chore(common): remove common testing and such
This commit is contained in:
111
.github/workflows/common.test.yaml
vendored
111
.github/workflows/common.test.yaml
vendored
@@ -1,111 +0,0 @@
|
||||
name: "common: Tests"
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
branches:
|
||||
- '**'
|
||||
tags-ignore:
|
||||
- '**'
|
||||
paths:
|
||||
- 'charts/library/**'
|
||||
- 'tests/**'
|
||||
- '.github/workflows/common.test.yaml'
|
||||
- '.github/ct-install.yaml'
|
||||
- '.github/ct-lint.yaml'
|
||||
|
||||
jobs:
|
||||
unit-and-lint:
|
||||
name: Unit and Lint tests
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: tccr.io/truecharts/devcontainer:v2.2.1
|
||||
steps:
|
||||
- name: Cache helm repo cache
|
||||
id: cache
|
||||
uses: actions/cache@4b0cf6cc4619e737324ddfcec08fff2413359514 # tag=v3
|
||||
with:
|
||||
key: helmrepocache-${{ github.sha }}
|
||||
path: |
|
||||
~/.cache/helm/repository
|
||||
~/.config/helm/repositories.yaml
|
||||
|
||||
- uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3
|
||||
name: Checkout
|
||||
with:
|
||||
fetch-depth: 100
|
||||
|
||||
- name: update helm repo cache
|
||||
run: |
|
||||
helm repo add truecharts https://truecharts.org
|
||||
helm repo add bitnami https://charts.bitnami.com/bitnami
|
||||
helm repo add metallb https://metallb.github.io/metallb
|
||||
helm repo add grafana https://grafana.github.io/helm-charts
|
||||
helm repo add prometheus https://prometheus-community.github.io/helm-charts
|
||||
helm repo add amd-gpu-helm https://radeonopencompute.github.io/k8s-device-plugin/
|
||||
helm repo update
|
||||
|
||||
- name: Run chart-testing (lint)
|
||||
run: ct lint --config .github/ct-lint.yaml --charts 'charts/library/common-test'
|
||||
|
||||
- name: Run common unit tests
|
||||
run: |
|
||||
bundle exec m -r tests
|
||||
|
||||
run-tests:
|
||||
name: Run tests
|
||||
runs-on: ubuntu-latest
|
||||
needs: [unit-and-lint]
|
||||
steps:
|
||||
- name: Cache helm repo cache
|
||||
id: cache
|
||||
uses: actions/cache@4b0cf6cc4619e737324ddfcec08fff2413359514 # tag=v3
|
||||
with:
|
||||
key: helmrepocache-${{ github.sha }}
|
||||
path: |
|
||||
~/.cache/helm/repository
|
||||
~/.config/helm/repositories.yaml
|
||||
|
||||
- uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3
|
||||
name: Checkout
|
||||
with:
|
||||
fetch-depth: 100
|
||||
|
||||
- name: Install Helm
|
||||
if: ${{ matrix.app != '.gitkee' }}
|
||||
uses: azure/setup-helm@18bc76811624f360dbd7f18c2d4ecb32c7b87bab # renovate: tag=v1
|
||||
with:
|
||||
version: v3.7.1
|
||||
|
||||
- name: update helm repo cache
|
||||
run: |
|
||||
helm repo add truecharts https://truecharts.org
|
||||
helm repo add bitnami https://charts.bitnami.com/bitnami
|
||||
helm repo add metallb https://metallb.github.io/metallb
|
||||
helm repo add prometheus https://prometheus-community.github.io/helm-charts
|
||||
helm repo add amd-gpu-helm https://radeonopencompute.github.io/k8s-device-plugin/
|
||||
helm repo update
|
||||
|
||||
- uses: actions/setup-python@0ebf233433c08fb9061af664d501c3f3ff0e9e20 # tag=v3
|
||||
if: ${{ matrix.app != '.gitkee' }}
|
||||
with:
|
||||
python-version: 3.7
|
||||
|
||||
- name: Set up chart-testing
|
||||
if: ${{ matrix.app != '.gitkee' }}
|
||||
uses: helm/chart-testing-action@dae259e86a35ff09145c0805e2d7dd3f7207064a # tag=v2.2.1
|
||||
##
|
||||
# Chart-Testing Section
|
||||
##
|
||||
|
||||
- uses: actions/setup-python@0ebf233433c08fb9061af664d501c3f3ff0e9e20 # tag=v3
|
||||
if: ${{ matrix.app != '.gitkee' }}
|
||||
with:
|
||||
python-version: 3.7
|
||||
|
||||
- name: Create k3d cluster
|
||||
uses: nolar/setup-k3d-k3s@v1
|
||||
with:
|
||||
version: v1.22.4+k3s1
|
||||
|
||||
- name: Run chart-testing (install)
|
||||
run: find ./ -type f -name *.yaml -exec sed -i 's/tccr.io/ghcr.io/gI' {} \; && ct install --config .github/ct-install.yaml --charts 'charts/library/common-test'
|
||||
@@ -1,66 +0,0 @@
|
||||
{{- define "custom.introheader" -}}
|
||||
# Introduction
|
||||
{{- end -}}
|
||||
{{- define "custom.repository.organization" -}}
|
||||
TrueCharts
|
||||
{{- end -}}
|
||||
{{- define "custom.repository.url" -}}
|
||||
https://github.com/truecharts/apps
|
||||
{{- end -}}
|
||||
{{- define "custom.helm.url" -}}
|
||||
https://truecharts.org
|
||||
{{- end -}}
|
||||
{{- define "custom.helm.path" -}}
|
||||
{{ template "custom.repository.organization" . }}/{{ template "chart.name" . }}
|
||||
{{- end -}}
|
||||
{{- define "custom.notes" -}}
|
||||
Function library for TrueCharts
|
||||
Since a lot of the TrueCharts Apps and Charts follow a similar pattern, this library was built to reduce maintenance cost between the charts that use it and try achieve a goal of being DRY.
|
||||
{{- end -}}
|
||||
{{- define "custom.requirements" -}}
|
||||
## Requirements
|
||||
|
||||
{{ template "chart.kubeVersionLine" . }}
|
||||
{{- end -}}
|
||||
{{- define "custom.dependencies" -}}
|
||||
## Dependencies
|
||||
|
||||
{{ template "chart.requirementsTable" . }}
|
||||
{{- end -}}
|
||||
{{- define "custom.install" -}}
|
||||
## Installing the Chart
|
||||
|
||||
This is a Helm Library Chart.
|
||||
WARNING: THIS CHART IS NOT MEANT TO BE INSTALLED DIRECTLY
|
||||
{{- end -}}
|
||||
{{- define "custom.support" -}}
|
||||
## Support
|
||||
|
||||
- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Adding-TrueCharts/) first.
|
||||
- See the [Wiki](https://truecharts.org)
|
||||
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
|
||||
- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
|
||||
{{- end -}}
|
||||
{{- define "custom.copyright" -}}
|
||||
All Rights Reserved - The TrueCharts Project
|
||||
{{- end -}}
|
||||
{{ template "custom.introheader" . }}
|
||||
|
||||
{{ template "chart.description" . }}
|
||||
|
||||
{{ template "chart.deprecationWarning" . }}
|
||||
|
||||
{{ template "custom.notes" . }}
|
||||
|
||||
{{ template "chart.sourcesSection" . }}
|
||||
|
||||
{{ template "custom.requirements" . }}
|
||||
|
||||
{{ template "custom.dependencies" . }}
|
||||
|
||||
{{ template "custom.install" . }}
|
||||
|
||||
|
||||
{{ template "custom.support" . }}
|
||||
---
|
||||
{{ template "custom.copyright" . }}
|
||||
@@ -1,19 +0,0 @@
|
||||
{{- define "custom.helm.introheader" -}}
|
||||
# Default Helm-Values
|
||||
{{- end -}}
|
||||
{{- define "custom.helm.notes" -}}
|
||||
TrueCharts is primarily build to supply TrueNAS SCALE Apps.
|
||||
However, we also supply all Apps as standard Helm-Charts. In this document we aim to document the default values in our Common Chart.
|
||||
This chart is used by a lot of our Apps to provide sane defaults and logic.
|
||||
{{- end -}}
|
||||
|
||||
{{- define "custom.helm.copyright" -}}
|
||||
All Rights Reserved - The TrueCharts Project
|
||||
{{- end -}}
|
||||
{{ template "custom.helm.introheader" . }}
|
||||
|
||||
{{ template "custom.helm.notes" . }}
|
||||
|
||||
{{ template "chart.valuesSection" . }}
|
||||
|
||||
{{ template "custom.helm.copyright" . }}
|
||||
@@ -1,109 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
describe 'addon::codeserver' do
|
||||
baseValues = {
|
||||
addons: {
|
||||
codeserver: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
it 'defaults to disabled' do
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
codeserverContainer = containers.find{ |c| c["name"] == "codeserver" }
|
||||
|
||||
assert_nil(codeserverContainer)
|
||||
end
|
||||
|
||||
it 'can be enabled' do
|
||||
values = baseValues
|
||||
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
codeserverContainer = containers.find{ |c| c["name"] == "codeserver" }
|
||||
|
||||
refute_nil(codeserverContainer)
|
||||
end
|
||||
|
||||
it 'a git deployKey can be passed' do
|
||||
values = baseValues.deep_merge_override({
|
||||
addons: {
|
||||
codeserver: {
|
||||
git: {
|
||||
deployKey: "testKey"
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
secret = chart.resources(kind: "Secret").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
codeserverContainer = containers.find{ |c| c["name"] == "codeserver" }
|
||||
expectedSecretContent = { "id_rsa" => values[:addons][:codeserver][:git][:deployKey] }
|
||||
|
||||
# Check that the secret has been created
|
||||
refute_nil(secret)
|
||||
assert_equal("common-test-deploykey", secret["metadata"]["name"])
|
||||
assert_equal(expectedSecretContent, secret["stringData"])
|
||||
|
||||
# Make sure the deployKey volumeMount is present in the sidecar container
|
||||
deploykeyVolumeMount = codeserverContainer["volumeMounts"].find { |v| v["name"] == "deploykey"}
|
||||
refute_nil(deploykeyVolumeMount)
|
||||
assert_equal("/root/.ssh/id_rsa", deploykeyVolumeMount["mountPath"])
|
||||
assert_equal("id_rsa", deploykeyVolumeMount["subPath"])
|
||||
|
||||
# Make sure the deployKey volume is present in the Deployment
|
||||
deploykeyVolume = volumes.find{ |v| v["name"] == "deploykey" }
|
||||
refute_nil(deploykeyVolume)
|
||||
assert_equal("common-test-deploykey", deploykeyVolume["secret"]["secretName"])
|
||||
end
|
||||
|
||||
it 'a git deployKey can be passed in base64 format' do
|
||||
values = baseValues.deep_merge_override({
|
||||
addons: {
|
||||
codeserver: {
|
||||
git: {
|
||||
deployKeyBase64: "dGVzdEtleQ=="
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
secret = chart.resources(kind: "Secret").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
codeserverContainer = containers.find{ |c| c["name"] == "codeserver" }
|
||||
expectedSecretContent = { "id_rsa" => values[:addons][:codeserver][:git][:deployKeyBase64] }
|
||||
|
||||
# Check that the secret has been created
|
||||
refute_nil(secret)
|
||||
assert_equal("common-test-deploykey", secret["metadata"]["name"])
|
||||
assert_equal(expectedSecretContent, secret["data"])
|
||||
|
||||
# Make sure the deployKey volumeMount is present in the sidecar container
|
||||
deploykeyVolumeMount = codeserverContainer["volumeMounts"].find { |v| v["name"] == "deploykey"}
|
||||
refute_nil(deploykeyVolumeMount)
|
||||
assert_equal("/root/.ssh/id_rsa", deploykeyVolumeMount["mountPath"])
|
||||
assert_equal("id_rsa", deploykeyVolumeMount["subPath"])
|
||||
|
||||
# Make sure the deployKey volume is present in the Deployment
|
||||
deploykeyVolume = volumes.find{ |v| v["name"] == "deploykey" }
|
||||
refute_nil(deploykeyVolume)
|
||||
assert_equal("common-test-deploykey", deploykeyVolume["secret"]["secretName"])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,35 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
describe 'addon::netshoot' do
|
||||
it 'defaults to disabled' do
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
netshootContainer = containers.find{ |c| c["name"] == "netshoot" }
|
||||
|
||||
assert_nil(netshootContainer)
|
||||
end
|
||||
|
||||
it 'netshoot can be enabled' do
|
||||
values = {
|
||||
addons: {
|
||||
netshoot: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
netshootContainer = containers.find{ |c| c["name"] == "netshoot" }
|
||||
|
||||
refute_nil(netshootContainer)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,35 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
describe 'addon::promtail' do
|
||||
it 'defaults to disabled' do
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
promtailContainer = containers.find{ |c| c["name"] == "promtail" }
|
||||
|
||||
assert_nil(promtailContainer)
|
||||
end
|
||||
|
||||
it 'promtail can be enabled' do
|
||||
values = {
|
||||
addons: {
|
||||
promtail: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
promtailContainer = containers.find{ |c| c["name"] == "promtail" }
|
||||
|
||||
refute_nil(promtailContainer)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,106 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
describe 'addon::vpn' do
|
||||
it 'defaults to disabled' do
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
openvpnContainer = containers.find{ |c| c["name"] == "openvpn" }
|
||||
wireguardContainer = containers.find{ |c| c["name"] == "wireguard" }
|
||||
|
||||
assert_nil(openvpnContainer)
|
||||
assert_nil(wireguardContainer)
|
||||
end
|
||||
|
||||
it 'openvpn can be enabled' do
|
||||
values = {
|
||||
addons: {
|
||||
vpn: {
|
||||
type: "openvpn"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
vpnContainer = containers.find{ |c| c["name"] == "openvpn" }
|
||||
|
||||
refute_nil(vpnContainer)
|
||||
end
|
||||
|
||||
it 'wireguard can be enabled' do
|
||||
values = {
|
||||
addons: {
|
||||
vpn: {
|
||||
type: "wireguard"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
wireguardContainer = containers.find{ |c| c["name"] == "wireguard" }
|
||||
|
||||
refute_nil(wireguardContainer)
|
||||
end
|
||||
|
||||
it 'a openvpn configuration file can be passed' do
|
||||
values = {
|
||||
addons: {
|
||||
vpn: {
|
||||
type: "openvpn",
|
||||
configFile: {
|
||||
enabled: true,
|
||||
hostPath: "/test.conf"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
secret = chart.resources(kind: "Secret").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
vpnContainer = containers.find{ |c| c["name"] == "openvpn" }
|
||||
|
||||
# Make sure the deployKey volumeMount is present in the sidecar container
|
||||
vpnconfigVolumeMount = vpnContainer["volumeMounts"].find { |v| v["name"] == "vpnconfig"}
|
||||
refute_nil(vpnconfigVolumeMount)
|
||||
assert_equal("/vpn/vpn.conf", vpnconfigVolumeMount["mountPath"])
|
||||
end
|
||||
|
||||
it 'a wireguard configuration file can be passed' do
|
||||
values = {
|
||||
addons: {
|
||||
vpn: {
|
||||
type: "wireguard",
|
||||
configFile: {
|
||||
enabled: true,
|
||||
hostPath: "/test.conf"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
secret = chart.resources(kind: "Secret").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
vpnContainer = containers.find{ |c| c["name"] == "wireguard" }
|
||||
|
||||
# Make sure the deployKey volumeMount is present in the sidecar container
|
||||
vpnconfigVolumeMount = vpnContainer["volumeMounts"].find { |v| v["name"] == "vpnconfig"}
|
||||
refute_nil(vpnconfigVolumeMount)
|
||||
assert_equal("/etc/wireguard/wg0.conf", vpnconfigVolumeMount["mountPath"])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,288 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
describe 'initContainer::permissions' do
|
||||
it 'initContainer exists by default' do
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0]
|
||||
refute_nil(initContainer)
|
||||
end
|
||||
|
||||
it 'persistenceList do not affect permissions job by default' do
|
||||
values = {
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
assert_nil(deployment["spec"]["template"]["spec"]["initContainers"][0]["volumeMounts"])
|
||||
end
|
||||
it 'persistenceList.setPermissions adds volume(mounts)' do
|
||||
values = {
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
setPermissions: true,
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
assert_equal("data", deployment["spec"]["template"]["spec"]["volumes"][0]["name"])
|
||||
assert_equal("data", deployment["spec"]["template"]["spec"]["initContainers"][0]["volumeMounts"][0]["name"])
|
||||
end
|
||||
it 'supports multiple persistenceList' do
|
||||
values = {
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
setPermissions: true,
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp"
|
||||
},
|
||||
{
|
||||
name: "configlist",
|
||||
enabled: true,
|
||||
setPermissions: true,
|
||||
mountPath: "/configlist",
|
||||
hostPath: "/tmp"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0]
|
||||
|
||||
# Check that all persistenceList volumes have mounts
|
||||
values[:persistenceList].each { |value|
|
||||
volumeMount = initContainer["volumeMounts"].find{ |v| v["name"] == "" + value[:name].to_s }
|
||||
refute_nil(volumeMount)
|
||||
}
|
||||
end
|
||||
|
||||
it 'supports setting mountPath' do
|
||||
values = {
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
setPermissions: true,
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0]
|
||||
|
||||
volumeMount = initContainer["volumeMounts"].find{ |v| v["name"] == "data" }
|
||||
refute_nil(volumeMount)
|
||||
assert_equal("/data", volumeMount["mountPath"])
|
||||
end
|
||||
|
||||
it 'could mount multiple volumes' do
|
||||
values = {
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
type: "hostPath",
|
||||
setPermissions: true,
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp1"
|
||||
},
|
||||
{
|
||||
name: "configlist",
|
||||
enabled: true,
|
||||
type: "hostPath",
|
||||
setPermissions: true,
|
||||
mountPath: "/configlist",
|
||||
hostPath: "/tmp2"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
|
||||
volume = volumes.find{ |v| v["name"] == "data"}
|
||||
refute_nil(volume)
|
||||
assert_equal('/tmp1', volume["hostPath"]["path"])
|
||||
|
||||
volume = volumes.find{ |v| v["name"] == "configlist"}
|
||||
refute_nil(volume)
|
||||
assert_equal('/tmp2', volume["hostPath"]["path"])
|
||||
end
|
||||
|
||||
it 'can process default (568:568) permissions for multiple volumes' do
|
||||
results= {
|
||||
command: ["/bin/sh", "-c", "echo 'Automatically correcting permissions...';chown -R :568 '/configlist'; chmod -R g+w || echo 'chmod failed for /configlist, are you running NFSv4 ACLs?' '/configlist';chown -R :568 '/data'; chmod -R g+w || echo 'chmod failed for /data, are you running NFSv4 ACLs?' '/data';"]
|
||||
}
|
||||
values = {
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
type: "hostPath",
|
||||
setPermissions: true,
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp1"
|
||||
},
|
||||
{
|
||||
name: "configlist",
|
||||
enabled: true,
|
||||
type: "hostPath",
|
||||
setPermissions: true,
|
||||
mountPath: "/configlist",
|
||||
hostPath: "/tmp2"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0]
|
||||
assert_equal(results[:command], initContainer["command"])
|
||||
end
|
||||
|
||||
it 'outputs default permissions with irrelevant podSecurityContext' do
|
||||
results= {
|
||||
command: ["/bin/sh", "-c", "echo 'Automatically correcting permissions...';chown -R :568 '/configlist'; chmod -R g+w || echo 'chmod failed for /configlist, are you running NFSv4 ACLs?' '/configlist';chown -R :568 '/data'; chmod -R g+w || echo 'chmod failed for /data, are you running NFSv4 ACLs?' '/data';"]
|
||||
}
|
||||
values = {
|
||||
podSecurityContext: {
|
||||
allowPrivilegeEscalation: false
|
||||
},
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
setPermissions: true,
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp1"
|
||||
},
|
||||
{
|
||||
name: "configlist",
|
||||
enabled: true,
|
||||
setPermissions: true,
|
||||
mountPath: "/configlist",
|
||||
hostPath: "/tmp2"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0]
|
||||
assert_equal(results[:command], initContainer["command"])
|
||||
end
|
||||
|
||||
it 'outputs fsgroup permissions for multiple volumes when set' do
|
||||
results= {
|
||||
command: ["/bin/sh", "-c", "echo 'Automatically correcting permissions...';chown -R :666 '/configlist'; chmod -R g+w || echo 'chmod failed for /configlist, are you running NFSv4 ACLs?' '/configlist';chown -R :666 '/data'; chmod -R g+w || echo 'chmod failed for /data, are you running NFSv4 ACLs?' '/data';"]
|
||||
}
|
||||
values = {
|
||||
podSecurityContext: {
|
||||
fsGroup: 666
|
||||
},
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
setPermissions: true,
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp1"
|
||||
},
|
||||
{
|
||||
name: "configlist",
|
||||
enabled: true,
|
||||
setPermissions: true,
|
||||
mountPath: "/configlist",
|
||||
hostPath: "/tmp2"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0]
|
||||
assert_equal(results[:command], initContainer["command"])
|
||||
end
|
||||
|
||||
it 'outputs runAsUser permissions for multiple volumes when set' do
|
||||
results= {
|
||||
command: ["/bin/sh", "-c", "echo 'Automatically correcting permissions...';chown -R :568 '/configlist'; chmod -R g+w || echo 'chmod failed for /configlist, are you running NFSv4 ACLs?' '/configlist';chown -R :568 '/data'; chmod -R g+w || echo 'chmod failed for /data, are you running NFSv4 ACLs?' '/data';"]
|
||||
}
|
||||
values = {
|
||||
podSecurityContext: {
|
||||
runAsUser: 999
|
||||
},
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
setPermissions: true,
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp1"
|
||||
},
|
||||
{
|
||||
name: "configlist",
|
||||
enabled: true,
|
||||
setPermissions: true,
|
||||
mountPath: "/configlist",
|
||||
hostPath: "/tmp2"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0]
|
||||
assert_equal(results[:command], initContainer["command"])
|
||||
end
|
||||
|
||||
it 'outputs fsGroup AND runAsUser permissions for multiple volumes when both are set' do
|
||||
results= {
|
||||
command: ["/bin/sh", "-c", "echo 'Automatically correcting permissions...';chown -R :666 '/configlist'; chmod -R g+w || echo 'chmod failed for /configlist, are you running NFSv4 ACLs?' '/configlist';chown -R :666 '/data'; chmod -R g+w || echo 'chmod failed for /data, are you running NFSv4 ACLs?' '/data';"]
|
||||
}
|
||||
values = {
|
||||
podSecurityContext: {
|
||||
fsGroup: 666,
|
||||
runAsUser: 999
|
||||
},
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
setPermissions: true,
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp1"
|
||||
},
|
||||
{
|
||||
name: "configlist",
|
||||
enabled: true,
|
||||
setPermissions: true,
|
||||
mountPath: "/configlist",
|
||||
hostPath: "/tmp2"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0]
|
||||
assert_equal(results[:command], initContainer["command"])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,322 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
describe @@chart.name do
|
||||
describe 'scaleCertificate' do
|
||||
it 'disabled by default' do
|
||||
values = {
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
assert_nil(resource('Secret'))
|
||||
end
|
||||
it 'can be enabled and selected' do
|
||||
values = {
|
||||
"ixCertificateAuthorities": {},
|
||||
"ixCertificates": {
|
||||
"1": {
|
||||
"CA_type_existing": false,
|
||||
"CA_type_intermediate": false,
|
||||
"CA_type_internal": false,
|
||||
"CSR": "",
|
||||
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost",
|
||||
"cert_type": "CERTIFICATE",
|
||||
"cert_type_CSR": false,
|
||||
"cert_type_existing": true,
|
||||
"cert_type_internal": false,
|
||||
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n",
|
||||
"certificate_path": "/etc/certificates/freenas_default.crt",
|
||||
"chain": false,
|
||||
"chain_list": [
|
||||
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
|
||||
],
|
||||
"city": "Maryville",
|
||||
"common": "localhost",
|
||||
"country": "US",
|
||||
"csr_path": "/etc/certificates/freenas_default.csr",
|
||||
"digest_algorithm": "SHA256",
|
||||
"email": "info@ixsystems.com",
|
||||
"extensions": {
|
||||
"ExtendedKeyUsage": "TLS Web Server Authentication",
|
||||
"SubjectAltName": "DNS:localhost"
|
||||
},
|
||||
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B",
|
||||
"from": "Fri Sep 25 16:05:38 2020",
|
||||
"id": 1,
|
||||
"internal": "NO",
|
||||
"issuer": "external",
|
||||
"key_length": 2048,
|
||||
"key_type": "RSA",
|
||||
"lifetime": 825,
|
||||
"name": "freenas_default",
|
||||
"organization": "iXsystems",
|
||||
"organizational_unit": "",
|
||||
"parsed": true,
|
||||
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n",
|
||||
"privatekey_path": "/etc/certificates/freenas_default.key",
|
||||
"revoked": false,
|
||||
"revoked_date": "",
|
||||
"root_path": "/etc/certificates",
|
||||
"san": [
|
||||
"DNS:localhost"
|
||||
],
|
||||
"serial": 1,
|
||||
"signedby": "",
|
||||
"state": "Tennessee",
|
||||
"subject_name_hash": 3193428416,
|
||||
"type": 8,
|
||||
"until": "Thu Dec 29 15:05:38 2022"
|
||||
}
|
||||
},
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: true,
|
||||
tls: [
|
||||
{
|
||||
scaleCert: 1
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
refute_nil(resource('Secret'))
|
||||
secret = chart.resources(kind: "Secret").first
|
||||
assert_equal("common-test-tls-0-ixcert-1-1", secret["metadata"]["name"])
|
||||
refute_nil(secret["data"]["tls.crt"])
|
||||
refute_nil(secret["data"]["tls.key"])
|
||||
end
|
||||
|
||||
it 'secret can be used for TLS ingress' do
|
||||
values = {
|
||||
"ixCertificateAuthorities": {},
|
||||
"ixCertificates": {
|
||||
"1": {
|
||||
"CA_type_existing": false,
|
||||
"CA_type_intermediate": false,
|
||||
"CA_type_internal": false,
|
||||
"CSR": "",
|
||||
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost",
|
||||
"cert_type": "CERTIFICATE",
|
||||
"cert_type_CSR": false,
|
||||
"cert_type_existing": true,
|
||||
"cert_type_internal": false,
|
||||
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n",
|
||||
"certificate_path": "/etc/certificates/freenas_default.crt",
|
||||
"chain": false,
|
||||
"chain_list": [
|
||||
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
|
||||
],
|
||||
"city": "Maryville",
|
||||
"common": "localhost",
|
||||
"country": "US",
|
||||
"csr_path": "/etc/certificates/freenas_default.csr",
|
||||
"digest_algorithm": "SHA256",
|
||||
"email": "info@ixsystems.com",
|
||||
"extensions": {
|
||||
"ExtendedKeyUsage": "TLS Web Server Authentication",
|
||||
"SubjectAltName": "DNS:localhost"
|
||||
},
|
||||
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B",
|
||||
"from": "Fri Sep 25 16:05:38 2020",
|
||||
"id": 1,
|
||||
"internal": "NO",
|
||||
"issuer": "external",
|
||||
"key_length": 2048,
|
||||
"key_type": "RSA",
|
||||
"lifetime": 825,
|
||||
"name": "freenas_default",
|
||||
"organization": "iXsystems",
|
||||
"organizational_unit": "",
|
||||
"parsed": true,
|
||||
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n",
|
||||
"privatekey_path": "/etc/certificates/freenas_default.key",
|
||||
"revoked": false,
|
||||
"revoked_date": "",
|
||||
"root_path": "/etc/certificates",
|
||||
"san": [
|
||||
"DNS:localhost"
|
||||
],
|
||||
"serial": 1,
|
||||
"signedby": "",
|
||||
"state": "Tennessee",
|
||||
"subject_name_hash": 3193428416,
|
||||
"type": 8,
|
||||
"until": "Thu Dec 29 15:05:38 2022"
|
||||
}
|
||||
},
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: true,
|
||||
tls: [
|
||||
{
|
||||
hosts: [ 'hostname' ],
|
||||
scaleCert: 1
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
refute_nil(resource('Secret'))
|
||||
secret = chart.resources(kind: "Secret").first
|
||||
assert_equal("common-test-tls-0-ixcert-1-1", secret["metadata"]["name"])
|
||||
refute_nil(secret["data"]["tls.crt"])
|
||||
refute_nil(secret["data"]["tls.key"])
|
||||
|
||||
ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(ingress)
|
||||
assert_equal("common-test-tls-0-ixcert-1-1", ingress["spec"]["tls"][0]["secretName"])
|
||||
end
|
||||
it 'multiple tls sections generate multiple secrets' do
|
||||
values = {
|
||||
"ixCertificateAuthorities": {},
|
||||
"ixCertificates": {
|
||||
"2": {
|
||||
"CA_type_existing": false,
|
||||
"CA_type_intermediate": false,
|
||||
"CA_type_internal": false,
|
||||
"CSR": "",
|
||||
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost",
|
||||
"cert_type": "CERTIFICATE",
|
||||
"cert_type_CSR": false,
|
||||
"cert_type_existing": true,
|
||||
"cert_type_internal": false,
|
||||
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n",
|
||||
"certificate_path": "/etc/certificates/freenas_default.crt",
|
||||
"chain": false,
|
||||
"chain_list": [
|
||||
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
|
||||
],
|
||||
"city": "Maryville",
|
||||
"common": "localhost",
|
||||
"country": "US",
|
||||
"csr_path": "/etc/certificates/freenas_default.csr",
|
||||
"digest_algorithm": "SHA256",
|
||||
"email": "info@ixsystems.com",
|
||||
"extensions": {
|
||||
"ExtendedKeyUsage": "TLS Web Server Authentication",
|
||||
"SubjectAltName": "DNS:localhost"
|
||||
},
|
||||
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B",
|
||||
"from": "Fri Sep 25 16:05:38 2020",
|
||||
"id": 2,
|
||||
"internal": "NO",
|
||||
"issuer": "external",
|
||||
"key_length": 2048,
|
||||
"key_type": "RSA",
|
||||
"lifetime": 825,
|
||||
"name": "freenas_default",
|
||||
"organization": "iXsystems",
|
||||
"organizational_unit": "",
|
||||
"parsed": true,
|
||||
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n",
|
||||
"privatekey_path": "/etc/certificates/freenas_default.key",
|
||||
"revoked": false,
|
||||
"revoked_date": "",
|
||||
"root_path": "/etc/certificates",
|
||||
"san": [
|
||||
"DNS:localhost"
|
||||
],
|
||||
"serial": 1,
|
||||
"signedby": "",
|
||||
"state": "Tennessee",
|
||||
"subject_name_hash": 3193428416,
|
||||
"type": 8,
|
||||
"until": "Thu Dec 29 15:05:38 2022"
|
||||
},
|
||||
"1": {
|
||||
"CA_type_existing": false,
|
||||
"CA_type_intermediate": false,
|
||||
"CA_type_internal": false,
|
||||
"CSR": "",
|
||||
"DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost",
|
||||
"cert_type": "CERTIFICATE",
|
||||
"cert_type_CSR": false,
|
||||
"cert_type_existing": true,
|
||||
"cert_type_internal": false,
|
||||
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n",
|
||||
"certificate_path": "/etc/certificates/freenas_default.crt",
|
||||
"chain": false,
|
||||
"chain_list": [
|
||||
"-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n"
|
||||
],
|
||||
"city": "Maryville",
|
||||
"common": "localhost",
|
||||
"country": "US",
|
||||
"csr_path": "/etc/certificates/freenas_default.csr",
|
||||
"digest_algorithm": "SHA256",
|
||||
"email": "info@ixsystems.com",
|
||||
"extensions": {
|
||||
"ExtendedKeyUsage": "TLS Web Server Authentication",
|
||||
"SubjectAltName": "DNS:localhost"
|
||||
},
|
||||
"fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B",
|
||||
"from": "Fri Sep 25 16:05:38 2020",
|
||||
"id": 1,
|
||||
"internal": "NO",
|
||||
"issuer": "external",
|
||||
"key_length": 2048,
|
||||
"key_type": "RSA",
|
||||
"lifetime": 825,
|
||||
"name": "freenas_default",
|
||||
"organization": "iXsystems",
|
||||
"organizational_unit": "",
|
||||
"parsed": true,
|
||||
"privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n",
|
||||
"privatekey_path": "/etc/certificates/freenas_default.key",
|
||||
"revoked": false,
|
||||
"revoked_date": "",
|
||||
"root_path": "/etc/certificates",
|
||||
"san": [
|
||||
"DNS:localhost"
|
||||
],
|
||||
"serial": 1,
|
||||
"signedby": "",
|
||||
"state": "Tennessee",
|
||||
"subject_name_hash": 3193428416,
|
||||
"type": 8,
|
||||
"until": "Thu Dec 29 15:05:38 2022"
|
||||
}
|
||||
},
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: true,
|
||||
tls: [
|
||||
{
|
||||
hosts: [ 'hostname1' ],
|
||||
scaleCert: 1
|
||||
},
|
||||
{
|
||||
hosts: [ 'hostname2' ],
|
||||
scaleCert: 2
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
refute_nil(resource('Secret'))
|
||||
secret1 = chart.resources(kind: "Secret").first
|
||||
assert_equal("common-test-tls-0-ixcert-1-1", secret1["metadata"]["name"])
|
||||
refute_nil(secret1["data"]["tls.crt"])
|
||||
refute_nil(secret1["data"]["tls.key"])
|
||||
secret2 = chart.resources(kind: "Secret").find{ |s| s["metadata"]["name"] == "common-test-tls-1-ixcert-2-1" }
|
||||
refute_nil(secret2)
|
||||
refute_nil(secret2["data"]["tls.crt"])
|
||||
refute_nil(secret2["data"]["tls.key"])
|
||||
|
||||
ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(ingress)
|
||||
assert_equal("common-test-tls-0-ixcert-1-1", ingress["spec"]["tls"][0]["secretName"])
|
||||
assert_equal("common-test-tls-1-ixcert-2-1", ingress["spec"]["tls"][1]["secretName"])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,90 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
describe 'container::resources' do
|
||||
it 'specific resources added by default' do
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal({"limits"=>{"cpu"=>"4000m", "memory"=>"8Gi"}, "requests"=>{"cpu"=>"10m", "memory"=>"50Mi"}}, mainContainer["resources"])
|
||||
end
|
||||
it 'resources can be added' do
|
||||
values = {
|
||||
resources: {
|
||||
testresourcename: "testresourcevalue"
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal({"limits"=>{"cpu"=>"4000m", "memory"=>"8Gi"}, "requests"=>{"cpu"=>"10m", "memory"=>"50Mi"}, "testresourcename"=>"testresourcevalue"}, mainContainer["resources"])
|
||||
end
|
||||
it 'resources.limits can be added' do
|
||||
values = {
|
||||
resources: {
|
||||
limits: {
|
||||
testlimitkey: "testlimitvalue"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal({"limits"=>{"cpu"=>"4000m", "memory"=>"8Gi", "testlimitkey"=>"testlimitvalue"}, "requests"=>{"cpu"=>"10m", "memory"=>"50Mi"}}, mainContainer["resources"])
|
||||
end
|
||||
it 'resources and resources.limits can both be added' do
|
||||
values = {
|
||||
resources: {
|
||||
testresourcekey: "testresourcevalue",
|
||||
limits: {
|
||||
testlimitkey: "testlimitvalue"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal({"limits"=>{"cpu"=>"4000m", "memory"=>"8Gi", "testlimitkey"=>"testlimitvalue"}, "requests"=>{"cpu"=>"10m", "memory"=>"50Mi"}, "testresourcekey"=>"testresourcevalue"}, mainContainer["resources"])
|
||||
end
|
||||
end
|
||||
describe 'container::resources-scaleGPU' do
|
||||
it 'scaleGPU can be set' do
|
||||
values = {
|
||||
scaleGPU: {
|
||||
intelblabla: 1
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal({"limits"=>{"cpu"=>"4000m", "intelblabla"=>1, "memory"=>"8Gi"}, "requests"=>{"cpu"=>"10m", "memory"=>"50Mi"}}, mainContainer["resources"])
|
||||
end
|
||||
it 'scaleGPU can be combined with resources and resource values' do
|
||||
values = {
|
||||
resources: {
|
||||
testresourcekey: "testresourcevalue",
|
||||
limits: {
|
||||
testlimitkey: "testlimitvalue"
|
||||
}
|
||||
},
|
||||
scaleGPU: {
|
||||
intelblabla: 1
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal({"limits"=>{"cpu"=>"4000m", "intelblabla"=>1, "memory"=>"8Gi", "testlimitkey"=>"testlimitvalue"}, "requests"=>{"cpu"=>"10m", "memory"=>"50Mi"}, "testresourcekey"=>"testresourcevalue"}, mainContainer["resources"])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,276 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
describe 'container::command' do
|
||||
it 'defaults to nil' do
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_nil(mainContainer["command"])
|
||||
end
|
||||
|
||||
it 'accepts a single string' do
|
||||
values = {
|
||||
command: "/bin/sh"
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal([values[:command]], mainContainer["command"])
|
||||
end
|
||||
|
||||
it 'accepts a list of strings' do
|
||||
values = {
|
||||
command: [
|
||||
"/bin/sh",
|
||||
"-c"
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(values[:command], mainContainer["command"])
|
||||
end
|
||||
end
|
||||
|
||||
describe 'container::arguments' do
|
||||
it 'defaults to nil' do
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_nil(mainContainer["args"])
|
||||
end
|
||||
|
||||
it 'accepts a single string' do
|
||||
values = {
|
||||
args: "sleep infinity"
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal([values[:args]], mainContainer["args"])
|
||||
end
|
||||
|
||||
it 'accepts a list of strings' do
|
||||
values = {
|
||||
args: [
|
||||
"sleep",
|
||||
"infinity"
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(values[:args], mainContainer["args"])
|
||||
end
|
||||
end
|
||||
|
||||
describe 'container::environment settings' do
|
||||
it 'Check no environment variables' do
|
||||
values = {
|
||||
securityContext: {
|
||||
runAsNonRoot: false,
|
||||
readOnlyRootFilesystem: false
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_nil(mainContainer["env"][11])
|
||||
end
|
||||
|
||||
it 'set static "k/v pair style" environment variables' do
|
||||
values = {
|
||||
env: {
|
||||
BOOL_ENV: false,
|
||||
FLOAT_ENV: 4.2,
|
||||
INT_ENV: 42,
|
||||
STRING_ENV: 'value_of_env'
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"])
|
||||
assert_equal(values[:env].values[0].to_s, mainContainer["env"][11]["value"])
|
||||
assert_equal(values[:env].keys[1].to_s, mainContainer["env"][12]["name"])
|
||||
assert_equal(values[:env].values[1].to_s, mainContainer["env"][12]["value"])
|
||||
assert_equal(values[:env].keys[2].to_s, mainContainer["env"][13]["name"])
|
||||
assert_equal(values[:env].values[2].to_s, mainContainer["env"][13]["value"])
|
||||
assert_equal(values[:env].keys[3].to_s, mainContainer["env"][14]["name"])
|
||||
assert_equal(values[:env].values[3].to_s, mainContainer["env"][14]["value"])
|
||||
end
|
||||
|
||||
it 'set list of static "kubernetes style" environment variables' do
|
||||
values = {
|
||||
envList: [
|
||||
{
|
||||
name: 'STATIC_ENV_FROM_LIST',
|
||||
value: 'STATIC_ENV_VALUE_FROM_LIST'
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(values[:envList][0][:name].to_s, mainContainer["env"][11]["name"])
|
||||
assert_equal(values[:envList][0][:value].to_s, mainContainer["env"][11]["value"])
|
||||
end
|
||||
|
||||
it 'set both static "k/v pair style" and static "k/valueFrom style" environment variables' do
|
||||
values = {
|
||||
env: {
|
||||
STATIC_ENV: 'value_of_env',
|
||||
STATIC_ENV_FROM: {
|
||||
valueFrom: {
|
||||
fieldRef: {
|
||||
fieldPath: "spec.nodeName"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"])
|
||||
assert_equal(values[:env].values[0].to_s, mainContainer["env"][11]["value"])
|
||||
assert_equal(values[:env].keys[1].to_s, mainContainer["env"][12]["name"])
|
||||
assert_equal(values[:env].values[1][:valueFrom][:fieldRef][:fieldPath], mainContainer["env"][12]["valueFrom"]["fieldRef"]["fieldPath"])
|
||||
end
|
||||
|
||||
it 'set static "k/explicitValueFrom pair style" environment variables' do
|
||||
values = {
|
||||
env: {
|
||||
NODE_NAME: {
|
||||
valueFrom: {
|
||||
fieldRef: {
|
||||
fieldPath: "spec.nodeName"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"])
|
||||
assert_equal(values[:env].values[0][:valueFrom][:fieldRef][:fieldPath], mainContainer["env"][11]["valueFrom"]["fieldRef"]["fieldPath"])
|
||||
end
|
||||
|
||||
it 'set static "k/implicitValueFrom pair style" environment variables' do
|
||||
values = {
|
||||
env: {
|
||||
NODE_NAME: {
|
||||
fieldRef: {
|
||||
fieldPath: "spec.nodeName"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"])
|
||||
assert_equal(values[:env].values[0][:fieldRef][:fieldPath], mainContainer["env"][11]["valueFrom"]["fieldRef"]["fieldPath"])
|
||||
end
|
||||
|
||||
it 'set both static "k/v pair style" and templated "k/v pair style" environment variables' do
|
||||
values = {
|
||||
env: {
|
||||
DYN_ENV: "{{ .Release.Name }}-admin",
|
||||
STATIC_ENV: 'value_of_env'
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"])
|
||||
assert_equal("common-test-admin", mainContainer["env"][11]["value"])
|
||||
assert_equal(values[:env].keys[1].to_s, mainContainer["env"][12]["name"])
|
||||
assert_equal(values[:env].values[1].to_s, mainContainer["env"][12]["value"])
|
||||
end
|
||||
|
||||
it 'set templated "k/v pair style" environment variables' do
|
||||
values = {
|
||||
env: {
|
||||
DYN_ENV: "{{ .Release.Name }}-admin"
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"])
|
||||
assert_equal("common-test-admin", mainContainer["env"][11]["value"])
|
||||
end
|
||||
|
||||
it 'set static "k/v pair style", templated "k/v pair style", static "k/explicitValueFrom pair style", and static "k/implicitValueFrom pair style" environment variables' do
|
||||
values = {
|
||||
env: {
|
||||
DYN_ENV: "{{ .Release.Name }}-admin",
|
||||
STATIC_ENV: 'value_of_env',
|
||||
STATIC_EXPLICIT_ENV_FROM: {
|
||||
valueFrom: {
|
||||
fieldRef: {
|
||||
fieldPath: "spec.nodeName"
|
||||
}
|
||||
}
|
||||
},
|
||||
STATIC_IMPLICIT_ENV_FROM: {
|
||||
fieldRef: {
|
||||
fieldPath: "spec.nodeName"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"])
|
||||
assert_equal("common-test-admin", mainContainer["env"][11]["value"])
|
||||
assert_equal(values[:env].keys[1].to_s, mainContainer["env"][12]["name"])
|
||||
assert_equal(values[:env].values[1].to_s, mainContainer["env"][12]["value"])
|
||||
assert_equal(values[:env].keys[2].to_s, mainContainer["env"][13]["name"])
|
||||
assert_equal(values[:env].values[2][:valueFrom][:fieldRef][:fieldPath], mainContainer["env"][13]["valueFrom"]["fieldRef"]["fieldPath"])
|
||||
assert_equal(values[:env].keys[3].to_s, mainContainer["env"][14]["name"])
|
||||
assert_equal(values[:env].values[3][:fieldRef][:fieldPath], mainContainer["env"][14]["valueFrom"]["fieldRef"]["fieldPath"])
|
||||
end
|
||||
|
||||
it 'set "static" secret variables' do
|
||||
expectedSecretName = 'common-test'
|
||||
values = {
|
||||
secret: {
|
||||
STATIC_SECRET: 'value_of_secret'
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
secret = chart.resources(kind: "Secret").find{ |s| s["metadata"]["name"] == expectedSecretName }
|
||||
refute_nil(secret)
|
||||
assert_equal(values[:secret].values[0].to_s, secret["stringData"]["STATIC_SECRET"])
|
||||
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(expectedSecretName, mainContainer["envFrom"][0]["secretRef"]["name"])
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
@@ -1,61 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
describe 'controller::type' do
|
||||
it 'defaults to "Deployment"' do
|
||||
assert_nil(resource('StatefulSet'))
|
||||
assert_nil(resource('DaemonSet'))
|
||||
refute_nil(resource('Deployment'))
|
||||
end
|
||||
|
||||
it 'accepts "statefulset"' do
|
||||
chart.value controller: {type: 'statefulset'}
|
||||
assert_nil(resource('Deployment'))
|
||||
assert_nil(resource('DaemonSet'))
|
||||
refute_nil(resource('StatefulSet'))
|
||||
end
|
||||
|
||||
it 'accepts "daemonset"' do
|
||||
chart.value controller: {type: 'daemonset'}
|
||||
assert_nil(resource('Deployment'))
|
||||
assert_nil(resource('StatefulSet'))
|
||||
refute_nil(resource('DaemonSet'))
|
||||
end
|
||||
end
|
||||
|
||||
describe 'controller::statefulset::volumeClaimTemplates' do
|
||||
it 'volumeClaimTemplates should be empty by default' do
|
||||
chart.value controller: {type: 'statefulset'}
|
||||
statefulset = chart.resources(kind: "StatefulSet").first
|
||||
assert_nil(statefulset['spec']['volumeClaimTemplates'])
|
||||
end
|
||||
|
||||
it 'can set values for volumeClaimTemplates' do
|
||||
values = {
|
||||
controller: {
|
||||
type: 'statefulset',
|
||||
},
|
||||
volumeClaimTemplates: {
|
||||
storage: {
|
||||
accessMode: 'ReadWriteOnce',
|
||||
size: '10Gi',
|
||||
storageClass: 'storage'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
chart.value values
|
||||
statefulset = chart.resources(kind: "StatefulSet").first
|
||||
volumeClaimTemplate = statefulset["spec"]["volumeClaimTemplates"].find{ |c| c["metadata"]["name"] == "storage"}
|
||||
refute_nil(volumeClaimTemplate)
|
||||
assert_equal(values[:volumeClaimTemplates][:storage][:accessMode], volumeClaimTemplate["spec"]["accessModes"][0])
|
||||
assert_equal(values[:volumeClaimTemplates][:storage][:size], volumeClaimTemplate["spec"]["resources"]["requests"]["storage"])
|
||||
assert_equal(values[:volumeClaimTemplates][:storage][:storageClass], volumeClaimTemplate["spec"]["storageClassName"])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,120 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
|
||||
describe 'hpa::defaults' do
|
||||
it 'does not exist by default' do
|
||||
hpa = chart.resources(kind: "HorizontalPodAutoscaler").first
|
||||
assert_nil(hpa)
|
||||
end
|
||||
|
||||
it 'can be enabled' do
|
||||
values = {
|
||||
autoscaling: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
hpa = chart.resources(kind: "HorizontalPodAutoscaler").first
|
||||
refute_nil(hpa)
|
||||
end
|
||||
|
||||
it 'default target is common.names.fullname ' do
|
||||
values = {
|
||||
autoscaling: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
hpa = chart.resources(kind: "HorizontalPodAutoscaler").first
|
||||
assert_equal("common-test",hpa["spec"]["scaleTargetRef"]["name"])
|
||||
end
|
||||
|
||||
it 'default numer of replicas is min 1 max 3' do
|
||||
values = {
|
||||
autoscaling: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
hpa = chart.resources(kind: "HorizontalPodAutoscaler").first
|
||||
assert_equal(1,hpa["spec"]["minReplicas"])
|
||||
assert_equal(3,hpa["spec"]["maxReplicas"])
|
||||
end
|
||||
end
|
||||
|
||||
describe 'hpa::customsettings' do
|
||||
it 'can override target' do
|
||||
values = {
|
||||
autoscaling: {
|
||||
enabled: true,
|
||||
target: "targetname"
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
hpa = chart.resources(kind: "HorizontalPodAutoscaler").first
|
||||
assert_equal(values[:autoscaling][:target],hpa["spec"]["scaleTargetRef"]["name"])
|
||||
end
|
||||
|
||||
it 'can change min and max replicas' do
|
||||
values = {
|
||||
autoscaling: {
|
||||
enabled: true,
|
||||
minReplicas: 4,
|
||||
maxReplicas: 8
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
hpa = chart.resources(kind: "HorizontalPodAutoscaler").first
|
||||
assert_equal(values[:autoscaling][:minReplicas],hpa["spec"]["minReplicas"])
|
||||
assert_equal(values[:autoscaling][:maxReplicas],hpa["spec"]["maxReplicas"])
|
||||
end
|
||||
|
||||
it 'can set targetCPUUtilizationPercentage' do
|
||||
values = {
|
||||
autoscaling: {
|
||||
enabled: true,
|
||||
targetCPUUtilizationPercentage: 60
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
hpa = chart.resources(kind: "HorizontalPodAutoscaler").first
|
||||
assert_equal("cpu",hpa["spec"]["metrics"][0]["resource"]["name"])
|
||||
assert_equal(values[:autoscaling][:targetCPUUtilizationPercentage],hpa["spec"]["metrics"][0]["resource"]["targetAverageUtilization"])
|
||||
end
|
||||
|
||||
it 'can set targetMemoryUtilizationPercentage' do
|
||||
values = {
|
||||
autoscaling: {
|
||||
enabled: true,
|
||||
targetMemoryUtilizationPercentage: 70
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
hpa = chart.resources(kind: "HorizontalPodAutoscaler").first
|
||||
assert_equal("memory",hpa["spec"]["metrics"][0]["resource"]["name"])
|
||||
assert_equal(values[:autoscaling][:targetMemoryUtilizationPercentage],hpa["spec"]["metrics"][0]["resource"]["targetAverageUtilization"])
|
||||
end
|
||||
|
||||
it 'can set both targetCPU and targetMemoryUtilizationPercentage' do
|
||||
values = {
|
||||
autoscaling: {
|
||||
enabled: true,
|
||||
targetCPUUtilizationPercentage: 60,
|
||||
targetMemoryUtilizationPercentage: 70
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
hpa = chart.resources(kind: "HorizontalPodAutoscaler").first
|
||||
assert_equal("cpu",hpa["spec"]["metrics"][0]["resource"]["name"])
|
||||
assert_equal(values[:autoscaling][:targetCPUUtilizationPercentage],hpa["spec"]["metrics"][0]["resource"]["targetAverageUtilization"])
|
||||
assert_equal("memory",hpa["spec"]["metrics"][1]["resource"]["name"])
|
||||
assert_equal(values[:autoscaling][:targetMemoryUtilizationPercentage],hpa["spec"]["metrics"][1]["resource"]["targetAverageUtilization"])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,240 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
describe 'ingress' do
|
||||
baseValues = {
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: true
|
||||
}
|
||||
},
|
||||
service: {
|
||||
main: {
|
||||
ports: {
|
||||
http: {
|
||||
port: 8080
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
it 'disabled when ingress.main.enabled: false' do
|
||||
values = baseValues.deep_merge_override({
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: false
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
assert_nil(resource('Ingress'))
|
||||
end
|
||||
|
||||
it 'enabled when ingress.main.enabled: true' do
|
||||
values = baseValues
|
||||
chart.value values
|
||||
|
||||
refute_nil(resource('Ingress'))
|
||||
end
|
||||
|
||||
it 'tls can be provided' do
|
||||
expectedPath = 'common-test.path'
|
||||
values = baseValues.deep_merge_override({
|
||||
ingress: {
|
||||
main: {
|
||||
tls: [
|
||||
{
|
||||
hosts: [ 'hostname' ],
|
||||
secretName: 'secret-name'
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(ingress)
|
||||
assert_equal(values[:ingress][:main][:tls][0][:hosts][0], ingress["spec"]["tls"][0]["hosts"][0])
|
||||
assert_equal(values[:ingress][:main][:tls][0][:secretName], ingress["spec"]["tls"][0]["secretName"])
|
||||
end
|
||||
|
||||
it 'tls secret can be left empty' do
|
||||
expectedPath = 'common-test.path'
|
||||
values = baseValues.deep_merge_override({
|
||||
ingress: {
|
||||
main:{
|
||||
tls: [
|
||||
{
|
||||
hosts: [ 'hostname' ]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(ingress)
|
||||
assert_equal(values[:ingress][:main][:tls][0][:hosts][0], ingress["spec"]["tls"][0]["hosts"][0])
|
||||
assert_equal(false, ingress["spec"]["tls"][0].key?("secretName"))
|
||||
assert_nil(ingress["spec"]["tls"][0]["secretName"])
|
||||
end
|
||||
|
||||
it 'tls secret template can be provided' do
|
||||
expectedPath = 'common-test.path'
|
||||
values = baseValues.deep_merge_override({
|
||||
ingress: {
|
||||
main: {
|
||||
tls: [
|
||||
{
|
||||
secretName: '{{ .Release.Name }}-secret'
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(ingress)
|
||||
assert_equal('common-test-secret', ingress["spec"]["tls"][0]["secretName"])
|
||||
end
|
||||
|
||||
it 'path template can be provided' do
|
||||
expectedPath = 'common-test.path'
|
||||
values = baseValues.deep_merge_override({
|
||||
ingress: {
|
||||
main: {
|
||||
hosts: [
|
||||
{
|
||||
host: 'test.local',
|
||||
paths: [
|
||||
{
|
||||
path: '{{ .Release.Name }}.path'
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(ingress)
|
||||
assert_equal(expectedPath, ingress["spec"]["rules"][0]["http"]["paths"][0]["path"])
|
||||
end
|
||||
|
||||
it 'hosts can be provided' do
|
||||
values = baseValues.deep_merge_override({
|
||||
ingress: {
|
||||
main: {
|
||||
hosts: [
|
||||
{
|
||||
host: 'hostname',
|
||||
paths: [
|
||||
{
|
||||
path: "/"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(ingress)
|
||||
assert_equal(values[:ingress][:main][:hosts][0][:host], ingress["spec"]["rules"][0]["host"])
|
||||
end
|
||||
|
||||
it 'hosts template can be provided' do
|
||||
expectedHostName = 'common-test.hostname'
|
||||
values = baseValues.deep_merge_override({
|
||||
ingress: {
|
||||
main: {
|
||||
hosts: [
|
||||
{
|
||||
host: '{{ .Release.Name }}.hostname',
|
||||
paths: [
|
||||
{
|
||||
path: "/"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(ingress)
|
||||
assert_equal(expectedHostName, ingress["spec"]["rules"][0]["host"])
|
||||
end
|
||||
|
||||
it 'custom service name / port can optionally be set on path level' do
|
||||
values = baseValues.deep_merge_override({
|
||||
ingress: {
|
||||
main: {
|
||||
hosts: [
|
||||
{
|
||||
host: 'test.local',
|
||||
paths: [
|
||||
{
|
||||
path: '/'
|
||||
},
|
||||
{
|
||||
path: '/second',
|
||||
service: {
|
||||
name: 'pathService',
|
||||
port: 1234
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
firstPath = ingress["spec"]["rules"][0]["http"]["paths"][0]
|
||||
secondPath = ingress["spec"]["rules"][0]["http"]["paths"][1]
|
||||
assert_equal("common-test", firstPath["backend"]["service"]["name"])
|
||||
assert_equal(8080, firstPath["backend"]["service"]["port"]["number"])
|
||||
assert_equal("pathService", secondPath["backend"]["service"]["name"])
|
||||
assert_equal(1234, secondPath["backend"]["service"]["port"]["number"])
|
||||
end
|
||||
|
||||
it 'multiple ingress objects can be specified' do
|
||||
values = baseValues.deep_merge_override({
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: true,
|
||||
primary: true
|
||||
},
|
||||
secondary: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
ingressMain = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
ingressExtra = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test-secondary" }
|
||||
refute_nil(ingressMain)
|
||||
refute_nil(ingressExtra)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,368 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
|
||||
describe 'pod::persistence' do
|
||||
it 'multiple volumes' do
|
||||
values = {
|
||||
persistence: {
|
||||
cache: {
|
||||
enabled: true,
|
||||
type: "emptyDir"
|
||||
},
|
||||
config: {
|
||||
enabled: true,
|
||||
existingClaim: "configClaim"
|
||||
},
|
||||
data: {
|
||||
enabled: true,
|
||||
existingClaim: "dataClaim"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
|
||||
volume = volumes.find{ |v| v["name"] == "cache"}
|
||||
refute_nil(volume)
|
||||
|
||||
volume = volumes.find{ |v| v["name"] == "config"}
|
||||
refute_nil(volume)
|
||||
assert_equal('configClaim', volume["persistentVolumeClaim"]["claimName"])
|
||||
|
||||
volume = volumes.find{ |v| v["name"] == "data"}
|
||||
refute_nil(volume)
|
||||
assert_equal('dataClaim', volume["persistentVolumeClaim"]["claimName"])
|
||||
end
|
||||
|
||||
it 'default nameSuffix' do
|
||||
values = {
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
volume = volumes.find{ |v| v["name"] == "config"}
|
||||
refute_nil(volume)
|
||||
assert_equal('common-test-config', volume["persistentVolumeClaim"]["claimName"])
|
||||
end
|
||||
|
||||
it 'custom nameSuffix' do
|
||||
values = {
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true,
|
||||
nameOverride: "test"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
volume = volumes.find{ |v| v["name"] == "config"}
|
||||
refute_nil(volume)
|
||||
assert_equal('common-test-test', volume["persistentVolumeClaim"]["claimName"])
|
||||
end
|
||||
|
||||
it 'no nameSuffix' do
|
||||
values = {
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true,
|
||||
nameOverride: "-"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
volume = volumes.find{ |v| v["name"] == "config"}
|
||||
refute_nil(volume)
|
||||
assert_equal('common-test', volume["persistentVolumeClaim"]["claimName"])
|
||||
end
|
||||
end
|
||||
|
||||
describe 'pod::persistence::emptyDir' do
|
||||
it 'can be configured' do
|
||||
values = {
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true,
|
||||
type: "emptyDir"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
volume = volumes.find{ |v| v["name"] == "config"}
|
||||
refute_nil(volume)
|
||||
assert_equal(Hash.new, volume["emptyDir"])
|
||||
end
|
||||
|
||||
it 'medium can be configured' do
|
||||
values = {
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true,
|
||||
type: "emptyDir",
|
||||
medium: "memory"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
volume = volumes.find{ |v| v["name"] == "config"}
|
||||
refute_nil(volume)
|
||||
assert_equal("memory", volume["emptyDir"]["medium"])
|
||||
end
|
||||
|
||||
it 'sizeLimit can be configured' do
|
||||
values = {
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true,
|
||||
type: "emptyDir",
|
||||
medium: "memory",
|
||||
sizeLimit: "1Gi"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
volume = volumes.find{ |v| v["name"] == "config"}
|
||||
refute_nil(volume)
|
||||
assert_equal("1Gi", volume["emptyDir"]["sizeLimit"])
|
||||
end
|
||||
end
|
||||
|
||||
describe 'pod::persistenceList' do
|
||||
it 'multiple volumes' do
|
||||
values = {
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
type: "hostPath",
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp1"
|
||||
},
|
||||
{
|
||||
name: "configlist",
|
||||
type: "hostPath",
|
||||
enabled: true,
|
||||
mountPath: "/config",
|
||||
hostPath: "/tmp2"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
|
||||
volume = volumes.find{ |v| v["name"] == "data"}
|
||||
refute_nil(volume)
|
||||
assert_equal('/tmp1', volume["hostPath"]["path"])
|
||||
|
||||
volume = volumes.find{ |v| v["name"] == "configlist"}
|
||||
refute_nil(volume)
|
||||
assert_equal('/tmp2', volume["hostPath"]["path"])
|
||||
end
|
||||
|
||||
it 'emptyDir can be enabled' do
|
||||
values = {
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
type: "emptyDir",
|
||||
enabled: true,
|
||||
mountPath: "/data"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
volumes = deployment["spec"]["template"]["spec"]["volumes"]
|
||||
volume = volumes.find{ |v| v["name"] == "data"}
|
||||
refute_nil(volume)
|
||||
assert_equal(Hash.new, volume["emptyDir"])
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
describe 'container::persistence' do
|
||||
it 'supports multiple volumeMounts' do
|
||||
values = {
|
||||
persistence: {
|
||||
cache: {
|
||||
enabled: true,
|
||||
type: "emptyDir"
|
||||
},
|
||||
config: {
|
||||
enabled: true,
|
||||
existingClaim: "configClaim"
|
||||
},
|
||||
data: {
|
||||
enabled: true,
|
||||
existingClaim: "dataClaim"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
|
||||
# Check that all persistent volumes have mounts
|
||||
values[:persistence].each { |key, value|
|
||||
volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == key.to_s }
|
||||
refute_nil(volumeMount)
|
||||
}
|
||||
end
|
||||
|
||||
it 'defaults mountPath to persistence key' do
|
||||
values = {
|
||||
persistence: {
|
||||
data: {
|
||||
enabled: true,
|
||||
existingClaim: "dataClaim"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
|
||||
volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == "data" }
|
||||
refute_nil(volumeMount)
|
||||
assert_equal("/data", volumeMount["mountPath"])
|
||||
end
|
||||
|
||||
it 'supports setting custom mountPath' do
|
||||
values = {
|
||||
persistence: {
|
||||
data: {
|
||||
enabled: true,
|
||||
existingClaim: "dataClaim",
|
||||
mountPath: "/myMountPath"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
|
||||
volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == "data" }
|
||||
refute_nil(volumeMount)
|
||||
assert_equal("/myMountPath", volumeMount["mountPath"])
|
||||
end
|
||||
|
||||
it 'supports setting subPath' do
|
||||
values = {
|
||||
persistence: {
|
||||
data: {
|
||||
enabled: true,
|
||||
existingClaim: "dataClaim",
|
||||
subPath: "mySubPath"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
|
||||
volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == "data" }
|
||||
refute_nil(volumeMount)
|
||||
assert_equal("mySubPath", volumeMount["subPath"])
|
||||
end
|
||||
end
|
||||
|
||||
describe 'container::persistenceList' do
|
||||
it 'supports multiple persistenceList' do
|
||||
values = {
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp"
|
||||
},
|
||||
{
|
||||
name: "config",
|
||||
enabled: true,
|
||||
mountPath: "/config",
|
||||
hostPath: "/tmp"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
|
||||
# Check that all persistenceList volumes have mounts
|
||||
values[:persistenceList].each { |value|
|
||||
volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == value[:name].to_s }
|
||||
refute_nil(volumeMount)
|
||||
}
|
||||
end
|
||||
|
||||
it 'supports setting mountPath' do
|
||||
values = {
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
|
||||
volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == "data" }
|
||||
refute_nil(volumeMount)
|
||||
assert_equal("/data", volumeMount["mountPath"])
|
||||
end
|
||||
|
||||
it 'supports setting subPath' do
|
||||
values = {
|
||||
persistenceList: [
|
||||
{
|
||||
name: "data",
|
||||
enabled: true,
|
||||
mountPath: "/data",
|
||||
hostPath: "/tmp",
|
||||
subPath: "mySubPath"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
|
||||
volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == "data" }
|
||||
refute_nil(volumeMount)
|
||||
assert_equal("mySubPath", volumeMount["subPath"])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,109 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
describe 'pod::replicas' do
|
||||
it 'defaults to 1' do
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
assert_equal(1, deployment["spec"]["replicas"])
|
||||
end
|
||||
|
||||
it 'accepts integer as value' do
|
||||
values = {
|
||||
controller: {
|
||||
replicas: 3
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
assert_equal(3, deployment["spec"]["replicas"])
|
||||
end
|
||||
end
|
||||
|
||||
describe 'pod::hostNetwork' do
|
||||
it 'defaults to nil' do
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
assert_nil(deployment["spec"]["template"]["spec"]["hostNetwork"])
|
||||
end
|
||||
|
||||
it 'can be enabled' do
|
||||
values = {
|
||||
hostNetwork: true
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
assert_equal(true, deployment["spec"]["template"]["spec"]["hostNetwork"])
|
||||
end
|
||||
end
|
||||
|
||||
describe 'pod::dnsPolicy' do
|
||||
it 'defaults to "ClusterFirst" without hostNetwork' do
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
assert_equal("ClusterFirst", deployment["spec"]["template"]["spec"]["dnsPolicy"])
|
||||
end
|
||||
|
||||
it 'defaults to "ClusterFirst" when hostNetwork: false' do
|
||||
values = {
|
||||
hostNetwork: false
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
assert_equal("ClusterFirst", deployment["spec"]["template"]["spec"]["dnsPolicy"])
|
||||
end
|
||||
|
||||
it 'defaults to "ClusterFirstWithHostNet" when hostNetwork: true' do
|
||||
values = {
|
||||
hostNetwork: true
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
assert_equal("ClusterFirstWithHostNet", deployment["spec"]["template"]["spec"]["dnsPolicy"])
|
||||
end
|
||||
|
||||
it 'accepts manual override' do
|
||||
values = {
|
||||
dnsPolicy: "None"
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
assert_equal("None", deployment["spec"]["template"]["spec"]["dnsPolicy"])
|
||||
end
|
||||
end
|
||||
|
||||
describe 'pod::additional containers' do
|
||||
it 'accepts static additionalContainers' do
|
||||
values = {
|
||||
additionalContainers: [
|
||||
{
|
||||
name: "template-test"
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
additionalContainer = containers.find{ |c| c["name"] == values[:additionalContainers][0][:name] }
|
||||
refute_nil(additionalContainer)
|
||||
end
|
||||
|
||||
it 'accepts "Dynamic/Tpl" additionalContainers' do
|
||||
expectedContainerName = "common-test-container"
|
||||
values = {
|
||||
additionalContainers: [
|
||||
{
|
||||
name: "{{ .Release.Name }}-container",
|
||||
}
|
||||
]
|
||||
}
|
||||
chart.value values
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
additionalContainer = containers.find{ |c| c["name"] == expectedContainerName }
|
||||
refute_nil(additionalContainer)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,311 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
describe 'portal::configmap::defaults' do
|
||||
it 'no configmap exists by default' do
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_nil(configmap)
|
||||
end
|
||||
|
||||
it 'creates configmap when enabled' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
refute_nil(configmap)
|
||||
end
|
||||
|
||||
it 'is named "portal"' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal("portal", configmap["metadata"]["name"])
|
||||
end
|
||||
|
||||
it 'uses "$node_ip" by default' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true
|
||||
},
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: false
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal("$node_ip", configmap["data"]["host"])
|
||||
end
|
||||
|
||||
it 'uses port "443" by default' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true
|
||||
},
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: false
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal("443", configmap["data"]["port"])
|
||||
end
|
||||
|
||||
it 'uses protocol "http" by default' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true
|
||||
},
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: false
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal("http", configmap["data"]["protocol"])
|
||||
end
|
||||
|
||||
it 'uses path "/" by default' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true
|
||||
},
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: false
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal("/", configmap["data"]["path"])
|
||||
end
|
||||
end
|
||||
|
||||
describe 'portal::configmap::overrides' do
|
||||
it 'ingressPort can be overridden' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true,
|
||||
ingressPort: "666"
|
||||
},
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal(values[:portal][:ingressPort], configmap["data"]["port"])
|
||||
end
|
||||
|
||||
it 'nodePort Host can be overridden' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true,
|
||||
host: "test.host"
|
||||
},
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: false
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal(values[:portal][:host], configmap["data"]["host"])
|
||||
end
|
||||
|
||||
it 'path can be overridden' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true,
|
||||
path: "/path"
|
||||
},
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: false
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal(values[:portal][:path], configmap["data"]["path"])
|
||||
end
|
||||
end
|
||||
|
||||
describe 'portal::configmap::nodeport' do
|
||||
it 'nodePort host defaults to "$node_ip"' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true
|
||||
},
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: false
|
||||
}
|
||||
},
|
||||
service: {
|
||||
main: {
|
||||
type: "NodePort",
|
||||
ports: {
|
||||
main: {
|
||||
nodePort: 666
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal("$node_ip", configmap["data"]["host"])
|
||||
end
|
||||
|
||||
it 'nodePort port defaults to the nodePort' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true
|
||||
},
|
||||
service: {
|
||||
main: {
|
||||
type: "NodePort",
|
||||
ports: {
|
||||
main: {
|
||||
enabled: true,
|
||||
port: 8080,
|
||||
nodePort: 666
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal("666", configmap["data"]["port"])
|
||||
end
|
||||
|
||||
it 'uses nodeport port protocol as protocol (HTTPS)' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true
|
||||
},
|
||||
service: {
|
||||
main: {
|
||||
type: "NodePort",
|
||||
ports: {
|
||||
main: {
|
||||
enabled: true,
|
||||
port: 8080,
|
||||
nodePort: 666,
|
||||
protocol: "HTTPS"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal("https", configmap["data"]["protocol"])
|
||||
end
|
||||
|
||||
it 'uses nodeport port protocol as protocol (HTTP)' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true
|
||||
},
|
||||
service: {
|
||||
main: {
|
||||
type: "NodePort",
|
||||
ports: {
|
||||
main: {
|
||||
enabled: true,
|
||||
nodePort: 666,
|
||||
protocol: "HTTP"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal("http", configmap["data"]["protocol"])
|
||||
end
|
||||
end
|
||||
|
||||
describe 'portal::configmap::ingress' do
|
||||
it 'uses ingress host' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true
|
||||
},
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: true,
|
||||
hosts: [
|
||||
{
|
||||
host: "test.domain",
|
||||
paths:
|
||||
[
|
||||
{
|
||||
path: "/test"
|
||||
}
|
||||
]
|
||||
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal("test.domain", configmap["data"]["host"])
|
||||
end
|
||||
|
||||
it 'uses ingress path' do
|
||||
values = {
|
||||
portal: {
|
||||
enabled: true
|
||||
},
|
||||
ingress: {
|
||||
main: {
|
||||
enabled: true,
|
||||
hosts: [
|
||||
{
|
||||
host: "test.domain",
|
||||
paths:
|
||||
[
|
||||
{
|
||||
path: "/test"
|
||||
}
|
||||
]
|
||||
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
configmap = chart.resources(kind: "ConfigMap").first
|
||||
assert_equal("/test", configmap["data"]["path"])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,181 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
describe 'pvc' do
|
||||
it 'nameSuffix defaults to persistence key' do
|
||||
values = {
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" }
|
||||
refute_nil(pvc)
|
||||
end
|
||||
|
||||
it 'nameSuffix can be overridden' do
|
||||
values = {
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true,
|
||||
nameOverride: 'customSuffix'
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-customSuffix" }
|
||||
refute_nil(pvc)
|
||||
end
|
||||
|
||||
it 'nameSuffix can be skipped' do
|
||||
values = {
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true,
|
||||
nameOverride: '-'
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(pvc)
|
||||
end
|
||||
|
||||
it 'storageClass can be set' do
|
||||
values = {
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true,
|
||||
storageClass: "test"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" }
|
||||
refute_nil(pvc)
|
||||
assert_equal('test', pvc["spec"]["storageClassName"])
|
||||
end
|
||||
|
||||
it 'can generate TrueNAS SCALE zfs storageClass on demand' do
|
||||
values = {
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true,
|
||||
storageClass: "SCALE-ZFS"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" }
|
||||
refute_nil(pvc)
|
||||
assert_equal('ix-storage-class-common-test', pvc["spec"]["storageClassName"])
|
||||
end
|
||||
|
||||
it 'generate TrueNAS SCALE zfs storageClass as default when isSCALE' do
|
||||
values = {
|
||||
global: {
|
||||
isSCALE: true
|
||||
},
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" }
|
||||
refute_nil(pvc)
|
||||
assert_equal('ix-storage-class-common-test', pvc["spec"]["storageClassName"])
|
||||
end
|
||||
|
||||
it 'can override storageClass when isSCALE' do
|
||||
values = {
|
||||
global: {
|
||||
isSCALE: true
|
||||
},
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true,
|
||||
storageClass: "test"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" }
|
||||
refute_nil(pvc)
|
||||
assert_equal('test', pvc["spec"]["storageClassName"])
|
||||
end
|
||||
|
||||
it 'generate TrueNAS SCALE zfs storageClass as default when global ixChartContext' do
|
||||
values = {
|
||||
global: {
|
||||
ixChartContext: "somethingsomething"
|
||||
},
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" }
|
||||
refute_nil(pvc)
|
||||
assert_equal('ix-storage-class-common-test', pvc["spec"]["storageClassName"])
|
||||
end
|
||||
|
||||
it 'generate TrueNAS SCALE zfs storageClass as default when ixChartContext' do
|
||||
values = {
|
||||
ixChartContext: "somethingsomething",
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" }
|
||||
refute_nil(pvc)
|
||||
assert_equal('ix-storage-class-common-test', pvc["spec"]["storageClassName"])
|
||||
end
|
||||
|
||||
it 'check SCALE storageClass when isSCALE and ixchartcontext' do
|
||||
values = {
|
||||
global: {
|
||||
ixChartContext: "somethingsomething"
|
||||
},
|
||||
ixChartContext: "somethingsomething",
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" }
|
||||
refute_nil(pvc)
|
||||
assert_equal('ix-storage-class-common-test', pvc["spec"]["storageClassName"])
|
||||
end
|
||||
|
||||
it 'storageClass can be set to an empty value' do
|
||||
values = {
|
||||
persistence: {
|
||||
config: {
|
||||
enabled: true,
|
||||
storageClass: "-"
|
||||
}
|
||||
}
|
||||
}
|
||||
chart.value values
|
||||
pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" }
|
||||
refute_nil(pvc)
|
||||
assert_equal('', pvc["spec"]["storageClassName"])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,290 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
require_relative '../../test_helper'
|
||||
|
||||
class Test < ChartTest
|
||||
@@chart = Chart.new('charts/library/common-test')
|
||||
|
||||
describe @@chart.name do
|
||||
describe 'service::ports settings' do
|
||||
baseValues = {
|
||||
service: {
|
||||
main: {
|
||||
ports: {
|
||||
main: {
|
||||
port: 8080
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
default_name = 'main'
|
||||
default_port = 8080
|
||||
|
||||
it 'defaults to name "http" on port 8080' do
|
||||
values = baseValues
|
||||
chart.value values
|
||||
|
||||
service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(service)
|
||||
assert_equal(default_port, service["spec"]["ports"].first["port"])
|
||||
assert_equal(default_name, service["spec"]["ports"].first["targetPort"])
|
||||
assert_equal(default_name, service["spec"]["ports"].first["name"])
|
||||
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(default_port, mainContainer["ports"].first["containerPort"])
|
||||
assert_equal(default_name, mainContainer["ports"].first["name"])
|
||||
end
|
||||
|
||||
it 'port name can be set' do
|
||||
values = baseValues.deep_merge_override({
|
||||
service: {
|
||||
main: {
|
||||
ports: {
|
||||
main: {
|
||||
enabled: false
|
||||
},
|
||||
server: {
|
||||
enabled: true,
|
||||
port: 8080
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(service)
|
||||
assert_equal(default_port, service["spec"]["ports"].first["port"])
|
||||
assert_equal('server', service["spec"]["ports"].first["targetPort"])
|
||||
assert_equal('server', service["spec"]["ports"].first["name"])
|
||||
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(default_port, mainContainer["ports"].first["containerPort"])
|
||||
assert_equal('server', mainContainer["ports"].first["name"])
|
||||
end
|
||||
|
||||
it 'name suffix can be overridden' do
|
||||
values = baseValues.deep_merge_override({
|
||||
service: {
|
||||
main: {
|
||||
nameOverride: 'http'
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test-#{values[:service][:main][:nameOverride]}" }
|
||||
refute_nil(service)
|
||||
end
|
||||
|
||||
it 'targetPort can be overridden' do
|
||||
values = baseValues.deep_merge_override({
|
||||
service: {
|
||||
main: {
|
||||
ports: {
|
||||
main: {
|
||||
targetPort: 80
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(service)
|
||||
assert_equal(default_port, service["spec"]["ports"].first["port"])
|
||||
assert_equal(80, service["spec"]["ports"].first["targetPort"])
|
||||
assert_equal(default_name, service["spec"]["ports"].first["name"])
|
||||
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal(80, mainContainer["ports"].first["containerPort"])
|
||||
assert_equal(default_name, mainContainer["ports"].first["name"])
|
||||
end
|
||||
|
||||
it 'targetPort cannot be a named port' do
|
||||
values = baseValues.deep_merge_override({
|
||||
service: {
|
||||
main: {
|
||||
ports: {
|
||||
main: {
|
||||
targetPort: 'test'
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
exception = assert_raises HelmCompileError do
|
||||
chart.execute_helm_template!
|
||||
end
|
||||
assert_match("Our charts do not support named ports for targetPort. (port name #{default_name}, targetPort test)", exception.message)
|
||||
end
|
||||
|
||||
it 'protocol defaults to TCP' do
|
||||
values = baseValues
|
||||
chart.value values
|
||||
|
||||
service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(service)
|
||||
assert_equal("TCP", service["spec"]["ports"].first["protocol"])
|
||||
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal("TCP", mainContainer["ports"].first["protocol"])
|
||||
end
|
||||
|
||||
it 'protocol is TCP when set to TCP explicitly' do
|
||||
values = baseValues.deep_merge_override({
|
||||
service: {
|
||||
main: {
|
||||
ports: {
|
||||
main: {
|
||||
protocol: 'TCP'
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(service)
|
||||
assert_equal("TCP", service["spec"]["ports"].first["protocol"])
|
||||
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal("TCP", mainContainer["ports"].first["protocol"])
|
||||
end
|
||||
|
||||
it 'protocol is TCP when set to HTTP explicitly' do
|
||||
values = baseValues.deep_merge_override({
|
||||
service: {
|
||||
main: {
|
||||
ports: {
|
||||
main: {
|
||||
protocol: 'HTTP'
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(service)
|
||||
assert_equal("TCP", service["spec"]["ports"].first["protocol"])
|
||||
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal("TCP", mainContainer["ports"].first["protocol"])
|
||||
end
|
||||
|
||||
it 'protocol is TCP when set to HTTPS explicitly' do
|
||||
values = baseValues.deep_merge_override({
|
||||
service: {
|
||||
main: {
|
||||
ports: {
|
||||
main: {
|
||||
protocol: 'HTTPS'
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(service)
|
||||
assert_equal("TCP", service["spec"]["ports"].first["protocol"])
|
||||
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal("TCP", mainContainer["ports"].first["protocol"])
|
||||
end
|
||||
|
||||
it 'protocol is UDP when set to UDP explicitly' do
|
||||
values = baseValues.deep_merge_override({
|
||||
service: {
|
||||
main: {
|
||||
ports: {
|
||||
main: {
|
||||
protocol: 'UDP'
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(service)
|
||||
assert_equal("UDP", service["spec"]["ports"].first["protocol"])
|
||||
|
||||
deployment = chart.resources(kind: "Deployment").first
|
||||
containers = deployment["spec"]["template"]["spec"]["containers"]
|
||||
mainContainer = containers.find{ |c| c["name"] == "common-test" }
|
||||
assert_equal("UDP", mainContainer["ports"].first["protocol"])
|
||||
end
|
||||
|
||||
it 'No annotations get set by default' do
|
||||
values = baseValues
|
||||
chart.value values
|
||||
|
||||
service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(service)
|
||||
assert_nil(service["metadata"]["annotations"])
|
||||
end
|
||||
|
||||
it 'TCP port protocol does not set annotations' do
|
||||
values = baseValues.deep_merge_override({
|
||||
service: {
|
||||
main: {
|
||||
ports: {
|
||||
main: {
|
||||
protocol: 'TCP'
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
|
||||
service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(service)
|
||||
assert_nil(service["metadata"]["annotations"])
|
||||
end
|
||||
|
||||
it 'HTTPS port protocol sets traefik HTTPS annotation' do
|
||||
values = baseValues.deep_merge_override({
|
||||
service: {
|
||||
main: {
|
||||
ports: {
|
||||
main: {
|
||||
protocol: 'HTTPS'
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
})
|
||||
chart.value values
|
||||
service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" }
|
||||
refute_nil(service)
|
||||
assert_equal("https", service["metadata"]["annotations"]["traefik.ingress.kubernetes.io/service.serversscheme"])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
@@ -1,146 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
require 'json'
|
||||
require 'yaml'
|
||||
require 'open3'
|
||||
|
||||
require 'minitest-implicit-subject'
|
||||
require "minitest/reporters"
|
||||
require 'minitest/autorun'
|
||||
require 'minitest/pride'
|
||||
|
||||
class HelmCompileError < StandardError
|
||||
end
|
||||
|
||||
class HelmDepsError < StandardError
|
||||
end
|
||||
|
||||
class Chart
|
||||
attr_reader :name, :path, :values
|
||||
|
||||
def initialize(chart)
|
||||
@name = chart.split('/').last
|
||||
|
||||
@path = File.expand_path(chart)
|
||||
|
||||
@values = default_values
|
||||
|
||||
update_deps!
|
||||
end
|
||||
|
||||
def update_deps!
|
||||
command = "helm dep update '#{path}'"
|
||||
stdout, stderr, status = Open3.capture3(command)
|
||||
raise HelmDepsError, stderr if status != 0
|
||||
end
|
||||
|
||||
def reset!
|
||||
@values = default_values
|
||||
@parsed_resources = nil
|
||||
end
|
||||
|
||||
def value(value)
|
||||
values.merge!(value)
|
||||
end
|
||||
|
||||
def configure_custom_name(name)
|
||||
@name = name
|
||||
end
|
||||
|
||||
def execute_helm_template!
|
||||
file = Tempfile.new(name)
|
||||
file.write(JSON.parse(values.to_json).to_yaml)
|
||||
file.close
|
||||
|
||||
begin
|
||||
command = "helm template '#{name}' '#{path}' --namespace='default' --values='#{file.path}'"
|
||||
stdout, stderr, status = Open3.capture3(command)
|
||||
|
||||
raise HelmCompileError, stderr if status != 0
|
||||
|
||||
stdout
|
||||
ensure
|
||||
file.unlink
|
||||
end
|
||||
end
|
||||
|
||||
def parsed_resources
|
||||
@parsed_resources ||= begin
|
||||
output = execute_helm_template!
|
||||
puts output if ENV.fetch('DEBUG', 'false') == 'true'
|
||||
YAML.load_stream(output)
|
||||
end
|
||||
end
|
||||
|
||||
def resources(matcher = nil)
|
||||
return parsed_resources unless matcher
|
||||
|
||||
parsed_resources.select do |r|
|
||||
r >= Hash[matcher.map { |k, v| [k.to_s, v] }]
|
||||
end
|
||||
end
|
||||
|
||||
def default_values
|
||||
{
|
||||
}
|
||||
end
|
||||
end
|
||||
|
||||
class ExtendedMinitest < Minitest::Test
|
||||
extend MiniTest::Spec::DSL
|
||||
end
|
||||
|
||||
class ChartTest < ExtendedMinitest
|
||||
Minitest::Reporters.use! Minitest::Reporters::SpecReporter.new
|
||||
|
||||
before do
|
||||
chart.reset!
|
||||
end
|
||||
|
||||
def chart
|
||||
self.class.class_variable_get('@@chart')
|
||||
end
|
||||
|
||||
def resource(name)
|
||||
chart.resources(kind: name).first
|
||||
end
|
||||
end
|
||||
|
||||
class Minitest::Result
|
||||
def name
|
||||
test_name = defined?(@name) ? @name : super
|
||||
test_name.to_s.gsub /\Atest_\d{4,}_/, ""
|
||||
end
|
||||
end
|
||||
|
||||
class ::Hash
|
||||
def deep_merge_override(second)
|
||||
merger = proc do |key, original, override|
|
||||
if original.instance_of?(Hash) && override.instance_of?(Hash)
|
||||
original.merge(override, &merger)
|
||||
else
|
||||
if original.instance_of?(Array) && override.instance_of?(Array)
|
||||
# if the lengths are different, prefer the override
|
||||
if original.length != override.length
|
||||
override
|
||||
else
|
||||
# if the first element in the override's Array is a Hash, then we assume they all are
|
||||
if override[0].instance_of?(Hash)
|
||||
original.map.with_index do |v, i|
|
||||
# deep merge everything between the two arrays
|
||||
original[i].merge(override[i], &merger)
|
||||
end
|
||||
else
|
||||
# if we don't have a Hash in the override,
|
||||
# override the whole array with our new one
|
||||
override
|
||||
end
|
||||
end
|
||||
else
|
||||
override
|
||||
end
|
||||
end
|
||||
end
|
||||
self.merge(second.to_h, &merger)
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user