From 53890ab6cbe3f5e05fcb934994e27e75ad41d433 Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Tue, 9 Jan 2024 08:37:35 +0100
Subject: [PATCH] OZG-3328 WIP new helm unittest framework
---
run_helm_test.sh | 2 +-
src/main/helm/templates/_helpers.tpl | 4 +-
src/test/helm/deployment_env_test.yaml | 12 +++++-
.../helm/deployment_host_aliases_test.yaml | 8 ++++
.../deployment_imagepull_secret_test.yaml | 8 ++++
.../deployment_optional_trust_store_test.yaml | 10 ++++-
src/test/helm/deployment_resources_test.yaml | 8 ++++
.../helm/deployment_scrapeMetrics_test.yaml | 9 +++++
.../helm/deployment_service_account_test.yaml | 9 +++++
.../helm/deplyoment_cert_bindings_test.yaml | 10 ++++-
src/test/helm/imagepull_secret_test.yaml | 4 +-
src/test/helm/ingress-nginx-tests.yaml | 10 +++--
src/test/helm/ingress_nginx_cors_test.yaml | 6 ++-
src/test/helm/network_policy_test.yaml | 19 ++-------
src/test/helm/service_monitor_test.yaml | 8 ++--
src/test/helm/service_test.yaml | 16 ++++----
src/test/unit-values.yaml | 39 -------------------
17 files changed, 103 insertions(+), 79 deletions(-)
delete mode 100644 src/test/unit-values.yaml
diff --git a/run_helm_test.sh b/run_helm_test.sh
index ceb8ca70..3c7a112b 100755
--- a/run_helm_test.sh
+++ b/run_helm_test.sh
@@ -5,4 +5,4 @@ set -x
helm template ./src/main/helm/ -f src/test/linter-values.yaml
helm lint -f src/test/linter-values.yaml ./src/main/helm/
-cd src/main/helm && helm unittest --helm3 -f '../../test/helm/*.yaml' -v '../../test/unit-values.yaml' .
\ No newline at end of file
+cd src/main/helm && helm unittest -f '../../test/helm/*.yaml' .
\ No newline at end of file
diff --git a/src/main/helm/templates/_helpers.tpl b/src/main/helm/templates/_helpers.tpl
index c75701fd..358e0f69 100644
--- a/src/main/helm/templates/_helpers.tpl
+++ b/src/main/helm/templates/_helpers.tpl
@@ -57,7 +57,7 @@ app.kubernetes.io/namespace: {{ include "app.namespace" . }}
{{- end -}}
{{- define "app.ssoServerUrl" -}}
-{{- if contains "https://" .Values.sso.serverUrl -}}
+{{- if contains "https://" (required "sso.serverUrl must be set" (.Values.sso).serverUrl) -}}
{{- .Values.sso.serverUrl -}}
{{- else -}}
{{- printf "https://%s" .Values.sso.serverUrl -}}
@@ -99,7 +99,7 @@ app.kubernetes.io/namespace: {{ include "app.namespace" . }}
{{- end -}}
{{- define "app.alfaAddress" -}}
-{{ printf "https://%s.%s" (include "app.ozgcloudBezeichner" .) .Values.baseUrl }}
+{{ printf "https://%s.%s" (include "app.ozgcloudBezeichner" .) (required "baseUrl must be set" .Values.baseUrl) }}
{{- end -}}
{{- define "app.replaceAllNonAlphanumeric" -}}
diff --git a/src/test/helm/deployment_env_test.yaml b/src/test/helm/deployment_env_test.yaml
index 34eb94b4..6f9e04b4 100644
--- a/src/test/helm/deployment_env_test.yaml
+++ b/src/test/helm/deployment_env_test.yaml
@@ -25,6 +25,14 @@
suite: test environments
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
tests:
- it: check customList
template: deployment.yaml
@@ -71,7 +79,9 @@ tests:
value: test-database
- it: check user sync period set
set:
- ozgcloud.usersync.period: "6h"
+ ozgcloud:
+ usersync:
+ period: "6h"
asserts:
- contains:
path: spec.template.spec.containers[0].env
diff --git a/src/test/helm/deployment_host_aliases_test.yaml b/src/test/helm/deployment_host_aliases_test.yaml
index 6b1ce6a5..35a67366 100644
--- a/src/test/helm/deployment_host_aliases_test.yaml
+++ b/src/test/helm/deployment_host_aliases_test.yaml
@@ -28,6 +28,14 @@ release:
namespace: sh-helm-test
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
tests:
- it: should not set hostAliases
asserts:
diff --git a/src/test/helm/deployment_imagepull_secret_test.yaml b/src/test/helm/deployment_imagepull_secret_test.yaml
index 41ea808d..48407297 100644
--- a/src/test/helm/deployment_imagepull_secret_test.yaml
+++ b/src/test/helm/deployment_imagepull_secret_test.yaml
@@ -28,6 +28,14 @@ release:
namespace: sh-helm-test
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
tests:
- it: should use default imagePull secret
asserts:
diff --git a/src/test/helm/deployment_optional_trust_store_test.yaml b/src/test/helm/deployment_optional_trust_store_test.yaml
index 49786882..d31e8fbc 100644
--- a/src/test/helm/deployment_optional_trust_store_test.yaml
+++ b/src/test/helm/deployment_optional_trust_store_test.yaml
@@ -25,10 +25,18 @@
suite: test environments
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
tests:
- it: check without truststore
asserts:
- - isEmpty:
+ - notExists:
path: spec.template.spec.containers[0].args
- notContains:
path: spec.template.spec.containers[0].env
diff --git a/src/test/helm/deployment_resources_test.yaml b/src/test/helm/deployment_resources_test.yaml
index 780328a0..0b27fd25 100644
--- a/src/test/helm/deployment_resources_test.yaml
+++ b/src/test/helm/deployment_resources_test.yaml
@@ -27,6 +27,14 @@ release:
name: user-manager
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
tests:
- it: test resources
template: deployment.yaml
diff --git a/src/test/helm/deployment_scrapeMetrics_test.yaml b/src/test/helm/deployment_scrapeMetrics_test.yaml
index 2470cd78..4c73aaeb 100644
--- a/src/test/helm/deployment_scrapeMetrics_test.yaml
+++ b/src/test/helm/deployment_scrapeMetrics_test.yaml
@@ -29,6 +29,15 @@ release:
templates:
- templates/deployment.yaml
- templates/secret_database_quarkus.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
+
tests:
- it: should set the metrics port by default
template: deployment.yaml
diff --git a/src/test/helm/deployment_service_account_test.yaml b/src/test/helm/deployment_service_account_test.yaml
index 2b3d1c98..92b60bc0 100644
--- a/src/test/helm/deployment_service_account_test.yaml
+++ b/src/test/helm/deployment_service_account_test.yaml
@@ -28,6 +28,15 @@ release:
namespace: sh-helm-test
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bundesland: by
+ bezeichner: helm
+ environment: dev
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
+ baseUrl: test.sh.ozg-cloud.de
+
tests:
- it: should use service account with default name
set:
diff --git a/src/test/helm/deplyoment_cert_bindings_test.yaml b/src/test/helm/deplyoment_cert_bindings_test.yaml
index bab2e877..416c7ef3 100644
--- a/src/test/helm/deplyoment_cert_bindings_test.yaml
+++ b/src/test/helm/deplyoment_cert_bindings_test.yaml
@@ -28,10 +28,16 @@ release:
namespace: user-manager
templates:
- templates/deployment.yaml
+set:
+ ozgcloud:
+ bezeichner: helm
+ bundesland: by
+ environment: dev
+ baseUrl: test.sh.ozg-cloud.de
+ sso:
+ serverUrl: sso.test.sh.ozg-cloud.de
tests:
- it: should mount volumes for user-manager root ca
- set:
- ozgcloud.environment: dev
asserts:
- contains:
path: spec.template.spec.containers[0].volumeMounts
diff --git a/src/test/helm/imagepull_secret_test.yaml b/src/test/helm/imagepull_secret_test.yaml
index f30a2e15..7432184e 100644
--- a/src/test/helm/imagepull_secret_test.yaml
+++ b/src/test/helm/imagepull_secret_test.yaml
@@ -48,8 +48,8 @@ tests:
- equal:
path: metadata.namespace
value: helm-test
- - isNotEmpty:
- path: data.[.dockerconfigjson]
+ - isNotNullOrEmpty:
+ path: data[".dockerconfigjson"]
- it: should not create image pull secret
set:
diff --git a/src/test/helm/ingress-nginx-tests.yaml b/src/test/helm/ingress-nginx-tests.yaml
index aaf32316..edc9075e 100644
--- a/src/test/helm/ingress-nginx-tests.yaml
+++ b/src/test/helm/ingress-nginx-tests.yaml
@@ -28,6 +28,10 @@ release:
namespace: sh-helm-test
templates:
- templates/ingress.yaml
+set:
+ baseUrl: test.sh.ozg-cloud.de
+ ozgcloud:
+ bezeichner: helm
tests:
- it: should create ingress tls
asserts:
@@ -56,19 +60,19 @@ tests:
- it: should use default letsencrypt-prod cluster-issuer
asserts:
- equal:
- path: metadata.annotations.[cert-manager.io/cluster-issuer]
+ path: metadata.annotations["cert-manager.io/cluster-issuer"]
value: letsencrypt-prod
- it: should use letsencrypt-staging cluster-issuer
set:
ingress.use_staging_cert: true
asserts:
- equal:
- path: metadata.annotations.[cert-manager.io/cluster-issuer]
+ path: metadata.annotations["cert-manager.io/cluster-issuer"]
value: letsencrypt-staging
- it: should use letsencrypt-prod cluster-issuer
set:
ingress.use_staging_cert: false
asserts:
- equal:
- path: metadata.annotations.[cert-manager.io/cluster-issuer]
+ path: metadata.annotations["cert-manager.io/cluster-issuer"]
value: letsencrypt-prod
\ No newline at end of file
diff --git a/src/test/helm/ingress_nginx_cors_test.yaml b/src/test/helm/ingress_nginx_cors_test.yaml
index aa255265..f415a7e2 100644
--- a/src/test/helm/ingress_nginx_cors_test.yaml
+++ b/src/test/helm/ingress_nginx_cors_test.yaml
@@ -28,13 +28,17 @@ release:
namespace: sh-helm-test
templates:
- templates/ingress.yaml
+set:
+ baseUrl: test.sh.ozg-cloud.de
+ ozgcloud:
+ bezeichner: helm
tests:
- it: check ingress annotations if nginx test environment
asserts:
- isKind:
of: Ingress
- equal:
- path: metadata.annotations.[nginx.ingress.kubernetes.io/configuration-snippet]
+ path: metadata.annotations["nginx.ingress.kubernetes.io/configuration-snippet"]
value: |
more_set_headers "Access-Control-Allow-Methods: GET,PATCH,OPTIONS";
more_set_headers "Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,X-XSRF-TOKEN";
diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index 66da8d8e..28458788 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -27,25 +27,20 @@ release:
namespace: by-helm-test
templates:
- templates/network_policy.yaml
+set:
+ networkPolicy:
+ dnsServerNamespace: test-namespace-dns
+ ssoPublicIp: 51.89.117.53/32
tests:
- it: should match apiVersion
- set:
- networkPolicy:
- dnsServerNamespace: test-namespace-dns
asserts:
- isAPIVersion:
of: networking.k8s.io/v1
- it: should match kind
- set:
- networkPolicy:
- dnsServerNamespace: test-namespace-dns
asserts:
- isKind:
of: NetworkPolicy
- it: validate metadata
- set:
- networkPolicy:
- dnsServerNamespace: test-namespace-dns
asserts:
- equal:
path: metadata
@@ -53,9 +48,6 @@ tests:
name: network-policy-user-manager
namespace: by-helm-test
- it: validate spec
- set:
- networkPolicy:
- dnsServerNamespace: test-namespace-dns
asserts:
- equal:
path: spec
@@ -93,7 +85,6 @@ tests:
- it: add ingress rule by values
set:
networkPolicy:
- dnsServerNamespace: test-namespace-dns
additionalIngressConfig:
- podSelector:
matchLabels:
@@ -112,7 +103,6 @@ tests:
- it: test network policy disabled
set:
networkPolicy:
- dnsServerNamespace: test-namespace-dns
disabled: true
asserts:
- hasDocuments:
@@ -121,7 +111,6 @@ tests:
- it: test network policy unset should be disabled
set:
networkPolicy:
- dnsServerNamespace: test-namespace-dns
disabled: false
asserts:
- hasDocuments:
diff --git a/src/test/helm/service_monitor_test.yaml b/src/test/helm/service_monitor_test.yaml
index 050a9c74..c8be85c8 100644
--- a/src/test/helm/service_monitor_test.yaml
+++ b/src/test/helm/service_monitor_test.yaml
@@ -34,7 +34,7 @@ tests:
- isKind:
of: ServiceMonitor
- equal:
- path: metadata.labels.[component]
+ path: metadata.labels["component"]
value: user-manager-service-monitor
- it: should be able to enable the endpoint
asserts:
@@ -55,13 +55,13 @@ tests:
- it: selector should contain the component label with the value user-manager-service
asserts:
- equal:
- path: spec.selector.matchLabels.[component]
+ path: spec.selector.matchLabels["component"]
value: user-manager-service
- it: selector should contain helm recommended labels name and namespace
asserts:
- equal:
- path: spec.selector.matchLabels.[app.kubernetes.io/name]
+ path: spec.selector.matchLabels["app.kubernetes.io/name"]
value: user-manager
- equal:
- path: spec.selector.matchLabels.[app.kubernetes.io/namespace]
+ path: spec.selector.matchLabels["app.kubernetes.io/namespace"]
value: sh-helm-test
diff --git a/src/test/helm/service_test.yaml b/src/test/helm/service_test.yaml
index e48c6935..08c9324f 100644
--- a/src/test/helm/service_test.yaml
+++ b/src/test/helm/service_test.yaml
@@ -34,7 +34,7 @@ tests:
- isKind:
of: Service
- equal:
- path: metadata.labels.[component]
+ path: metadata.labels["component"]
value: user-manager-service
- it: should be of type ClusterIP
asserts:
@@ -49,8 +49,8 @@ tests:
name: http
port: 8080
protocol: TCP
- count: 1
- any: true
+ count: 1
+ any: true
- it: ports should contain the grpc port
asserts:
- contains:
@@ -59,19 +59,19 @@ tests:
name: grpc-9000
port: 9000
protocol: TCP
- count: 1
- any: true
+ count: 1
+ any: true
- it: selector should contain the component label with the value user-manager
asserts:
- equal:
- path: spec.selector.[component]
+ path: spec.selector["component"]
value: user-manager
- it: selector should contain helm recommended labels name and namespace
asserts:
- equal:
- path: spec.selector.[app.kubernetes.io/name]
+ path: spec.selector["app.kubernetes.io/name"]
value: user-manager
- equal:
- path: spec.selector.[app.kubernetes.io/namespace]
+ path: spec.selector["app.kubernetes.io/namespace"]
value: helm-test
\ No newline at end of file
diff --git a/src/test/unit-values.yaml b/src/test/unit-values.yaml
deleted file mode 100644
index 3beed747..00000000
--- a/src/test/unit-values.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-#
-# Copyright (C) 2022 Das Land Schleswig-Holstein vertreten durch den
-# Ministerpräsidenten des Landes Schleswig-Holstein
-# Staatskanzlei
-# Abteilung Digitalisierung und zentrales IT-Management der Landesregierung
-#
-# Lizenziert unter der EUPL, Version 1.2 oder - sobald
-# diese von der Europäischen Kommission genehmigt wurden -
-# Folgeversionen der EUPL ("Lizenz");
-# Sie dürfen dieses Werk ausschließlich gemäß
-# dieser Lizenz nutzen.
-# Eine Kopie der Lizenz finden Sie hier:
-#
-# https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12
-#
-# Sofern nicht durch anwendbare Rechtsvorschriften
-# gefordert oder in schriftlicher Form vereinbart, wird
-# die unter der Lizenz verbreitete Software "so wie sie
-# ist", OHNE JEGLICHE GEWÄHRLEISTUNG ODER BEDINGUNGEN -
-# ausdrücklich oder stillschweigend - verbreitet.
-# Die sprachspezifischen Genehmigungen und Beschränkungen
-# unter der Lizenz sind dem Lizenztext zu entnehmen.
-#
-
-baseUrl: test.sh.ozg-cloud.de
-
-ozgcloud:
- bundesland: sh
- bezeichner: helm
- environment: test
- keycloak:
- api:
- password: geheim
-
-sso:
- serverUrl: sso.test.sh.ozg-cloud.de
-
-networkPolicy:
- ssoPublicIp: 51.89.117.53/32
--
GitLab