fix(charts): allow helm api test to support 3rd party auth service

[CHRON-404](https://blockchaintp.atlassian.net/browse/CHRON-404)

Signed-off-by: Joseph Livesey <[email protected]>

charts/chronicle/Chart.yaml

@@ -17,7 +17,7 @@ keywords:
 # This is the chart version. This version number should be incremented each
 # time you make changes to the chart and its templates, including the app
 # version.
-version: 0.1.18
+version: 0.1.19
 
 # This is the version number of Chronicle being deployed. This version
 # number should be incremented each time you make changes to Chronicle.

charts/chronicle/templates/test-token-getter-roles.yaml

@@ -1,4 +1,4 @@
-{{- if .Values.test.enabled }}
+{{- if .Values.test.api.enabled }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role

charts/chronicle/templates/tests/api-test.yaml

@@ -1,4 +1,4 @@
-{{- if .Values.test.enabled }}
+{{- if .Values.test.api.enabled }}
 apiVersion: batch/v1
 kind: Job
 metadata:
@@ -16,8 +16,9 @@ spec:
       serviceAccountName:  {{ include "lib.serviceAccountName" . }}
       automountServiceAccountToken: true
       {{- if .Values.auth.required }}
+      {{ if not .Values.test.auth.token }}
       {{ if not .Values.devIdProvider.enabled }}
-      {{ required "If 'auth.required' when using the test suite 'devIdProvider.enabled' must be set to 'true'!" .Values.devIdProvider.enabled }}
+      {{ required "If 'auth.required' when using the api-test 'test.auth.token' must be provided or 'devIdProvider.enabled' must be set to 'true'!" .Values.devIdProvider.enabled }}
       {{ end }}
       initContainers:
         - name: wait-for-id-provider
@@ -73,20 +74,33 @@ spec:
           volumeMounts:
             - name: shared-data
               mountPath: /shared-data
+      {{ end }}
       {{- end }}
       containers:
         - name: test
           {{- include "lib.image" (dict "imageRoot" .Values.test.api.image "global" .Values.global ) | nindent 10 }}
           command: [ "sh", "-ec" ]
           args:
             - |
+              {{ if not .Values.test.auth.token }}
+              {{ if or .Values.auth.jwks.url .Values.auth.userinfo.url }}
+              echo "Auth endpoints provided but no token provided." 
+              echo "Please provide 'test.auth.token' in the values.yaml file."
+              exit 1
+              {{ end }}
+              {{ end }}
+
               API={{ include "chronicle.api.service" . }}
               export PORT={{ .Values.port }}
               echo "Waiting for API to be ready ..."
               wait-for-it $API:$PORT --timeout=0
               echo "Getting IP address for API ..."
               getent hosts $API | cut -f 1 -d \ | head -n 1 > /shared-data/api-ip || exit 1
 
+              {{- if .Values.test.auth.token }}
+              echo "{{ .Values.test.auth.token }}" > /shared-data/jwks-token
+              {{- end }}
+
               if [ -f "/shared-data/jwks-token" ]; then
                 echo "Found token."
                 sleep 5

charts/chronicle/values.yaml

@@ -133,16 +133,19 @@ serviceAccount:
 test:
   ## @md | `test.api` | test the chronicle GraphQL server API |
   api:
-    ## @md | `api-test-container.image` | the image to use for the api-test container | blockchaintp/chronicle-api-test |
+    ## @md | `test.api.enabled` | true to enable api-test Jobs and Services | true |
+    enabled: true
+    ## @md | `test.api.image` | the image to use for the api-test container | blockchaintp/chronicle-helm-api-test |
     image:
       ## @md | `test.api.image.pullPolicy` | the image pull policy | IfNotPresent |
       pullPolicy: IfNotPresent
       ## @md | `test.api.image.repository` | the image repository | blockchaintp/chronicle-helm-api-test |
       repository: blockchaintp/chronicle-helm-api-test-amd64
       ## @md | `test.api.image.tag` | the image tag | latest |
       tag: BTP2.1.0-0.7.3
-  ## @md | `test.enabled` | true to enable test Jobs and Services | true |
-  enabled: true
+  auth:
+    ## @md | `test.auth.token` | provide a token for auth-related testing | nil |
+    token:
 
 postgres:
   # if enabled we allocate a postgres database here