFrom:
@@ -186,11 +190,13 @@ spec:
                 secretKeyRef:
                   name: {{ .Values.scmType}}-broker-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
                   key: "{{ .Values.scmType}}-broker-token-key"
+            {{- if not .Values.useExternalSecretScmTokenPool }}
             - name: GITLAB_TOKEN
               valueFrom:
                 secretKeyRef:
                   name: {{ .Values.scmType}}-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
                   key: "{{ .Values.scmType}}-token-key"
+            {{- end }}
             {{- if or (.Values.scmTokenPool) (.Values.useExternalSecretScmTokenPool) }}
             - name: GITLAB_TOKEN_POOL
               valueFrom:
diff --git a/charts/snyk-broker/tests/__snapshot__/broker_deployment_scm_token_pool_test.yaml.snap b/charts/snyk-broker/tests/__snapshot__/broker_deployment_scm_token_pool_test.yaml.snap
index 2ee046d..2b81f2f 100644
--- a/charts/snyk-broker/tests/__snapshot__/broker_deployment_scm_token_pool_test.yaml.snap
+++ b/charts/snyk-broker/tests/__snapshot__/broker_deployment_scm_token_pool_test.yaml.snap
@@ -183,11 +183,6 @@ github token pool configured with enabled useExternalSecretScmTokenPool:
                     secretKeyRef:
                       key: github-com-broker-token-key
                       name: github-com-broker-token-RELEASE-NAME
-                - name: GITHUB_TOKEN
-                  valueFrom:
-                    secretKeyRef:
-                      key: github-com-token-key
-                      name: github-com-token-RELEASE-NAME
                 - name: GITHUB_TOKEN_POOL
                   valueFrom:
                     secretKeyRef: