diff --git a/run_helm_test.sh b/run_helm_test.sh
index ceb8ca700e0407fbd67ebd479d03c0c9780bb5ed..3c7a112b78ea73e2655bd07ea33f8b99e366f263 100755
--- a/run_helm_test.sh
+++ b/run_helm_test.sh
@@ -5,4 +5,4 @@ set -x
helm template ./src/main/helm/ -f src/test/linter-values.yaml
helm lint -f src/test/linter-values.yaml ./src/main/helm/
-cd src/main/helm && helm unittest --helm3 -f '../../test/helm/*.yaml' -v '../../test/unit-values.yaml' .
\ No newline at end of file
+cd src/main/helm && helm unittest -f '../../test/helm/*.yaml' .
\ No newline at end of file
diff --git a/src/main/helm/templates/_helpers.tpl b/src/main/helm/templates/_helpers.tpl
index c75701fd803c0c182d21d01a5d956092df489911..358e0f69090006fd5a49bff0df1d29d86442cc2f 100644
--- a/src/main/helm/templates/_helpers.tpl
+++ b/src/main/helm/templates/_helpers.tpl
@@ -57,7 +57,7 @@ app.kubernetes.io/namespace: {{ include "app.namespace" . }}
{{- end -}}
{{- define "app.ssoServerUrl" -}}
-{{- if contains "https://" .Values.sso.serverUrl -}}
+{{- if contains "https://" (required "sso.serverUrl must be set" (.Values.sso).serverUrl) -}}
{{- .Values.sso.serverUrl -}}
{{- else -}}
{{- printf "https://%s" .Values.sso.serverUrl -}}
@@ -99,7 +99,7 @@ app.kubernetes.io/namespace: {{ include "app.namespace" . }}
{{- end -}}
{{- define "app.alfaAddress" -}}
-{{ printf "https://%s.%s" (include "app.ozgcloudBezeichner" .) .Values.baseUrl }}
+{{ printf "https://%s.%s" (include "app.ozgcloudBezeichner" .) (required "baseUrl must be set" .Values.baseUrl) }}
{{- end -}}
{{- define "app.replaceAllNonAlphanumeric" -}}
diff --git a/src/test/helm/deployment_env_test.yaml b/src/test/helm/deployment_env_test.yaml
index 34eb94b430f6cc97d4414d142d0f7dd82d9540f0..6f9e04b4f96f8bee161d1629c002e5bf2373a937 100644
--- a/src/test/helm/deployment_env_test.yaml
+++ b/src/test/helm/deployment_env_test.yaml
@@ -25,6 +25,14 @@
suite: test environments
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
tests:
- it: check customList
template: deployment.yaml
@@ -71,7 +79,9 @@ tests:
value: test-database
- it: check user sync period set
set:
- ozgcloud.usersync.period: "6h"
+ ozgcloud:
+ usersync:
+ period: "6h"
asserts:
- contains:
path: spec.template.spec.containers[0].env
diff --git a/src/test/helm/deployment_host_aliases_test.yaml b/src/test/helm/deployment_host_aliases_test.yaml
index 6b1ce6a5b7626f4b00a7d9274fb7f5948430414e..35a67366a7a9a481f609f4d6c055b035b5da8f7b 100644
--- a/src/test/helm/deployment_host_aliases_test.yaml
+++ b/src/test/helm/deployment_host_aliases_test.yaml
@@ -28,6 +28,14 @@ release:
namespace: sh-helm-test
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
tests:
- it: should not set hostAliases
asserts:
diff --git a/src/test/helm/deployment_imagepull_secret_test.yaml b/src/test/helm/deployment_imagepull_secret_test.yaml
index 41ea808d5871897af3c6712f19aaff37bbf2203e..48407297ca87481bc4f070c685365fecd5c57e63 100644
--- a/src/test/helm/deployment_imagepull_secret_test.yaml
+++ b/src/test/helm/deployment_imagepull_secret_test.yaml
@@ -28,6 +28,14 @@ release:
namespace: sh-helm-test
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
tests:
- it: should use default imagePull secret
asserts:
diff --git a/src/test/helm/deployment_optional_trust_store_test.yaml b/src/test/helm/deployment_optional_trust_store_test.yaml
index 497868820b5a644004ce464d6bfb4404822a0236..d31e8fbce052a613a9c889c34d543c38431f0549 100644
--- a/src/test/helm/deployment_optional_trust_store_test.yaml
+++ b/src/test/helm/deployment_optional_trust_store_test.yaml
@@ -25,10 +25,18 @@
suite: test environments
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
tests:
- it: check without truststore
asserts:
- - isEmpty:
+ - notExists:
path: spec.template.spec.containers[0].args
- notContains:
path: spec.template.spec.containers[0].env
diff --git a/src/test/helm/deployment_resources_test.yaml b/src/test/helm/deployment_resources_test.yaml
index 780328a0bed6f8fdb4d3eea4febc9d705cbb9544..0b27fd25b3093eab8aa9b0b92f87db443868de17 100644
--- a/src/test/helm/deployment_resources_test.yaml
+++ b/src/test/helm/deployment_resources_test.yaml
@@ -27,6 +27,14 @@ release:
name: user-manager
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
tests:
- it: test resources
template: deployment.yaml
diff --git a/src/test/helm/deployment_scrapeMetrics_test.yaml b/src/test/helm/deployment_scrapeMetrics_test.yaml
index 2470cd787f38e990cbb91119a0a7b0425a2f94a8..4c73aaebf99bb3d54e869959e43b297ca696d64c 100644
--- a/src/test/helm/deployment_scrapeMetrics_test.yaml
+++ b/src/test/helm/deployment_scrapeMetrics_test.yaml
@@ -29,6 +29,15 @@ release:
templates:
- templates/deployment.yaml
- templates/secret_database_quarkus.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
+
tests:
- it: should set the metrics port by default
template: deployment.yaml
diff --git a/src/test/helm/deployment_service_account_test.yaml b/src/test/helm/deployment_service_account_test.yaml
index 2b3d1c98e38a215a33eee7affe428325c416538e..92b60bc0a21c4aa83d588999fc75560d7d9eaf38 100644
--- a/src/test/helm/deployment_service_account_test.yaml
+++ b/src/test/helm/deployment_service_account_test.yaml
@@ -28,6 +28,15 @@ release:
namespace: sh-helm-test
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
+
tests:
- it: should use service account with default name
set:
diff --git a/src/test/helm/deplyoment_cert_bindings_test.yaml b/src/test/helm/deplyoment_cert_bindings_test.yaml
index bab2e877c6bc14f64418afeb6cfbacc968fd6ead..416c7ef3fac69aabeef6b795239535382ce73103 100644
--- a/src/test/helm/deplyoment_cert_bindings_test.yaml
+++ b/src/test/helm/deplyoment_cert_bindings_test.yaml
@@ -28,10 +28,16 @@ release:
namespace: user-manager
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bezeichner: helm
+ bundesland: by
+ environment: dev
+ baseUrl: test.sh.ozg-cloud.de
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
tests:
- it: should mount volumes for user-manager root ca
- set:
- ozgcloud.environment: dev
asserts:
- contains:
path: spec.template.spec.containers[0].volumeMounts
diff --git a/src/test/helm/imagepull_secret_test.yaml b/src/test/helm/imagepull_secret_test.yaml
index f30a2e15fb14d1f12518d4b6f3777f5ae6cc972f..7432184eb0cab429812f580c87678edf5978c62e 100644
--- a/src/test/helm/imagepull_secret_test.yaml
+++ b/src/test/helm/imagepull_secret_test.yaml
@@ -48,8 +48,8 @@ tests:
- equal:
path: metadata.namespace
value: helm-test
- - isNotEmpty:
- path: data.[.dockerconfigjson]
+ - isNotNullOrEmpty:
+ path: data[".dockerconfigjson"]
- it: should not create image pull secret
set:
diff --git a/src/test/helm/ingress-nginx-tests.yaml b/src/test/helm/ingress-nginx-tests.yaml
index aaf323163e46b560d7d796028996b0356925058f..edc9075e3b0fe0594b5eebb44f4842b4276dc9d0 100644
--- a/src/test/helm/ingress-nginx-tests.yaml
+++ b/src/test/helm/ingress-nginx-tests.yaml
@@ -28,6 +28,10 @@ release:
namespace: sh-helm-test
templates:
- templates/ingress.yaml
+set:
+ baseUrl: test.sh.ozg-cloud.de
+ ozgcloud:
+ bezeichner: helm
tests:
- it: should create ingress tls
asserts:
@@ -56,19 +60,19 @@ tests:
- it: should use default letsencrypt-prod cluster-issuer
asserts:
- equal:
- path: metadata.annotations.[cert-manager.io/cluster-issuer]
+ path: metadata.annotations["cert-manager.io/cluster-issuer"]
value: letsencrypt-prod
- it: should use letsencrypt-staging cluster-issuer
set:
ingress.use_staging_cert: true
asserts:
- equal:
- path: metadata.annotations.[cert-manager.io/cluster-issuer]
+ path: metadata.annotations["cert-manager.io/cluster-issuer"]
value: letsencrypt-staging
- it: should use letsencrypt-prod cluster-issuer
set:
ingress.use_staging_cert: false
asserts:
- equal:
- path: metadata.annotations.[cert-manager.io/cluster-issuer]
+ path: metadata.annotations["cert-manager.io/cluster-issuer"]
value: letsencrypt-prod
\ No newline at end of file
diff --git a/src/test/helm/ingress_nginx_cors_test.yaml b/src/test/helm/ingress_nginx_cors_test.yaml
index aa255265aeb87cb0da6f7c01915fed1fa92b1448..f415a7e2018f5b73ce10322e963a237386a36c1c 100644
--- a/src/test/helm/ingress_nginx_cors_test.yaml
+++ b/src/test/helm/ingress_nginx_cors_test.yaml
@@ -28,13 +28,17 @@ release:
namespace: sh-helm-test
templates:
- templates/ingress.yaml
+set:
+ baseUrl: test.sh.ozg-cloud.de
+ ozgcloud:
+ bezeichner: helm
tests:
- it: check ingress annotations if nginx test environment
asserts:
- isKind:
of: Ingress
- equal:
- path: metadata.annotations.[nginx.ingress.kubernetes.io/configuration-snippet]
+ path: metadata.annotations["nginx.ingress.kubernetes.io/configuration-snippet"]
value: |
more_set_headers "Access-Control-Allow-Methods: GET,PATCH,OPTIONS";
more_set_headers "Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,X-XSRF-TOKEN";
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index 66da8d8ea8f18d64f89f3dd61dc0e562c4141b07..28458788e7b54d1b69190d6aec99df846f3b34b9 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -27,25 +27,20 @@ release:
namespace: by-helm-test
templates:
- templates/network_policy.yaml
+set:
+ networkPolicy:
+ dnsServerNamespace: test-namespace-dns
+ ssoPublicIp: 51.89.117.53/32
tests:
- it: should match apiVersion
- set:
- networkPolicy:
- dnsServerNamespace: test-namespace-dns
asserts:
- isAPIVersion:
of: networking.k8s.io/v1
- it: should match kind
- set:
- networkPolicy:
- dnsServerNamespace: test-namespace-dns
asserts:
- isKind:
of: NetworkPolicy
- it: validate metadata
- set:
- networkPolicy:
- dnsServerNamespace: test-namespace-dns
asserts:
- equal:
path: metadata
@@ -53,9 +48,6 @@ tests:
name: network-policy-user-manager
namespace: by-helm-test
- it: validate spec
- set:
- networkPolicy:
- dnsServerNamespace: test-namespace-dns
asserts:
- equal:
path: spec
@@ -93,7 +85,6 @@ tests:
- it: add ingress rule by values
set:
networkPolicy:
- dnsServerNamespace: test-namespace-dns
additionalIngressConfig:
- podSelector:
matchLabels:
@@ -112,7 +103,6 @@ tests:
- it: test network policy disabled
set:
networkPolicy:
- dnsServerNamespace: test-namespace-dns
disabled: true
asserts:
- hasDocuments:
@@ -121,7 +111,6 @@ tests:
- it: test network policy unset should be disabled
set:
networkPolicy:
- dnsServerNamespace: test-namespace-dns
disabled: false
asserts:
- hasDocuments:
diff --git a/src/test/helm/service_monitor_test.yaml b/src/test/helm/service_monitor_test.yaml
index 050a9c74b02f593bf2d269efc8a04cf4714fede4..c8be85c8dc7a87568a01b77b815be2bf208ae00c 100644
--- a/src/test/helm/service_monitor_test.yaml
+++ b/src/test/helm/service_monitor_test.yaml
@@ -34,7 +34,7 @@ tests:
- isKind:
of: ServiceMonitor
- equal:
- path: metadata.labels.[component]
+ path: metadata.labels["component"]
value: user-manager-service-monitor
- it: should be able to enable the endpoint
asserts:
@@ -55,13 +55,13 @@ tests:
- it: selector should contain the component label with the value user-manager-service
asserts:
- equal:
- path: spec.selector.matchLabels.[component]
+ path: spec.selector.matchLabels["component"]
value: user-manager-service
- it: selector should contain helm recommended labels name and namespace
asserts:
- equal:
- path: spec.selector.matchLabels.[app.kubernetes.io/name]
+ path: spec.selector.matchLabels["app.kubernetes.io/name"]
value: user-manager
- equal:
- path: spec.selector.matchLabels.[app.kubernetes.io/namespace]
+ path: spec.selector.matchLabels["app.kubernetes.io/namespace"]
value: sh-helm-test
diff --git a/src/test/helm/service_test.yaml b/src/test/helm/service_test.yaml
index e48c69350da238910ef72e2a9dd8bd2b2b442972..08c9324f396e8f6c694617c0e371d8c52f1ecb96 100644
--- a/src/test/helm/service_test.yaml
+++ b/src/test/helm/service_test.yaml
@@ -34,7 +34,7 @@ tests:
- isKind:
of: Service
- equal:
- path: metadata.labels.[component]
+ path: metadata.labels["component"]
value: user-manager-service
- it: should be of type ClusterIP
asserts:
@@ -49,8 +49,8 @@ tests:
name: http
port: 8080
protocol: TCP
- count: 1
- any: true
+ count: 1
+ any: true
- it: ports should contain the grpc port
asserts:
- contains:
@@ -59,19 +59,19 @@ tests:
name: grpc-9000
port: 9000
protocol: TCP
- count: 1
- any: true
+ count: 1
+ any: true
- it: selector should contain the component label with the value user-manager
asserts:
- equal:
- path: spec.selector.[component]
+ path: spec.selector["component"]
value: user-manager
- it: selector should contain helm recommended labels name and namespace
asserts:
- equal:
- path: spec.selector.[app.kubernetes.io/name]
+ path: spec.selector["app.kubernetes.io/name"]
value: user-manager
- equal:
- path: spec.selector.[app.kubernetes.io/namespace]
+ path: spec.selector["app.kubernetes.io/namespace"]
value: helm-test
\ No newline at end of file
diff --git a/src/test/unit-values.yaml b/src/test/unit-values.yaml
deleted file mode 100644
index 3beed7471843741873fa409ae049bf9c27009bbd..0000000000000000000000000000000000000000
--- a/src/test/unit-values.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-#
-# Copyright (C) 2022 Das Land Schleswig-Holstein vertreten durch den
-# Ministerpräsidenten des Landes Schleswig-Holstein
-# Staatskanzlei
-# Abteilung Digitalisierung und zentrales IT-Management der Landesregierung
-#
-# Lizenziert unter der EUPL, Version 1.2 oder - sobald
-# diese von der Europäischen Kommission genehmigt wurden -
-# Folgeversionen der EUPL ("Lizenz");
-# Sie dürfen dieses Werk ausschließlich gemäß
-# dieser Lizenz nutzen.
-# Eine Kopie der Lizenz finden Sie hier:
-#
-# https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12
-#
-# Sofern nicht durch anwendbare Rechtsvorschriften
-# gefordert oder in schriftlicher Form vereinbart, wird
-# die unter der Lizenz verbreitete Software "so wie sie
-# ist", OHNE JEGLICHE GEWÄHRLEISTUNG ODER BEDINGUNGEN -
-# ausdrücklich oder stillschweigend - verbreitet.
-# Die sprachspezifischen Genehmigungen und Beschränkungen
-# unter der Lizenz sind dem Lizenztext zu entnehmen.
-#
-
-baseUrl: test.sh.ozg-cloud.de
-
-ozgcloud:
- bundesland: sh
- bezeichner: helm
- environment: test
- keycloak:
- api:
- password: geheim
-
-sso:
- serverUrl: sso.test.sh.ozg-cloud.de
-
-networkPolicy:
- ssoPublicIp: 51.89.117.53/32