From adf96f26aa1631cc56039f48d534f511e7a773da Mon Sep 17 00:00:00 2001
From: Andrew Azores <aazores@redhat.com>
Date: Thu, 14 Nov 2024 16:20:02 -0500
Subject: [PATCH] rename secret data keys, add test

---
 charts/cryostat/templates/alpha_config.yaml   |  4 +-
 .../templates/cryostat_tls_secret.yaml        |  4 +-
 .../tests/cryostat_tls_secret_test.yaml       | 47 +++++++++++++++++++
 3 files changed, 51 insertions(+), 4 deletions(-)
 create mode 100644 charts/cryostat/tests/cryostat_tls_secret_test.yaml

diff --git a/charts/cryostat/templates/alpha_config.yaml b/charts/cryostat/templates/alpha_config.yaml
index 7e61c6f..6655c00 100644
--- a/charts/cryostat/templates/alpha_config.yaml
+++ b/charts/cryostat/templates/alpha_config.yaml
@@ -17,9 +17,9 @@ data:
       {{- end}}
       TLS:
         Key:
-          fromFile: /etc/tls/private/KEY
+          fromFile: /etc/tls/private/key
         Cert:
-          fromFile: /etc/tls/private/CERT
+          fromFile: /etc/tls/private/cert
     upstreamConfig:
       proxyRawPath: true
       upstreams:
diff --git a/charts/cryostat/templates/cryostat_tls_secret.yaml b/charts/cryostat/templates/cryostat_tls_secret.yaml
index a0d2440..2e1354d 100644
--- a/charts/cryostat/templates/cryostat_tls_secret.yaml
+++ b/charts/cryostat/templates/cryostat_tls_secret.yaml
@@ -10,6 +10,6 @@ metadata:
 type: Opaque
 immutable: true
 data:
-  CERT: {{ $cert.Cert | b64enc }}
-  KEY: {{ $cert.Key | b64enc }}
+  cert: {{ $cert.Cert | b64enc }}
+  key: {{ $cert.Key | b64enc }}
 {{- end -}}
diff --git a/charts/cryostat/tests/cryostat_tls_secret_test.yaml b/charts/cryostat/tests/cryostat_tls_secret_test.yaml
new file mode 100644
index 0000000..4613e5a
--- /dev/null
+++ b/charts/cryostat/tests/cryostat_tls_secret_test.yaml
@@ -0,0 +1,47 @@
+suite: test cryostat_tls_secret.yaml
+templates:
+  - cryostat_tls_secret.yaml
+
+tests:
+  - it: should create a TLS cert secret if oauth2Proxy.service.tls.selfSigned.enabled is set
+    set:
+      oauth2Proxy:
+        service:
+          tls:
+            selfSigned:
+              enabled: true
+    asserts:
+      - hasDocuments:
+          count: 1
+      - equal:
+          path: kind
+          value: Secret
+      - equal:
+          path: metadata.name
+          value: RELEASE-NAME-oauth2proxy-tls
+      - equal:
+          path: type
+          value: Opaque
+      - exists:
+          path: data.key
+      - exists:
+          path: data.cert
+      - equal:
+          path: metadata.labels
+          value:
+            app.kubernetes.io/instance: RELEASE-NAME
+            app.kubernetes.io/managed-by: Helm
+            app.kubernetes.io/name: cryostat
+            app.kubernetes.io/version: 4.0.0-dev
+            helm.sh/chart: cryostat-2.0.0-dev
+
+  - it: should not create a TLS cert secret if oauth2Proxy.service.tls.selfSigned.enabled is not set
+    set:
+      oauth2Proxy:
+        service:
+          tls:
+            selfSigned:
+              enabled: false
+    asserts:
+      - hasDocuments:
+          count: 0