From 81cf46eb43f62cfedf5f664b419eaaf43e5d1eb1 Mon Sep 17 00:00:00 2001
From: Romain Caire <romain.caire@shadow.tech>
Date: Mon, 11 Mar 2024 18:23:05 +0100
Subject: [PATCH] Close #248: `extraVolumes` not working if either `authz` or
 `bootstrapPolicies` are not enabled;

Signed-off-by: Romain Caire <romain.caire@shadow.tech>
---
 charts/opa-kube-mgmt/templates/deployment.yaml |  2 +-
 test/unit/kube-mgmt_args.yaml                  | 16 ++++++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/charts/opa-kube-mgmt/templates/deployment.yaml b/charts/opa-kube-mgmt/templates/deployment.yaml
index 4e551179..3f2d9d55 100644
--- a/charts/opa-kube-mgmt/templates/deployment.yaml
+++ b/charts/opa-kube-mgmt/templates/deployment.yaml
@@ -252,9 +252,9 @@ spec:
               - key: {{ .Values.authz.mgmtToken.secretKey | default "mgmtToken" }}
                 path: mgmt-token
 {{- end }}
+{{- end }}
 {{- if .Values.extraVolumes }}
 {{ toYaml .Values.extraVolumes | indent 8}}
-{{- end }}
 {{- end }}
       affinity:
 {{ toYaml .Values.affinity | indent 8 }}
diff --git a/test/unit/kube-mgmt_args.yaml b/test/unit/kube-mgmt_args.yaml
index 5125cf46..a093130a 100644
--- a/test/unit/kube-mgmt_args.yaml
+++ b/test/unit/kube-mgmt_args.yaml
@@ -45,3 +45,19 @@ tests:
       - contains:
           path: spec.template.spec.containers[1].args
           content: "--namespaces=*"
+  - it: should add extraVolumes if authz is disabled & no bootstrapPolicies are provided
+    set:
+      useHttps: false
+      authz:
+        enabled: false
+      extraVolumes:
+        - name: example-app-auth-config
+          secret:
+            secretName: example-app-auth-config
+    asserts:
+      - contains:
+          path: spec.template.spec.volumes
+          content: 
+            name: example-app-auth-config
+            secret:
+              secretName: example-app-auth-config