From 70cfec3fc89c081481cdb9a240b024c5c184ca54 Mon Sep 17 00:00:00 2001
From: Steven Merrill <steven.merrill@gmail.com>
Date: Tue, 14 Jul 2020 09:53:33 -0400
Subject: [PATCH] Force caBundle to always be quoted (#352)

This fixes issues when you do not provide a value for caBundle that
causes validation issues.
---
 templates/injector-mutating-webhook.yaml | 2 +-
 test/unit/injector-mutating-webhook.bats | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/templates/injector-mutating-webhook.yaml b/templates/injector-mutating-webhook.yaml
index 3f0d27e..1417986 100644
--- a/templates/injector-mutating-webhook.yaml
+++ b/templates/injector-mutating-webhook.yaml
@@ -14,7 +14,7 @@ webhooks:
         name: {{ template "vault.fullname" . }}-agent-injector-svc
         namespace: {{ .Release.Namespace }}
         path: "/mutate"
-      caBundle: {{ .Values.injector.certs.caBundle }}
+      caBundle: {{ .Values.injector.certs.caBundle | quote }}
     rules:
       - operations: ["CREATE", "UPDATE"]
         apiGroups: [""]
diff --git a/test/unit/injector-mutating-webhook.bats b/test/unit/injector-mutating-webhook.bats
index 2eefcf2..5fb2b6d 100755
--- a/test/unit/injector-mutating-webhook.bats
+++ b/test/unit/injector-mutating-webhook.bats
@@ -42,7 +42,7 @@ load _helpers
   [ "${actual}" = "\"foo\"" ]
 }
 
-@test "injector/MutatingWebhookConfiguration: caBundle is empty" {
+@test "injector/MutatingWebhookConfiguration: caBundle is empty string" {
   cd `chart_dir`
   local actual=$(helm template \
       --show-only templates/injector-mutating-webhook.yaml  \
@@ -50,7 +50,7 @@ load _helpers
       --namespace foo \
       . | tee /dev/stderr |
       yq '.webhooks[0].clientConfig.caBundle' | tee /dev/stderr)
-  [ "${actual}" = "null" ]
+  [ "${actual}" = "\"\"" ]
 }
 
 @test "injector/MutatingWebhookConfiguration: namespaceSelector empty by default" {