diff --git a/.github/workflows/common.test.yaml b/.github/workflows/common.test.yaml deleted file mode 100644 index 473d864d1c8..00000000000 --- a/.github/workflows/common.test.yaml +++ /dev/null @@ -1,111 +0,0 @@ -name: "common: Tests" - -on: - pull_request: - branches: - - '**' - tags-ignore: - - '**' - paths: - - 'charts/library/**' - - 'tests/**' - - '.github/workflows/common.test.yaml' - - '.github/ct-install.yaml' - - '.github/ct-lint.yaml' - -jobs: - unit-and-lint: - name: Unit and Lint tests - runs-on: ubuntu-latest - container: - image: tccr.io/truecharts/devcontainer:v2.2.1 - steps: - - name: Cache helm repo cache - id: cache - uses: actions/cache@4b0cf6cc4619e737324ddfcec08fff2413359514 # tag=v3 - with: - key: helmrepocache-${{ github.sha }} - path: | - ~/.cache/helm/repository - ~/.config/helm/repositories.yaml - - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3 - name: Checkout - with: - fetch-depth: 100 - - - name: update helm repo cache - run: | - helm repo add truecharts https://truecharts.org - helm repo add bitnami https://charts.bitnami.com/bitnami - helm repo add metallb https://metallb.github.io/metallb - helm repo add grafana https://grafana.github.io/helm-charts - helm repo add prometheus https://prometheus-community.github.io/helm-charts - helm repo add amd-gpu-helm https://radeonopencompute.github.io/k8s-device-plugin/ - helm repo update - - - name: Run chart-testing (lint) - run: ct lint --config .github/ct-lint.yaml --charts 'charts/library/common-test' - - - name: Run common unit tests - run: | - bundle exec m -r tests - - run-tests: - name: Run tests - runs-on: ubuntu-latest - needs: [unit-and-lint] - steps: - - name: Cache helm repo cache - id: cache - uses: actions/cache@4b0cf6cc4619e737324ddfcec08fff2413359514 # tag=v3 - with: - key: helmrepocache-${{ github.sha }} - path: | - ~/.cache/helm/repository - ~/.config/helm/repositories.yaml - - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3 - name: Checkout - with: - fetch-depth: 100 - - - name: Install Helm - if: ${{ matrix.app != '.gitkee' }} - uses: azure/setup-helm@18bc76811624f360dbd7f18c2d4ecb32c7b87bab # renovate: tag=v1 - with: - version: v3.7.1 - - - name: update helm repo cache - run: | - helm repo add truecharts https://truecharts.org - helm repo add bitnami https://charts.bitnami.com/bitnami - helm repo add metallb https://metallb.github.io/metallb - helm repo add prometheus https://prometheus-community.github.io/helm-charts - helm repo add amd-gpu-helm https://radeonopencompute.github.io/k8s-device-plugin/ - helm repo update - - - uses: actions/setup-python@0ebf233433c08fb9061af664d501c3f3ff0e9e20 # tag=v3 - if: ${{ matrix.app != '.gitkee' }} - with: - python-version: 3.7 - - - name: Set up chart-testing - if: ${{ matrix.app != '.gitkee' }} - uses: helm/chart-testing-action@dae259e86a35ff09145c0805e2d7dd3f7207064a # tag=v2.2.1 - ## - # Chart-Testing Section - ## - - - uses: actions/setup-python@0ebf233433c08fb9061af664d501c3f3ff0e9e20 # tag=v3 - if: ${{ matrix.app != '.gitkee' }} - with: - python-version: 3.7 - - - name: Create k3d cluster - uses: nolar/setup-k3d-k3s@v1 - with: - version: v1.22.4+k3s1 - - - name: Run chart-testing (install) - run: find ./ -type f -name *.yaml -exec sed -i 's/tccr.io/ghcr.io/gI' {} \; && ct install --config .github/ct-install.yaml --charts 'charts/library/common-test' diff --git a/templates/docs/common-README.md.gotmpl b/templates/docs/common-README.md.gotmpl deleted file mode 100644 index eea45941a6f..00000000000 --- a/templates/docs/common-README.md.gotmpl +++ /dev/null @@ -1,66 +0,0 @@ -{{- define "custom.introheader" -}} -# Introduction -{{- end -}} -{{- define "custom.repository.organization" -}} -TrueCharts -{{- end -}} -{{- define "custom.repository.url" -}} -https://github.com/truecharts/apps -{{- end -}} -{{- define "custom.helm.url" -}} -https://truecharts.org -{{- end -}} -{{- define "custom.helm.path" -}} -{{ template "custom.repository.organization" . }}/{{ template "chart.name" . }} -{{- end -}} -{{- define "custom.notes" -}} -Function library for TrueCharts -Since a lot of the TrueCharts Apps and Charts follow a similar pattern, this library was built to reduce maintenance cost between the charts that use it and try achieve a goal of being DRY. -{{- end -}} -{{- define "custom.requirements" -}} -## Requirements - -{{ template "chart.kubeVersionLine" . }} -{{- end -}} -{{- define "custom.dependencies" -}} -## Dependencies - -{{ template "chart.requirementsTable" . }} -{{- end -}} -{{- define "custom.install" -}} -## Installing the Chart - -This is a Helm Library Chart. -WARNING: THIS CHART IS NOT MEANT TO BE INSTALLED DIRECTLY -{{- end -}} -{{- define "custom.support" -}} -## Support - -- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Adding-TrueCharts/) first. -- See the [Wiki](https://truecharts.org) -- Check our [Discord](https://discord.gg/tVsPTHWTtr) -- Open a [issue](https://github.com/truecharts/apps/issues/new/choose) -{{- end -}} -{{- define "custom.copyright" -}} -All Rights Reserved - The TrueCharts Project -{{- end -}} -{{ template "custom.introheader" . }} - -{{ template "chart.description" . }} - -{{ template "chart.deprecationWarning" . }} - -{{ template "custom.notes" . }} - -{{ template "chart.sourcesSection" . }} - -{{ template "custom.requirements" . }} - -{{ template "custom.dependencies" . }} - -{{ template "custom.install" . }} - - -{{ template "custom.support" . }} ---- -{{ template "custom.copyright" . }} diff --git a/templates/docs/common-helm-values.md.gotmpl b/templates/docs/common-helm-values.md.gotmpl deleted file mode 100644 index 94e812407bb..00000000000 --- a/templates/docs/common-helm-values.md.gotmpl +++ /dev/null @@ -1,19 +0,0 @@ -{{- define "custom.helm.introheader" -}} -# Default Helm-Values -{{- end -}} -{{- define "custom.helm.notes" -}} -TrueCharts is primarily build to supply TrueNAS SCALE Apps. -However, we also supply all Apps as standard Helm-Charts. In this document we aim to document the default values in our Common Chart. -This chart is used by a lot of our Apps to provide sane defaults and logic. -{{- end -}} - -{{- define "custom.helm.copyright" -}} -All Rights Reserved - The TrueCharts Project -{{- end -}} -{{ template "custom.helm.introheader" . }} - -{{ template "custom.helm.notes" . }} - -{{ template "chart.valuesSection" . }} - -{{ template "custom.helm.copyright" . }} diff --git a/tests/library/common/addon_codeserver_spec.rb b/tests/library/common/addon_codeserver_spec.rb deleted file mode 100644 index 04362dc8668..00000000000 --- a/tests/library/common/addon_codeserver_spec.rb +++ /dev/null @@ -1,109 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - describe 'addon::codeserver' do - baseValues = { - addons: { - codeserver: { - enabled: true - } - } - } - - it 'defaults to disabled' do - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - codeserverContainer = containers.find{ |c| c["name"] == "codeserver" } - - assert_nil(codeserverContainer) - end - - it 'can be enabled' do - values = baseValues - - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - codeserverContainer = containers.find{ |c| c["name"] == "codeserver" } - - refute_nil(codeserverContainer) - end - - it 'a git deployKey can be passed' do - values = baseValues.deep_merge_override({ - addons: { - codeserver: { - git: { - deployKey: "testKey" - } - } - } - }) - - chart.value values - deployment = chart.resources(kind: "Deployment").first - secret = chart.resources(kind: "Secret").first - containers = deployment["spec"]["template"]["spec"]["containers"] - volumes = deployment["spec"]["template"]["spec"]["volumes"] - codeserverContainer = containers.find{ |c| c["name"] == "codeserver" } - expectedSecretContent = { "id_rsa" => values[:addons][:codeserver][:git][:deployKey] } - - # Check that the secret has been created - refute_nil(secret) - assert_equal("common-test-deploykey", secret["metadata"]["name"]) - assert_equal(expectedSecretContent, secret["stringData"]) - - # Make sure the deployKey volumeMount is present in the sidecar container - deploykeyVolumeMount = codeserverContainer["volumeMounts"].find { |v| v["name"] == "deploykey"} - refute_nil(deploykeyVolumeMount) - assert_equal("/root/.ssh/id_rsa", deploykeyVolumeMount["mountPath"]) - assert_equal("id_rsa", deploykeyVolumeMount["subPath"]) - - # Make sure the deployKey volume is present in the Deployment - deploykeyVolume = volumes.find{ |v| v["name"] == "deploykey" } - refute_nil(deploykeyVolume) - assert_equal("common-test-deploykey", deploykeyVolume["secret"]["secretName"]) - end - - it 'a git deployKey can be passed in base64 format' do - values = baseValues.deep_merge_override({ - addons: { - codeserver: { - git: { - deployKeyBase64: "dGVzdEtleQ==" - } - } - } - }) - - chart.value values - deployment = chart.resources(kind: "Deployment").first - secret = chart.resources(kind: "Secret").first - containers = deployment["spec"]["template"]["spec"]["containers"] - volumes = deployment["spec"]["template"]["spec"]["volumes"] - codeserverContainer = containers.find{ |c| c["name"] == "codeserver" } - expectedSecretContent = { "id_rsa" => values[:addons][:codeserver][:git][:deployKeyBase64] } - - # Check that the secret has been created - refute_nil(secret) - assert_equal("common-test-deploykey", secret["metadata"]["name"]) - assert_equal(expectedSecretContent, secret["data"]) - - # Make sure the deployKey volumeMount is present in the sidecar container - deploykeyVolumeMount = codeserverContainer["volumeMounts"].find { |v| v["name"] == "deploykey"} - refute_nil(deploykeyVolumeMount) - assert_equal("/root/.ssh/id_rsa", deploykeyVolumeMount["mountPath"]) - assert_equal("id_rsa", deploykeyVolumeMount["subPath"]) - - # Make sure the deployKey volume is present in the Deployment - deploykeyVolume = volumes.find{ |v| v["name"] == "deploykey" } - refute_nil(deploykeyVolume) - assert_equal("common-test-deploykey", deploykeyVolume["secret"]["secretName"]) - end - end - end -end diff --git a/tests/library/common/addon_netshoot_spec.rb b/tests/library/common/addon_netshoot_spec.rb deleted file mode 100644 index 9404008cacf..00000000000 --- a/tests/library/common/addon_netshoot_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - describe 'addon::netshoot' do - it 'defaults to disabled' do - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - netshootContainer = containers.find{ |c| c["name"] == "netshoot" } - - assert_nil(netshootContainer) - end - - it 'netshoot can be enabled' do - values = { - addons: { - netshoot: { - enabled: true - } - } - } - - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - netshootContainer = containers.find{ |c| c["name"] == "netshoot" } - - refute_nil(netshootContainer) - end - end - end -end diff --git a/tests/library/common/addon_promtail_spec.rb b/tests/library/common/addon_promtail_spec.rb deleted file mode 100644 index 2018c17567d..00000000000 --- a/tests/library/common/addon_promtail_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - describe 'addon::promtail' do - it 'defaults to disabled' do - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - promtailContainer = containers.find{ |c| c["name"] == "promtail" } - - assert_nil(promtailContainer) - end - - it 'promtail can be enabled' do - values = { - addons: { - promtail: { - enabled: true - } - } - } - - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - promtailContainer = containers.find{ |c| c["name"] == "promtail" } - - refute_nil(promtailContainer) - end - end - end -end diff --git a/tests/library/common/addon_vpn_spec.rb b/tests/library/common/addon_vpn_spec.rb deleted file mode 100644 index fbd65305a78..00000000000 --- a/tests/library/common/addon_vpn_spec.rb +++ /dev/null @@ -1,106 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - describe 'addon::vpn' do - it 'defaults to disabled' do - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - openvpnContainer = containers.find{ |c| c["name"] == "openvpn" } - wireguardContainer = containers.find{ |c| c["name"] == "wireguard" } - - assert_nil(openvpnContainer) - assert_nil(wireguardContainer) - end - - it 'openvpn can be enabled' do - values = { - addons: { - vpn: { - type: "openvpn" - } - } - } - - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - vpnContainer = containers.find{ |c| c["name"] == "openvpn" } - - refute_nil(vpnContainer) - end - - it 'wireguard can be enabled' do - values = { - addons: { - vpn: { - type: "wireguard" - } - } - } - - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - wireguardContainer = containers.find{ |c| c["name"] == "wireguard" } - - refute_nil(wireguardContainer) - end - - it 'a openvpn configuration file can be passed' do - values = { - addons: { - vpn: { - type: "openvpn", - configFile: { - enabled: true, - hostPath: "/test.conf" - } - } - } - } - - chart.value values - deployment = chart.resources(kind: "Deployment").first - secret = chart.resources(kind: "Secret").first - containers = deployment["spec"]["template"]["spec"]["containers"] - volumes = deployment["spec"]["template"]["spec"]["volumes"] - vpnContainer = containers.find{ |c| c["name"] == "openvpn" } - - # Make sure the deployKey volumeMount is present in the sidecar container - vpnconfigVolumeMount = vpnContainer["volumeMounts"].find { |v| v["name"] == "vpnconfig"} - refute_nil(vpnconfigVolumeMount) - assert_equal("/vpn/vpn.conf", vpnconfigVolumeMount["mountPath"]) - end - - it 'a wireguard configuration file can be passed' do - values = { - addons: { - vpn: { - type: "wireguard", - configFile: { - enabled: true, - hostPath: "/test.conf" - } - } - } - } - - chart.value values - deployment = chart.resources(kind: "Deployment").first - secret = chart.resources(kind: "Secret").first - containers = deployment["spec"]["template"]["spec"]["containers"] - volumes = deployment["spec"]["template"]["spec"]["volumes"] - vpnContainer = containers.find{ |c| c["name"] == "wireguard" } - - # Make sure the deployKey volumeMount is present in the sidecar container - vpnconfigVolumeMount = vpnContainer["volumeMounts"].find { |v| v["name"] == "vpnconfig"} - refute_nil(vpnconfigVolumeMount) - assert_equal("/etc/wireguard/wg0.conf", vpnconfigVolumeMount["mountPath"]) - end - end - end -end diff --git a/tests/library/common/autoPermissions_spec.rb b/tests/library/common/autoPermissions_spec.rb deleted file mode 100644 index 125d991c6ff..00000000000 --- a/tests/library/common/autoPermissions_spec.rb +++ /dev/null @@ -1,288 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - describe 'initContainer::permissions' do - it 'initContainer exists by default' do - deployment = chart.resources(kind: "Deployment").first - initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0] - refute_nil(initContainer) - end - - it 'persistenceList do not affect permissions job by default' do - values = { - persistenceList: [ - { - name: "data", - enabled: true, - mountPath: "/data", - hostPath: "/tmp" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - assert_nil(deployment["spec"]["template"]["spec"]["initContainers"][0]["volumeMounts"]) - end - it 'persistenceList.setPermissions adds volume(mounts)' do - values = { - persistenceList: [ - { - name: "data", - enabled: true, - setPermissions: true, - mountPath: "/data", - hostPath: "/tmp" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - assert_equal("data", deployment["spec"]["template"]["spec"]["volumes"][0]["name"]) - assert_equal("data", deployment["spec"]["template"]["spec"]["initContainers"][0]["volumeMounts"][0]["name"]) - end - it 'supports multiple persistenceList' do - values = { - persistenceList: [ - { - name: "data", - enabled: true, - setPermissions: true, - mountPath: "/data", - hostPath: "/tmp" - }, - { - name: "configlist", - enabled: true, - setPermissions: true, - mountPath: "/configlist", - hostPath: "/tmp" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0] - - # Check that all persistenceList volumes have mounts - values[:persistenceList].each { |value| - volumeMount = initContainer["volumeMounts"].find{ |v| v["name"] == "" + value[:name].to_s } - refute_nil(volumeMount) - } - end - - it 'supports setting mountPath' do - values = { - persistenceList: [ - { - name: "data", - enabled: true, - setPermissions: true, - mountPath: "/data", - hostPath: "/tmp" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0] - - volumeMount = initContainer["volumeMounts"].find{ |v| v["name"] == "data" } - refute_nil(volumeMount) - assert_equal("/data", volumeMount["mountPath"]) - end - - it 'could mount multiple volumes' do - values = { - persistenceList: [ - { - name: "data", - enabled: true, - type: "hostPath", - setPermissions: true, - mountPath: "/data", - hostPath: "/tmp1" - }, - { - name: "configlist", - enabled: true, - type: "hostPath", - setPermissions: true, - mountPath: "/configlist", - hostPath: "/tmp2" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - volumes = deployment["spec"]["template"]["spec"]["volumes"] - - volume = volumes.find{ |v| v["name"] == "data"} - refute_nil(volume) - assert_equal('/tmp1', volume["hostPath"]["path"]) - - volume = volumes.find{ |v| v["name"] == "configlist"} - refute_nil(volume) - assert_equal('/tmp2', volume["hostPath"]["path"]) - end - - it 'can process default (568:568) permissions for multiple volumes' do - results= { - command: ["/bin/sh", "-c", "echo 'Automatically correcting permissions...';chown -R :568 '/configlist'; chmod -R g+w || echo 'chmod failed for /configlist, are you running NFSv4 ACLs?' '/configlist';chown -R :568 '/data'; chmod -R g+w || echo 'chmod failed for /data, are you running NFSv4 ACLs?' '/data';"] - } - values = { - persistenceList: [ - { - name: "data", - enabled: true, - type: "hostPath", - setPermissions: true, - mountPath: "/data", - hostPath: "/tmp1" - }, - { - name: "configlist", - enabled: true, - type: "hostPath", - setPermissions: true, - mountPath: "/configlist", - hostPath: "/tmp2" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0] - assert_equal(results[:command], initContainer["command"]) - end - - it 'outputs default permissions with irrelevant podSecurityContext' do - results= { - command: ["/bin/sh", "-c", "echo 'Automatically correcting permissions...';chown -R :568 '/configlist'; chmod -R g+w || echo 'chmod failed for /configlist, are you running NFSv4 ACLs?' '/configlist';chown -R :568 '/data'; chmod -R g+w || echo 'chmod failed for /data, are you running NFSv4 ACLs?' '/data';"] - } - values = { - podSecurityContext: { - allowPrivilegeEscalation: false - }, - persistenceList: [ - { - name: "data", - enabled: true, - setPermissions: true, - mountPath: "/data", - hostPath: "/tmp1" - }, - { - name: "configlist", - enabled: true, - setPermissions: true, - mountPath: "/configlist", - hostPath: "/tmp2" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0] - assert_equal(results[:command], initContainer["command"]) - end - - it 'outputs fsgroup permissions for multiple volumes when set' do - results= { - command: ["/bin/sh", "-c", "echo 'Automatically correcting permissions...';chown -R :666 '/configlist'; chmod -R g+w || echo 'chmod failed for /configlist, are you running NFSv4 ACLs?' '/configlist';chown -R :666 '/data'; chmod -R g+w || echo 'chmod failed for /data, are you running NFSv4 ACLs?' '/data';"] - } - values = { - podSecurityContext: { - fsGroup: 666 - }, - persistenceList: [ - { - name: "data", - enabled: true, - setPermissions: true, - mountPath: "/data", - hostPath: "/tmp1" - }, - { - name: "configlist", - enabled: true, - setPermissions: true, - mountPath: "/configlist", - hostPath: "/tmp2" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0] - assert_equal(results[:command], initContainer["command"]) - end - - it 'outputs runAsUser permissions for multiple volumes when set' do - results= { - command: ["/bin/sh", "-c", "echo 'Automatically correcting permissions...';chown -R :568 '/configlist'; chmod -R g+w || echo 'chmod failed for /configlist, are you running NFSv4 ACLs?' '/configlist';chown -R :568 '/data'; chmod -R g+w || echo 'chmod failed for /data, are you running NFSv4 ACLs?' '/data';"] - } - values = { - podSecurityContext: { - runAsUser: 999 - }, - persistenceList: [ - { - name: "data", - enabled: true, - setPermissions: true, - mountPath: "/data", - hostPath: "/tmp1" - }, - { - name: "configlist", - enabled: true, - setPermissions: true, - mountPath: "/configlist", - hostPath: "/tmp2" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0] - assert_equal(results[:command], initContainer["command"]) - end - - it 'outputs fsGroup AND runAsUser permissions for multiple volumes when both are set' do - results= { - command: ["/bin/sh", "-c", "echo 'Automatically correcting permissions...';chown -R :666 '/configlist'; chmod -R g+w || echo 'chmod failed for /configlist, are you running NFSv4 ACLs?' '/configlist';chown -R :666 '/data'; chmod -R g+w || echo 'chmod failed for /data, are you running NFSv4 ACLs?' '/data';"] - } - values = { - podSecurityContext: { - fsGroup: 666, - runAsUser: 999 - }, - persistenceList: [ - { - name: "data", - enabled: true, - setPermissions: true, - mountPath: "/data", - hostPath: "/tmp1" - }, - { - name: "configlist", - enabled: true, - setPermissions: true, - mountPath: "/configlist", - hostPath: "/tmp2" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - initContainer = deployment["spec"]["template"]["spec"]["initContainers"][0] - assert_equal(results[:command], initContainer["command"]) - end - end - end -end diff --git a/tests/library/common/cert_spec.rb b/tests/library/common/cert_spec.rb deleted file mode 100644 index 9b9ac6254e8..00000000000 --- a/tests/library/common/cert_spec.rb +++ /dev/null @@ -1,322 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - describe @@chart.name do - describe 'scaleCertificate' do - it 'disabled by default' do - values = { - ingress: { - main: { - enabled: true - } - } - } - chart.value values - assert_nil(resource('Secret')) - end - it 'can be enabled and selected' do - values = { - "ixCertificateAuthorities": {}, - "ixCertificates": { - "1": { - "CA_type_existing": false, - "CA_type_intermediate": false, - "CA_type_internal": false, - "CSR": "", - "DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost", - "cert_type": "CERTIFICATE", - "cert_type_CSR": false, - "cert_type_existing": true, - "cert_type_internal": false, - "certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n", - "certificate_path": "/etc/certificates/freenas_default.crt", - "chain": false, - "chain_list": [ - "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n" - ], - "city": "Maryville", - "common": "localhost", - "country": "US", - "csr_path": "/etc/certificates/freenas_default.csr", - "digest_algorithm": "SHA256", - "email": "info@ixsystems.com", - "extensions": { - "ExtendedKeyUsage": "TLS Web Server Authentication", - "SubjectAltName": "DNS:localhost" - }, - "fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B", - "from": "Fri Sep 25 16:05:38 2020", - "id": 1, - "internal": "NO", - "issuer": "external", - "key_length": 2048, - "key_type": "RSA", - "lifetime": 825, - "name": "freenas_default", - "organization": "iXsystems", - "organizational_unit": "", - "parsed": true, - "privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n", - "privatekey_path": "/etc/certificates/freenas_default.key", - "revoked": false, - "revoked_date": "", - "root_path": "/etc/certificates", - "san": [ - "DNS:localhost" - ], - "serial": 1, - "signedby": "", - "state": "Tennessee", - "subject_name_hash": 3193428416, - "type": 8, - "until": "Thu Dec 29 15:05:38 2022" - } - }, - ingress: { - main: { - enabled: true, - tls: [ - { - scaleCert: 1 - } - ] - } - } - } - chart.value values - refute_nil(resource('Secret')) - secret = chart.resources(kind: "Secret").first - assert_equal("common-test-tls-0-ixcert-1-1", secret["metadata"]["name"]) - refute_nil(secret["data"]["tls.crt"]) - refute_nil(secret["data"]["tls.key"]) - end - - it 'secret can be used for TLS ingress' do - values = { - "ixCertificateAuthorities": {}, - "ixCertificates": { - "1": { - "CA_type_existing": false, - "CA_type_intermediate": false, - "CA_type_internal": false, - "CSR": "", - "DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost", - "cert_type": "CERTIFICATE", - "cert_type_CSR": false, - "cert_type_existing": true, - "cert_type_internal": false, - "certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n", - "certificate_path": "/etc/certificates/freenas_default.crt", - "chain": false, - "chain_list": [ - "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n" - ], - "city": "Maryville", - "common": "localhost", - "country": "US", - "csr_path": "/etc/certificates/freenas_default.csr", - "digest_algorithm": "SHA256", - "email": "info@ixsystems.com", - "extensions": { - "ExtendedKeyUsage": "TLS Web Server Authentication", - "SubjectAltName": "DNS:localhost" - }, - "fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B", - "from": "Fri Sep 25 16:05:38 2020", - "id": 1, - "internal": "NO", - "issuer": "external", - "key_length": 2048, - "key_type": "RSA", - "lifetime": 825, - "name": "freenas_default", - "organization": "iXsystems", - "organizational_unit": "", - "parsed": true, - "privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n", - "privatekey_path": "/etc/certificates/freenas_default.key", - "revoked": false, - "revoked_date": "", - "root_path": "/etc/certificates", - "san": [ - "DNS:localhost" - ], - "serial": 1, - "signedby": "", - "state": "Tennessee", - "subject_name_hash": 3193428416, - "type": 8, - "until": "Thu Dec 29 15:05:38 2022" - } - }, - ingress: { - main: { - enabled: true, - tls: [ - { - hosts: [ 'hostname' ], - scaleCert: 1 - } - ] - } - } - } - chart.value values - refute_nil(resource('Secret')) - secret = chart.resources(kind: "Secret").first - assert_equal("common-test-tls-0-ixcert-1-1", secret["metadata"]["name"]) - refute_nil(secret["data"]["tls.crt"]) - refute_nil(secret["data"]["tls.key"]) - - ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(ingress) - assert_equal("common-test-tls-0-ixcert-1-1", ingress["spec"]["tls"][0]["secretName"]) - end - it 'multiple tls sections generate multiple secrets' do - values = { - "ixCertificateAuthorities": {}, - "ixCertificates": { - "2": { - "CA_type_existing": false, - "CA_type_intermediate": false, - "CA_type_internal": false, - "CSR": "", - "DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost", - "cert_type": "CERTIFICATE", - "cert_type_CSR": false, - "cert_type_existing": true, - "cert_type_internal": false, - "certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n", - "certificate_path": "/etc/certificates/freenas_default.crt", - "chain": false, - "chain_list": [ - "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n" - ], - "city": "Maryville", - "common": "localhost", - "country": "US", - "csr_path": "/etc/certificates/freenas_default.csr", - "digest_algorithm": "SHA256", - "email": "info@ixsystems.com", - "extensions": { - "ExtendedKeyUsage": "TLS Web Server Authentication", - "SubjectAltName": "DNS:localhost" - }, - "fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B", - "from": "Fri Sep 25 16:05:38 2020", - "id": 2, - "internal": "NO", - "issuer": "external", - "key_length": 2048, - "key_type": "RSA", - "lifetime": 825, - "name": "freenas_default", - "organization": "iXsystems", - "organizational_unit": "", - "parsed": true, - "privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n", - "privatekey_path": "/etc/certificates/freenas_default.key", - "revoked": false, - "revoked_date": "", - "root_path": "/etc/certificates", - "san": [ - "DNS:localhost" - ], - "serial": 1, - "signedby": "", - "state": "Tennessee", - "subject_name_hash": 3193428416, - "type": 8, - "until": "Thu Dec 29 15:05:38 2022" - }, - "1": { - "CA_type_existing": false, - "CA_type_intermediate": false, - "CA_type_internal": false, - "CSR": "", - "DN": "/C=US/O=iXsystems/CN=localhost/emailAddress=info@ixsystems.com/ST=Tennessee/L=Maryville/subjectAltName=DNS:localhost", - "cert_type": "CERTIFICATE", - "cert_type_CSR": false, - "cert_type_existing": true, - "cert_type_internal": false, - "certificate": "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n", - "certificate_path": "/etc/certificates/freenas_default.crt", - "chain": false, - "chain_list": [ - "-----BEGIN CERTIFICATE-----\nMIIDqjCCApKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCVVMx\nEjAQBgNVBAoMCWlYc3lzdGVtczESMBAGA1UEAwwJbG9jYWxob3N0MSEwHwYJKoZI\nhvcNAQkBFhJpbmZvQGl4c3lzdGVtcy5jb20xEjAQBgNVBAgMCVRlbm5lc3NlZTES\nMBAGA1UEBwwJTWFyeXZpbGxlMB4XDTIwMDkyNTE0MDUzOFoXDTIyMTIyOTE0MDUz\nOFowgYAxCzAJBgNVBAYTAlVTMRIwEAYDVQQKDAlpWHN5c3RlbXMxEjAQBgNVBAMM\nCWxvY2FsaG9zdDEhMB8GCSqGSIb3DQEJARYSaW5mb0BpeHN5c3RlbXMuY29tMRIw\nEAYDVQQIDAlUZW5uZXNzZWUxEjAQBgNVBAcMCU1hcnl2aWxsZTCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBALpoGliii6X8DeoFdLcR7jjsfJIn3nC8f1pT\nLQ3RURHUOEyhPT3Z6TkhaHeHoj8D6kiXROhyJJq3kw5OeqGZisfpGQhkxjpxkfh9\nfAhlvhuLwCWHaMvSh1TaT+h9+eHfcx3un5CIaH8b1KYRBMH+jmKFpr7jkPNkBXLS\nMA7jKIIa8pD9R6lF4gAsbqJafCbT3R7bqkd9xp3n3j2YhqQzETU2lmu4fra3BPio\nofK47kSkguUC6mtk6VrDf2+QtCKlY0dtbF3e2ZBNWo1aj86sjCtoEmqOCMsPRLc/\nXwQcfEqHY4XfafXwqk0G0UxV2ce18xKoR/pN3MpLBZ65NzPnpn0CAwEAAaMtMCsw\nFAYDVR0RBA0wC4IJbG9jYWxob3N0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\nSIb3DQEBCwUAA4IBAQBFW1R037y7wllg/gRk9p2T1stiG8iIXosblmL4Ak1YToTQ\n/0to5GY2ZYW29+rbA4SDTS5eeu2YqZ0A/fF3wey7ggzMS7KyNBOvx5QBJRw3PJGn\n+THfhXvdfkOyeUC6KWRGLgl+/zBFvgh6vFDq3jmv0NI4ehVBTBMCJn7r6577S16T\nwtgKMCooizII0Odu5HIF10gTieFIH3PQYm9JBji9iyemb9Ht3wn7fXQptfGadz/l\nWz/Dv9+a6IOr7JVJMHnqAIvPzpkav4efuVPOX1zbhjg4K5g+nRYfjr5F5upOd0Y3\nznWTUBUyI7CXRkpHtSDXfEqKgnk/8uv7GWw+hyKr\n-----END CERTIFICATE-----\n" - ], - "city": "Maryville", - "common": "localhost", - "country": "US", - "csr_path": "/etc/certificates/freenas_default.csr", - "digest_algorithm": "SHA256", - "email": "info@ixsystems.com", - "extensions": { - "ExtendedKeyUsage": "TLS Web Server Authentication", - "SubjectAltName": "DNS:localhost" - }, - "fingerprint": "9C:5A:1D:1B:E7:9E:0B:89:2B:37:F4:19:83:ED:3C:6B:D8:14:0D:9B", - "from": "Fri Sep 25 16:05:38 2020", - "id": 1, - "internal": "NO", - "issuer": "external", - "key_length": 2048, - "key_type": "RSA", - "lifetime": 825, - "name": "freenas_default", - "organization": "iXsystems", - "organizational_unit": "", - "parsed": true, - "privatekey": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6aBpYooul/A3q\nBXS3Ee447HySJ95wvH9aUy0N0VER1DhMoT092ek5IWh3h6I/A+pIl0TociSat5MO\nTnqhmYrH6RkIZMY6cZH4fXwIZb4bi8Alh2jL0odU2k/offnh33Md7p+QiGh/G9Sm\nEQTB/o5ihaa+45DzZAVy0jAO4yiCGvKQ/UepReIALG6iWnwm090e26pHfcad5949\nmIakMxE1NpZruH62twT4qKHyuO5EpILlAuprZOlaw39vkLQipWNHbWxd3tmQTVqN\nWo/OrIwraBJqjgjLD0S3P18EHHxKh2OF32n18KpNBtFMVdnHtfMSqEf6TdzKSwWe\nuTcz56Z9AgMBAAECggEARwcb4uIs7BZbBu0FSCyg5TfXT6m5bKOmszg2VqmHho+i\n1DAsMcEyyP4d3E3mWLSZNQfOzfOQVxPUCQOGXsUuyHXdgAFGN0bHJDRMara59a0O\njj5GhEO4JXD6OdCmwpZuOt2OF3iiuKxWHuElOvZQMuJSYzI7LULTgKjufv23lbsf\nxMO/v9yi57c5EGgnQ8siLKOy/FQZapn4Z9qKn+lVyk5gfaKP0pDsvV4d7nGYMDD2\nYijfkSyNecApFdtWiLE5zLUlvF6oNj8o66z3YrVNKrCPzhA/5Rkkwwk32SNxvKU3\nVZFSNPeOZ60BicxYcWO+b2aAa0WF+uazJAZ4q52gUQKBgQDu88R+0wm76secYkzE\nQglteLNZKFcvth0kI5xH42Hmk9IXkGimFoDJCIrLAuopyGnfNmqmh2is3QUMUPdR\n/wDLnKc4MCezEidNoD2RBC+bzM1hB9oye/b5sOZUDFXSa0k4XSLu1UEuy1yWhkuS\n6JjY1KQfc4FN0K0Fjqqo7UCTCwKBgQDHtKQh/NvMJ2ok4YW+/QAsus4mEK9eCyUy\nOuyDszQYrGvjkS7STKJVNxGLhWb0XKSIAxMZ66b1MwOt+71h7xNn6pcancfVdK7F\n1Xl5J+76SwbXSgQwTZuoMDxPIvZn7v/2ep5Ni/BcOhMcPIcobWb/OmXrFN1brBvo\nlFNQyWWhlwKBgFDAyPMjVvLO0U6kWdUpjA4W8GV9IJnbLdX8wt/4lClcY2/bOcKH\ncFaAMIeTIJemR0FMHpbQxCtHNmGHK03mo9orwsdWXtRBmk69jJDpnT1F5VKZWMAe\n7MRNaEmXMZm+8CvALgIQx8qMp2mnUPsA6Ea+9gg6/MPTdeWe5UXZiC0pAoGAGtSt\nPJfBXBNrklruYjORo3DRo5GYThVHQRFjl2orNKltsVxfIwgCw1ortEgPBgOwY0mu\ndkwP2V+qPeTVk+PQAqUk+gF6yLXtiUzeDiYMWHpeB+y81VSH9jfM0oELA/m7T/03\naYnEmE+BI8kKC6dvMBlDeisKdneQJFZRP0hfrC8CgYEAgYIyCGwcydKpe2Nkj0Fz\nKTtCMC/k4DvJfd5Kb9AbmrPUfKgA9Xj4GT6yPG6uBMi8r5etvLCKJ2x2NtN024a8\nQJLATYPrSsaZkE+9zM0j5nYAgbKpxBhlDzDAzn//3ByVzfgJ25S80XhTI2lfbLH/\nU07ssxdZaQCo+WuD82OvNcg=\n-----END PRIVATE KEY-----\n", - "privatekey_path": "/etc/certificates/freenas_default.key", - "revoked": false, - "revoked_date": "", - "root_path": "/etc/certificates", - "san": [ - "DNS:localhost" - ], - "serial": 1, - "signedby": "", - "state": "Tennessee", - "subject_name_hash": 3193428416, - "type": 8, - "until": "Thu Dec 29 15:05:38 2022" - } - }, - ingress: { - main: { - enabled: true, - tls: [ - { - hosts: [ 'hostname1' ], - scaleCert: 1 - }, - { - hosts: [ 'hostname2' ], - scaleCert: 2 - } - ] - } - } - } - chart.value values - refute_nil(resource('Secret')) - secret1 = chart.resources(kind: "Secret").first - assert_equal("common-test-tls-0-ixcert-1-1", secret1["metadata"]["name"]) - refute_nil(secret1["data"]["tls.crt"]) - refute_nil(secret1["data"]["tls.key"]) - secret2 = chart.resources(kind: "Secret").find{ |s| s["metadata"]["name"] == "common-test-tls-1-ixcert-2-1" } - refute_nil(secret2) - refute_nil(secret2["data"]["tls.crt"]) - refute_nil(secret2["data"]["tls.key"]) - - ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(ingress) - assert_equal("common-test-tls-0-ixcert-1-1", ingress["spec"]["tls"][0]["secretName"]) - assert_equal("common-test-tls-1-ixcert-2-1", ingress["spec"]["tls"][1]["secretName"]) - end - end - end -end diff --git a/tests/library/common/container_resources_spec.rb b/tests/library/common/container_resources_spec.rb deleted file mode 100644 index 4de989bf41b..00000000000 --- a/tests/library/common/container_resources_spec.rb +++ /dev/null @@ -1,90 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - describe 'container::resources' do - it 'specific resources added by default' do - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal({"limits"=>{"cpu"=>"4000m", "memory"=>"8Gi"}, "requests"=>{"cpu"=>"10m", "memory"=>"50Mi"}}, mainContainer["resources"]) - end - it 'resources can be added' do - values = { - resources: { - testresourcename: "testresourcevalue" - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal({"limits"=>{"cpu"=>"4000m", "memory"=>"8Gi"}, "requests"=>{"cpu"=>"10m", "memory"=>"50Mi"}, "testresourcename"=>"testresourcevalue"}, mainContainer["resources"]) - end - it 'resources.limits can be added' do - values = { - resources: { - limits: { - testlimitkey: "testlimitvalue" - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal({"limits"=>{"cpu"=>"4000m", "memory"=>"8Gi", "testlimitkey"=>"testlimitvalue"}, "requests"=>{"cpu"=>"10m", "memory"=>"50Mi"}}, mainContainer["resources"]) - end - it 'resources and resources.limits can both be added' do - values = { - resources: { - testresourcekey: "testresourcevalue", - limits: { - testlimitkey: "testlimitvalue" - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal({"limits"=>{"cpu"=>"4000m", "memory"=>"8Gi", "testlimitkey"=>"testlimitvalue"}, "requests"=>{"cpu"=>"10m", "memory"=>"50Mi"}, "testresourcekey"=>"testresourcevalue"}, mainContainer["resources"]) - end - end - describe 'container::resources-scaleGPU' do - it 'scaleGPU can be set' do - values = { - scaleGPU: { - intelblabla: 1 - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal({"limits"=>{"cpu"=>"4000m", "intelblabla"=>1, "memory"=>"8Gi"}, "requests"=>{"cpu"=>"10m", "memory"=>"50Mi"}}, mainContainer["resources"]) - end - it 'scaleGPU can be combined with resources and resource values' do - values = { - resources: { - testresourcekey: "testresourcevalue", - limits: { - testlimitkey: "testlimitvalue" - } - }, - scaleGPU: { - intelblabla: 1 - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal({"limits"=>{"cpu"=>"4000m", "intelblabla"=>1, "memory"=>"8Gi", "testlimitkey"=>"testlimitvalue"}, "requests"=>{"cpu"=>"10m", "memory"=>"50Mi"}, "testresourcekey"=>"testresourcevalue"}, mainContainer["resources"]) - end - end - end -end diff --git a/tests/library/common/container_spec.rb b/tests/library/common/container_spec.rb deleted file mode 100644 index 6c680219f8c..00000000000 --- a/tests/library/common/container_spec.rb +++ /dev/null @@ -1,276 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - describe 'container::command' do - it 'defaults to nil' do - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_nil(mainContainer["command"]) - end - - it 'accepts a single string' do - values = { - command: "/bin/sh" - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal([values[:command]], mainContainer["command"]) - end - - it 'accepts a list of strings' do - values = { - command: [ - "/bin/sh", - "-c" - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(values[:command], mainContainer["command"]) - end - end - - describe 'container::arguments' do - it 'defaults to nil' do - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_nil(mainContainer["args"]) - end - - it 'accepts a single string' do - values = { - args: "sleep infinity" - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal([values[:args]], mainContainer["args"]) - end - - it 'accepts a list of strings' do - values = { - args: [ - "sleep", - "infinity" - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(values[:args], mainContainer["args"]) - end - end - - describe 'container::environment settings' do - it 'Check no environment variables' do - values = { - securityContext: { - runAsNonRoot: false, - readOnlyRootFilesystem: false - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_nil(mainContainer["env"][11]) - end - - it 'set static "k/v pair style" environment variables' do - values = { - env: { - BOOL_ENV: false, - FLOAT_ENV: 4.2, - INT_ENV: 42, - STRING_ENV: 'value_of_env' - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"]) - assert_equal(values[:env].values[0].to_s, mainContainer["env"][11]["value"]) - assert_equal(values[:env].keys[1].to_s, mainContainer["env"][12]["name"]) - assert_equal(values[:env].values[1].to_s, mainContainer["env"][12]["value"]) - assert_equal(values[:env].keys[2].to_s, mainContainer["env"][13]["name"]) - assert_equal(values[:env].values[2].to_s, mainContainer["env"][13]["value"]) - assert_equal(values[:env].keys[3].to_s, mainContainer["env"][14]["name"]) - assert_equal(values[:env].values[3].to_s, mainContainer["env"][14]["value"]) - end - - it 'set list of static "kubernetes style" environment variables' do - values = { - envList: [ - { - name: 'STATIC_ENV_FROM_LIST', - value: 'STATIC_ENV_VALUE_FROM_LIST' - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(values[:envList][0][:name].to_s, mainContainer["env"][11]["name"]) - assert_equal(values[:envList][0][:value].to_s, mainContainer["env"][11]["value"]) - end - - it 'set both static "k/v pair style" and static "k/valueFrom style" environment variables' do - values = { - env: { - STATIC_ENV: 'value_of_env', - STATIC_ENV_FROM: { - valueFrom: { - fieldRef: { - fieldPath: "spec.nodeName" - } - } - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"]) - assert_equal(values[:env].values[0].to_s, mainContainer["env"][11]["value"]) - assert_equal(values[:env].keys[1].to_s, mainContainer["env"][12]["name"]) - assert_equal(values[:env].values[1][:valueFrom][:fieldRef][:fieldPath], mainContainer["env"][12]["valueFrom"]["fieldRef"]["fieldPath"]) - end - - it 'set static "k/explicitValueFrom pair style" environment variables' do - values = { - env: { - NODE_NAME: { - valueFrom: { - fieldRef: { - fieldPath: "spec.nodeName" - } - } - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"]) - assert_equal(values[:env].values[0][:valueFrom][:fieldRef][:fieldPath], mainContainer["env"][11]["valueFrom"]["fieldRef"]["fieldPath"]) - end - - it 'set static "k/implicitValueFrom pair style" environment variables' do - values = { - env: { - NODE_NAME: { - fieldRef: { - fieldPath: "spec.nodeName" - } - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"]) - assert_equal(values[:env].values[0][:fieldRef][:fieldPath], mainContainer["env"][11]["valueFrom"]["fieldRef"]["fieldPath"]) - end - - it 'set both static "k/v pair style" and templated "k/v pair style" environment variables' do - values = { - env: { - DYN_ENV: "{{ .Release.Name }}-admin", - STATIC_ENV: 'value_of_env' - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"]) - assert_equal("common-test-admin", mainContainer["env"][11]["value"]) - assert_equal(values[:env].keys[1].to_s, mainContainer["env"][12]["name"]) - assert_equal(values[:env].values[1].to_s, mainContainer["env"][12]["value"]) - end - - it 'set templated "k/v pair style" environment variables' do - values = { - env: { - DYN_ENV: "{{ .Release.Name }}-admin" - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"]) - assert_equal("common-test-admin", mainContainer["env"][11]["value"]) - end - - it 'set static "k/v pair style", templated "k/v pair style", static "k/explicitValueFrom pair style", and static "k/implicitValueFrom pair style" environment variables' do - values = { - env: { - DYN_ENV: "{{ .Release.Name }}-admin", - STATIC_ENV: 'value_of_env', - STATIC_EXPLICIT_ENV_FROM: { - valueFrom: { - fieldRef: { - fieldPath: "spec.nodeName" - } - } - }, - STATIC_IMPLICIT_ENV_FROM: { - fieldRef: { - fieldPath: "spec.nodeName" - } - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(values[:env].keys[0].to_s, mainContainer["env"][11]["name"]) - assert_equal("common-test-admin", mainContainer["env"][11]["value"]) - assert_equal(values[:env].keys[1].to_s, mainContainer["env"][12]["name"]) - assert_equal(values[:env].values[1].to_s, mainContainer["env"][12]["value"]) - assert_equal(values[:env].keys[2].to_s, mainContainer["env"][13]["name"]) - assert_equal(values[:env].values[2][:valueFrom][:fieldRef][:fieldPath], mainContainer["env"][13]["valueFrom"]["fieldRef"]["fieldPath"]) - assert_equal(values[:env].keys[3].to_s, mainContainer["env"][14]["name"]) - assert_equal(values[:env].values[3][:fieldRef][:fieldPath], mainContainer["env"][14]["valueFrom"]["fieldRef"]["fieldPath"]) - end - - it 'set "static" secret variables' do - expectedSecretName = 'common-test' - values = { - secret: { - STATIC_SECRET: 'value_of_secret' - } - } - chart.value values - secret = chart.resources(kind: "Secret").find{ |s| s["metadata"]["name"] == expectedSecretName } - refute_nil(secret) - assert_equal(values[:secret].values[0].to_s, secret["stringData"]["STATIC_SECRET"]) - - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(expectedSecretName, mainContainer["envFrom"][0]["secretRef"]["name"]) - end - end - - end -end diff --git a/tests/library/common/controller_spec.rb b/tests/library/common/controller_spec.rb deleted file mode 100644 index dfd1ced4c3c..00000000000 --- a/tests/library/common/controller_spec.rb +++ /dev/null @@ -1,61 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - describe 'controller::type' do - it 'defaults to "Deployment"' do - assert_nil(resource('StatefulSet')) - assert_nil(resource('DaemonSet')) - refute_nil(resource('Deployment')) - end - - it 'accepts "statefulset"' do - chart.value controller: {type: 'statefulset'} - assert_nil(resource('Deployment')) - assert_nil(resource('DaemonSet')) - refute_nil(resource('StatefulSet')) - end - - it 'accepts "daemonset"' do - chart.value controller: {type: 'daemonset'} - assert_nil(resource('Deployment')) - assert_nil(resource('StatefulSet')) - refute_nil(resource('DaemonSet')) - end - end - - describe 'controller::statefulset::volumeClaimTemplates' do - it 'volumeClaimTemplates should be empty by default' do - chart.value controller: {type: 'statefulset'} - statefulset = chart.resources(kind: "StatefulSet").first - assert_nil(statefulset['spec']['volumeClaimTemplates']) - end - - it 'can set values for volumeClaimTemplates' do - values = { - controller: { - type: 'statefulset', - }, - volumeClaimTemplates: { - storage: { - accessMode: 'ReadWriteOnce', - size: '10Gi', - storageClass: 'storage' - } - } - } - - chart.value values - statefulset = chart.resources(kind: "StatefulSet").first - volumeClaimTemplate = statefulset["spec"]["volumeClaimTemplates"].find{ |c| c["metadata"]["name"] == "storage"} - refute_nil(volumeClaimTemplate) - assert_equal(values[:volumeClaimTemplates][:storage][:accessMode], volumeClaimTemplate["spec"]["accessModes"][0]) - assert_equal(values[:volumeClaimTemplates][:storage][:size], volumeClaimTemplate["spec"]["resources"]["requests"]["storage"]) - assert_equal(values[:volumeClaimTemplates][:storage][:storageClass], volumeClaimTemplate["spec"]["storageClassName"]) - end - end - end -end diff --git a/tests/library/common/hpa_spec.rb b/tests/library/common/hpa_spec.rb deleted file mode 100644 index 7a859dc31d9..00000000000 --- a/tests/library/common/hpa_spec.rb +++ /dev/null @@ -1,120 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - - describe 'hpa::defaults' do - it 'does not exist by default' do - hpa = chart.resources(kind: "HorizontalPodAutoscaler").first - assert_nil(hpa) - end - - it 'can be enabled' do - values = { - autoscaling: { - enabled: true - } - } - chart.value values - hpa = chart.resources(kind: "HorizontalPodAutoscaler").first - refute_nil(hpa) - end - - it 'default target is common.names.fullname ' do - values = { - autoscaling: { - enabled: true - } - } - chart.value values - hpa = chart.resources(kind: "HorizontalPodAutoscaler").first - assert_equal("common-test",hpa["spec"]["scaleTargetRef"]["name"]) - end - - it 'default numer of replicas is min 1 max 3' do - values = { - autoscaling: { - enabled: true - } - } - chart.value values - hpa = chart.resources(kind: "HorizontalPodAutoscaler").first - assert_equal(1,hpa["spec"]["minReplicas"]) - assert_equal(3,hpa["spec"]["maxReplicas"]) - end - end - - describe 'hpa::customsettings' do - it 'can override target' do - values = { - autoscaling: { - enabled: true, - target: "targetname" - } - } - chart.value values - hpa = chart.resources(kind: "HorizontalPodAutoscaler").first - assert_equal(values[:autoscaling][:target],hpa["spec"]["scaleTargetRef"]["name"]) - end - - it 'can change min and max replicas' do - values = { - autoscaling: { - enabled: true, - minReplicas: 4, - maxReplicas: 8 - } - } - chart.value values - hpa = chart.resources(kind: "HorizontalPodAutoscaler").first - assert_equal(values[:autoscaling][:minReplicas],hpa["spec"]["minReplicas"]) - assert_equal(values[:autoscaling][:maxReplicas],hpa["spec"]["maxReplicas"]) - end - - it 'can set targetCPUUtilizationPercentage' do - values = { - autoscaling: { - enabled: true, - targetCPUUtilizationPercentage: 60 - } - } - chart.value values - hpa = chart.resources(kind: "HorizontalPodAutoscaler").first - assert_equal("cpu",hpa["spec"]["metrics"][0]["resource"]["name"]) - assert_equal(values[:autoscaling][:targetCPUUtilizationPercentage],hpa["spec"]["metrics"][0]["resource"]["targetAverageUtilization"]) - end - - it 'can set targetMemoryUtilizationPercentage' do - values = { - autoscaling: { - enabled: true, - targetMemoryUtilizationPercentage: 70 - } - } - chart.value values - hpa = chart.resources(kind: "HorizontalPodAutoscaler").first - assert_equal("memory",hpa["spec"]["metrics"][0]["resource"]["name"]) - assert_equal(values[:autoscaling][:targetMemoryUtilizationPercentage],hpa["spec"]["metrics"][0]["resource"]["targetAverageUtilization"]) - end - - it 'can set both targetCPU and targetMemoryUtilizationPercentage' do - values = { - autoscaling: { - enabled: true, - targetCPUUtilizationPercentage: 60, - targetMemoryUtilizationPercentage: 70 - } - } - chart.value values - hpa = chart.resources(kind: "HorizontalPodAutoscaler").first - assert_equal("cpu",hpa["spec"]["metrics"][0]["resource"]["name"]) - assert_equal(values[:autoscaling][:targetCPUUtilizationPercentage],hpa["spec"]["metrics"][0]["resource"]["targetAverageUtilization"]) - assert_equal("memory",hpa["spec"]["metrics"][1]["resource"]["name"]) - assert_equal(values[:autoscaling][:targetMemoryUtilizationPercentage],hpa["spec"]["metrics"][1]["resource"]["targetAverageUtilization"]) - end - end - end -end diff --git a/tests/library/common/ingress_spec.rb b/tests/library/common/ingress_spec.rb deleted file mode 100644 index 591327798d5..00000000000 --- a/tests/library/common/ingress_spec.rb +++ /dev/null @@ -1,240 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - describe 'ingress' do - baseValues = { - ingress: { - main: { - enabled: true - } - }, - service: { - main: { - ports: { - http: { - port: 8080 - } - } - } - } - } - - it 'disabled when ingress.main.enabled: false' do - values = baseValues.deep_merge_override({ - ingress: { - main: { - enabled: false - } - } - }) - chart.value values - - assert_nil(resource('Ingress')) - end - - it 'enabled when ingress.main.enabled: true' do - values = baseValues - chart.value values - - refute_nil(resource('Ingress')) - end - - it 'tls can be provided' do - expectedPath = 'common-test.path' - values = baseValues.deep_merge_override({ - ingress: { - main: { - tls: [ - { - hosts: [ 'hostname' ], - secretName: 'secret-name' - } - ] - } - } - }) - chart.value values - - ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(ingress) - assert_equal(values[:ingress][:main][:tls][0][:hosts][0], ingress["spec"]["tls"][0]["hosts"][0]) - assert_equal(values[:ingress][:main][:tls][0][:secretName], ingress["spec"]["tls"][0]["secretName"]) - end - - it 'tls secret can be left empty' do - expectedPath = 'common-test.path' - values = baseValues.deep_merge_override({ - ingress: { - main:{ - tls: [ - { - hosts: [ 'hostname' ] - } - ] - } - } - }) - chart.value values - - ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(ingress) - assert_equal(values[:ingress][:main][:tls][0][:hosts][0], ingress["spec"]["tls"][0]["hosts"][0]) - assert_equal(false, ingress["spec"]["tls"][0].key?("secretName")) - assert_nil(ingress["spec"]["tls"][0]["secretName"]) - end - - it 'tls secret template can be provided' do - expectedPath = 'common-test.path' - values = baseValues.deep_merge_override({ - ingress: { - main: { - tls: [ - { - secretName: '{{ .Release.Name }}-secret' - } - ] - } - } - }) - chart.value values - - ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(ingress) - assert_equal('common-test-secret', ingress["spec"]["tls"][0]["secretName"]) - end - - it 'path template can be provided' do - expectedPath = 'common-test.path' - values = baseValues.deep_merge_override({ - ingress: { - main: { - hosts: [ - { - host: 'test.local', - paths: [ - { - path: '{{ .Release.Name }}.path' - } - ] - } - ] - } - } - }) - chart.value values - - ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(ingress) - assert_equal(expectedPath, ingress["spec"]["rules"][0]["http"]["paths"][0]["path"]) - end - - it 'hosts can be provided' do - values = baseValues.deep_merge_override({ - ingress: { - main: { - hosts: [ - { - host: 'hostname', - paths: [ - { - path: "/" - } - ] - } - ] - } - } - }) - chart.value values - - ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(ingress) - assert_equal(values[:ingress][:main][:hosts][0][:host], ingress["spec"]["rules"][0]["host"]) - end - - it 'hosts template can be provided' do - expectedHostName = 'common-test.hostname' - values = baseValues.deep_merge_override({ - ingress: { - main: { - hosts: [ - { - host: '{{ .Release.Name }}.hostname', - paths: [ - { - path: "/" - } - ] - } - ] - } - } - }) - chart.value values - - ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(ingress) - assert_equal(expectedHostName, ingress["spec"]["rules"][0]["host"]) - end - - it 'custom service name / port can optionally be set on path level' do - values = baseValues.deep_merge_override({ - ingress: { - main: { - hosts: [ - { - host: 'test.local', - paths: [ - { - path: '/' - }, - { - path: '/second', - service: { - name: 'pathService', - port: 1234 - } - } - ] - } - ] - } - } - }) - chart.value values - - ingress = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" } - firstPath = ingress["spec"]["rules"][0]["http"]["paths"][0] - secondPath = ingress["spec"]["rules"][0]["http"]["paths"][1] - assert_equal("common-test", firstPath["backend"]["service"]["name"]) - assert_equal(8080, firstPath["backend"]["service"]["port"]["number"]) - assert_equal("pathService", secondPath["backend"]["service"]["name"]) - assert_equal(1234, secondPath["backend"]["service"]["port"]["number"]) - end - - it 'multiple ingress objects can be specified' do - values = baseValues.deep_merge_override({ - ingress: { - main: { - enabled: true, - primary: true - }, - secondary: { - enabled: true - } - } - }) - chart.value values - - ingressMain = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test" } - ingressExtra = chart.resources(kind: "Ingress").find{ |s| s["metadata"]["name"] == "common-test-secondary" } - refute_nil(ingressMain) - refute_nil(ingressExtra) - end - end - end -end diff --git a/tests/library/common/persistence_spec.rb b/tests/library/common/persistence_spec.rb deleted file mode 100644 index 96ff6c24612..00000000000 --- a/tests/library/common/persistence_spec.rb +++ /dev/null @@ -1,368 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - - describe 'pod::persistence' do - it 'multiple volumes' do - values = { - persistence: { - cache: { - enabled: true, - type: "emptyDir" - }, - config: { - enabled: true, - existingClaim: "configClaim" - }, - data: { - enabled: true, - existingClaim: "dataClaim" - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - volumes = deployment["spec"]["template"]["spec"]["volumes"] - - volume = volumes.find{ |v| v["name"] == "cache"} - refute_nil(volume) - - volume = volumes.find{ |v| v["name"] == "config"} - refute_nil(volume) - assert_equal('configClaim', volume["persistentVolumeClaim"]["claimName"]) - - volume = volumes.find{ |v| v["name"] == "data"} - refute_nil(volume) - assert_equal('dataClaim', volume["persistentVolumeClaim"]["claimName"]) - end - - it 'default nameSuffix' do - values = { - persistence: { - config: { - enabled: true - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - volumes = deployment["spec"]["template"]["spec"]["volumes"] - volume = volumes.find{ |v| v["name"] == "config"} - refute_nil(volume) - assert_equal('common-test-config', volume["persistentVolumeClaim"]["claimName"]) - end - - it 'custom nameSuffix' do - values = { - persistence: { - config: { - enabled: true, - nameOverride: "test" - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - volumes = deployment["spec"]["template"]["spec"]["volumes"] - volume = volumes.find{ |v| v["name"] == "config"} - refute_nil(volume) - assert_equal('common-test-test', volume["persistentVolumeClaim"]["claimName"]) - end - - it 'no nameSuffix' do - values = { - persistence: { - config: { - enabled: true, - nameOverride: "-" - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - volumes = deployment["spec"]["template"]["spec"]["volumes"] - volume = volumes.find{ |v| v["name"] == "config"} - refute_nil(volume) - assert_equal('common-test', volume["persistentVolumeClaim"]["claimName"]) - end - end - - describe 'pod::persistence::emptyDir' do - it 'can be configured' do - values = { - persistence: { - config: { - enabled: true, - type: "emptyDir" - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - volumes = deployment["spec"]["template"]["spec"]["volumes"] - volume = volumes.find{ |v| v["name"] == "config"} - refute_nil(volume) - assert_equal(Hash.new, volume["emptyDir"]) - end - - it 'medium can be configured' do - values = { - persistence: { - config: { - enabled: true, - type: "emptyDir", - medium: "memory" - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - volumes = deployment["spec"]["template"]["spec"]["volumes"] - volume = volumes.find{ |v| v["name"] == "config"} - refute_nil(volume) - assert_equal("memory", volume["emptyDir"]["medium"]) - end - - it 'sizeLimit can be configured' do - values = { - persistence: { - config: { - enabled: true, - type: "emptyDir", - medium: "memory", - sizeLimit: "1Gi" - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - volumes = deployment["spec"]["template"]["spec"]["volumes"] - volume = volumes.find{ |v| v["name"] == "config"} - refute_nil(volume) - assert_equal("1Gi", volume["emptyDir"]["sizeLimit"]) - end - end - - describe 'pod::persistenceList' do - it 'multiple volumes' do - values = { - persistenceList: [ - { - name: "data", - enabled: true, - type: "hostPath", - mountPath: "/data", - hostPath: "/tmp1" - }, - { - name: "configlist", - type: "hostPath", - enabled: true, - mountPath: "/config", - hostPath: "/tmp2" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - volumes = deployment["spec"]["template"]["spec"]["volumes"] - - volume = volumes.find{ |v| v["name"] == "data"} - refute_nil(volume) - assert_equal('/tmp1', volume["hostPath"]["path"]) - - volume = volumes.find{ |v| v["name"] == "configlist"} - refute_nil(volume) - assert_equal('/tmp2', volume["hostPath"]["path"]) - end - - it 'emptyDir can be enabled' do - values = { - persistenceList: [ - { - name: "data", - type: "emptyDir", - enabled: true, - mountPath: "/data" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - volumes = deployment["spec"]["template"]["spec"]["volumes"] - volume = volumes.find{ |v| v["name"] == "data"} - refute_nil(volume) - assert_equal(Hash.new, volume["emptyDir"]) - end - end - - - describe 'container::persistence' do - it 'supports multiple volumeMounts' do - values = { - persistence: { - cache: { - enabled: true, - type: "emptyDir" - }, - config: { - enabled: true, - existingClaim: "configClaim" - }, - data: { - enabled: true, - existingClaim: "dataClaim" - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - - # Check that all persistent volumes have mounts - values[:persistence].each { |key, value| - volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == key.to_s } - refute_nil(volumeMount) - } - end - - it 'defaults mountPath to persistence key' do - values = { - persistence: { - data: { - enabled: true, - existingClaim: "dataClaim" - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - - volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == "data" } - refute_nil(volumeMount) - assert_equal("/data", volumeMount["mountPath"]) - end - - it 'supports setting custom mountPath' do - values = { - persistence: { - data: { - enabled: true, - existingClaim: "dataClaim", - mountPath: "/myMountPath" - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - - volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == "data" } - refute_nil(volumeMount) - assert_equal("/myMountPath", volumeMount["mountPath"]) - end - - it 'supports setting subPath' do - values = { - persistence: { - data: { - enabled: true, - existingClaim: "dataClaim", - subPath: "mySubPath" - } - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - - volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == "data" } - refute_nil(volumeMount) - assert_equal("mySubPath", volumeMount["subPath"]) - end - end - - describe 'container::persistenceList' do - it 'supports multiple persistenceList' do - values = { - persistenceList: [ - { - name: "data", - enabled: true, - mountPath: "/data", - hostPath: "/tmp" - }, - { - name: "config", - enabled: true, - mountPath: "/config", - hostPath: "/tmp" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - - # Check that all persistenceList volumes have mounts - values[:persistenceList].each { |value| - volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == value[:name].to_s } - refute_nil(volumeMount) - } - end - - it 'supports setting mountPath' do - values = { - persistenceList: [ - { - name: "data", - enabled: true, - mountPath: "/data", - hostPath: "/tmp" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - - volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == "data" } - refute_nil(volumeMount) - assert_equal("/data", volumeMount["mountPath"]) - end - - it 'supports setting subPath' do - values = { - persistenceList: [ - { - name: "data", - enabled: true, - mountPath: "/data", - hostPath: "/tmp", - subPath: "mySubPath" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - - volumeMount = mainContainer["volumeMounts"].find{ |v| v["name"] == "data" } - refute_nil(volumeMount) - assert_equal("mySubPath", volumeMount["subPath"]) - end - end - end -end diff --git a/tests/library/common/pod_spec.rb b/tests/library/common/pod_spec.rb deleted file mode 100644 index b2b2040b88a..00000000000 --- a/tests/library/common/pod_spec.rb +++ /dev/null @@ -1,109 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - describe 'pod::replicas' do - it 'defaults to 1' do - deployment = chart.resources(kind: "Deployment").first - assert_equal(1, deployment["spec"]["replicas"]) - end - - it 'accepts integer as value' do - values = { - controller: { - replicas: 3 - } - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - assert_equal(3, deployment["spec"]["replicas"]) - end - end - - describe 'pod::hostNetwork' do - it 'defaults to nil' do - deployment = chart.resources(kind: "Deployment").first - assert_nil(deployment["spec"]["template"]["spec"]["hostNetwork"]) - end - - it 'can be enabled' do - values = { - hostNetwork: true - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - assert_equal(true, deployment["spec"]["template"]["spec"]["hostNetwork"]) - end - end - - describe 'pod::dnsPolicy' do - it 'defaults to "ClusterFirst" without hostNetwork' do - deployment = chart.resources(kind: "Deployment").first - assert_equal("ClusterFirst", deployment["spec"]["template"]["spec"]["dnsPolicy"]) - end - - it 'defaults to "ClusterFirst" when hostNetwork: false' do - values = { - hostNetwork: false - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - assert_equal("ClusterFirst", deployment["spec"]["template"]["spec"]["dnsPolicy"]) - end - - it 'defaults to "ClusterFirstWithHostNet" when hostNetwork: true' do - values = { - hostNetwork: true - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - assert_equal("ClusterFirstWithHostNet", deployment["spec"]["template"]["spec"]["dnsPolicy"]) - end - - it 'accepts manual override' do - values = { - dnsPolicy: "None" - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - assert_equal("None", deployment["spec"]["template"]["spec"]["dnsPolicy"]) - end - end - - describe 'pod::additional containers' do - it 'accepts static additionalContainers' do - values = { - additionalContainers: [ - { - name: "template-test" - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - additionalContainer = containers.find{ |c| c["name"] == values[:additionalContainers][0][:name] } - refute_nil(additionalContainer) - end - - it 'accepts "Dynamic/Tpl" additionalContainers' do - expectedContainerName = "common-test-container" - values = { - additionalContainers: [ - { - name: "{{ .Release.Name }}-container", - } - ] - } - chart.value values - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - additionalContainer = containers.find{ |c| c["name"] == expectedContainerName } - refute_nil(additionalContainer) - end - end - end -end diff --git a/tests/library/common/portal_spec.rb b/tests/library/common/portal_spec.rb deleted file mode 100644 index c748a5061a3..00000000000 --- a/tests/library/common/portal_spec.rb +++ /dev/null @@ -1,311 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - describe 'portal::configmap::defaults' do - it 'no configmap exists by default' do - configmap = chart.resources(kind: "ConfigMap").first - assert_nil(configmap) - end - - it 'creates configmap when enabled' do - values = { - portal: { - enabled: true - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - refute_nil(configmap) - end - - it 'is named "portal"' do - values = { - portal: { - enabled: true - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal("portal", configmap["metadata"]["name"]) - end - - it 'uses "$node_ip" by default' do - values = { - portal: { - enabled: true - }, - ingress: { - main: { - enabled: false - } - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal("$node_ip", configmap["data"]["host"]) - end - - it 'uses port "443" by default' do - values = { - portal: { - enabled: true - }, - ingress: { - main: { - enabled: false - } - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal("443", configmap["data"]["port"]) - end - - it 'uses protocol "http" by default' do - values = { - portal: { - enabled: true - }, - ingress: { - main: { - enabled: false - } - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal("http", configmap["data"]["protocol"]) - end - - it 'uses path "/" by default' do - values = { - portal: { - enabled: true - }, - ingress: { - main: { - enabled: false - } - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal("/", configmap["data"]["path"]) - end - end - - describe 'portal::configmap::overrides' do - it 'ingressPort can be overridden' do - values = { - portal: { - enabled: true, - ingressPort: "666" - }, - ingress: { - main: { - enabled: true - } - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal(values[:portal][:ingressPort], configmap["data"]["port"]) - end - - it 'nodePort Host can be overridden' do - values = { - portal: { - enabled: true, - host: "test.host" - }, - ingress: { - main: { - enabled: false - } - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal(values[:portal][:host], configmap["data"]["host"]) - end - - it 'path can be overridden' do - values = { - portal: { - enabled: true, - path: "/path" - }, - ingress: { - main: { - enabled: false - } - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal(values[:portal][:path], configmap["data"]["path"]) - end - end - - describe 'portal::configmap::nodeport' do - it 'nodePort host defaults to "$node_ip"' do - values = { - portal: { - enabled: true - }, - ingress: { - main: { - enabled: false - } - }, - service: { - main: { - type: "NodePort", - ports: { - main: { - nodePort: 666 - } - } - } - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal("$node_ip", configmap["data"]["host"]) - end - - it 'nodePort port defaults to the nodePort' do - values = { - portal: { - enabled: true - }, - service: { - main: { - type: "NodePort", - ports: { - main: { - enabled: true, - port: 8080, - nodePort: 666 - } - } - } - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal("666", configmap["data"]["port"]) - end - - it 'uses nodeport port protocol as protocol (HTTPS)' do - values = { - portal: { - enabled: true - }, - service: { - main: { - type: "NodePort", - ports: { - main: { - enabled: true, - port: 8080, - nodePort: 666, - protocol: "HTTPS" - } - } - } - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal("https", configmap["data"]["protocol"]) - end - - it 'uses nodeport port protocol as protocol (HTTP)' do - values = { - portal: { - enabled: true - }, - service: { - main: { - type: "NodePort", - ports: { - main: { - enabled: true, - nodePort: 666, - protocol: "HTTP" - } - } - } - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal("http", configmap["data"]["protocol"]) - end - end - - describe 'portal::configmap::ingress' do - it 'uses ingress host' do - values = { - portal: { - enabled: true - }, - ingress: { - main: { - enabled: true, - hosts: [ - { - host: "test.domain", - paths: - [ - { - path: "/test" - } - ] - - } - ] - } - } - } - chart.value values - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal("test.domain", configmap["data"]["host"]) - end - - it 'uses ingress path' do - values = { - portal: { - enabled: true - }, - ingress: { - main: { - enabled: true, - hosts: [ - { - host: "test.domain", - paths: - [ - { - path: "/test" - } - ] - - } - ] - } - } - } - chart.value values - configmap = chart.resources(kind: "ConfigMap").first - assert_equal("/test", configmap["data"]["path"]) - end - end - end -end diff --git a/tests/library/common/pvc_spec.rb b/tests/library/common/pvc_spec.rb deleted file mode 100644 index 8caddf08b18..00000000000 --- a/tests/library/common/pvc_spec.rb +++ /dev/null @@ -1,181 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - describe 'pvc' do - it 'nameSuffix defaults to persistence key' do - values = { - persistence: { - config: { - enabled: true - } - } - } - chart.value values - pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" } - refute_nil(pvc) - end - - it 'nameSuffix can be overridden' do - values = { - persistence: { - config: { - enabled: true, - nameOverride: 'customSuffix' - } - } - } - chart.value values - pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-customSuffix" } - refute_nil(pvc) - end - - it 'nameSuffix can be skipped' do - values = { - persistence: { - config: { - enabled: true, - nameOverride: '-' - } - } - } - chart.value values - pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(pvc) - end - - it 'storageClass can be set' do - values = { - persistence: { - config: { - enabled: true, - storageClass: "test" - } - } - } - chart.value values - pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" } - refute_nil(pvc) - assert_equal('test', pvc["spec"]["storageClassName"]) - end - - it 'can generate TrueNAS SCALE zfs storageClass on demand' do - values = { - persistence: { - config: { - enabled: true, - storageClass: "SCALE-ZFS" - } - } - } - chart.value values - pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" } - refute_nil(pvc) - assert_equal('ix-storage-class-common-test', pvc["spec"]["storageClassName"]) - end - - it 'generate TrueNAS SCALE zfs storageClass as default when isSCALE' do - values = { - global: { - isSCALE: true - }, - persistence: { - config: { - enabled: true - } - } - } - chart.value values - pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" } - refute_nil(pvc) - assert_equal('ix-storage-class-common-test', pvc["spec"]["storageClassName"]) - end - - it 'can override storageClass when isSCALE' do - values = { - global: { - isSCALE: true - }, - persistence: { - config: { - enabled: true, - storageClass: "test" - } - } - } - chart.value values - pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" } - refute_nil(pvc) - assert_equal('test', pvc["spec"]["storageClassName"]) - end - - it 'generate TrueNAS SCALE zfs storageClass as default when global ixChartContext' do - values = { - global: { - ixChartContext: "somethingsomething" - }, - persistence: { - config: { - enabled: true - } - } - } - chart.value values - pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" } - refute_nil(pvc) - assert_equal('ix-storage-class-common-test', pvc["spec"]["storageClassName"]) - end - - it 'generate TrueNAS SCALE zfs storageClass as default when ixChartContext' do - values = { - ixChartContext: "somethingsomething", - persistence: { - config: { - enabled: true - } - } - } - chart.value values - pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" } - refute_nil(pvc) - assert_equal('ix-storage-class-common-test', pvc["spec"]["storageClassName"]) - end - - it 'check SCALE storageClass when isSCALE and ixchartcontext' do - values = { - global: { - ixChartContext: "somethingsomething" - }, - ixChartContext: "somethingsomething", - persistence: { - config: { - enabled: true - } - } - } - chart.value values - pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" } - refute_nil(pvc) - assert_equal('ix-storage-class-common-test', pvc["spec"]["storageClassName"]) - end - - it 'storageClass can be set to an empty value' do - values = { - persistence: { - config: { - enabled: true, - storageClass: "-" - } - } - } - chart.value values - pvc = chart.resources(kind: "PersistentVolumeClaim").find{ |s| s["metadata"]["name"] == "common-test-config" } - refute_nil(pvc) - assert_equal('', pvc["spec"]["storageClassName"]) - end - end - end -end diff --git a/tests/library/common/service_spec.rb b/tests/library/common/service_spec.rb deleted file mode 100644 index ec8aaf4fe80..00000000000 --- a/tests/library/common/service_spec.rb +++ /dev/null @@ -1,290 +0,0 @@ -# frozen_string_literal: true -require_relative '../../test_helper' - -class Test < ChartTest - @@chart = Chart.new('charts/library/common-test') - - describe @@chart.name do - describe 'service::ports settings' do - baseValues = { - service: { - main: { - ports: { - main: { - port: 8080 - } - } - } - } - } - - default_name = 'main' - default_port = 8080 - - it 'defaults to name "http" on port 8080' do - values = baseValues - chart.value values - - service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(service) - assert_equal(default_port, service["spec"]["ports"].first["port"]) - assert_equal(default_name, service["spec"]["ports"].first["targetPort"]) - assert_equal(default_name, service["spec"]["ports"].first["name"]) - - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(default_port, mainContainer["ports"].first["containerPort"]) - assert_equal(default_name, mainContainer["ports"].first["name"]) - end - - it 'port name can be set' do - values = baseValues.deep_merge_override({ - service: { - main: { - ports: { - main: { - enabled: false - }, - server: { - enabled: true, - port: 8080 - } - } - } - } - }) - chart.value values - - service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(service) - assert_equal(default_port, service["spec"]["ports"].first["port"]) - assert_equal('server', service["spec"]["ports"].first["targetPort"]) - assert_equal('server', service["spec"]["ports"].first["name"]) - - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(default_port, mainContainer["ports"].first["containerPort"]) - assert_equal('server', mainContainer["ports"].first["name"]) - end - - it 'name suffix can be overridden' do - values = baseValues.deep_merge_override({ - service: { - main: { - nameOverride: 'http' - } - } - }) - chart.value values - - service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test-#{values[:service][:main][:nameOverride]}" } - refute_nil(service) - end - - it 'targetPort can be overridden' do - values = baseValues.deep_merge_override({ - service: { - main: { - ports: { - main: { - targetPort: 80 - } - } - } - } - }) - chart.value values - - service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(service) - assert_equal(default_port, service["spec"]["ports"].first["port"]) - assert_equal(80, service["spec"]["ports"].first["targetPort"]) - assert_equal(default_name, service["spec"]["ports"].first["name"]) - - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal(80, mainContainer["ports"].first["containerPort"]) - assert_equal(default_name, mainContainer["ports"].first["name"]) - end - - it 'targetPort cannot be a named port' do - values = baseValues.deep_merge_override({ - service: { - main: { - ports: { - main: { - targetPort: 'test' - } - } - } - } - }) - chart.value values - - exception = assert_raises HelmCompileError do - chart.execute_helm_template! - end - assert_match("Our charts do not support named ports for targetPort. (port name #{default_name}, targetPort test)", exception.message) - end - - it 'protocol defaults to TCP' do - values = baseValues - chart.value values - - service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(service) - assert_equal("TCP", service["spec"]["ports"].first["protocol"]) - - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal("TCP", mainContainer["ports"].first["protocol"]) - end - - it 'protocol is TCP when set to TCP explicitly' do - values = baseValues.deep_merge_override({ - service: { - main: { - ports: { - main: { - protocol: 'TCP' - } - } - } - } - }) - chart.value values - - service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(service) - assert_equal("TCP", service["spec"]["ports"].first["protocol"]) - - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal("TCP", mainContainer["ports"].first["protocol"]) - end - - it 'protocol is TCP when set to HTTP explicitly' do - values = baseValues.deep_merge_override({ - service: { - main: { - ports: { - main: { - protocol: 'HTTP' - } - } - } - } - }) - chart.value values - - service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(service) - assert_equal("TCP", service["spec"]["ports"].first["protocol"]) - - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal("TCP", mainContainer["ports"].first["protocol"]) - end - - it 'protocol is TCP when set to HTTPS explicitly' do - values = baseValues.deep_merge_override({ - service: { - main: { - ports: { - main: { - protocol: 'HTTPS' - } - } - } - } - }) - chart.value values - - service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(service) - assert_equal("TCP", service["spec"]["ports"].first["protocol"]) - - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal("TCP", mainContainer["ports"].first["protocol"]) - end - - it 'protocol is UDP when set to UDP explicitly' do - values = baseValues.deep_merge_override({ - service: { - main: { - ports: { - main: { - protocol: 'UDP' - } - } - } - } - }) - chart.value values - - service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(service) - assert_equal("UDP", service["spec"]["ports"].first["protocol"]) - - deployment = chart.resources(kind: "Deployment").first - containers = deployment["spec"]["template"]["spec"]["containers"] - mainContainer = containers.find{ |c| c["name"] == "common-test" } - assert_equal("UDP", mainContainer["ports"].first["protocol"]) - end - - it 'No annotations get set by default' do - values = baseValues - chart.value values - - service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(service) - assert_nil(service["metadata"]["annotations"]) - end - - it 'TCP port protocol does not set annotations' do - values = baseValues.deep_merge_override({ - service: { - main: { - ports: { - main: { - protocol: 'TCP' - } - } - } - } - }) - chart.value values - - service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(service) - assert_nil(service["metadata"]["annotations"]) - end - - it 'HTTPS port protocol sets traefik HTTPS annotation' do - values = baseValues.deep_merge_override({ - service: { - main: { - ports: { - main: { - protocol: 'HTTPS' - } - } - } - } - }) - chart.value values - service = chart.resources(kind: "Service").find{ |s| s["metadata"]["name"] == "common-test" } - refute_nil(service) - assert_equal("https", service["metadata"]["annotations"]["traefik.ingress.kubernetes.io/service.serversscheme"]) - end - end - end -end diff --git a/tests/test_helper.rb b/tests/test_helper.rb deleted file mode 100644 index 6170486bdbb..00000000000 --- a/tests/test_helper.rb +++ /dev/null @@ -1,146 +0,0 @@ -# frozen_string_literal: true - -require 'json' -require 'yaml' -require 'open3' - -require 'minitest-implicit-subject' -require "minitest/reporters" -require 'minitest/autorun' -require 'minitest/pride' - -class HelmCompileError < StandardError -end - -class HelmDepsError < StandardError -end - -class Chart - attr_reader :name, :path, :values - - def initialize(chart) - @name = chart.split('/').last - - @path = File.expand_path(chart) - - @values = default_values - - update_deps! - end - - def update_deps! - command = "helm dep update '#{path}'" - stdout, stderr, status = Open3.capture3(command) - raise HelmDepsError, stderr if status != 0 - end - - def reset! - @values = default_values - @parsed_resources = nil - end - - def value(value) - values.merge!(value) - end - - def configure_custom_name(name) - @name = name - end - - def execute_helm_template! - file = Tempfile.new(name) - file.write(JSON.parse(values.to_json).to_yaml) - file.close - - begin - command = "helm template '#{name}' '#{path}' --namespace='default' --values='#{file.path}'" - stdout, stderr, status = Open3.capture3(command) - - raise HelmCompileError, stderr if status != 0 - - stdout - ensure - file.unlink - end - end - - def parsed_resources - @parsed_resources ||= begin - output = execute_helm_template! - puts output if ENV.fetch('DEBUG', 'false') == 'true' - YAML.load_stream(output) - end - end - - def resources(matcher = nil) - return parsed_resources unless matcher - - parsed_resources.select do |r| - r >= Hash[matcher.map { |k, v| [k.to_s, v] }] - end - end - - def default_values - { - } - end -end - -class ExtendedMinitest < Minitest::Test - extend MiniTest::Spec::DSL -end - -class ChartTest < ExtendedMinitest - Minitest::Reporters.use! Minitest::Reporters::SpecReporter.new - - before do - chart.reset! - end - - def chart - self.class.class_variable_get('@@chart') - end - - def resource(name) - chart.resources(kind: name).first - end -end - -class Minitest::Result - def name - test_name = defined?(@name) ? @name : super - test_name.to_s.gsub /\Atest_\d{4,}_/, "" - end -end - -class ::Hash - def deep_merge_override(second) - merger = proc do |key, original, override| - if original.instance_of?(Hash) && override.instance_of?(Hash) - original.merge(override, &merger) - else - if original.instance_of?(Array) && override.instance_of?(Array) - # if the lengths are different, prefer the override - if original.length != override.length - override - else - # if the first element in the override's Array is a Hash, then we assume they all are - if override[0].instance_of?(Hash) - original.map.with_index do |v, i| - # deep merge everything between the two arrays - original[i].merge(override[i], &merger) - end - else - # if we don't have a Hash in the override, - # override the whole array with our new one - override - end - end - else - override - end - end - end - self.merge(second.to_h, &merger) - end -end