fix: tests

.gitignore

@@ -46,4 +46,4 @@ bitbucket.crt
 .dccache
 
 # Helm Unittest Debug
-charts/snyk-broker/helm/.debug
+charts/snyk-broker/.debug

.gitleaks.toml

@@ -6,6 +6,7 @@ description = "global allow list"
 paths = [
   'charts/snyk-broker/tests/__snapshot__/*',
   'charts/snyk-broker/tests/.*(.key)$',
+  'charts/snyk-broker/tests/fixtures/*'
 ]
 
 # ignoring historical secrets from past commits

charts/snyk-broker/templates/broker_deployment.yaml

@@ -397,10 +397,6 @@ spec:
          # Code Agent
             - name: GIT_CLIENT_URL
               value: {{ default (printf "http://code-agent-service:%s" (.Values.deployment.container.caSnykPort | toString)) .Values.gitClientUrl }}
-         {{- else if .Values.enableSnykCodeLocalEngine }}
-          # Snyk Code Local Engine
-            - name: GIT_CLIENT_URL
-              value: {{ tpl .Values.gitClientUrl . }}
          {{- end }}
          # Logging
             - name: LOG_LEVEL
@@ -465,10 +461,8 @@ spec:
           {{- if has .Values.scmType ( list "github-com" "github-enterprise" "bitbucket-server" "bitbucket-server-bearer-auth" "gitlab" "azure-repos") }}
           {{- if not .Values.disableAutoAcceptRules  }}
           # Default Values to allow Snyk Code Snippets and Snyk IaC
-            {{- if not .Values.enableSnykCodeLocalEngine }}
             - name: ACCEPT_CODE
               value: "true"
-            {{- end}}
             - name: ACCEPT_IAC
               value: "tf,yaml,yml,json,tpl"
           {{- end}}

charts/snyk-broker/templates/secrets.yaml

@@ -1,8 +1,9 @@
+{{ $suffix := ( .Values.disableSuffixes | default false ) | ternary "" ( printf "-%s" .Release.Name ) }}
 {{- if .Values.brokerToken }}
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Values.scmType}}-broker-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: {{ .Values.scmType}}-broker-token{{ $suffix }}
 type: Opaque
 data:
   "{{ .Values.scmType}}-broker-token-key": {{ .Values.brokerToken | b64enc | quote }}
@@ -12,7 +13,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Values.scmType}}-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: {{ .Values.scmType}}-token{{ $suffix }}
 type: Opaque
 data:
   "{{ .Values.scmType}}-token-key": {{ .Values.scmToken | b64enc | quote }}
@@ -22,7 +23,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Values.scmType }}-token-pool{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: {{ .Values.scmType }}-token-pool{{ $suffix }}
 type: Opaque
 data:
   "{{ .Values.scmType }}-token-key-pool": {{ .Values.scmTokenPool | b64enc | quote }}
@@ -32,7 +33,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Values.scmType}}-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: {{ .Values.scmType}}-token{{ $suffix }}
 type: Opaque
 data:
   "{{ .Values.scmType}}-token-key": {{ .Values.bitbucketPassword | b64enc | quote }}
@@ -42,7 +43,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Values.scmType}}-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: {{ .Values.scmType}}-token{{ $suffix }}
 type: Opaque
 stringData:
   "{{ .Values.scmType}}-token-key": {{ .Values.bitbucketPat | quote }}
@@ -52,7 +53,7 @@ stringData:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Values.scmType}}-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: {{ .Values.scmType}}-token{{ $suffix }}
 type: Opaque
 data:
   "{{ .Values.scmType}}-token-key": {{ .Values.azureReposToken | b64enc | quote }}
@@ -62,7 +63,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Values.scmType}}-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: {{ .Values.scmType}}-token{{ $suffix }}
 type: Opaque
 data:
   "{{ .Values.scmType}}-token-key": {{ .Values.jiraPassword | b64enc | quote }}
@@ -72,7 +73,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Values.scmType}}-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: {{ .Values.scmType}}-token{{ $suffix }}
 type: Opaque
 data:
   "{{ .Values.scmType}}-token-key": {{ .Values.jiraPat | b64enc | quote }}
@@ -82,7 +83,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Values.scmType}}-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: {{ .Values.scmType}}-token{{ $suffix }}
 type: Opaque
 data:
   "{{ .Values.scmType}}-token-key": {{ .Values.crPassword | b64enc | quote }}
@@ -92,7 +93,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .Values.scmType}}-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: {{ .Values.scmType}}-token{{ $suffix }}
 type: Opaque
 data:
   "{{ .Values.scmType}}-token-key": {{ .Values.crToken | b64enc | quote }}
@@ -102,7 +103,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: snyk-token{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: snyk-token{{ $suffix }}
 type: Opaque
 data:
   "snyk-token-key": {{ .Values.snykToken | b64enc | quote }}
@@ -112,7 +113,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: artifactory-url{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: artifactory-url{{ $suffix }}
 type: Opaque
 stringData:
   artifactory-url: {{ .Values.artifactoryUrl | quote }}
@@ -122,7 +123,7 @@ stringData:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: artifactory-broker-client-validation-url{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: artifactory-broker-client-validation-url{{ $suffix }}
 type: Opaque
 stringData:
   artifactory-broker-client-validation-url: {{ .Values.brokerClientValidationUrl | quote }}
@@ -132,7 +133,7 @@ stringData:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: nexus-base-nexus-url{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: nexus-base-nexus-url{{ $suffix }}
 type: Opaque
 data:
   "nexus-base-nexus-url": {{ .Values.baseNexusUrl | b64enc | quote }}
@@ -142,7 +143,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: nexus-nexus-url{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: nexus-nexus-url{{ $suffix }}
 type: Opaque
 data:
   "nexus-nexus-url": {{ .Values.nexusUrl | b64enc | quote }}
@@ -153,7 +154,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: nexus-broker-client-validation-url{{if not .Values.disableSuffixes }}-{{ .Release.Name }}{{ end }}
+  name: nexus-broker-client-validation-url{{ $suffix }}
 type: Opaque
 stringData:
   nexus-broker-client-validation-url: {{ .Values.brokerClientValidationUrl | quote }}

charts/snyk-broker/tests/__snapshot__/broker_cra_deployment_disablesuffixes_test.yaml.snap

@@ -122,12 +122,20 @@ with CRA:
   3: |
     apiVersion: v1
     data:
-      container-registry-agent-broker-token-key: MTIz
+      container-registry-agent-broker-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
     kind: Secret
     metadata:
       name: container-registry-agent-broker-token-RELEASE-NAME
     type: Opaque
   4: |
+    apiVersion: v1
+    data:
+      snyk-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
+    kind: Secret
+    metadata:
+      name: snyk-token-RELEASE-NAME
+    type: Opaque
+  5: |
     apiVersion: v1
     kind: ServiceAccount
     metadata:

charts/snyk-broker/tests/__snapshot__/broker_cra_deployment_test.yaml.snap

@@ -122,12 +122,20 @@ with CRA:
   3: |
     apiVersion: v1
     data:
-      container-registry-agent-broker-token-key: MTIz
+      container-registry-agent-broker-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
     kind: Secret
     metadata:
       name: container-registry-agent-broker-token-RELEASE-NAME
     type: Opaque
   4: |
+    apiVersion: v1
+    data:
+      snyk-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
+    kind: Secret
+    metadata:
+      name: snyk-token-RELEASE-NAME
+    type: Opaque
+  5: |
     apiVersion: v1
     kind: ServiceAccount
     metadata:

charts/snyk-broker/tests/__snapshot__/broker_deployment_apprisk_test.yaml.snap

@@ -121,12 +121,20 @@ apprisk enabled:
   3: |
     apiVersion: v1
     data:
-      github-com-broker-token-key: MTIz
+      github-com-broker-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
     kind: Secret
     metadata:
       name: github-com-broker-token-RELEASE-NAME
     type: Opaque
   4: |
+    apiVersion: v1
+    data:
+      snyk-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
+    kind: Secret
+    metadata:
+      name: snyk-token-RELEASE-NAME
+    type: Opaque
+  5: |
     apiVersion: v1
     kind: ServiceAccount
     metadata:

charts/snyk-broker/tests/__snapshot__/broker_deployment_artifactory_test.yaml.snap

@@ -120,28 +120,36 @@ should render artifactoryUrl and brokerClientValidationUrl as secrets:
   3: |
     apiVersion: v1
     data:
-      artifactory-broker-token-key: MTIz
+      artifactory-broker-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
     kind: Secret
     metadata:
       name: artifactory-broker-token-RELEASE-NAME
     type: Opaque
   4: |
+    apiVersion: v1
+    data:
+      snyk-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
+    kind: Secret
+    metadata:
+      name: snyk-token-RELEASE-NAME
+    type: Opaque
+  5: |
     apiVersion: v1
     kind: Secret
     metadata:
       name: artifactory-url-RELEASE-NAME
     stringData:
       artifactory-url: username:password@your-domain.com/artifactory
     type: Opaque
-  5: |
+  6: |
     apiVersion: v1
     kind: Secret
     metadata:
       name: artifactory-broker-client-validation-url-RELEASE-NAME
     stringData:
       artifactory-broker-client-validation-url: https://username:[email protected]/artifactory/api/system/ping
     type: Opaque
-  6: |
+  7: |
     apiVersion: v1
     kind: ServiceAccount
     metadata:

charts/snyk-broker/tests/__snapshot__/broker_deployment_configmap_disablesuffixes_test.yaml.snap

@@ -163,12 +163,20 @@ cacert:
   4: |
     apiVersion: v1
     data:
-      github-com-broker-token-key: MTIz
+      github-com-broker-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
     kind: Secret
     metadata:
       name: github-com-broker-token
     type: Opaque
   5: |
+    apiVersion: v1
+    data:
+      snyk-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
+    kind: Secret
+    metadata:
+      name: snyk-token
+    type: Opaque
+  6: |
     apiVersion: v1
     kind: ServiceAccount
     metadata:
@@ -323,12 +331,20 @@ cacertfile:
   4: |
     apiVersion: v1
     data:
-      github-com-broker-token-key: MTIz
+      github-com-broker-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
     kind: Secret
     metadata:
       name: github-com-broker-token
     type: Opaque
   5: |
+    apiVersion: v1
+    data:
+      snyk-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
+    kind: Secret
+    metadata:
+      name: snyk-token
+    type: Opaque
+  6: |
     apiVersion: v1
     kind: ServiceAccount
     metadata:

charts/snyk-broker/tests/__snapshot__/broker_deployment_configmap_test.yaml.snap

@@ -163,12 +163,20 @@ cacert:
   4: |
     apiVersion: v1
     data:
-      github-com-broker-token-key: MTIz
+      github-com-broker-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
     kind: Secret
     metadata:
       name: github-com-broker-token-RELEASE-NAME
     type: Opaque
   5: |
+    apiVersion: v1
+    data:
+      snyk-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
+    kind: Secret
+    metadata:
+      name: snyk-token-RELEASE-NAME
+    type: Opaque
+  6: |
     apiVersion: v1
     kind: ServiceAccount
     metadata:
@@ -323,12 +331,20 @@ cacertfile:
   4: |
     apiVersion: v1
     data:
-      github-com-broker-token-key: MTIz
+      github-com-broker-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
     kind: Secret
     metadata:
       name: github-com-broker-token-RELEASE-NAME
     type: Opaque
   5: |
+    apiVersion: v1
+    data:
+      snyk-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
+    kind: Secret
+    metadata:
+      name: snyk-token-RELEASE-NAME
+    type: Opaque
+  6: |
     apiVersion: v1
     kind: ServiceAccount
     metadata:

charts/snyk-broker/tests/__snapshot__/broker_deployment_customaccept_disablesuffixes_test.yaml.snap

@@ -136,12 +136,20 @@ customaccept values:
   4: |
     apiVersion: v1
     data:
-      github-com-broker-token-key: MTIz
+      github-com-broker-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
     kind: Secret
     metadata:
       name: github-com-broker-token
     type: Opaque
   5: |
+    apiVersion: v1
+    data:
+      snyk-token-key: MTIzNDVhNmItNzhkOS0xZTJmLTNhYmMtNDU2ZGVmNzg5MTIz
+    kind: Secret
+    metadata:
+      name: snyk-token
+    type: Opaque
+  6: |
     apiVersion: v1
     kind: ServiceAccount
     metadata: