Merge branch 'main' into nuke-scale-cert

This commit is contained in:
Kjeld Schouten
2024-02-24 10:54:25 +01:00
committed by GitHub
8 changed files with 5 additions and 288 deletions

View File

@@ -3,7 +3,7 @@ appVersion: ""
dependencies:
- name: common
repository: file://../common
version: ~18.0.0
version: ~17.5.0
deprecated: false
description: Helper chart to test different use cases of the common library
home: https://github.com/truecharts/apps/tree/master/charts/library/common-test

View File

@@ -333,8 +333,6 @@ tests:
namespace: ix-namespace
ixChartContext:
some: context
ixVolumes:
- hostPath: /mnt/pool/ix-applications/test
persistence:
test1:
enabled: true
@@ -400,16 +398,6 @@ tests:
chmod: 770
recursive: true
mountPath: /test7
test8:
enabled: true
type: ixVolume
datasetName: test
autoPermissions:
enabled: true
chown: true
chmod: 770
recursive: true
mountPath: /test8
test9:
enabled: true
type: nfs
@@ -419,13 +407,6 @@ tests:
enabled: true
chown: true
mountPath: /test9
# Should not show up, without enabled true
test10:
type: ixVolume
datasetName: test
autoPermissions:
chown: true
mountPath: /test10
asserts:
- documentIndex: *jobDoc
isKind:
@@ -490,13 +471,6 @@ tests:
content:
name: test7
emptyDir: {}
- documentIndex: *jobDoc
contains:
path: spec.template.spec.volumes
content:
name: test8
hostPath:
path: /mnt/pool/ix-applications/test
- documentIndex: *jobDoc
contains:
path: spec.template.spec.volumes
@@ -555,13 +529,6 @@ tests:
name: test7
mountPath: /mounts/test7
readOnly: false
- documentIndex: *jobDoc
contains:
path: spec.template.spec.containers[0].volumeMounts
content:
name: test8
mountPath: /mounts/test8
readOnly: false
- documentIndex: *jobDoc
contains:
path: spec.template.spec.containers[0].volumeMounts
@@ -656,19 +623,6 @@ tests:
echo "Ownership before: [$before]"
echo "Ownership after: [$(stat -c "%u:%g" /mounts/test7)]"
echo ""
echo "Automatically correcting permissions for /mounts/test8..."
before=$(stat -c "%a" /mounts/test8)
chmod -R 770 /mounts/test8 || echo "Failed setting permissions using chmod..."
echo "Permissions before: [$before]"
echo "Permissions after: [$(stat -c "%a" /mounts/test8)]"
echo ""
echo "Automatically correcting ownership for /mounts/test8..."
before=$(stat -c "%u:%g" /mounts/test8)
/usr/sbin/nfs4xdr_winacl -a chown -G 568 -r -c "/mounts/test8" -p "/mounts/test8" || echo "Failed setting ownership using winacl..."
echo "Ownership before: [$before]"
echo "Ownership after: [$(stat -c "%u:%g" /mounts/test8)]"
echo ""
echo "Automatically correcting ownership for /mounts/test9..."
before=$(stat -c "%u:%g" /mounts/test9)
/usr/sbin/nfs4xdr_winacl -a chown -G 568 -c "/mounts/test9" -p "/mounts/test9" || echo "Failed setting ownership using winacl..."
@@ -755,7 +709,7 @@ tests:
chown: true
asserts:
- failedTemplate:
errorMessage: Auto Permissions - Allowed persistent types for auto permissions are [hostPath, emptyDir, nfs, ixVolume], but got [device] on [test]
errorMessage: Auto Permissions - Allowed persistent types for auto permissions are [hostPath, emptyDir, nfs], but got [device] on [test]
- it: should fail trying to set permissions on readOnly
set:

View File

@@ -43,7 +43,7 @@ tests:
type: not-a-type
asserts:
- failedTemplate:
errorMessage: Persistence - Expected [type] to be one of [pvc, vct, emptyDir, nfs, iscsi, hostPath, ixVolume, secret, configmap, device, projected], but got [not-a-type]
errorMessage: Persistence - Expected [type] to be one of [pvc, vct, emptyDir, nfs, iscsi, hostPath, secret, configmap, device, projected], but got [not-a-type]
- it: should fail with invalid accessMode
set:

View File

@@ -1,179 +0,0 @@
suite: pod ixVolume volume test
templates:
- common.yaml
release:
name: test-release-name
namespace: test-release-namespace
tests:
- it: should pass with ixVolume volume
set:
workload:
workload-name1:
enabled: true
primary: true
type: Deployment
podSpec: {}
ixVolumes:
- hostPath: /mnt/pool/ix-applications/ix-app
persistence:
ix-vol:
enabled: true
type: ixVolume
datasetName: ix-app
asserts:
- documentIndex: &deploymentDoc 0
isKind:
of: Deployment
- documentIndex: *deploymentDoc
contains:
path: spec.template.spec.volumes
content:
name: ix-vol
hostPath:
path: /mnt/pool/ix-applications/ix-app
- it: should pass with multiple ixVolume volumes
set:
workload:
workload-name1:
enabled: true
primary: true
type: Deployment
podSpec: {}
ixVolumes:
- hostPath: /mnt/pool/ix-applications/ix-app1
- hostPath: /mnt/pool/ix-applications/ix-app2
persistence:
ix-vol1:
enabled: true
type: ixVolume
datasetName: ix-app1
ix-vol2:
enabled: true
type: ixVolume
datasetName: ix-app2
asserts:
- documentIndex: &deploymentDoc 0
isKind:
of: Deployment
- documentIndex: *deploymentDoc
contains:
path: spec.template.spec.volumes
content:
name: ix-vol1
hostPath:
path: /mnt/pool/ix-applications/ix-app1
- documentIndex: *deploymentDoc
contains:
path: spec.template.spec.volumes
content:
name: ix-vol2
hostPath:
path: /mnt/pool/ix-applications/ix-app2
- it: should pass with ixVolume and hostPathType
set:
some_dataset: ix-app
some_type: DirectoryOrCreate
workload:
workload-name1:
enabled: true
primary: true
type: Deployment
podSpec: {}
ixVolumes:
- hostPath: /mnt/pool/ix-applications/ix-app
persistence:
ix-vol:
enabled: true
type: ixVolume
datasetName: "{{ .Values.some_dataset }}"
hostPathType: "{{ .Values.some_type }}"
asserts:
- documentIndex: *deploymentDoc
isKind:
of: Deployment
- documentIndex: *deploymentDoc
contains:
path: spec.template.spec.volumes
content:
name: ix-vol
hostPath:
path: /mnt/pool/ix-applications/ix-app
type: DirectoryOrCreate
# Failures
- it: should fail without datasetName
set:
workload:
some-workload:
enabled: true
primary: true
type: Deployment
podSpec: {}
persistence:
volume1:
enabled: true
type: ixVolume
datasetname: ""
asserts:
- failedTemplate:
errorMessage: Persistence - Expected non-empty [datasetName] on [ixVolume] type
- it: should fail with empty ixVolumes
set:
workload:
some-workload:
enabled: true
primary: true
type: Deployment
podSpec: {}
ixVolumes: []
persistence:
volume1:
enabled: true
type: ixVolume
datasetName: ix-app
asserts:
- failedTemplate:
errorMessage: Persistence - Expected non-empty [ixVolumes] in values on [ixVolume] type
- it: should fail with wrong ixVolumes
set:
workload:
some-workload:
enabled: true
primary: true
type: Deployment
podSpec: {}
ixVolumes:
- hostPath: /mnt/pool/ix-applications/ix-wrong-app
- hostPath: /mnt/pool/ix-applications/ix-other-app
persistence:
volume1:
enabled: true
type: ixVolume
datasetName: ix-app
asserts:
- failedTemplate:
errorMessage: Persistence - Expected [datasetName] [ix-app] to exist on [ixVolumes] list, but list contained [ix-wrong-app, ix-other-app] on [ixVolume] type
- it: should fail with invalid hostPathType
set:
workload:
some-workload:
enabled: true
primary: true
type: Deployment
podSpec: {}
ixVolumes:
- hostPath: /mnt/pool/ix-applications/ix-app
persistence:
volume1:
enabled: true
type: ixVolume
datasetName: ix-app
hostPathType: invalid
asserts:
- failedTemplate:
errorMessage: Persistence - Expected [hostPathType] to be one of [DirectoryOrCreate, Directory, FileOrCreate, File, Socket, CharDevice, BlockDevice], but got [invalid]

View File

@@ -53,8 +53,6 @@ objectData: The object data to be used to render the Pod.
{{- if eq "pvc" $type -}}
{{- include "tc.v1.common.lib.pod.volume.pvc" (dict "rootCtx" $rootCtx "objectData" $persistence) | trim | nindent 0 -}}
{{- else if eq "ixVolume" $type -}}
{{- include "tc.v1.common.lib.pod.volume.ixVolume" (dict "rootCtx" $rootCtx "objectData" $persistence) | trim | nindent 0 -}}
{{- else if eq "hostPath" $type -}}
{{- include "tc.v1.common.lib.pod.volume.hostPath" (dict "rootCtx" $rootCtx "objectData" $persistence) | trim | nindent 0 -}}
{{- else if eq "secret" $type -}}

View File

@@ -1,56 +0,0 @@
{{/* Returns ixVolume Volume */}}
{{/* Call this template:
{{ include "tc.v1.common.lib.pod.volume.ixVolume" (dict "rootCtx" $ "objectData" $objectData) }}
rootCtx: The root context of the chart.
objectData: The object data to be used to render the volume.
*/}}
{{- define "tc.v1.common.lib.pod.volume.ixVolume" -}}
{{- $rootCtx := .rootCtx -}}
{{- $objectData := .objectData -}}
{{- $hostPathType := "" -}}
{{- if $objectData.hostPathType -}}
{{- $hostPathType = tpl $objectData.hostPathType $rootCtx -}}
{{- end -}}
{{- if not $objectData.datasetName -}}
{{- fail "Persistence - Expected non-empty [datasetName] on [ixVolume] type" -}}
{{- end -}}
{{- $datasetName := tpl $objectData.datasetName $rootCtx -}}
{{- if not $rootCtx.Values.ixVolumes -}}
{{- fail "Persistence - Expected non-empty [ixVolumes] in values on [ixVolume] type" -}}
{{- end -}}
{{- $hostPath := "" -}}
{{- $found := false -}}
{{- range $idx, $normalizedHostPath := $rootCtx.Values.ixVolumes -}}
{{- if eq $datasetName (base $normalizedHostPath.hostPath) -}}
{{- $found = true -}}
{{- $hostPath = $normalizedHostPath.hostPath -}}
{{- end -}}
{{- end -}}
{{- if not $found -}} {{/* If we go over the ixVolumes and we dont find a match, fail */}}
{{- $datasets := list -}}
{{- range $rootCtx.Values.ixVolumes -}}
{{- $datasets = mustAppend $datasets (base .hostPath) -}}
{{- end -}}
{{- fail (printf "Persistence - Expected [datasetName] [%s] to exist on [ixVolumes] list, but list contained [%s] on [ixVolume] type" $datasetName (join ", " $datasets)) -}}
{{- end -}}
{{- if not (hasPrefix "/" $hostPath) -}}
{{- fail "Persistence - Expected normalized path from [ixVolumes] to start with a forward slash [/] on [ixVolume] type" -}}
{{- end -}}
{{- $types := (list "DirectoryOrCreate" "Directory" "FileOrCreate" "File" "Socket" "CharDevice" "BlockDevice") -}}
{{- if and $hostPathType (not (mustHas $hostPathType $types)) -}}
{{- fail (printf "Persistence - Expected [hostPathType] to be one of [%s], but got [%s]" (join ", " $types) $hostPathType) -}}
{{- end }}
- name: {{ $objectData.shortName }}
hostPath:
path: {{ $hostPath }}
{{- with $hostPathType }}
type: {{ $hostPathType }}
{{- end -}}
{{- end -}}

View File

@@ -10,7 +10,7 @@ objectData:
{{- $rootCtx := .rootCtx -}}
{{- $objectData := .objectData -}}
{{- $types := (list "pvc" "vct" "emptyDir" "nfs" "iscsi" "hostPath" "ixVolume" "secret" "configmap" "device" "projected") -}}
{{- $types := (list "pvc" "vct" "emptyDir" "nfs" "iscsi" "hostPath" "secret" "configmap" "device" "projected") -}}
{{- if not (mustHas $objectData.type $types) -}}
{{- fail (printf "Persistence - Expected [type] to be one of [%s], but got [%s]" (join ", " $types) $objectData.type) -}}
{{- end -}}

View File

@@ -1,7 +1,7 @@
{{/* Contains the auto-permissions job */}}
{{- define "tc.v1.common.lib.util.autoperms" -}}
{{- $permAllowedTypes := (list "hostPath" "emptyDir" "nfs" "ixVolume") -}}
{{- $permAllowedTypes := (list "hostPath" "emptyDir" "nfs") -}}
{{/* If you change this path, you must change it under _volumeMounts.tpl too*/}}
{{- $basePath := "/mounts" -}}