diff --git a/run_helm_test.sh b/run_helm_test.sh
index d02976787d32c14d063d1450249c6e6af31348b5..aafe0e7dd324a8e4764fad72362bc2d2039ae197 100755
--- a/run_helm_test.sh
+++ b/run_helm_test.sh
@@ -4,5 +4,5 @@ set -e
helm template ./src/main/helm/ -f src/test/helm-linter-values.yaml
helm lint -f src/test/helm-linter-values.yaml ./src/main/helm/
-cd src/main/helm && helm unittest -f '../../test/helm/*.yaml' .
+cd src/main/helm && helm unittest -f '../../test/helm/**/*test.yaml' .
diff --git a/src/main/helm/templates/_helpers.tpl b/src/main/helm/templates/_helpers.tpl
index 95cbd1ab2dc40644d5831806da452e5992c99085..9d582b1dbfbde913afe112ff89f76ed46bd8b7f0 100644
--- a/src/main/helm/templates/_helpers.tpl
+++ b/src/main/helm/templates/_helpers.tpl
@@ -15,6 +15,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/namespace: {{ include "app.namespace" . }}
helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version }}
+ozgcloud-mongodb-client: "true"
{{- end -}}
{{- define "app.matchLabels" }}
@@ -22,12 +23,6 @@ app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/namespace: {{ include "app.namespace" . }}
{{- end -}}
-{{- define "app.imagePullSecret" }}
-{{- with .Values.imageCredentials }}
-{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }}
-{{- end }}
-{{- end }}
-
{{- define "app.nameToIdentifier" -}}
{{- trimAll "-" ( regexReplaceAll "[^a-zA-Z0-9-]" (lower .) "" ) | trunc 20 }}
{{- end -}}
diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index dfbadbc7c4591bb2d064d5b580be401e598c524e..7d1d4762d2b94225e5bc46503dce5dd6c85449bd 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -145,7 +145,7 @@ spec:
dnsConfig: {}
dnsPolicy: ClusterFirst
imagePullSecrets:
- - name: {{ .Values.imagePullSecret | default "administration-image-pull-secret" }}
+ - name: {{ required "image-pull-secret must be set" .Values.imagePullSecret }}
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
diff --git a/src/test/helm-linter-values.yaml b/src/test/helm-linter-values.yaml
index b58fe6625dc73d30769fb4ad0f4b397850ad07ab..35b73c5d7532c489c04350074a6b6476b4f5fb20 100644
--- a/src/test/helm-linter-values.yaml
+++ b/src/test/helm-linter-values.yaml
@@ -45,3 +45,4 @@ sso:
client_roles:
- ROLE_DUMMY
+imagePullSecret: image-pull-secret
\ No newline at end of file
diff --git a/src/test/helm/configmap_bindings_type_test.yaml b/src/test/helm/configmap_bindings_type_test.yaml
index c9f2232b3ebfcfdddfcd0c4ff4d38190dd56da60..3848f75f77083e4560045d942ffe7ee9b1f27ae3 100644
--- a/src/test/helm/configmap_bindings_type_test.yaml
+++ b/src/test/helm/configmap_bindings_type_test.yaml
@@ -22,13 +22,23 @@
suite: configmap_bindings_type
release:
name: administration
+ namespace: sh-helm-test
templates:
- templates/configmap_bindings_type.yaml
-set:
- Release.Namespace: "administration"
+
tests:
- it: validate configmap values
asserts:
+ - isKind:
+ of: ConfigMap
+ - isAPIVersion:
+ of: v1
+ - equal:
+ path: metadata.name
+ value: administration-bindings-type
+ - equal:
+ path: metadata.namespace
+ value: sh-helm-test
- equal:
path: data.type
value: "ca-certificates"
\ No newline at end of file
diff --git a/src/test/helm/deployment_database_test.yaml b/src/test/helm/deployment_database_test.yaml
index 8c747b650b4925c6026325d50f46de3ee42e6c73..b007ea3eeb6b8706cfd491d9fc1911ec73172085 100644
--- a/src/test/helm/deployment_database_test.yaml
+++ b/src/test/helm/deployment_database_test.yaml
@@ -34,6 +34,7 @@ set:
bezeichner: helm
sso:
serverUrl: https://sso.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: should have a volume for the mongodb certificate
asserts:
diff --git a/src/test/helm/deployment_defaults_labels_test.yaml b/src/test/helm/deployment_defaults_labels_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..37a4181ad5b71049c13d5482005b4cb17a25fced
--- /dev/null
+++ b/src/test/helm/deployment_defaults_labels_test.yaml
@@ -0,0 +1,71 @@
+#
+# Copyright (C) 2024 Das Land Schleswig-Holstein vertreten durch den
+# Ministerpräsidenten des Landes Schleswig-Holstein
+# Staatskanzlei
+# Abteilung Digitalisierung und zentrales IT-Management der Landesregierung
+#
+# Lizenziert unter der EUPL, Version 1.2 oder - sobald
+# diese von der Europäischen Kommission genehmigt wurden -
+# Folgeversionen der EUPL ("Lizenz");
+# Sie dürfen dieses Werk ausschließlich gemäß
+# dieser Lizenz nutzen.
+# Eine Kopie der Lizenz finden Sie hier:
+#
+# https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12
+#
+# Sofern nicht durch anwendbare Rechtsvorschriften
+# gefordert oder in schriftlicher Form vereinbart, wird
+# die unter der Lizenz verbreitete Software "so wie sie
+# ist", OHNE JEGLICHE GEWÄHRLEISTUNG ODER BEDINGUNGEN -
+# ausdrücklich oder stillschweigend - verbreitet.
+# Die sprachspezifischen Genehmigungen und Beschränkungen
+# unter der Lizenz sind dem Lizenztext zu entnehmen.
+#
+
+suite: test deployment default labels
+release:
+ name: administration
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: sh
+ bezeichner: helm
+ sso:
+ serverUrl: https://sso.company.local
+ imagePullSecret: image-pull-secret
+tests:
+ - it: check metadata.labels
+ asserts:
+ - equal:
+ path: metadata.labels
+ value:
+ app.kubernetes.io/instance: administration
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: administration
+ app.kubernetes.io/namespace: sh-helm-test
+ helm.sh/chart: administration-0.0.0-MANAGED-BY-JENKINS
+ ozgcloud-mongodb-client: "true"
+
+ - it: should set spec.selector.matchLabels
+ asserts:
+ - equal:
+ path: spec.selector.matchLabels
+ value:
+ app.kubernetes.io/name: administration
+ app.kubernetes.io/namespace: sh-helm-test
+
+
+ - it: should have correct deyploment spec.template.metadata.labels
+ asserts:
+ - equal:
+ path: spec.template.metadata.labels
+ value:
+ app.kubernetes.io/instance: administration
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: administration
+ app.kubernetes.io/namespace: sh-helm-test
+ component: administration
+ helm.sh/chart: administration-0.0.0-MANAGED-BY-JENKINS
+ ozgcloud-mongodb-client: "true"
\ No newline at end of file
diff --git a/src/test/helm/deployment_defaults_sso_test.yaml b/src/test/helm/deployment_defaults_sso_test.yaml
index 3af4ab3385e69bae001433ba9cf8b0df3795ce9b..78662094e4975ac35654b72fc08eb58910e50352 100644
--- a/src/test/helm/deployment_defaults_sso_test.yaml
+++ b/src/test/helm/deployment_defaults_sso_test.yaml
@@ -22,7 +22,7 @@
# unter der Lizenz sind dem Lizenztext zu entnehmen.
#
-suite: test deployment
+suite: test deployment sso
release:
name: administration
namespace: sh-helm-test
@@ -36,6 +36,7 @@ set:
bezeichner: helm
sso:
serverUrl: https://sso.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: check default values
asserts:
@@ -57,29 +58,12 @@ tests:
name: ozgcloud_oauth2_auth-server-url
value: https://sso.company.local
- - it: check realm with long namespace
- set:
- ozgcloud:
- bezeichner: eins-zwei-drei
- environment: dev
- bundesland: sh
- asserts:
- - isKind:
- of: Deployment
- - contains:
- path: spec.template.spec.containers[0].env
- content:
- name: ozgcloud_oauth2_realm
- value: sh-eins-zwei-drei-dev
-
- it: check different client name
set:
sso:
keycloak_client:
client_name: different-client
asserts:
- - isKind:
- of: Deployment
- contains:
path: spec.template.spec.containers[0].env
content:
diff --git a/src/test/helm/deployment_image_pull_secret_test.yaml b/src/test/helm/deployment_image_pull_secret_test.yaml
index 44f285aa845dddef22c11220bef7714efdc1f9ae..db2d17c30347bce02436ed2bde8bb1ae05fc3c5c 100644
--- a/src/test/helm/deployment_image_pull_secret_test.yaml
+++ b/src/test/helm/deployment_image_pull_secret_test.yaml
@@ -34,17 +34,15 @@ set:
sso:
serverUrl: https://sso.company.local
tests:
- - it: should use default image pull secret
- asserts:
- - contains:
- path: spec.template.spec.imagePullSecrets
- content:
- name: administration-image-pull-secret
- - it: should use customizable image pull secret
+ - it: should set image pull secret
set:
- imagePullSecret: custom-image-pull-secret
+ imagePullSecret: image-pull-secret
asserts:
- contains:
path: spec.template.spec.imagePullSecrets
content:
- name: custom-image-pull-secret
+ name: image-pull-secret
+ - it: should fail template when image pull secret not set
+ asserts:
+ - failedTemplate:
+ errormessage: image-pull-secret must be set
diff --git a/src/test/helm/deployment_resources_test.yaml b/src/test/helm/deployment_resources_test.yaml
index d37443f22191266721ac95118b716692cebfeeb0..f6cb1d4b19c1220b97855a982e490dbe2a25b4fa 100644
--- a/src/test/helm/deployment_resources_test.yaml
+++ b/src/test/helm/deployment_resources_test.yaml
@@ -33,6 +33,7 @@ set:
bezeichner: helm
sso:
serverUrl: https://sso.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: should have customizable resources
set:
@@ -41,3 +42,7 @@ tests:
- equal:
path: spec.template.spec.containers[0].resources
value: { "test": 1 }
+ - it: should not generate resources when values not set
+ asserts:
+ - isEmpty:
+ path: spec.template.spec.containers[0].resources
\ No newline at end of file
diff --git a/src/test/helm/deployment_spring_profile_test.yaml b/src/test/helm/deployment_spring_profile_test.yaml
index f99d9b9893a31a013693ccf7b6402603f8bc390f..f22f7ac58b3bd91b8a84f9f7e907c8f1158b32d7 100644
--- a/src/test/helm/deployment_spring_profile_test.yaml
+++ b/src/test/helm/deployment_spring_profile_test.yaml
@@ -34,13 +34,12 @@ set:
bezeichner: helm
sso:
serverUrl: https://sso.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: should override the spring profiles
set:
env.overrideSpringProfiles: oc,dev,ea
asserts:
- - isKind:
- of: Deployment
- contains:
path: spec.template.spec.containers[0].env
content:
@@ -48,8 +47,6 @@ tests:
value: oc,dev,ea
- it: should generate the spring profiles
asserts:
- - isKind:
- of: Deployment
- contains:
path: spec.template.spec.containers[0].env
content:
diff --git a/src/test/helm/deployment_test.yaml b/src/test/helm/deployment_test.yaml
index 6bd31db1bcadaa990cef70e13f04845e42e6f9e7..2149aac7929d554bdf6edab4a85907bc092a82de 100644
--- a/src/test/helm/deployment_test.yaml
+++ b/src/test/helm/deployment_test.yaml
@@ -34,11 +34,14 @@ set:
bezeichner: helm
sso:
serverUrl: https://sso.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: should have metadata values
asserts:
- isKind:
of: Deployment
+ - isAPIVersion:
+ of: apps/v1
- equal:
path: metadata.name
value: "administration"
@@ -83,6 +86,9 @@ tests:
- equal:
path: spec.template.metadata.labels.component
value: "administration"
+ - equal:
+ path: metadata.labels["ozgcloud-mongodb-client"]
+ value: "true"
- equal:
path: spec.template.spec.topologySpreadConstraints[0].maxSkew
value: 1
@@ -100,9 +106,6 @@ tests:
- equal:
path: spec.template.spec.dnsPolicy
value: "ClusterFirst"
- - equal:
- path: spec.template.spec.imagePullSecrets[0].name
- value: "administration-image-pull-secret"
- equal:
path: spec.template.spec.restartPolicy
value: "Always"
diff --git a/src/test/helm/deployment_volume_test.yaml b/src/test/helm/deployment_volume_test.yaml
index 6546763a8b9a03d0ce9fc964a503fe6fbb847092..0cdf8aeaaf60901ac3e85b04d334b5bf04ef1d57 100644
--- a/src/test/helm/deployment_volume_test.yaml
+++ b/src/test/helm/deployment_volume_test.yaml
@@ -28,13 +28,13 @@ release:
templates:
- templates/deployment.yaml
set:
- Release.Name: "administration"
ozgcloud:
environment: "default"
bundesland: sh
bezeichner: helm
sso:
serverUrl: https://sso.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: should have volumeMounts on it's container
asserts:
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index 48a5811fb8c081d3c32fbf9389e6a23fce3e80d7..5ce2a529903425d837453e884304f612e9e24c0b 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -126,4 +126,4 @@ tests:
dnsServerNamespace: test-dns-server-namespace
asserts:
- hasDocuments:
- count: 1
+ count: 1
\ No newline at end of file
diff --git a/src/test/helm/service_test.yaml b/src/test/helm/service_test.yaml
index da7cbbbdb325a212fbe9149549d3672867efdb46..eb031a886881e5e51d8781c5614fa36299dd83c0 100644
--- a/src/test/helm/service_test.yaml
+++ b/src/test/helm/service_test.yaml
@@ -37,14 +37,6 @@ tests:
apiVersion: v1
name: administration
namespace: helm-test
- - it: should have valid metadata values
- asserts:
- - equal:
- path: metadata.labels["helm.sh/chart"]
- value: administration-0.0.0-helm-test-version
- - equal:
- path: metadata.labels.component
- value: administration-service
- it: should be of type ClusterIP
asserts:
- equal:
@@ -79,4 +71,16 @@ tests:
asserts:
- equal:
path: spec.selector.component
- value: administration
\ No newline at end of file
+ value: administration
+ - it: should contain default lables and component lables
+ asserts:
+ - equal:
+ path: metadata.labels
+ value:
+ app.kubernetes.io/instance: administration
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: administration
+ app.kubernetes.io/namespace: helm-test
+ component: administration-service
+ helm.sh/chart: administration-0.0.0-helm-test-version
+ ozgcloud-mongodb-client: "true"
\ No newline at end of file