validation

This commit is contained in:
Stavros kois
2024-04-28 18:08:14 +03:00
parent 550479c1d6
commit 83e70913b2
7 changed files with 267 additions and 25 deletions

View File

@@ -42,12 +42,11 @@ tests:
credentials:
mys3:
type: s3
url: ""
region: ""
bucket: ""
accessKey: ""
secretKey: ""
encrKey: ""
url: some-url
bucket: some-bucket
encrKey: some-key
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: &secretDoc 0
isKind:

View File

@@ -32,12 +32,11 @@ tests:
credentials:
mys3:
type: s3
url: ""
region: ""
bucket: ""
accessKey: ""
secretKey: ""
encrKey: ""
url: some-url
bucket: some-bucket
encrKey: some-key
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: &secretDoc 0
isKind:

View File

@@ -42,12 +42,11 @@ tests:
credentials:
mys3:
type: s3
url: ""
region: ""
bucket: ""
accessKey: ""
secretKey: ""
encrKey: ""
url: some-url
bucket: some-bucket
encrKey: some-key
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: &secretDoc 0
isKind:

View File

@@ -32,12 +32,11 @@ tests:
credentials:
mys3:
type: s3
url: ""
region: ""
bucket: ""
accessKey: ""
secretKey: ""
encrKey: ""
url: some-url
bucket: some-bucket
encrKey: some-key
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: &secretDoc 0
isKind:

View File

@@ -0,0 +1,197 @@
suite: volsync validation test
templates:
- common.yaml
release:
name: test-release-name
namespace: test-release-namespace
tests:
- it: should fail with empty name
set:
persistence:
src-backup:
enabled: true
type: pvc
mountPath: /backed-up
volsync:
- name: ""
type: restic
credentials: my-secret
src:
enabled: true
dest:
enabled: false
credentials: {}
asserts:
- failedTemplate:
errorMessage: VolSync - Expected non-empty [name]
- it: should fail with empty credentials
set:
persistence:
src-backup:
enabled: true
type: pvc
mountPath: /backedup
volsync:
- name: my-backup
type: restic
credentials: ""
src:
enabled: true
dest:
enabled: false
asserts:
- failedTemplate:
errorMessage: VolSync - Expected non-empty [credentials]
- it: should fail if referenced credentials does not exist
set:
persistence: &persistence
src-backup:
enabled: true
type: pvc
mountPath: /backedup
volsync:
- name: my-backup
type: restic
credentials: my-secret
src:
enabled: true
dest:
enabled: false
credentials: {}
asserts:
- failedTemplate:
errorMessage: VolSync - Expected credentials [my-secret] to be defined in [credentials.my-secret]
- it: should fail if credentials.url is empty
set:
persistence: *persistence
credentials:
my-secret:
type: s3
url: ""
asserts:
- failedTemplate:
errorMessage: VolSync - Expected non-empty [url] in [credentials.my-secret]
- it: should fail if credentials.bucket is empty
set:
persistence: *persistence
credentials:
my-secret:
type: s3
url: some-url
bucket: ""
asserts:
- failedTemplate:
errorMessage: VolSync - Expected non-empty [bucket] in [credentials.my-secret]
- it: should fail if credentials.encrKey is empty
set:
persistence: *persistence
credentials:
my-secret:
type: s3
url: some-url
bucket: some-bucket
encrKey: ""
asserts:
- failedTemplate:
errorMessage: VolSync - Expected non-empty [encrKey] in [credentials.my-secret]
- it: should fail if credentials.accessKey is empty
set:
persistence: *persistence
credentials:
my-secret:
type: s3
url: some-url
bucket: some-bucket
encrKey: some-key
accessKey: ""
asserts:
- failedTemplate:
errorMessage: VolSync - Expected non-empty [accessKey] in [credentials.my-secret]
- it: should fail if credentials.secretKey is empty
set:
persistence: *persistence
credentials:
my-secret:
type: s3
url: some-url
bucket: some-bucket
encrKey: some-key
accessKey: some-access-key
secretKey: ""
asserts:
- failedTemplate:
errorMessage: VolSync - Expected non-empty [secretKey] in [credentials.my-secret]
- it: should fail with invalid copy method
set:
persistence:
src-backup:
enabled: true
type: pvc
mountPath: /backedup
volsync:
- name: my-backup
type: restic
credentials: my-secret
copyMethod: invalid
src:
enabled: true
dest:
enabled: false
credentials: &credentials
my-secret:
type: s3
url: some-url
bucket: some-bucket
encrKey: some-key
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- failedTemplate:
errorMessage: VolSync - Expected [copyMethod] to be one of [Clone, Direct, Snapshot], but got [invalid]
- it: should fail with empty type
set:
persistence:
src-backup:
enabled: true
type: pvc
mountPath: /backedup
volsync:
- name: my-backup
type: ""
credentials: my-secret
src:
enabled: true
dest:
enabled: false
asserts:
- failedTemplate:
errorMessage: VolSync - Expected non-empty [type]
- it: should fail with invalid type
set:
persistence:
src-backup:
enabled: true
type: pvc
mountPath: /backedup
volsync:
- name: my-backup
type: invalid
credentials: my-secret
src:
enabled: true
dest:
enabled: false
credentials: *credentials
asserts:
- failedTemplate:
errorMessage: VolSync - Expected [type] to be one of [restic], but got [invalid]

View File

@@ -0,0 +1,46 @@
{{- define "tc.v1.common.lib.volsync.validation" -}}
{{- $objectData := .objectData -}}
{{- $rootCtx := .rootCtx -}}
{{- if not $objectData.name -}}
{{- fail "VolSync - Expected non-empty [name]" -}}
{{- end -}}
{{- if not $objectData.type -}}
{{- fail "VolSync - Expected non-empty [type]" -}}
{{- end -}}
{{- $validTypes := list "restic" -}}
{{- if not (mustHas $objectData.type $validTypes) -}}
{{- fail (printf "VolSync - Expected [type] to be one of [%s], but got [%s]" (join ", " $validTypes) $objectData.type) -}}
{{- end -}}
{{- if not $objectData.credentials -}}
{{- fail "VolSync - Expected non-empty [credentials]" -}}
{{- end -}}
{{- if not (kindIs "string" $objectData.credentials) -}}
{{- fail (printf "VolSync - Expected [credentials] to be a string, but got [%s]" (kindOf $objectData.credentials)) -}}
{{- end -}}
{{- if not (get $rootCtx.Values.credentials $objectData.credentials) -}}
{{- fail (printf "VolSync - Expected credentials [%s] to be defined in [credentials.%s]" $objectData.credentials $objectData.credentials) -}}
{{- end -}}
{{- $credentials := get $rootCtx.Values.credentials $objectData.credentials -}}
{{- $reqFields := list "url" "bucket" "encrKey" "accessKey" "secretKey" -}}
{{- range $key := $reqFields -}}
{{- if not (get $credentials $key) -}}
{{- fail (printf "VolSync - Expected non-empty [%s] in [credentials.%s]" $key $objectData.credentials) -}}
{{- end -}}
{{- end -}}
{{- $copyMethods := list "Clone" "Direct" "Snapshot" -}}
{{- if $objectData.copyMethod -}}
{{- if not (mustHas $objectData.copyMethod $copyMethods) -}}
{{- fail (printf "VolSync - Expected [copyMethod] to be one of [%s], but got [%s]" (join ", " $copyMethods) $objectData.copyMethod) -}}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@@ -93,7 +93,10 @@
{{- if or $srcEnabled $destEnabled -}}
{{- $volsyncData := (mustDeepCopy $volsync) -}}
{{/* Create Secret for VolSync */}}
{{- include "tc.v1.common.lib.volsync.validation" (dict "objectData" $volsyncData "rootCtx" $) -}}
{{- include "tc.v1.common.lib.metadata.validation" (dict "objectData" $volsyncData "caller" "PVC - VolSync") -}}
{{/* Create Secret for VolSync */}}
{{- $volsyncSecretName := printf "%s-volsync-%s" $objectData.name $volsync.name -}}
{{- $_ := set $volsyncData "repository" $volsyncSecretName -}}