diff --git a/src/main/helm/templates/_helpers.tpl b/src/main/helm/templates/_helpers.tpl
index bd00fd8f122309db1543a75b42cd0bad904f986c..786c783668e06784ebb8cbee7812ea609ea5a338 100644
--- a/src/main/helm/templates/_helpers.tpl
+++ b/src/main/helm/templates/_helpers.tpl
@@ -1,54 +1,46 @@
{{/* vim: set filetype=mustache: */}}
-{{/* Truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec) */}}
-{{/* Name */}}
-{{- define "app.name" -}}
-{{- default .Release.Name | toString | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
{{/* Namespace */}}
{{- define "app.namespace" -}}
-{{- default .Release.Namespace | toString | trunc 63 | trimSuffix "-" -}}
+{{- if gt (len (.Release.Namespace)) 63 -}}
+{{- fail (printf ".Release.Namespace %s ist zu lang (max. 63 Zeichen)" .Release.Namespace) -}}
{{- end -}}
-
-{{/* Version */}}
-{{- define "app.version" -}}
-{{- default .Chart.Version | toString | trunc 63 | trimSuffix "-" -}}
+{{ printf "%s" .Release.Namespace }}
{{- end -}}
{{/* Chart: Name + Version */}}
{{- define "app.chart" -}}
-{{ printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- if gt (len (printf "%s-%s" .Chart.Name .Chart.Version)) 63 -}}
+{{- fail (printf ".Chart.Name-.Chart.Version %s-%s ist zu lang (max. 63 Zeichen)" .Chart.Name .Chart.Version) -}}
+{{- end -}}
+{{ printf "%s-%s" .Chart.Name .Chart.Version }}
{{- end -}}
{{/* Managed-by -> On Helm, this value is always Helm */}}
{{- define "app.managedBy" -}}
-{{- default .Release.Service | toString | trunc 63 | trimSuffix "-" -}}
+{{- if gt (len (.Release.Service)) 63 -}}
+{{- fail (printf ".Release.Service %s ist zu lang (max. 63 Zeichen)" .Release.Service) -}}
+{{- end -}}
+{{ printf "%s" .Release.Service }}
{{- end -}}
{{/* Default Labels: Helm recommended best-practice labels https://helm.sh/docs/chart_best_practices/labels/ */}}
{{- define "app.defaultLabels" }}
app.kubernetes.io/instance: user-manager
app.kubernetes.io/managed-by: {{ include "app.managedBy" . }}
-app.kubernetes.io/name: {{ include "app.name" . }}
+app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/namespace: {{ include "app.namespace" . }}
app.kubernetes.io/part-of: ozgcloud
-app.kubernetes.io/version: {{ include "app.version" . }}
+app.kubernetes.io/version: {{ .Chart.Version }}
helm.sh/chart: {{ include "app.chart" . }}
ozgcloud-mongodb-client: "true"
{{- end -}}
{{- define "app.matchLabels" }}
-app.kubernetes.io/name: {{ include "app.name" . }}
+app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/namespace: {{ include "app.namespace" . }}
{{- end -}}
-{{- define "app.imagePullSecret" }}
-{{- with .Values.imageCredentials }}
-{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }}
-{{- end }}
-{{- end }}
-
{{- define "app.cronjobScheduler" }}
{{- printf "%d %d * * *" (div (randNumeric 2) 2) (div (randNumeric 1) 2) -}}
{{- end -}}
@@ -103,7 +95,7 @@ app.kubernetes.io/namespace: {{ include "app.namespace" . }}
{{- if (.Values.baseDomain) -}}
{{ .Values.baseDomain }}
{{- else -}}
-{{ printf "%s-%s.%s" (include "app.ozgcloudBezeichner" .) (include "app.name" .) (include "app.baseUrl" .) }}
+{{ printf "%s-%s.%s" (include "app.ozgcloudBezeichner" .) (.Release.Name) (include "app.baseUrl" .) }}
{{- end -}}
{{- end -}}
diff --git a/src/main/helm/templates/api-password-secret.yaml b/src/main/helm/templates/api_password_secret.yaml
similarity index 100%
rename from src/main/helm/templates/api-password-secret.yaml
rename to src/main/helm/templates/api_password_secret.yaml
diff --git a/src/main/helm/templates/certificate.yaml b/src/main/helm/templates/certificate.yaml
index f90349548a71d69b31262afee0286939b5732c14..2e711fd20a731f19e17fac1fa1cbb11257d041e7 100644
--- a/src/main/helm/templates/certificate.yaml
+++ b/src/main/helm/templates/certificate.yaml
@@ -35,12 +35,12 @@ spec:
kind: Issuer
duration: 8760h0m0s
renewBefore: 720h0m0s
- commonName: {{ include "app.name" . }}
+ commonName: {{ .Release.Name }}
dnsNames:
- - "*.{{ include "app.name" . }}.{{ include "app.namespace" . }}.svc.cluster.local"
- - "{{ include "app.name" . }}.{{ include "app.namespace" . }}.svc.cluster.local"
- - "{{ include "app.name" . }}.{{ include "app.namespace" . }}.svc.cluster"
- - "{{ include "app.name" . }}.{{ include "app.namespace" . }}.svc"
- - "{{ include "app.name" . }}.{{ include "app.namespace" . }}"
- - "{{ include "app.name" . }}"
+ - "*.{{ .Release.Name }}.{{ include "app.namespace" . }}.svc.cluster.local"
+ - "{{ .Release.Name }}.{{ include "app.namespace" . }}.svc.cluster.local"
+ - "{{ .Release.Name }}.{{ include "app.namespace" . }}.svc.cluster"
+ - "{{ .Release.Name }}.{{ include "app.namespace" . }}.svc"
+ - "{{ .Release.Name }}.{{ include "app.namespace" . }}"
+ - "{{ .Release.Name }}"
{{- end }}
\ No newline at end of file
diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index 9f6d8e4a2ac1480c95c9f3e5b5524db0bcf904f7..70fdfc86a1434988821a3a276710a9f900247ff9 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -25,7 +25,7 @@
apiVersion: apps/v1
kind: Deployment
metadata:
- name: {{ include "app.name" . }}
+ name: {{ .Release.Name }}
namespace: {{ include "app.namespace" . }}
labels:
{{- include "app.defaultLabels" . | indent 4 }}
@@ -57,7 +57,7 @@ spec:
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
- app.kubernetes.io/name: {{ include "app.name" . }}
+ app.kubernetes.io/name: {{ .Release.Name }}
containers:
- env:
- name: QUARKUS_MONGODB_CONNECTION_STRING
@@ -66,7 +66,7 @@ spec:
name: {{ include "app.databaseSecretName" . }}
key: connectionString.standardSrv
optional: false
- {{- if not (.Values.sso).api_user }}
+ {{- if not (.Values.sso).api_user }} # used by dataport
- name: OZGCLOUD_KEYCLOAK_API_PASSWORD
valueFrom:
secretKeyRef:
@@ -221,11 +221,7 @@ spec:
dnsConfig: {}
dnsPolicy: ClusterFirst
imagePullSecrets:
- {{- if .Values.imagePullSecret }}
- - name: {{ .Values.imagePullSecret }}
- {{ else }}
- - name: user-manager-image-pull-secret
- {{- end }}
+ - name: {{ required "imagePullSecret must be set" .Values.imagePullSecret }}
restartPolicy: Always
{{- with .Values.hostAliases }}
hostAliases:
diff --git a/src/main/helm/templates/image-pull-secret.yaml b/src/main/helm/templates/image-pull-secret.yaml
deleted file mode 100644
index 02be1463951799822886c4bc8593c9310be130fa..0000000000000000000000000000000000000000
--- a/src/main/helm/templates/image-pull-secret.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# Copyright (C) 2022 Das Land Schleswig-Holstein vertreten durch den
-# Ministerpräsidenten des Landes Schleswig-Holstein
-# Staatskanzlei
-# Abteilung Digitalisierung und zentrales IT-Management der Landesregierung
-#
-# Lizenziert unter der EUPL, Version 1.2 oder - sobald
-# diese von der Europäischen Kommission genehmigt wurden -
-# Folgeversionen der EUPL ("Lizenz");
-# Sie dürfen dieses Werk ausschließlich gemäß
-# dieser Lizenz nutzen.
-# Eine Kopie der Lizenz finden Sie hier:
-#
-# https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12
-#
-# Sofern nicht durch anwendbare Rechtsvorschriften
-# gefordert oder in schriftlicher Form vereinbart, wird
-# die unter der Lizenz verbreitete Software "so wie sie
-# ist", OHNE JEGLICHE GEWÄHRLEISTUNG ODER BEDINGUNGEN -
-# ausdrücklich oder stillschweigend - verbreitet.
-# Die sprachspezifischen Genehmigungen und Beschränkungen
-# unter der Lizenz sind dem Lizenztext zu entnehmen.
-#
-
-{{- if not (.Values.imagePullSecret) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: user-manager-image-pull-secret
- namespace: {{ include "app.namespace" . }}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ include "app.imagePullSecret" . }}
-{{- end }}
\ No newline at end of file
diff --git a/src/main/helm/templates/ingress.yaml b/src/main/helm/templates/ingress.yaml
index 1a1a9357b8c38c12a0fa12201667a1f35d7d5adb..a70a6b30d3fe88b62cca06d458525b2c6543c52b 100644
--- a/src/main/helm/templates/ingress.yaml
+++ b/src/main/helm/templates/ingress.yaml
@@ -36,7 +36,7 @@ metadata:
cert-manager.io/cluster-issuer: letsencrypt-prod
{{- end }}
{{- end }}
- name: {{ include "app.name" . }}
+ name: {{ .Release.Name }}
namespace: {{ include "app.namespace" . }}
spec:
{{- if (.Values.ingress).className }}
@@ -49,7 +49,7 @@ spec:
service:
port:
number: 8080
- name: {{ include "app.name" . }}
+ name: {{ .Release.Name }}
path: ''
pathType: ImplementationSpecific
host: {{ ( include "app.baseDomain" . ) }}
@@ -60,6 +60,6 @@ spec:
{{- if (.Values.ingress).tlsSecretName }}
secretName: {{ (.Values.ingress).tlsSecretName }}
{{- else }}
- secretName: {{ .Values.ozgcloud.bezeichner }}-{{ include "app.name" . }}-tls
+ secretName: {{ .Values.ozgcloud.bezeichner }}-{{ .Release.Name }}-tls
{{- end }}
{{- end }}
\ No newline at end of file
diff --git a/src/main/helm/templates/keycloak-user-crd.yaml b/src/main/helm/templates/keycloak_user_crd.yaml
similarity index 100%
rename from src/main/helm/templates/keycloak-user-crd.yaml
rename to src/main/helm/templates/keycloak_user_crd.yaml
diff --git a/src/main/helm/templates/service.yaml b/src/main/helm/templates/service.yaml
index a8311d49e31232410a1a7f5e9c0c249abee700b2..dd175e4b848bd56b7cb19f226b3b45e65582f8b3 100644
--- a/src/main/helm/templates/service.yaml
+++ b/src/main/helm/templates/service.yaml
@@ -25,7 +25,7 @@
apiVersion: v1
kind: Service
metadata:
- name: {{ include "app.name" . }}
+ name: {{ .Release.Name }}
namespace: {{ include "app.namespace" . }}
labels:
{{- include "app.defaultLabels" . | indent 4 }}
diff --git a/src/main/helm/templates/service_monitor.yaml b/src/main/helm/templates/service_monitor.yaml
index a5f69f134456736c7af093646d22e4dea4b95b6e..29e7125bbb9d391b3cf0081ab78ed17e643a1d79 100644
--- a/src/main/helm/templates/service_monitor.yaml
+++ b/src/main/helm/templates/service_monitor.yaml
@@ -26,7 +26,7 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
- name: {{ include "app.name" . }}
+ name: {{ .Release.Name }}
namespace: {{ include "app.namespace" . }}
labels:
{{- include "app.defaultLabels" . | indent 4 }}
diff --git a/src/test/helm/api-password-secret_test.yaml b/src/test/helm/api-password-secret_test.yaml
deleted file mode 100644
index b3bafd399cb997471aae55d4723a18ce853282e1..0000000000000000000000000000000000000000
--- a/src/test/helm/api-password-secret_test.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-suite: test api password secret
-release:
- name: user-manager
- namespace: sh-test-test
-templates:
- - templates/api-password-secret.yaml
-set:
- ozgcloud:
- keycloak:
- api:
- password: testPassword
-tests:
- - it: test api secret kind
- asserts:
- - isKind:
- of: Secret
- - it: test api password
- asserts:
- - equal:
- path: stringData.password
- value: testPassword
- - it: should use Keycloak User Operator
- set:
- sso:
- api_user:
- name: userManagerApiUser
- asserts:
- - hasDocuments:
- count: 0
\ No newline at end of file
diff --git a/src/test/helm/api_password_secret_test.yaml b/src/test/helm/api_password_secret_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..77ccbbd5b5896b22432568d9d830ddda3a39580a
--- /dev/null
+++ b/src/test/helm/api_password_secret_test.yaml
@@ -0,0 +1,64 @@
+suite: test api password secret
+release:
+ name: user-manager
+ namespace: sh-test-test
+templates:
+ - templates/api_password_secret.yaml
+set:
+ ozgcloud:
+ keycloak:
+ api:
+ password: testPassword
+tests:
+ - it: test api secret kind
+ asserts:
+ - isKind:
+ of: Secret
+ - isAPIVersion:
+ of: v1
+ - it: test api password
+ asserts:
+ - equal:
+ path: stringData.password
+ value: testPassword
+ - it: not create api_password_secret if kc api.password not set and api_user set
+ set:
+ sso:
+ api_user:
+ name: userManagerApiUser
+ asserts:
+ - hasDocuments:
+ count: 0
+ - it: should not create api_password_secret if kc api.password not set and api_user not set
+ set:
+ sso:
+ api_user:
+ name: ""
+ ozgcloud:
+ keycloak:
+ api:
+ password: ""
+ asserts:
+ - hasDocuments:
+ count: 0
+ - it: should create api_password_secret if kc api.password set and api_user not set
+ set:
+ ozgcloud:
+ keycloak:
+ api:
+ password: "passwrd"
+ asserts:
+ - hasDocuments:
+ count: 1
+ - it: should not create api_password_secret if kc api.password set and api_user set
+ set:
+ sso:
+ api_user:
+ name: userManagerApiUser
+ ozgcloud:
+ keycloak:
+ api:
+ password: "passwrd"
+ asserts:
+ - hasDocuments:
+ count: 0
\ No newline at end of file
diff --git a/src/test/helm/cert_issuer_test.yaml b/src/test/helm/cert_issuer_test.yaml
index 224328094cedca428efb1185bed7d13906a329b4..0ac34d473b527c48edb4f01a340066c262346a76 100644
--- a/src/test/helm/cert_issuer_test.yaml
+++ b/src/test/helm/cert_issuer_test.yaml
@@ -35,6 +35,8 @@ tests:
of: cert-manager.io/v1
- isKind:
of: Issuer
+ - isAPIVersion:
+ of: cert-manager.io/v1
- it: should have metadata
asserts:
- equal:
diff --git a/src/test/helm/deployment_63_char_test.yaml b/src/test/helm/deployment_63_char_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..5c5d86b1328b339cbe18215236055ddc7dfd0aaa
--- /dev/null
+++ b/src/test/helm/deployment_63_char_test.yaml
@@ -0,0 +1,58 @@
+#
+# Copyright (C) 2024 Das Land Schleswig-Holstein vertreten durch den
+# Ministerpräsidenten des Landes Schleswig-Holstein
+# Staatskanzlei
+# Abteilung Digitalisierung und zentrales IT-Management der Landesregierung
+#
+# Lizenziert unter der EUPL, Version 1.2 oder - sobald
+# diese von der Europäischen Kommission genehmigt wurden -
+# Folgeversionen der EUPL ("Lizenz");
+# Sie dürfen dieses Werk ausschließlich gemäß
+# dieser Lizenz nutzen.
+# Eine Kopie der Lizenz finden Sie hier:
+#
+# https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12
+#
+# Sofern nicht durch anwendbare Rechtsvorschriften
+# gefordert oder in schriftlicher Form vereinbart, wird
+# die unter der Lizenz verbreitete Software "so wie sie
+# ist", OHNE JEGLICHE GEWÄHRLEISTUNG ODER BEDINGUNGEN -
+# ausdrücklich oder stillschweigend - verbreitet.
+# Die sprachspezifischen Genehmigungen und Beschränkungen
+# unter der Lizenz sind dem Lizenztext zu entnehmen.
+#
+
+suite: test deyploment less than 63 chars
+release:
+ name: user-manager
+ namespace: sh-helm-test
+
+templates:
+ - templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso.serverUrl: https://sso.company.local
+ baseUrl: test.company.local
+ imagePullSecret: image-pull-secret
+tests:
+ - it: should fail on .Release.Namespace length longer than 63 characters
+ release:
+ namespace: test1234567890123123456789012345678901234567890123456789012345678901234567890123456789012345678904567890
+ asserts:
+ - failedTemplate:
+ errorMessage: .Release.Namespace test1234567890123123456789012345678901234567890123456789012345678901234567890123456789012345678904567890 ist zu lang (max. 63 Zeichen)
+ - it: should not fail on .Release.Namespace length less than 63 characters
+ asserts:
+ - notFailedTemplate: {}
+ - it: should fail on .Chart.Name-.Chart.Version length longer than 63 characters
+ chart:
+ version: 1.0-test1234567890123123456789012345678901234567890123456789012345678901234567890123456789012345678904567890
+ asserts:
+ - failedTemplate:
+ errorMessage: .Chart.Name-.Chart.Version user-manager-1.0-test1234567890123123456789012345678901234567890123456789012345678901234567890123456789012345678904567890 ist zu lang (max. 63 Zeichen)
+ - it: should not fail on .Chart.Name-.Chart.Version length less than 63 characters
+ asserts:
+ - notFailedTemplate: {}
\ No newline at end of file
diff --git a/src/test/helm/deployment_container_security_context_test.yaml b/src/test/helm/deployment_container_security_context_test.yaml
index 22bb64d3db0f662fd8212d060a4c940f1ce41a74..5d501b0257db20283c5c91fb5d47637d274ac2f4 100644
--- a/src/test/helm/deployment_container_security_context_test.yaml
+++ b/src/test/helm/deployment_container_security_context_test.yaml
@@ -22,7 +22,7 @@
# unter der Lizenz sind dem Lizenztext zu entnehmen.
#
-suite: test deployment
+suite: test deployment container security
release:
name: user-manager
namespace: sh-helm-test
@@ -35,11 +35,10 @@ set:
environment: dev
sso.serverUrl: https://sso.company.local
baseUrl: test.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: check default values
asserts:
- - isKind:
- of: Deployment
- equal:
path: spec.template.spec.containers[0].securityContext.allowPrivilegeEscalation
value: false
diff --git a/src/test/helm/deployment_default_spec_test.yaml b/src/test/helm/deployment_default_spec_test.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..b06b33828954193f2bfc18dcb2911656ed74380b
--- /dev/null
+++ b/src/test/helm/deployment_default_spec_test.yaml
@@ -0,0 +1,97 @@
+#
+# Copyright (C) 2022 Das Land Schleswig-Holstein vertreten durch den
+# Ministerpräsidenten des Landes Schleswig-Holstein
+# Staatskanzlei
+# Abteilung Digitalisierung und zentrales IT-Management der Landesregierung
+#
+# Lizenziert unter der EUPL, Version 1.2 oder - sobald
+# diese von der Europäischen Kommission genehmigt wurden -
+# Folgeversionen der EUPL ("Lizenz");
+# Sie dürfen dieses Werk ausschließlich gemäß
+# dieser Lizenz nutzen.
+# Eine Kopie der Lizenz finden Sie hier:
+#
+# https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12
+#
+# Sofern nicht durch anwendbare Rechtsvorschriften
+# gefordert oder in schriftlicher Form vereinbart, wird
+# die unter der Lizenz verbreitete Software "so wie sie
+# ist", OHNE JEGLICHE GEWÄHRLEISTUNG ODER BEDINGUNGEN -
+# ausdrücklich oder stillschweigend - verbreitet.
+# Die sprachspezifischen Genehmigungen und Beschränkungen
+# unter der Lizenz sind dem Lizenztext zu entnehmen.
+#
+
+suite: test deployment actuator
+release:
+ name: user-manager
+ namespace: sh-helm-test
+templates:
+ - templates/deployment.yaml
+set:
+ ozgcloud:
+ bezeichner: helm
+ bundesland: by
+ environment: dev
+ baseUrl: test.sh.ozg-cloud.de
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
+tests:
+ - it: check for some standard values
+ asserts:
+ - equal:
+ path: spec.template.spec.containers[0].image
+ value: docker.ozg-sh.de/user-manager:latest
+ - equal:
+ path: spec.template.spec.containers[0].imagePullPolicy
+ value: Always
+ - equal:
+ path: spec.template.spec.containers[0].name
+ value: user-manager
+ - equal:
+ path: spec.template.spec.containers[0].ports[0].containerPort
+ value: 9000
+ - equal:
+ path: spec.template.spec.containers[0].ports[0].name
+ value: grpc-9000
+ - equal:
+ path: spec.template.spec.containers[0].ports[0].protocol
+ value: TCP
+ - equal:
+ path: spec.template.spec.containers[0].stdin
+ value: true
+ - equal:
+ path: spec.template.spec.containers[0].terminationMessagePath
+ value: /dev/termination-log
+ - equal:
+ path: spec.template.spec.containers[0].terminationMessagePolicy
+ value: File
+ - equal:
+ path: spec.template.spec.containers[0].tty
+ value: true
+ - equal:
+ path: spec.template.spec.containers[0].ports[1].containerPort
+ value: 8080
+ - equal:
+ path: spec.template.spec.containers[0].ports[1].name
+ value: http
+ - equal:
+ path: spec.template.spec.containers[0].ports[1].protocol
+ value: TCP
+ - it: should have correct pod template values
+ asserts:
+ - isEmpty:
+ path: spec.template.spec.dnsConfig
+ - equal:
+ path: spec.template.spec.dnsPolicy
+ value: "ClusterFirst"
+ - equal:
+ path: spec.template.spec.restartPolicy
+ value: "Always"
+ - equal:
+ path: spec.template.spec.schedulerName
+ value: "default-scheduler"
+ - equal:
+ path: spec.template.spec.terminationGracePeriodSeconds
+ value: 30
\ No newline at end of file
diff --git a/src/test/helm/deployment_defaults_labels_test.yaml b/src/test/helm/deployment_defaults_labels_test.yaml
index 2da97b8d96822e1d1779a2c231bda34c45c212cc..5cfcd5a5f66cb725df5ad7a89d623dcc0e764c89 100644
--- a/src/test/helm/deployment_defaults_labels_test.yaml
+++ b/src/test/helm/deployment_defaults_labels_test.yaml
@@ -22,14 +22,12 @@
# unter der Lizenz sind dem Lizenztext zu entnehmen.
#
-suite: test deployment
+suite: test deployment default lables
release:
name: user-manager
namespace: sh-helm-test
templates:
- templates/deployment.yaml
- - templates/service.yaml
- - templates/service_monitor.yaml
set:
ozgcloud:
bundesland: by
@@ -38,6 +36,7 @@ set:
sso:
serverUrl: https://sso.company.local
baseUrl: test.sh.ozg-cloud.local
+ imagePullSecret: image-pull-secret
tests:
- it: check default labels
asserts:
@@ -54,26 +53,10 @@ tests:
path: metadata.labels["app.kubernetes.io/namespace"]
value: sh-helm-test
- it: check component label for deployment
- templates:
- - templates/deployment.yaml
asserts:
- equal:
path: spec.template.metadata.labels["component"]
value: user-manager
- - it: check component label for service
- templates:
- - templates/service.yaml
- asserts:
- - equal:
- path: metadata.labels["component"]
- value: user-manager-service
- - it: check component label for service monitor
- templates:
- - templates/service_monitor.yaml
- asserts:
- - equal:
- path: metadata.labels["component"]
- value: user-manager-service-monitor
- it: should have label for mongodb client
asserts:
diff --git a/src/test/helm/deployment_scrapeMetrics_test.yaml b/src/test/helm/deployment_defaults_topologySpreadConstraints_test.yaml
similarity index 66%
rename from src/test/helm/deployment_scrapeMetrics_test.yaml
rename to src/test/helm/deployment_defaults_topologySpreadConstraints_test.yaml
index 4c73aaebf99bb3d54e869959e43b297ca696d64c..a71b7e6773585c848e690e3a22099871f4da5665 100644
--- a/src/test/helm/deployment_scrapeMetrics_test.yaml
+++ b/src/test/helm/deployment_defaults_topologySpreadConstraints_test.yaml
@@ -22,29 +22,33 @@
# unter der Lizenz sind dem Lizenztext zu entnehmen.
#
-suite: test deployment
+suite: test deployment topology
release:
name: user-manager
namespace: sh-helm-test
templates:
- templates/deployment.yaml
- - templates/secret_database_quarkus.yaml
set:
ozgcloud:
- bundesland: by
bezeichner: helm
+ bundesland: by
environment: dev
+ baseUrl: test.sh.ozg-cloud.de
sso:
serverUrl: sso.test.sh.ozg-cloud.de
- baseUrl: test.sh.ozg-cloud.de
-
+ imagePullSecret: image-pull-secret
tests:
- - it: should set the metrics port by default
- template: deployment.yaml
+ - it: check default values
asserts:
- - contains:
- path: spec.template.spec.containers[0].ports
- content:
- name: http
- containerPort: 8080
- protocol: TCP
\ No newline at end of file
+ - equal:
+ path: spec.template.spec.topologySpreadConstraints[0].maxSkew
+ value: 1
+ - equal:
+ path: spec.template.spec.topologySpreadConstraints[0].topologyKey
+ value: kubernetes.io/hostname
+ - equal:
+ path: spec.template.spec.topologySpreadConstraints[0].whenUnsatisfiable
+ value: ScheduleAnyway
+ - equal:
+ path: spec.template.spec.topologySpreadConstraints[0].labelSelector.matchLabels["app.kubernetes.io/name"]
+ value: user-manager
\ No newline at end of file
diff --git a/src/test/helm/deployment_env_test.yaml b/src/test/helm/deployment_env_test.yaml
index c767c8d80dc705b5258d1a8c7ac3c10820a7c5b5..c0acc80b8d90dd1c36534024f7fa19a1277d40a8 100644
--- a/src/test/helm/deployment_env_test.yaml
+++ b/src/test/helm/deployment_env_test.yaml
@@ -33,9 +33,9 @@ set:
sso:
serverUrl: sso.test.sh.ozg-cloud.de
baseUrl: test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: check customList
- template: deployment.yaml
set:
env.customList:
- name: my_test_environment_name
@@ -47,7 +47,6 @@ tests:
name: my_test_environment_name
value: "A test value"
- it: check customList test value is not set by default
- template: deployment.yaml
asserts:
- notContains:
path: spec.template.spec.containers[0].env
@@ -80,9 +79,6 @@ tests:
- it: check user sync period set
set:
ozgcloud:
- bundesland: by
- bezeichner: helm
- environment: dev
usersync:
period: "6h"
asserts:
@@ -91,6 +87,12 @@ tests:
content:
name: OZGCLOUD_USERSYNC_PERIOD
value: "6h"
+ - it: not contain sync period by default
+ asserts:
+ - notContains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: OZGCLOUD_USERSYNC_PERIOD
- it: check user sync period NOT set
asserts:
- notContains:
diff --git a/src/test/helm/deployment_host_aliases_test.yaml b/src/test/helm/deployment_host_aliases_test.yaml
index 35a67366a7a9a481f609f4d6c055b035b5da8f7b..0d704cc7fe5e7972d3ed5debcde32db567b72c77 100644
--- a/src/test/helm/deployment_host_aliases_test.yaml
+++ b/src/test/helm/deployment_host_aliases_test.yaml
@@ -36,6 +36,7 @@ set:
sso:
serverUrl: sso.test.sh.ozg-cloud.de
baseUrl: test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: should not set hostAliases
asserts:
diff --git a/src/test/helm/deployment_imagepull_secret_test.yaml b/src/test/helm/deployment_imagepull_secret_test.yaml
index 48407297ca87481bc4f070c685365fecd5c57e63..196a5f4d0baf953159a6f0acfb1ae42589838312 100644
--- a/src/test/helm/deployment_imagepull_secret_test.yaml
+++ b/src/test/helm/deployment_imagepull_secret_test.yaml
@@ -36,20 +36,16 @@ set:
sso:
serverUrl: sso.test.sh.ozg-cloud.de
baseUrl: test.sh.ozg-cloud.de
+
tests:
- - it: should use default imagePull secret
- asserts:
- - isKind:
- of: Deployment
- - equal:
- path: spec.template.spec.imagePullSecrets[0].name
- value: user-manager-image-pull-secret
- it: should set the imagePull secret
- set:
+ set:
imagePullSecret: image-pull-secret
asserts:
- - isKind:
- of: Deployment
- equal:
path: spec.template.spec.imagePullSecrets[0].name
- value: image-pull-secret
\ No newline at end of file
+ value: image-pull-secret
+ - it: should fail if the imagePull secret not set
+ asserts:
+ - failedTemplate:
+ errorMessage: imagePullSecret must be set
\ No newline at end of file
diff --git a/src/test/helm/deployment-keycloak-values-test.yaml b/src/test/helm/deployment_keycloak_values_env_test.yaml
similarity index 91%
rename from src/test/helm/deployment-keycloak-values-test.yaml
rename to src/test/helm/deployment_keycloak_values_env_test.yaml
index 975dcd3736e5c6f0496db91ad48823e34ed0a6a0..f9579ff7fcc9a3f45b72fa1af47f2fd90e8e30f2 100644
--- a/src/test/helm/deployment-keycloak-values-test.yaml
+++ b/src/test/helm/deployment_keycloak_values_env_test.yaml
@@ -22,7 +22,7 @@
# unter der Lizenz sind dem Lizenztext zu entnehmen.
#
-suite: test deployment
+suite: test deployment kc values
release:
name: user-manager
templates:
@@ -35,6 +35,7 @@ set:
sso:
serverUrl: https://sso.test.by.ozg-cloud.local
baseUrl: test.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: validate keycloak configuration values
asserts:
@@ -113,7 +114,17 @@ tests:
content:
name: KEYCLOAK_URL
value: https://sso.test.by.ozg-cloud.de
-
+ - it: should use set OZGCLOUD_KEYCLOAK_API_PASSWORD when api_user set
+ set:
+ sso:
+ api_user:
+ name: -userManager-ApiUser
+ serverUrl: https://sso.company.local
+ asserts:
+ - notContains:
+ path: spec.template.spec.containers[0].env
+ content:
+ name: OZGCLOUD_KEYCLOAK_API_PASSWORD
- it: should use Keycloak User Operator
set:
sso:
diff --git a/src/test/helm/deployment-mongodb-passwort-secretref-test.yaml b/src/test/helm/deployment_mongodb_passwort_secretref_test.yaml
similarity index 96%
rename from src/test/helm/deployment-mongodb-passwort-secretref-test.yaml
rename to src/test/helm/deployment_mongodb_passwort_secretref_test.yaml
index 5398f844fced5c2a7f48fd3b590082129b17e92a..b717977cefc915a7a49b876049acfa0e91e6df52 100644
--- a/src/test/helm/deployment-mongodb-passwort-secretref-test.yaml
+++ b/src/test/helm/deployment_mongodb_passwort_secretref_test.yaml
@@ -22,7 +22,7 @@
# unter der Lizenz sind dem Lizenztext zu entnehmen.
#
-suite: test deployment
+suite: test deployment mongodb psw secretref
release:
name: user-manager
templates:
@@ -34,11 +34,11 @@ set:
environment: dev
sso.serverUrl: https://sso.company.local
baseUrl: test.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: should reference mongodb connection service for user-manager
set:
database.secretName: pluto-database-admin-user-manager-database-user
- template: deployment.yaml
release:
namespace: sh-helm-test
asserts:
@@ -52,7 +52,6 @@ tests:
name: pluto-database-admin-user-manager-database-user
optional: false
- it: check default mongodb connection service for user-manager
- template: deployment.yaml
release:
namespace: sh-helm-test
asserts:
diff --git a/src/test/helm/deployment_namespace_truststore_test.yaml b/src/test/helm/deployment_namespace_truststore_test.yaml
index f0372f501432b66f01dc7669b6f8e56475c3ee27..876a951ccfe08cbf1a4ebb58794948e0e0501315 100644
--- a/src/test/helm/deployment_namespace_truststore_test.yaml
+++ b/src/test/helm/deployment_namespace_truststore_test.yaml
@@ -36,6 +36,7 @@ set:
sso:
serverUrl: sso.test.sh.ozg-cloud.de
baseUrl: test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: check without truststore
set:
diff --git a/src/test/helm/deployment_probes_test.yaml b/src/test/helm/deployment_probes_test.yaml
index 65960acf5e28047ad31e305743d0ba52b506133c..b0b21391ef3675e497828239825c412782eeaa6b 100644
--- a/src/test/helm/deployment_probes_test.yaml
+++ b/src/test/helm/deployment_probes_test.yaml
@@ -22,7 +22,7 @@
# unter der Lizenz sind dem Lizenztext zu entnehmen.
#
-suite: deployment
+suite: deployment health test
release:
name: user-manager
namespace: by-helm-test
@@ -36,15 +36,14 @@ set:
sso:
serverUrl: https://sso.company.local
baseUrl: test.by.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: livenessProbe should be disabled by default
- template: deployment.yaml
asserts:
- notExists:
path: spec.template.spec.containers[0].livenessProbe
- it: enable livenessProbe
- template: deployment.yaml
set:
enableLivenessProbe: true
asserts:
@@ -60,9 +59,12 @@ tests:
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
+ - it: not enable livenessProbe by default
+ asserts:
+ - isNull:
+ path: spec.template.spec.containers[0].livenessProbe
- it: should have readiness probe
- template: deployment.yaml
asserts:
- isSubset:
path: spec.template.spec.containers[0].readinessProbe
@@ -77,7 +79,6 @@ tests:
timeoutSeconds: 3
- it: should have startup probe
- template: deployment.yaml
asserts:
- isSubset:
path: spec.template.spec.containers[0].startupProbe
diff --git a/src/test/helm/deployment_realm_name_length_test.yaml b/src/test/helm/deployment_realm_name_length_test.yaml
index 17852c0c1492d40e0c14d924de9453002d7d99f3..05489c7a56e29ee48c84aa11d6b2ab64dc9e1dbc 100644
--- a/src/test/helm/deployment_realm_name_length_test.yaml
+++ b/src/test/helm/deployment_realm_name_length_test.yaml
@@ -31,7 +31,6 @@ templates:
tests:
- it: should fail on bezeichner length longer than 46 characters
- template: deployment.yaml
set:
ozgcloud:
bezeichner: test1234567890123123456789012345678901234567890123456789012345678901234567890123456789012345678904567890
diff --git a/src/test/helm/deployment_resources_test.yaml b/src/test/helm/deployment_resources_test.yaml
index 0b27fd25b3093eab8aa9b0b92f87db443868de17..0cbca6c0634829036ed85d55600563c56c6c98ba 100644
--- a/src/test/helm/deployment_resources_test.yaml
+++ b/src/test/helm/deployment_resources_test.yaml
@@ -22,7 +22,7 @@
# unter der Lizenz sind dem Lizenztext zu entnehmen.
#
-suite: test deployment
+suite: test deployment recources
release:
name: user-manager
templates:
@@ -35,9 +35,9 @@ set:
sso:
serverUrl: sso.test.sh.ozg-cloud.de
baseUrl: test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: test resources
- template: deployment.yaml
set:
resources:
limits:
diff --git a/src/test/helm/deployment_service_account_test.yaml b/src/test/helm/deployment_service_account_test.yaml
index 92b60bc0a21c4aa83d588999fc75560d7d9eaf38..75a15ba03eff0a01f9c3568c7ef2d9a0428c7ce0 100644
--- a/src/test/helm/deployment_service_account_test.yaml
+++ b/src/test/helm/deployment_service_account_test.yaml
@@ -36,6 +36,7 @@ set:
sso:
serverUrl: sso.test.sh.ozg-cloud.de
baseUrl: test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: should use service account with default name
diff --git a/src/test/helm/deployment-url-value-test.yaml b/src/test/helm/deployment_url_value_test.yaml
similarity index 96%
rename from src/test/helm/deployment-url-value-test.yaml
rename to src/test/helm/deployment_url_value_test.yaml
index 49a89498d0844bf7ff414088a9aa44f0808f228c..981fe2a4ef21f71a6f658730a5fa25f43c866a5a 100644
--- a/src/test/helm/deployment-url-value-test.yaml
+++ b/src/test/helm/deployment_url_value_test.yaml
@@ -34,9 +34,9 @@ set:
environment: dev
sso.serverUrl: https://sso.company.local
baseUrl: test.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: validate keycloak configuration values
- template: deployment.yaml
release:
namespace: sh-name-dev
asserts:
@@ -47,7 +47,6 @@ tests:
value: https://helm-user-manager.test.company.local
- it: set baseDomain for ozgcloud_user_manager_url
- template: deployment.yaml
set:
baseDomain: helm-usm.test.company.local
asserts:
diff --git a/src/test/helm/deplyoment_cert_bindings_test.yaml b/src/test/helm/deplyoment_cert_bindings_test.yaml
index 2ac5c0cb0773eb12682dc32a34486b3d3899787c..075a249b8f40a9f6e7b631a3fd1dd0b8adcc3dc0 100644
--- a/src/test/helm/deplyoment_cert_bindings_test.yaml
+++ b/src/test/helm/deplyoment_cert_bindings_test.yaml
@@ -36,6 +36,7 @@ set:
baseUrl: test.sh.ozg-cloud.de
sso:
serverUrl: sso.test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: should mount volumes for user-manager root ca
asserts:
diff --git a/src/test/helm/deployment-test.yaml b/src/test/helm/deyploment_general_value_and_default_spec_test.yaml
similarity index 52%
rename from src/test/helm/deployment-test.yaml
rename to src/test/helm/deyploment_general_value_and_default_spec_test.yaml
index cfcbe842304507114096fef2d6868b916a3b21b2..c412536fdeef909e209fec2a62cd1924d1e3d4c4 100644
--- a/src/test/helm/deployment-test.yaml
+++ b/src/test/helm/deyploment_general_value_and_default_spec_test.yaml
@@ -1,5 +1,5 @@
#
-# Copyright (C) 2022 Das Land Schleswig-Holstein vertreten durch den
+# Copyright (C) 2024 Das Land Schleswig-Holstein vertreten durch den
# Ministerpräsidenten des Landes Schleswig-Holstein
# Staatskanzlei
# Abteilung Digitalisierung und zentrales IT-Management der Landesregierung
@@ -22,29 +22,59 @@
# unter der Lizenz sind dem Lizenztext zu entnehmen.
#
-suite: deployment
+suite: test deployment general values
release:
name: user-manager
+ namespace: sh-helm-test
templates:
- templates/deployment.yaml
set:
ozgcloud:
- bundesland: by
bezeichner: helm
+ bundesland: by
environment: dev
- sso.serverUrl: https://sso.company.local
- baseUrl: test.company.local
+ baseUrl: test.sh.ozg-cloud.de
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
+
tests:
- - it: test resources for prod environment
- release:
- namespace: sh-helm-test
- template: deployment.yaml
+ - it: should have correct apiVersion
asserts:
- isKind:
of: Deployment
+ - isAPIVersion:
+ of: "apps/v1"
+
+ - it: should have correct deployment metadata
+ asserts:
+ - equal:
+ path: metadata.name
+ value: user-manager
+ - equal:
+ path: metadata.namespace
+ value: sh-helm-test
+
+
+ - it: should have correct deyployment general spec values
+ asserts:
- equal:
- path: spec.template.spec.containers[0].image
- value: docker.ozg-sh.de/user-manager:latest
+ path: spec.progressDeadlineSeconds
+ value: 600
- equal:
path: spec.replicas
value: 2
+ - equal:
+ path: spec.revisionHistoryLimit
+ value: 10
+ - it: should have correct deployment spec strategy values
+ asserts:
+ - equal:
+ path: spec.strategy
+ value:
+ rollingUpdate:
+ maxSurge: 1
+ maxUnavailable: 0
+ type: RollingUpdate
+
+
diff --git a/src/test/helm/imagepull_secret_test.yaml b/src/test/helm/imagepull_secret_test.yaml
deleted file mode 100644
index 7432184eb0cab429812f580c87678edf5978c62e..0000000000000000000000000000000000000000
--- a/src/test/helm/imagepull_secret_test.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
-#
-# Copyright (C) 2022 Das Land Schleswig-Holstein vertreten durch den
-# Ministerpräsidenten des Landes Schleswig-Holstein
-# Staatskanzlei
-# Abteilung Digitalisierung und zentrales IT-Management der Landesregierung
-#
-# Lizenziert unter der EUPL, Version 1.2 oder - sobald
-# diese von der Europäischen Kommission genehmigt wurden -
-# Folgeversionen der EUPL ("Lizenz");
-# Sie dürfen dieses Werk ausschließlich gemäß
-# dieser Lizenz nutzen.
-# Eine Kopie der Lizenz finden Sie hier:
-#
-# https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12
-#
-# Sofern nicht durch anwendbare Rechtsvorschriften
-# gefordert oder in schriftlicher Form vereinbart, wird
-# die unter der Lizenz verbreitete Software "so wie sie
-# ist", OHNE JEGLICHE GEWÄHRLEISTUNG ODER BEDINGUNGEN -
-# ausdrücklich oder stillschweigend - verbreitet.
-# Die sprachspezifischen Genehmigungen und Beschränkungen
-# unter der Lizenz sind dem Lizenztext zu entnehmen.
-#
-
-suite: test image pull secret
-templates:
- - templates/image-pull-secret.yaml
-release:
- name: user-manager
- namespace: helm-test
-tests:
- - it: should match basic data
- set:
- imageCredentials:
- registry: docker.ozg-sh.de
- username: test
- password: test1234
- email: webmaster@ozg-sh.de
- asserts:
- - hasDocuments:
- count: 1
- - containsDocument:
- kind: Secret
- apiVersion: v1
- - equal:
- path: metadata.name
- value: user-manager-image-pull-secret
- - equal:
- path: metadata.namespace
- value: helm-test
- - isNotNullOrEmpty:
- path: data[".dockerconfigjson"]
-
- - it: should not create image pull secret
- set:
- imagePullSecret: "image-pull-secret"
- asserts:
- - hasDocuments:
- count: 0
\ No newline at end of file
diff --git a/src/test/helm/ingress_nginx_cors_test.yaml b/src/test/helm/ingress_nginx_cors_test.yaml
index 3b85133a849fb01c86d5373f4d2937b9f9c52996..ab13558f4a6deed2995ac1598ad0e4b27d5bfde9 100644
--- a/src/test/helm/ingress_nginx_cors_test.yaml
+++ b/src/test/helm/ingress_nginx_cors_test.yaml
@@ -43,8 +43,6 @@ tests:
more_set_headers "Access-Control-Expose-Headers: Content-Length,Content-Range";
more_set_headers "Access-Control-Allow-Origin: https://helm.test.sh.ozg-cloud.de";
asserts:
- - isKind:
- of: Ingress
- equal:
path: metadata.annotations["nginx.ingress.kubernetes.io/configuration-snippet"]
value: |
diff --git a/src/test/helm/ingress-nginx-tests.yaml b/src/test/helm/ingress_nginx_test.yaml
similarity index 95%
rename from src/test/helm/ingress-nginx-tests.yaml
rename to src/test/helm/ingress_nginx_test.yaml
index 970ad9afff5e7a2d159835a2863de519a6c7a2e7..1cd4c82d6b5fd983b6dcc3c4247f58566f63eaa2 100644
--- a/src/test/helm/ingress-nginx-tests.yaml
+++ b/src/test/helm/ingress_nginx_test.yaml
@@ -33,6 +33,12 @@ set:
ozgcloud:
bezeichner: helm
tests:
+ - it: should contain header data
+ asserts:
+ - isAPIVersion:
+ of: networking.k8s.io/v1
+ - isKind:
+ of: Ingress
- it: should create ingress tls
asserts:
- equal:
diff --git a/src/test/helm/keycloak-user-crd-test.yaml b/src/test/helm/keycloak_user_crd_test.yaml
similarity index 87%
rename from src/test/helm/keycloak-user-crd-test.yaml
rename to src/test/helm/keycloak_user_crd_test.yaml
index b6f4e349cea0aa09594be1d96add43afa8231c51..e5c9032d87cb7d51033ba9430c12d643a3f9a631 100644
--- a/src/test/helm/keycloak-user-crd-test.yaml
+++ b/src/test/helm/keycloak_user_crd_test.yaml
@@ -27,7 +27,7 @@ release:
name: user-manager
namespace: by-helm-test
templates:
- - templates/keycloak-user-crd.yaml
+ - templates/keycloak_user_crd.yaml
tests:
- it: should contain header data
set:
@@ -53,12 +53,7 @@ tests:
value: by-helm-test
- it: should have default Values
set:
- ozgcloud:
- bundesland: by
- bezeichner: helm
- environment: test
sso:
- serverUrl: https://sso.test.by.ozg-cloud.de
api_user:
name: testapiuser
asserts:
@@ -85,18 +80,13 @@ tests:
- it: should have Keycloak User without roles
set:
- ozgcloud:
- bundesland: by
- bezeichner: helm
- environment: test
baseUrl: "test.by.ozg-cloud.de"
sso:
api_user:
name: testapiuser
first_name: UserManager
last_name: ApiUser
- email: testapiuser@ozg-sh.de
- serverUrl: https://sso.test.by.ozg-cloud.de
+ email: testapiuser@ozg-sh.de
asserts:
- equal:
path: spec.keep_after_delete
@@ -122,11 +112,6 @@ tests:
- it: should have Keycloak User with client role
set:
- ozgcloud:
- bundesland: by
- bezeichner: helm
- environment: test
- baseUrl: "test.by.ozg-cloud.de"
sso:
api_user:
name: testapiuser
@@ -136,7 +121,6 @@ tests:
client_roles:
- name: alfa
role: VERWALTUNG_USER
- serverUrl: https://sso.test.by.ozg-cloud.de
asserts:
- equal:
path: spec.keep_after_delete
@@ -165,11 +149,6 @@ tests:
- it: should have Keycloak User with realm role
set:
- ozgcloud:
- bundesland: by
- bezeichner: helm
- environment: test
- baseUrl: "test.by.ozg-cloud.de"
sso:
api_user:
name: testapiuser
@@ -178,7 +157,6 @@ tests:
email: testapiuser@ozg-sh.de
realm_roles:
- "offline_access"
- serverUrl: https://sso.test.by.ozg-cloud.de
asserts:
- equal:
path: spec.keep_after_delete
@@ -206,11 +184,6 @@ tests:
- it: should have Keycloak User with group
set:
- ozgcloud:
- bundesland: by
- bezeichner: helm
- environment: test
- baseUrl: "test.by.ozg-cloud.de"
sso:
api_user:
name: testapiuser
@@ -219,7 +192,6 @@ tests:
email: testapiuser@ozg-sh.de
groups:
- Bauamt
- serverUrl: https://sso.test.by.ozg-cloud.de
asserts:
- equal:
path: spec.keep_after_delete
@@ -247,14 +219,9 @@ tests:
- it: should have lowercase username
set:
- ozgcloud:
- bundesland: by
- bezeichner: helm
- environment: test
sso:
api_user:
name: testApiUser
- serverUrl: https://sso.test.by.ozg-cloud.de
asserts:
- equal:
path: spec.keycloak_user.username
diff --git a/src/test/helm/ozgcloud_keycloak_operator_secrets_read_role_binding_test.yaml b/src/test/helm/ozgcloud_keycloak_operator_secrets_read_role_binding_test.yaml
index 88406d05a1cc1a22cb3140049e6e35ec1e9b7804..c600bf4f1760c0017ef8777ff5a15a6aca686262 100644
--- a/src/test/helm/ozgcloud_keycloak_operator_secrets_read_role_binding_test.yaml
+++ b/src/test/helm/ozgcloud_keycloak_operator_secrets_read_role_binding_test.yaml
@@ -1,6 +1,6 @@
suite: test ozgcloud_keycloak_operator_secrets_read_role_binding
release:
- name: alfa
+ name: user-manager
namespace: by-helm-test
templates:
- templates/ozgcloud_keycloak_operator_secrets_read_role_binding.yaml
diff --git a/src/test/helm/ozgcloud_keycloak_operator_secrets_read_role_test.yaml b/src/test/helm/ozgcloud_keycloak_operator_secrets_read_role_test.yaml
index 17dcf4f36dece6a74e68ee49a515ffcf8562de7e..38f037f766b6e7bbd1a5d8b47aab95ab1ef13970 100644
--- a/src/test/helm/ozgcloud_keycloak_operator_secrets_read_role_test.yaml
+++ b/src/test/helm/ozgcloud_keycloak_operator_secrets_read_role_test.yaml
@@ -1,6 +1,6 @@
suite: test ozgcloud_keycloak_operator_secrets_read_role
release:
- name: alfa
+ name: user-manager
namespace: by-helm-test
templates:
- templates/ozgcloud_keycloak_operator_secrets_read_role.yaml
diff --git a/src/test/helm/ozgcloud_keycloak_operator_secrets_write_role_binding_test.yaml b/src/test/helm/ozgcloud_keycloak_operator_secrets_write_role_binding_test.yaml
index a4e1272f182b1d8fe08e82c6d644de5543ab80e8..532115e10d508a224d905574f805b0fc653eb1ae 100644
--- a/src/test/helm/ozgcloud_keycloak_operator_secrets_write_role_binding_test.yaml
+++ b/src/test/helm/ozgcloud_keycloak_operator_secrets_write_role_binding_test.yaml
@@ -1,6 +1,6 @@
suite: test ozgcloud_keycloak_operator_secrets_role_binding
release:
- name: alfa
+ name: user-manager
namespace: by-helm-test
templates:
- templates/ozgcloud_keycloak_operator_secrets_write_role_binding.yaml
diff --git a/src/test/helm/ozgcloud_keycloak_operator_secrets_write_role_test.yaml b/src/test/helm/ozgcloud_keycloak_operator_secrets_write_role_test.yaml
index 25f63240d466854506a043b44c184335a0c2c63e..13e38aad3a096540b33c25a4765e57a81075cc5d 100644
--- a/src/test/helm/ozgcloud_keycloak_operator_secrets_write_role_test.yaml
+++ b/src/test/helm/ozgcloud_keycloak_operator_secrets_write_role_test.yaml
@@ -1,6 +1,6 @@
suite: test ozgcloud_keycloak_operator_secrets_write_role
release:
- name: alfa
+ name: user-manager
namespace: by-helm-test
templates:
- templates/ozgcloud_keycloak_operator_secrets_write_role.yaml
diff --git a/src/test/helm/service_account_test.yaml b/src/test/helm/service_account_test.yaml
index f5b9a319ac60675d0f1ebabfa17e8882cab5d2c5..0bea13763ac75823628c53d7ba673489ce713711 100644
--- a/src/test/helm/service_account_test.yaml
+++ b/src/test/helm/service_account_test.yaml
@@ -36,6 +36,8 @@ tests:
asserts:
- isKind:
of: ServiceAccount
+ - isAPIVersion:
+ of: v1
- equal:
path: metadata.name
value: user-manager-service-account
@@ -48,8 +50,6 @@ tests:
create: true
name: helm-service-account
asserts:
- - isKind:
- of: ServiceAccount
- equal:
path: metadata.name
value: helm-service-account
diff --git a/src/test/helm/service_monitor_test.yaml b/src/test/helm/service_monitor_test.yaml
index c8be85c8dc7a87568a01b77b815be2bf208ae00c..32b0cf3ec13546a57baf0a3f0e4cae341cf4f298 100644
--- a/src/test/helm/service_monitor_test.yaml
+++ b/src/test/helm/service_monitor_test.yaml
@@ -33,9 +33,34 @@ tests:
asserts:
- isKind:
of: ServiceMonitor
+ - isAPIVersion:
+ of: monitoring.coreos.com/v1
- equal:
path: metadata.labels["component"]
value: user-manager-service-monitor
+ - it: should have metadata
+ asserts:
+ - equal:
+ path: metadata.name
+ value: user-manager
+ - equal:
+ path: metadata.namespace
+ value: sh-helm-test
+ - it: should have default lables
+ asserts:
+ - equal:
+ path: metadata.labels
+ value:
+ app.kubernetes.io/instance: user-manager
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: user-manager
+ app.kubernetes.io/namespace: sh-helm-test
+ app.kubernetes.io/part-of: ozgcloud
+ app.kubernetes.io/version: 0.0.0-MANAGED-BY-JENKINS
+ component: user-manager-service-monitor
+ helm.sh/chart: user-manager-0.0.0-MANAGED-BY-JENKINS
+ k8s-app: prometheus-app-monitor
+ ozgcloud-mongodb-client: "true"
- it: should be able to enable the endpoint
asserts:
- isKind:
diff --git a/src/test/helm/service_test.yaml b/src/test/helm/service_test.yaml
index 08c9324f396e8f6c694617c0e371d8c52f1ecb96..00d7b3d378f53e4e8e1bebfdc2dd0498b84b2a90 100644
--- a/src/test/helm/service_test.yaml
+++ b/src/test/helm/service_test.yaml
@@ -33,9 +33,33 @@ tests:
asserts:
- isKind:
of: Service
+ - isAPIVersion:
+ of: v1
- equal:
path: metadata.labels["component"]
value: user-manager-service
+ - it: should have metadata
+ asserts:
+ - equal:
+ path: metadata.name
+ value: user-manager
+ - equal:
+ path: metadata.namespace
+ value: helm-test
+ - it: should have default lables
+ asserts:
+ - equal:
+ path: metadata.labels
+ value:
+ app.kubernetes.io/instance: user-manager
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: user-manager
+ app.kubernetes.io/namespace: helm-test
+ app.kubernetes.io/part-of: ozgcloud
+ app.kubernetes.io/version: 0.0.0-MANAGED-BY-JENKINS
+ component: user-manager-service
+ helm.sh/chart: user-manager-0.0.0-MANAGED-BY-JENKINS
+ ozgcloud-mongodb-client: "true"
- it: should be of type ClusterIP
asserts:
- equal:
diff --git a/src/test/linter-values.yaml b/src/test/linter-values.yaml
index 90be37129692fc2427cdf559da3139282d7fd2c1..1aa9fbc048e7c6ecc2a747d5e32856e65d044f18 100644
--- a/src/test/linter-values.yaml
+++ b/src/test/linter-values.yaml
@@ -38,4 +38,4 @@ sso:
networkPolicy:
ssoPublicIp: 51.89.117.53/32
dnsServerNamespace: test-dns-namespace
-
\ No newline at end of file
+imagePullSecret: image-pull-secret