fix(shield): update custom CA path in host shield config (#2029)

Co-authored-by: Alberto Barba <[email protected]>

charts/shield/Chart.yaml

@@ -13,5 +13,5 @@ maintainers:
   - name: mavimo
     email: [email protected]
 type: application
-version: 0.1.15
+version: 0.1.16
 appVersion: "1.0.0"

charts/shield/templates/host/_helpers.tpl

@@ -24,6 +24,9 @@ If release name contains chart name it will be used as a full name.
     {{- $host := split ":" $parsedProxyConfig.host -}}
     {{- $_ := set $proxyConfig "proxy_host" $host._0 -}}
     {{- $_ := set $proxyConfig "proxy_port" $host._1 -}}
+    {{- if (include "common.custom_ca.enabled" .) }}
+      {{- $_ = set $proxyConfig "ca_certificate" (include "common.custom_ca.path" (mergeOverwrite . (dict "CACertsPath" "certificates/"))) }}
+    {{- end }}
     {{- $proxyConfig | toYaml -}}
 {{- end -}}
 {{- end -}}

charts/shield/tests/host/configmap-dragent-yaml_test.yaml

@@ -920,3 +920,34 @@ tests:
           pattern: |
             kspm_analyzer:
               agent_app_name: shield
+
+  - it: Test with Custom CA In Values
+    set:
+      proxy:
+        https_proxy: "https://proxy.example.com:8080"
+      ssl:
+        ca:
+          certs:
+            - "test certificate"
+          key_name: "custom-ca-from-values.crt"
+    asserts:
+      - matchRegex:
+          path: data['dragent.yaml']
+          pattern: |
+            http_proxy:
+              ca_certificate: certificates/custom-ca-from-values.crt
+
+  - it: Test with Custom CA In Existing Secret
+    set:
+      proxy:
+        https_proxy: "https://proxy.example.com:8080"
+      ssl:
+        ca:
+          existing_ca_secret: "fake-secret-name"
+          existing_ca_secret_key_name: "custom-ca-from-secret.crt"
+    asserts:
+      - matchRegex:
+          path: data['dragent.yaml']
+          pattern: |
+            http_proxy:
+              ca_certificate: certificates/custom-ca-from-secret.crt