diff --git a/helm-chart/.helmignore b/helm-chart/.helmignore
new file mode 100644
index 0000000000000000000000000000000000000000..f48713aefc38112aeca6d64b5a57bea78aff5375
--- /dev/null
+++ b/helm-chart/.helmignore
@@ -0,0 +1,2 @@
+unit-tests/
+tests/
\ No newline at end of file
diff --git a/helm-chart/CHANGELOG.md b/helm-chart/CHANGELOG.md
new file mode 100644
index 0000000000000000000000000000000000000000..50bb992db947c3d081fd90add54a97d8fd6e9d66
--- /dev/null
+++ b/helm-chart/CHANGELOG.md
@@ -0,0 +1,24 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [0.2.0] - 2021-11-19
+
+### Added
+
+- OZG-1710: Add Susanne Fischer as stage test user
+- OZG-1710: Activate password reset allowed in keycloak realm
+- OZG-1710: Add VERWALTUNG_USER role to client
+- OZG-1710: Add localhost redirect urls for dev stage deployents for e2e testing
+- Add changelog to project. On upper level this did not make sense. Document version changes in 0.2.0.
+
+### Fixes
+
+- OZG-1719: Revert KeycloakRealm filename to state of version 0.1.14, test keycloakrealm naming to be fixed. Changes to the name of the file deletes and creates the realm at upgrade.
+
+### Removed
+
+- OZG-1710: Remove VERWALTUNG_USER role from realm
+- OZG-1710: Remove VERWALTUNG_USER default role from realm
+
+## [0.1.17] - 2021-11-15
diff --git a/helm-chart/Chart.yaml b/helm-chart/Chart.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..408f1025e5ed73685b4dc3cb85fc0cebb1a59f4e
--- /dev/null
+++ b/helm-chart/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+appVersion: "1.1"
+description: A Helm chart for Goofy
+name: goofy
+version: 0.20.0-SNAPSHOT
+icon: https://simpleicons.org/icons/helm.svg
diff --git a/helm-chart/app-readme.md b/helm-chart/app-readme.md
new file mode 100644
index 0000000000000000000000000000000000000000..b357f180cf799b8de014b7870921a2d7d5f694c9
--- /dev/null
+++ b/helm-chart/app-readme.md
@@ -0,0 +1,18 @@
+# Goofy
+
+Das helm chart zur Installation des allgemeinen Fachverfahrens - goofy.
+
+## FAQ
+
+### Benutzung beliebiger environment Werte
+
+In jedem der Projekte kann man beliebige weitere environments setzen. Dazu muss man in der jeweiligen values.yaml unter env.customList ein name value Paar setzen:
+
+```yaml
+env:
+ customList:
+ - name: Dinge
+ value: true
+ - name: ...
+ value: ...
+```
diff --git a/helm-chart/questions.yml b/helm-chart/questions.yml
new file mode 100644
index 0000000000000000000000000000000000000000..01532eed04b7c59b3968978876950949bb472524
--- /dev/null
+++ b/helm-chart/questions.yml
@@ -0,0 +1,55 @@
+questions:
+ - variable: image.tag
+ default: latest
+ type: string
+ label: The deployed version tag
+ group: "Container"
+ - variable: replicaCount
+ group: "Container"
+ type: string
+ default: "2"
+ label: "Deployment Replica count"
+ - variable: env.overrideSpringProfiles
+ type: string
+ label: "Override Spring boot profile"
+ group: "Container"
+ - variable: kop.bundesland
+ group: "KOP"
+ label: Bundesland
+ type: string
+ required: true
+ - variable: kop.bezeichner
+ group: "KOP"
+ label: "Bezeichner"
+ type: string
+ required: true
+ - variable: kop.environment
+ group: "KOP"
+ label: "Environment"
+ type: string
+ required: true
+ - variable: plutoName
+ group: "Other"
+ type: string
+ default: "pluto"
+ label: "Name of the pluto deployment in the namespace"
+ - variable: sso.role_einheitlicher_ansprechpartner
+ group: "Other"
+ type: boolean
+ default: false
+ label: "Add role for EA"
+ - variable: sso.displayName
+ group: "Other"
+ type: string
+ default: ""
+ label: "The custom display name to write on top of the login page. Defaults to 'Realm für <app.name>', Works on initial Install only."
+ - variable: sso.apiPassword
+ group: "Other"
+ type: string
+ default: " "
+ label: "SSO API User Password"
+ - variable: useKeycloakNamespace
+ group: "Other"
+ type: boolean
+ default: false
+ label: "Use keycloak namespace for keycloak templates"
\ No newline at end of file
diff --git a/helm-chart/templates/NOTES.txt b/helm-chart/templates/NOTES.txt
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/helm-chart/templates/_helpers.tpl b/helm-chart/templates/_helpers.tpl
new file mode 100644
index 0000000000000000000000000000000000000000..d3ddca5236aef361b6e1203def57764b4e2b87ed
--- /dev/null
+++ b/helm-chart/templates/_helpers.tpl
@@ -0,0 +1,149 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{/* Truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec) */}}
+{{/* Name */}}
+{{- define "app.name" -}}
+{{- default .Release.Name | toString | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/* Namespace */}}
+{{- define "app.namespace" -}}
+{{- default .Release.Namespace | toString | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/* Version */}}
+{{- define "app.version" -}}
+{{- default .Chart.Version | toString | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/* Chart: Name + Version */}}
+{{- define "app.chart" -}}
+{{ printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end -}}
+
+{{/* Managed-by -> On Helm, this value is always Helm */}}
+{{- define "app.managedBy" -}}
+{{- default .Release.Service | toString | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/* Default Labels: Helm recommended best-practice labels https://helm.sh/docs/chart_best_practices/labels/ */}}
+{{- define "app.defaultLabels" }}
+app.kubernetes.io/instance: goofy
+app.kubernetes.io/managed-by: {{ include "app.managedBy" . }}
+app.kubernetes.io/name: {{ include "app.name" . }}
+app.kubernetes.io/part-of: kop
+app.kubernetes.io/version: {{ include "app.version" . }}
+app.kubernetes.io/namespace: {{ include "app.namespace" . }}
+helm.sh/chart: {{ include "app.chart" . }}
+{{- end -}}
+
+{{- define "app.matchLabels" }}
+app.kubernetes.io/name: {{ include "app.name" . }}
+app.kubernetes.io/namespace: {{ include "app.namespace" . }}
+{{- end -}}
+
+{{- define "app.envSpringProfiles" }}
+{{- if (.Values.env).overrideSpringProfiles -}}
+{{ printf "%s" (.Values.env).overrideSpringProfiles }}
+{{- else -}}
+{{ printf "oc, %s" (include "app.kopEnvironment" . ) }}
+{{- end -}}
+{{- end -}}
+
+{{- define "app.grpc_client_pluto_address" -}}
+{{ printf "%s.%s:9090" ( coalesce .Values.plutoName "pluto" ) .Release.Namespace | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end -}}
+
+{{- define "app.kop_user-manager_url" -}}
+{{- if eq (include "app.kopEnvironment" . ) "prod" -}}
+{{ printf "https://%s-%s.ozg-sh.de" (include "app.kopBezeichner" .) .Values.usermanagerName }}
+{{- else -}}
+{{ printf "https://%s-%s.%s.ozg-sh.de" (include "app.kopBezeichner" .) .Values.usermanagerName (include "app.kopEnvironment" . ) }}
+{{- end -}}
+{{- end -}}
+
+{{- define "app.imagePullSecret" }}
+{{- with .Values.imageCredentials }}
+{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }}
+{{- end }}
+{{- end }}
+
+{{/* --- region keycoak --- */}}
+{{/* namespace sh-kiel-dev means <bundesland>-<name>-<level> */}}
+{{/* depending on level the server url is sso.dev.ozg-sh.de or sso.ozg-sh.de */}}
+{{/* values can be overwritten */}}
+
+{{- define "app.kopBundesland" -}}
+{{- required "Bundesland muss angegeben sein" (.Values.kop).bundesland }}
+{{- end -}}
+
+{{- define "app.kopBezeichner" -}}
+{{ $length := len (.Values.kop).bezeichner }}
+{{- if ge 27 $length -}}
+{{- required "Bezeichner muss angegeben sein" (.Values.kop).bezeichner -}}
+{{- else -}}
+{{ required (printf "Bezichner %s ist zu lang (max. 27 Zeichen)" (.Values.kop).bezeichner) nil }}
+{{- end -}}
+{{- end -}}
+
+{{- define "app.kopEnvironment" -}}
+{{- required "Environment muss angegeben sein" (.Values.kop).environment -}}
+{{- end -}}
+
+{{- define "app.ssoRealm" -}}
+{{ printf "%s-%s-%s" (include "app.kopBundesland" .) ( include "app.kopBezeichner" . ) ( include "app.kopEnvironment" . ) | trunc 63 | trimSuffix "-" }}
+{{- end -}}
+
+{{- define "app.ssoRealmDisplayName" -}}
+{{- if (.Values.sso).displayName -}}
+{{ printf "%s" (.Values.sso).displayName }}
+{{- else if eq (include "app.kopEnvironment" . ) "prod" -}}
+{{ printf "Realm für %s" (include "app.kopBezeichner" . | title ) }}
+{{- else -}}
+{{ printf "Realm für %s (%s)" (include "app.kopBezeichner" . | title ) (include "app.kopEnvironment" .) }}
+{{- end -}}
+{{- end -}}
+
+{{- define "app.ssoServerUrl" -}}
+{{- if (.Values.sso).serverUrl -}}
+{{- printf "%s" .Values.sso.serverUrl -}}
+{{- else if eq (include "app.kopEnvironment" . ) "dev" -}}
+{{ printf "https://sso.dev.ozg-sh.de" }}
+{{- else if eq (include "app.kopEnvironment" . ) "test" -}}
+{{ printf "https://sso.test.ozg-sh.de" }}
+{{- else -}}
+{{ printf "https://sso.ozg-sh.de" }}
+{{- end -}}
+{{- end -}}
+
+{{- define "app.baseUrl" -}}
+{{- if .Values.host -}}
+{{- printf "%s" .Values.host -}}
+{{- else if eq (include "app.kopEnvironment" . ) "prod" -}}
+{{ printf "https://%s.ozg-sh.de" (include "app.kopBezeichner" .) }}
+{{- else -}}
+{{ printf "https://%s.%s.ozg-sh.de" (include "app.kopBezeichner" .) (include "app.kopEnvironment" . ) }}
+{{- end -}}
+{{- end -}}
+
+{{- define "app.keycloakClientId" -}}
+{{ printf "%s-%s-%s-%s" (include "app.kopBundesland" .) ( include "app.kopBezeichner" . ) ( include "app.kopEnvironment" . ) ( include "app.name" . ) | trunc 63 | trimSuffix "-" }}
+{{- end -}}
+
+{{- define "app.resources" }}
+{{- if eq (include "app.kopEnvironment" . ) "prod" }}
+ limits:
+ cpu: "500m"
+ memory: "1000Mi"
+ requests:
+ cpu: "50m"
+ memory: "250Mi"
+{{- else }}
+ limits:
+ cpu: "500m"
+ memory: "1000Mi"
+ requests:
+ cpu: "50m"
+ memory: "250Mi"
+{{- end }}
+{{- end -}}
diff --git a/helm-chart/templates/deployment.yaml b/helm-chart/templates/deployment.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..ba3fb6e9cd49b9221dd4b7e333148dbab5e7b909
--- /dev/null
+++ b/helm-chart/templates/deployment.yaml
@@ -0,0 +1,108 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "app.name" . }}
+ namespace: {{ include "app.namespace" . }}
+ labels:
+ {{- include "app.defaultLabels" . | indent 4 }}
+spec:
+ progressDeadlineSeconds: 600
+ replicas: {{ .Values.replicaCount }}
+ revisionHistoryLimit: 10
+ selector:
+ matchLabels:
+ {{- include "app.matchLabels" . | indent 6 }}
+ strategy:
+ rollingUpdate:
+ maxSurge: 1
+ maxUnavailable: 0
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ {{- include "app.defaultLabels" . | indent 8 }}
+ component: goofy
+ spec:
+ topologySpreadConstraints:
+ - maxSkew: 1
+ topologyKey: kubernetes.io/hostname
+ whenUnsatisfiable: ScheduleAnyway
+ labelSelector:
+ matchLabels:
+ app.kubernetes.io/name: {{ include "app.name" . }}
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: goofyable
+ operator: NotIn
+ values:
+ - "false"
+ containers:
+ - env:
+ - name: grpc_client_pluto_address
+ value: {{ include "app.grpc_client_pluto_address" . }}
+ - name: spring_profiles_active
+ value: {{ include "app.envSpringProfiles" . }}
+ - name: keycloak_realm
+ value: {{ include "app.ssoRealm" . }}
+ - name: keycloak_resource
+ value: {{ include "app.keycloakClientId" . }}
+ - name: keycloak_auth-server-url
+ value: {{ include "app.ssoServerUrl" . }}
+ - name: goofy_keycloak_api_password
+ value: {{ required "A sso apiPassword is required!" (.Values.sso).apiPassword }}
+ - name: kop_user-manager_url
+ value: {{ include "app.kop_user-manager_url" . }}
+ {{- with (.Values.env).customList }}
+{{ toYaml . | indent 8 }}
+ {{- end }}
+ image: "{{ .Values.image.repo }}/{{ .Values.image.name }}:{{ coalesce (.Values.image).tag "latest" }}"
+ imagePullPolicy: Always
+ name: goofy
+ ports:
+ - containerPort: 8080
+ name: 8080tcp1
+ protocol: TCP
+ - containerPort: 8081
+ name: metrics
+ protocol: TCP
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /actuator/health/readiness
+ port: 8081
+ scheme: HTTP
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 3
+ startupProbe:
+ failureThreshold: 10
+ httpGet:
+ path: /actuator/health/readiness
+ port: 8081
+ scheme: HTTP
+ initialDelaySeconds: 30
+ periodSeconds: 5
+ successThreshold: 1
+ timeoutSeconds: 5
+ resources:
+ {{- include "app.resources" . | indent 8 }}
+ securityContext:
+ allowPrivilegeEscalation: false
+ privileged: false
+ readOnlyRootFilesystem: false
+ runAsNonRoot: false
+ stdin: true
+ terminationMessagePath: /dev/termination-log
+ terminationMessagePolicy: File
+ tty: true
+ dnsConfig: {}
+ dnsPolicy: ClusterFirst
+ imagePullSecrets:
+ - name: goofy-image-pull-secret
+ restartPolicy: Always
+ schedulerName: default-scheduler
+ securityContext: {}
+ terminationGracePeriodSeconds: 30
diff --git a/helm-chart/templates/image-pull-secret.yaml b/helm-chart/templates/image-pull-secret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..d302111913d0d9dead7188ec83ebfb158dc6c8c3
--- /dev/null
+++ b/helm-chart/templates/image-pull-secret.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: goofy-image-pull-secret
+ namespace: {{ include "app.namespace" . }}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ include "app.imagePullSecret" . }}
\ No newline at end of file
diff --git a/helm-chart/templates/ingress.yaml b/helm-chart/templates/ingress.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..9512154b91be62b4fdb87c0c7e4e3ebe025520b3
--- /dev/null
+++ b/helm-chart/templates/ingress.yaml
@@ -0,0 +1,23 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ {{- with .Values.ingressAnnotations }}
+ annotations: {{- toYaml . | nindent 4 }}
+ {{- end }}
+ name: {{ include "app.name" . }}
+ namespace: {{ include "app.namespace" . }}
+spec:
+ rules:
+ - http:
+ paths:
+ - backend:
+ service:
+ port:
+ number: 8080
+ name: {{ include "app.name" . }}
+ path: ''
+ pathType: ImplementationSpecific
+ host: {{ trimPrefix "https://" ( include "app.baseUrl" . ) }}
+ tls:
+ - hosts:
+ - {{ trimPrefix "https://" ( include "app.baseUrl" . ) }}
\ No newline at end of file
diff --git a/helm-chart/templates/service.yaml b/helm-chart/templates/service.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..08f730e44f5646bdcd8e7fa16a0f0a8a5aa5045e
--- /dev/null
+++ b/helm-chart/templates/service.yaml
@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "app.name" . }}
+ namespace: {{ include "app.namespace" . }}
+ labels:
+ {{- include "app.defaultLabels" . | indent 4 }}
+ component: goofy-service
+spec:
+ type: ClusterIP
+ ports:
+ - name: http
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ - name: metrics
+ port: 8081
+ protocol: TCP
+ selector:
+ {{- include "app.matchLabels" . | indent 4 }}
+ component: goofy
\ No newline at end of file
diff --git a/helm-chart/templates/service_monitor.yaml b/helm-chart/templates/service_monitor.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..23a84b8e0302eb664766e703c2a6e3f9903e9794
--- /dev/null
+++ b/helm-chart/templates/service_monitor.yaml
@@ -0,0 +1,19 @@
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: {{ include "app.name" . }}
+ namespace: {{ include "app.namespace" . }}
+ labels:
+ {{- include "app.defaultLabels" . | indent 4 }}
+ component: goofy-service-monitor
+spec:
+ endpoints:
+ - port: metrics
+ path: /actuator/prometheus
+ namespaceSelector:
+ matchNames:
+ - {{ include "app.namespace" . }}
+ selector:
+ matchLabels:
+ {{- include "app.matchLabels" . | indent 6 }}
+ component: goofy-service
\ No newline at end of file
diff --git a/helm-chart/templates/tests/test-ingress-connection.yaml b/helm-chart/templates/tests/test-ingress-connection.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..acde6bdd62afb06c1de9f78e41cd8cd3a0be7031
--- /dev/null
+++ b/helm-chart/templates/tests/test-ingress-connection.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Pod
+metadata:
+ name: "{{ include "app.name" . }}-test-ingress"
+ labels:
+ {{- include "app.matchLabels" . | nindent 4 }}
+ annotations:
+ "helm.sh/hook": test
+spec:
+ containers:
+ - name: wget
+ image: busybox
+ command: ['wget']
+ args:
+ - {{ include "app.baseUrl" . }}
+ restartPolicy: Never
diff --git a/helm-chart/templates/tests/test-service-connection.yaml b/helm-chart/templates/tests/test-service-connection.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..a2024a8bc89891f9efb94629d8bfcdc94ad7528d
--- /dev/null
+++ b/helm-chart/templates/tests/test-service-connection.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+ name: "{{ include "app.name" . }}-test-connection"
+ labels:
+ {{- include "app.matchLabels" . | nindent 4 }}
+ annotations:
+ "helm.sh/hook": test
+spec:
+ containers:
+ - name: wget
+ image: busybox
+ command: ['wget']
+ args: ['{{ include "app.name" . }}:8080']
+ restartPolicy: Never
diff --git a/helm-chart/test-values.yaml b/helm-chart/test-values.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..a87a415fc8ed01c0b27cc7b9715a8dea592b59c0
--- /dev/null
+++ b/helm-chart/test-values.yaml
@@ -0,0 +1,7 @@
+kop:
+ bundesland: sh
+ bezeichner: helm
+ environment: test
+
+sso:
+ apiPassword: test1234
diff --git a/helm-chart/unit-tests/deployment_defaults_affinity_test.yaml b/helm-chart/unit-tests/deployment_defaults_affinity_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..d12e99027345cb0bf82c22280f9297c8273ce604
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_defaults_affinity_test.yaml
@@ -0,0 +1,25 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: should work
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - equal:
+ path: spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key
+ value: goofyable
+ - equal:
+ path: spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].operator
+ value: NotIn
+ - equal:
+ path: spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[0]
+ value: "false"
diff --git a/helm-chart/unit-tests/deployment_defaults_annotaion_test.yaml b/helm-chart/unit-tests/deployment_defaults_annotaion_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..f339eaea438f903c6f1f3aa1d3bfec8e1bcf2f6f
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_defaults_annotaion_test.yaml
@@ -0,0 +1,24 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/ingress.yaml
+tests:
+ - it: check ingress annotaions if traefik v2
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ asserts:
+ - isKind:
+ of: Ingress
+ - equal:
+ path: metadata.annotations.[kubernetes.io/ingress.class]
+ value: traefik
+ - equal:
+ path: metadata.annotations.[traefik.ingress.kubernetes.io/router.entrypoints]
+ value: websecure
+ - equal:
+ path: metadata.annotations.[traefik.ingress.kubernetes.io/router.tls]
+ value: "true"
\ No newline at end of file
diff --git a/helm-chart/unit-tests/deployment_defaults_env_test.yaml b/helm-chart/unit-tests/deployment_defaults_env_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..02c38fad69008a0604b9e12cd99c5afa5383ac60
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_defaults_env_test.yaml
@@ -0,0 +1,46 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-prod
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: check default values
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: prod
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: grpc_client_pluto_address
+ value: pluto.sh-helm-prod:9090
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: spring_profiles_active
+ value: oc, prod
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: keycloak_realm
+ value: sh-helm-prod
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: keycloak_resource
+ value: sh-helm-prod-goofy
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: keycloak_auth-server-url
+ value: https://sso.ozg-sh.de
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: goofy_keycloak_api_password
+ value: test1234
\ No newline at end of file
diff --git a/helm-chart/unit-tests/deployment_defaults_labels_test.yaml b/helm-chart/unit-tests/deployment_defaults_labels_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..435293b114807acfa54360af3acfa5c071f7e077
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_defaults_labels_test.yaml
@@ -0,0 +1,28 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+ - templates/service_monitor.yaml
+ - templates/service.yaml
+tests:
+ - it: check default labels
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ asserts:
+ - equal:
+ path: metadata.labels.[app.kubernetes.io/instance]
+ value: goofy
+ - equal:
+ path: metadata.labels.[app.kubernetes.io/name]
+ value: goofy
+ - equal:
+ path: metadata.labels.[app.kubernetes.io/part-of]
+ value: kop
+ - equal:
+ path: metadata.labels.[app.kubernetes.io/namespace]
+ value: sh-helm-test
diff --git a/helm-chart/unit-tests/deployment_defaults_spec_containers_health_test.yaml b/helm-chart/unit-tests/deployment_defaults_spec_containers_health_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..ff3abe23ee3e77eabfce97c0c60aac3742eb91d7
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_defaults_spec_containers_health_test.yaml
@@ -0,0 +1,62 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: should work
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - equal:
+ path: spec.template.spec.containers[0].readinessProbe.failureThreshold
+ value: 3
+ - equal:
+ path: spec.template.spec.containers[0].readinessProbe.httpGet.path
+ value: /actuator/health/readiness
+ - equal:
+ path: spec.template.spec.containers[0].readinessProbe.httpGet.port
+ value: 8081
+ - equal:
+ path: spec.template.spec.containers[0].readinessProbe.httpGet.scheme
+ value: HTTP
+ - equal:
+ path: spec.template.spec.containers[0].readinessProbe.periodSeconds
+ value: 10
+ - equal:
+ path: spec.template.spec.containers[0].readinessProbe.successThreshold
+ value: 1
+ - equal:
+ path: spec.template.spec.containers[0].readinessProbe.timeoutSeconds
+ value: 3
+ - equal:
+ path: spec.template.spec.containers[0].startupProbe.failureThreshold
+ value: 10
+ - equal:
+ path: spec.template.spec.containers[0].startupProbe.httpGet.path
+ value: /actuator/health/readiness
+ - equal:
+ path: spec.template.spec.containers[0].startupProbe.httpGet.port
+ value: 8081
+ - equal:
+ path: spec.template.spec.containers[0].startupProbe.httpGet.scheme
+ value: HTTP
+ - equal:
+ path: spec.template.spec.containers[0].startupProbe.initialDelaySeconds
+ value: 30
+ - equal:
+ path: spec.template.spec.containers[0].startupProbe.periodSeconds
+ value: 5
+ - equal:
+ path: spec.template.spec.containers[0].startupProbe.successThreshold
+ value: 1
+ - equal:
+ path: spec.template.spec.containers[0].startupProbe.timeoutSeconds
+ value: 5
+
\ No newline at end of file
diff --git a/helm-chart/unit-tests/deployment_defaults_spec_containers_securityContext_test.yaml b/helm-chart/unit-tests/deployment_defaults_spec_containers_securityContext_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..9b495037644a61bbbaff0504a8f4516960d48910
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_defaults_spec_containers_securityContext_test.yaml
@@ -0,0 +1,28 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: should work
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - equal:
+ path: spec.template.spec.containers[0].securityContext.allowPrivilegeEscalation
+ value: false
+ - equal:
+ path: spec.template.spec.containers[0].securityContext.privileged
+ value: false
+ - equal:
+ path: spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem
+ value: false
+ - equal:
+ path: spec.template.spec.containers[0].securityContext.runAsNonRoot
+ value: false
diff --git a/helm-chart/unit-tests/deployment_defaults_spec_containers_test.yaml b/helm-chart/unit-tests/deployment_defaults_spec_containers_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..34a37263a8df719d4958933366d26c4076c3b87e
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_defaults_spec_containers_test.yaml
@@ -0,0 +1,77 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: check for some standard values
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - equal:
+ path: spec.template.spec.containers[0].image
+ value: "docker.ozg-sh.de/goofy:latest"
+ - equal:
+ path: spec.template.spec.containers[0].imagePullPolicy
+ value: Always
+ - equal:
+ path: spec.template.spec.containers[0].name
+ value: goofy
+ - equal:
+ path: spec.template.spec.containers[0].ports[0].containerPort
+ value: 8080
+ - equal:
+ path: spec.template.spec.containers[0].ports[0].name
+ value: 8080tcp1
+ - equal:
+ path: spec.template.spec.containers[0].ports[0].protocol
+ value: TCP
+ - equal:
+ path: spec.template.spec.containers[0].stdin
+ value: true
+ - equal:
+ path: spec.template.spec.containers[0].terminationMessagePath
+ value: /dev/termination-log
+ - equal:
+ path: spec.template.spec.containers[0].terminationMessagePolicy
+ value: File
+ - equal:
+ path: spec.template.spec.containers[0].tty
+ value: true
+ - it: should add the port for metrics when scrapeMetrics is enabled
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: kiel
+ kop.environment: dev
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - equal:
+ path: spec.template.spec.containers[0].ports[1].containerPort
+ value: 8081
+ - equal:
+ path: spec.template.spec.containers[0].ports[1].name
+ value: metrics
+ - equal:
+ path: spec.template.spec.containers[0].ports[1].protocol
+ value: TCP
+ - it: should not add the port for metrics when scrapeMetrics is disabled
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: kiel
+ kop.environment: dev
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - notContains:
+ path: spec.template.spec.containers[0].ports
+ content:
+ name: metrics
\ No newline at end of file
diff --git a/helm-chart/unit-tests/deployment_defaults_spec_test.yaml b/helm-chart/unit-tests/deployment_defaults_spec_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..a36146dc77fb2889353f2f1685d0fc09a8eb7690
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_defaults_spec_test.yaml
@@ -0,0 +1,55 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: should work
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - equal:
+ path: spec.progressDeadlineSeconds
+ value: 600
+ - equal:
+ path: spec.replicas
+ value: 2
+ - equal:
+ path: spec.revisionHistoryLimit
+ value: 10
+ - equal:
+ path: spec.selector.matchLabels.[app.kubernetes.io/name]
+ value: goofy
+ - equal:
+ path: spec.selector.matchLabels.[app.kubernetes.io/namespace]
+ value: sh-helm-test
+ - equal:
+ path: spec.strategy.rollingUpdate.maxSurge
+ value: 1
+ - equal:
+ path: spec.strategy.rollingUpdate.maxUnavailable
+ value: 0
+ - equal:
+ path: spec.strategy.type
+ value: RollingUpdate
+ - equal:
+ path: spec.template.spec.dnsPolicy
+ value: ClusterFirst
+ - equal:
+ path: spec.template.spec.imagePullSecrets[0].name
+ value: goofy-image-pull-secret
+ - equal:
+ path: spec.template.spec.restartPolicy
+ value: Always
+ - equal:
+ path: spec.template.spec.schedulerName
+ value: default-scheduler
+ - equal:
+ path: spec.template.spec.terminationGracePeriodSeconds
+ value: 30
\ No newline at end of file
diff --git a/helm-chart/unit-tests/deployment_defaults_sso_test.yaml b/helm-chart/unit-tests/deployment_defaults_sso_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..a2f1e9ed10fbad3be0387d0fc2b14153d92ef35e
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_defaults_sso_test.yaml
@@ -0,0 +1,74 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-prod
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: check default values
+ set:
+ sso.apiPassword: SicherheitGehtVor!!1!
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: prod
+ asserts:
+ - isKind:
+ of: Deployment
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: keycloak_realm
+ value: sh-helm-prod
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: keycloak_resource
+ value: sh-helm-prod-goofy
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: keycloak_auth-server-url
+ value: https://sso.ozg-sh.de
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: goofy_keycloak_api_password
+ value: SicherheitGehtVor!!1!
+ - it: check sso serverUrl for dev environment
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: name
+ kop.environment: dev
+ sso.apiPassword: test1234
+ asserts:
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: keycloak_auth-server-url
+ value: https://sso.dev.ozg-sh.de
+ - it: check sso serverUrl for test environment
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: name
+ kop.environment: test
+ sso.apiPassword: test1234
+ asserts:
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: keycloak_auth-server-url
+ value: https://sso.test.ozg-sh.de
+ - it: check realm with long namespace
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: eins-zwei
+ kop.environment: prod
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: keycloak_realm
+ value: sh-eins-zwei-prod
\ No newline at end of file
diff --git a/helm-chart/unit-tests/deployment_defaults_topologySpreadConstraints_test.yaml b/helm-chart/unit-tests/deployment_defaults_topologySpreadConstraints_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..c670af4be87ba4893fe272920c17736eae057975
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_defaults_topologySpreadConstraints_test.yaml
@@ -0,0 +1,28 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: check default values
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - equal:
+ path: spec.template.spec.topologySpreadConstraints[0].maxSkew
+ value: 1
+ - equal:
+ path: spec.template.spec.topologySpreadConstraints[0].topologyKey
+ value: kubernetes.io/hostname
+ - equal:
+ path: spec.template.spec.topologySpreadConstraints[0].whenUnsatisfiable
+ value: ScheduleAnyway
+ - equal:
+ path: spec.template.spec.topologySpreadConstraints[0].labelSelector.matchLabels.[app.kubernetes.io/name]
+ value: goofy
\ No newline at end of file
diff --git a/helm-chart/unit-tests/deployment_env_test.yaml b/helm-chart/unit-tests/deployment_env_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..52702ef3a707850e29f1e783f5e98b090e5aa009
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_env_test.yaml
@@ -0,0 +1,33 @@
+suite: test environments
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: check customList
+ template: deployment.yaml
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ env.customList:
+ - name: my_test_environment_name
+ value: "A test value"
+ asserts:
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: my_test_environment_name
+ value: "A test value"
+ - it: check customList test value is not set by default
+ template: deployment.yaml
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ asserts:
+ - notContains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: my_test_environment_name
+ value: "A test value"
diff --git a/helm-chart/unit-tests/deployment_imageTag_test.yaml b/helm-chart/unit-tests/deployment_imageTag_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..166e053201afe61eda3ef188c06309b7781d2619
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_imageTag_test.yaml
@@ -0,0 +1,20 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: should set the snapshot latest imageTag
+ set:
+ image.tag: snapshot-latest
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - equal:
+ path: spec.template.spec.containers[0].image
+ value: docker.ozg-sh.de/goofy:snapshot-latest
\ No newline at end of file
diff --git a/helm-chart/unit-tests/deployment_pluto_address_test.yaml b/helm-chart/unit-tests/deployment_pluto_address_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..67e8f5d052e8019e8c7d07b8f965bc2bfa4946d6
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_pluto_address_test.yaml
@@ -0,0 +1,20 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: should set the pluto name
+ set:
+ plutoName: my-test-pluto-name
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ asserts:
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: grpc_client_pluto_address
+ value: my-test-pluto-name.sh-helm-test:9090
diff --git a/helm-chart/unit-tests/deployment_replicas_test.yaml b/helm-chart/unit-tests/deployment_replicas_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..6fe277c36d6939474d9827dc85211c3c44129113
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_replicas_test.yaml
@@ -0,0 +1,20 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: should set the replica count
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ replicaCount: 5
+ asserts:
+ - isKind:
+ of: Deployment
+ - equal:
+ path: spec.replicas
+ value: 5
\ No newline at end of file
diff --git a/helm-chart/unit-tests/deployment_resources_test.yaml b/helm-chart/unit-tests/deployment_resources_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..131ec3d99c1e0e81cdc2cb99ebf4871b9635131d
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_resources_test.yaml
@@ -0,0 +1,45 @@
+suite: test deployment
+release:
+ name: goofy
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: test resources for prod environment
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: name
+ kop.environment: prod
+ sso.apiPassword: test1234
+ asserts:
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.cpu
+ value: 500m
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.memory
+ value: 1000Mi
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.cpu
+ value: 50m
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.memory
+ value: 250Mi
+ - it: test default resources
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: name
+ kop.environment: dev
+ sso.apiPassword: test1234
+ asserts:
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.cpu
+ value: 500m
+ - equal:
+ path: spec.template.spec.containers[0].resources.limits.memory
+ value: 1000Mi
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.cpu
+ value: 50m
+ - equal:
+ path: spec.template.spec.containers[0].resources.requests.memory
+ value: 250Mi
+
diff --git a/helm-chart/unit-tests/deployment_springProfile_test.yaml b/helm-chart/unit-tests/deployment_springProfile_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..55bb7b804a940211217a0829f86db4664e434e7e
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_springProfile_test.yaml
@@ -0,0 +1,36 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: should override the spring profiles
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ env.overrideSpringProfiles: oc,stage,ea
+ asserts:
+ - isKind:
+ of: Deployment
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: spring_profiles_active
+ value: oc,stage,ea
+ - it: should generate the spring profiles
+ set:
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: spring_profiles_active
+ value: oc, test
\ No newline at end of file
diff --git a/helm-chart/unit-tests/deployment_usermanager_address_test.yaml b/helm-chart/unit-tests/deployment_usermanager_address_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..3519d0cf3c2181ddd34f1af92213626e9d79bf8f
--- /dev/null
+++ b/helm-chart/unit-tests/deployment_usermanager_address_test.yaml
@@ -0,0 +1,37 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+tests:
+ - it: should set the usermanager url for test environment
+ set:
+ usermanagerName: my-test-usermanager-name
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: test
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: kop_user-manager_url
+ value: https://helm-my-test-usermanager-name.test.ozg-sh.de
+ - it: should set the usermanager url for prod environment
+ set:
+ usermanagerName: my-test-usermanager-name
+ kop.bundesland: sh
+ kop.bezeichner: helm
+ kop.environment: prod
+ sso.apiPassword: test1234
+ asserts:
+ - isKind:
+ of: Deployment
+ - contains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: kop_user-manager_url
+ value: https://helm-my-test-usermanager-name.ozg-sh.de
diff --git a/helm-chart/unit-tests/service_monitor_test.yaml b/helm-chart/unit-tests/service_monitor_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..5bf1addd1e47ce39a323f7e0a4baedf3d6eb351b
--- /dev/null
+++ b/helm-chart/unit-tests/service_monitor_test.yaml
@@ -0,0 +1,52 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: sh-helm-test
+templates:
+ - templates/service_monitor.yaml
+tests:
+ - it: should have the label component with value goofy-service-monitor attached
+ asserts:
+ - isKind:
+ of: ServiceMonitor
+ - equal:
+ path: metadata.labels.[component]
+ value: goofy-service-monitor
+ - it: should have the metrics endpoint configured by default
+ set:
+ env.springProfiles: oc,stage
+ asserts:
+ - isKind:
+ of: ServiceMonitor
+ - contains:
+ path: spec.endpoints
+ content:
+ port: metrics
+ path: /actuator/prometheus
+ - it: should be able to enable the endpoint
+ asserts:
+ - isKind:
+ of: ServiceMonitor
+ - contains:
+ path: spec.endpoints
+ content:
+ port: metrics
+ path: /actuator/prometheus
+ - it: namespace selector should contain the namespace
+ asserts:
+ - contains:
+ path: spec.namespaceSelector.matchNames
+ content: sh-helm-test
+ - it: selector should contain the component label with the value goofy-service
+ asserts:
+ - equal:
+ path: spec.selector.matchLabels.[component]
+ value: goofy-service
+ - it: selector should contain helm recommended labels name and namespace
+ asserts:
+ - equal:
+ path: spec.selector.matchLabels.[app.kubernetes.io/name]
+ value: goofy
+ - equal:
+ path: spec.selector.matchLabels.[app.kubernetes.io/namespace]
+ value: sh-helm-test
diff --git a/helm-chart/unit-tests/service_test.yaml b/helm-chart/unit-tests/service_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..e1fde5e1f6402a6356e8217d5a3f231d737d1c90
--- /dev/null
+++ b/helm-chart/unit-tests/service_test.yaml
@@ -0,0 +1,54 @@
+suite: test deployment
+release:
+ name: goofy
+ namespace: helm-test
+templates:
+ - templates/service.yaml
+tests:
+ - it: should have the label component with value goofy-service attached
+ asserts:
+ - isKind:
+ of: Service
+ - equal:
+ path: metadata.labels.[component]
+ value: goofy-service
+ - it: should be of type ClusterIP
+ asserts:
+ - equal:
+ path: spec.type
+ value: ClusterIP
+ - it: ports should contain the 8080 default http port
+ asserts:
+ - contains:
+ path: spec.ports
+ content:
+ name: http
+ port: 8080
+ protocol: TCP
+ targetPort: 8080
+ count: 1
+ any: true
+ - it: ports should contain the metrics port
+ asserts:
+ - contains:
+ path: spec.ports
+ content:
+ name: metrics
+ port: 8081
+ protocol: TCP
+ count: 1
+ any: true
+ - it: selector should contain the component label with the value goofy
+ asserts:
+ - equal:
+ path: spec.selector.[component]
+ value: goofy
+ - it: selector should contain helm recommended labels name and namespace
+ asserts:
+ - equal:
+ path: spec.selector.[app.kubernetes.io/name]
+ value: goofy
+ - equal:
+ path: spec.selector.[app.kubernetes.io/namespace]
+ value: helm-test
+
\ No newline at end of file
diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..510d062f849cf2a0fb3ede101153e4e7eeda06d6
--- /dev/null
+++ b/helm-chart/values.yaml
@@ -0,0 +1,48 @@
+imageCredentials:
+ registry: docker.ozg-sh.de
+ username: kop
+ password:
+ email: webmaster@ozg-sh.de
+
+image:
+ repo: docker.ozg-sh.de
+ name: goofy
+ tag: latest # [default: latest]
+
+replicaCount: 2 # [default: 2]
+
+ingressAnnotations:
+ kubernetes.io/ingress.class: traefik
+ traefik.ingress.kubernetes.io/router.entrypoints: websecure
+ traefik.ingress.kubernetes.io/router.tls: "true"
+
+usermanagerName: user-manager
+
+# env:
+# overrideSpringProfiles: "oc,prod"
+# customList: # add name value pair for additional environments
+# - name: Dinge
+# value: true
+
+# host: # [default: https://<name>.<level>.ozg-sh.de, if level == "prod" https://<name>.ozg-sh.de] optional, host override value. Be aware that XXX.dev.ozg-sh.de can be used in the dev cluster only.
+
+# resources:
+# limits:
+# cpu: 1
+# memory: 1000Mi
+# requests:
+# cpu: 50m
+# memory: 500Mi
+
+# plutoName: pluto # [default: pluto]
+# sso: # Most values are set according to namespace name (<bundesland>-<name>-<level>) and are optional
+ # serverUrl: https://sso.ozg-sh.de # [default: https://sso.dev.ozg-sh.de, if level == "stage|prod" https://sso.ozg-sh.de]
+ # apiPassword: # Required value
+ # role_einheitlicher_ansprechpartner: false # [default: false]
+ # displayName: "Hüttener Berge" [default: "Realm für <sso.name> (<sso.level>"] The custom display name to write on top of the login page.
+
+
+# kop:
+# bundesland: sh
+# bezeichner: kiel
+# environment: dev
\ No newline at end of file