From 388913f8146d3473a23b36d27631c4b643e6ef86 Mon Sep 17 00:00:00 2001
From: Saumil Macwan <saumil.macwan@snyk.io>
Date: Wed, 2 Oct 2024 12:40:42 -0400
Subject: [PATCH] fix: add existing secret env var in deployment (#140)

* fix: add existing secret env var in deployment

* fix: bump the version
---
 charts/snyk-broker/Chart.yaml                        |  2 +-
 charts/snyk-broker/templates/broker_deployment.yaml  |  8 ++++++++
 .../snyk-broker/tests/broker_deployment_ca_test.yaml | 12 ++++++++++++
 3 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/charts/snyk-broker/Chart.yaml b/charts/snyk-broker/Chart.yaml
index a8cc1c0..c015733 100644
--- a/charts/snyk-broker/Chart.yaml
+++ b/charts/snyk-broker/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v2
 name: snyk-broker
-version: 2.8.3
+version: 2.8.4
 description: A Helm chart for Kubernetes
 type: application
diff --git a/charts/snyk-broker/templates/broker_deployment.yaml b/charts/snyk-broker/templates/broker_deployment.yaml
index 73fd4ce..2925658 100644
--- a/charts/snyk-broker/templates/broker_deployment.yaml
+++ b/charts/snyk-broker/templates/broker_deployment.yaml
@@ -144,6 +144,14 @@ spec:
               value: /home/node/cacert/cacert
          {{- end }}
 
+         {{- if .Values.caCertFileSecret.name }}
+          # HTTPS Inspection
+            - name: CA_CERT
+              value: /home/node/cacert/{{ .Values.caCertFileSecret.key }}
+            - name: NODE_EXTRA_CA_CERTS
+              value: /home/node/cacert/{{ .Values.caCertFileSecret.key }}
+         {{- end }}
+
          {{- if .Values.httpsCert }}
          # HTTPS Config
             - name: HTTPS_CERT
diff --git a/charts/snyk-broker/tests/broker_deployment_ca_test.yaml b/charts/snyk-broker/tests/broker_deployment_ca_test.yaml
index 9536172..e1ffd97 100644
--- a/charts/snyk-broker/tests/broker_deployment_ca_test.yaml
+++ b/charts/snyk-broker/tests/broker_deployment_ca_test.yaml
@@ -296,6 +296,18 @@ tests:
             mountPath: /home/node/cacert
             readOnly: true
         template: broker_deployment.yaml
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: NODE_EXTRA_CA_CERTS
+            value: "/home/node/cacert/caCert"
+        template: broker_deployment.yaml
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: CA_CERT
+            value: "/home/node/cacert/caCert"
+        template: broker_deployment.yaml
 
 
   - it: correctly mounts an external CA secret with default key