feat: Support passing value overrides for configuration checks (#2679)

2025-12-22 23:26:39 -08:00 · 2022-08-08 16:22:58 +01:00
parent 317a026616
commit 01123854b4
12 changed files with 732 additions and 25 deletions
--- a/integration/fs_test.go
+++ b/integration/fs_test.go
@@ -24,6 +24,8 @@ func TestFilesystem(t *testing.T) {
 		input          string
 		secretConfig   string
 		filePatterns   []string
+		helmSet        []string
+		helmValuesFile []string
 	}
 	tests := []struct {
 		name   string
@@ -134,6 +136,24 @@ func TestFilesystem(t *testing.T) {
 			},
 			golden: "testdata/helm_testchart.json.golden",
 		},
+		{
+			name: "helm chart directory scanning with value overrides using set",
+			args: args{
+				securityChecks: "config",
+				input:          "testdata/fixtures/fs/helm_testchart",
+				helmSet:        []string{"securityContext.runAsUser=0"},
+			},
+			golden: "testdata/helm_testchart.overridden.json.golden",
+		},
+		{
+			name: "helm chart directory scanning with value overrides using value file",
+			args: args{
+				securityChecks: "config",
+				input:          "testdata/fixtures/fs/helm_testchart",
+				helmValuesFile: []string{"testdata/fixtures/fs/helm_values/values.yaml"},
+			},
+			golden: "testdata/helm_testchart.overridden.json.golden",
+		},
 		{
 			name: "helm chart directory scanning with builtin policies and non string Chart name",
 			args: args{
@@ -195,6 +215,18 @@ func TestFilesystem(t *testing.T) {
 				}
 			}

+			if len(tt.args.helmSet) != 0 {
+				for _, helmSet := range tt.args.helmSet {
+					osArgs = append(osArgs, "--helm-set", helmSet)
+				}
+			}
+
+			if len(tt.args.helmValuesFile) != 0 {
+				for _, helmValuesFile := range tt.args.helmValuesFile {
+					osArgs = append(osArgs, "--helm-values", helmValuesFile)
+				}
+			}
+
 			// Setup the output file
 			outputFile := filepath.Join(t.TempDir(), "output.json")
 			if *update {