diff --git a/src/main/helm/templates/_helpers.tpl b/src/main/helm/templates/_helpers.tpl
index 9d24fd8ea73b2736cb5172a3f3da10da532cfc0a..bbb798821b2f9441f61c4143d24586a0f91cd100 100644
--- a/src/main/helm/templates/_helpers.tpl
+++ b/src/main/helm/templates/_helpers.tpl
@@ -41,12 +41,6 @@ app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/namespace: {{ include "app.namespace" . }}
{{- end -}}
-{{- define "app.imagePullSecret" }}
-{{- with .Values.imageCredentials }}
-{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }}
-{{- end }}
-{{- end }}
-
{{- define "app.cronjobScheduler" }}
{{- printf "%d %d * * *" (div (randNumeric 2) 2) (div (randNumeric 1) 2) -}}
{{- end -}}
diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index a602dfe739eede70e7ec97d6994296e953c50ce3..66262635fb8c204ec827124a07fe52c71c3d95a1 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -226,11 +226,7 @@ spec:
dnsConfig: {}
dnsPolicy: ClusterFirst
imagePullSecrets:
- {{- if .Values.imagePullSecret }}
- - name: {{ .Values.imagePullSecret }}
- {{ else }}
- - name: user-manager-image-pull-secret
- {{- end }}
+ - name: {{ required "imagePullSecret must be set" .Values.imagePullSecret }}
restartPolicy: Always
{{- with .Values.hostAliases }}
hostAliases:
diff --git a/src/main/helm/templates/image_pull_secret.yaml b/src/main/helm/templates/image_pull_secret.yaml
deleted file mode 100644
index 02be1463951799822886c4bc8593c9310be130fa..0000000000000000000000000000000000000000
--- a/src/main/helm/templates/image_pull_secret.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# Copyright (C) 2022 Das Land Schleswig-Holstein vertreten durch den
-# Ministerpräsidenten des Landes Schleswig-Holstein
-# Staatskanzlei
-# Abteilung Digitalisierung und zentrales IT-Management der Landesregierung
-#
-# Lizenziert unter der EUPL, Version 1.2 oder - sobald
-# diese von der Europäischen Kommission genehmigt wurden -
-# Folgeversionen der EUPL ("Lizenz");
-# Sie dürfen dieses Werk ausschließlich gemäß
-# dieser Lizenz nutzen.
-# Eine Kopie der Lizenz finden Sie hier:
-#
-# https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12
-#
-# Sofern nicht durch anwendbare Rechtsvorschriften
-# gefordert oder in schriftlicher Form vereinbart, wird
-# die unter der Lizenz verbreitete Software "so wie sie
-# ist", OHNE JEGLICHE GEWÄHRLEISTUNG ODER BEDINGUNGEN -
-# ausdrücklich oder stillschweigend - verbreitet.
-# Die sprachspezifischen Genehmigungen und Beschränkungen
-# unter der Lizenz sind dem Lizenztext zu entnehmen.
-#
-
-{{- if not (.Values.imagePullSecret) }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: user-manager-image-pull-secret
- namespace: {{ include "app.namespace" . }}
-type: kubernetes.io/dockerconfigjson
-data:
- .dockerconfigjson: {{ include "app.imagePullSecret" . }}
-{{- end }}
\ No newline at end of file
diff --git a/src/test/helm/deployment_63_char_test.yaml b/src/test/helm/deployment_63_char_test.yaml
index e6a14d3a5c38808a8fc4c3a25920dc4dedc6f093..5c5d86b1328b339cbe18215236055ddc7dfd0aaa 100644
--- a/src/test/helm/deployment_63_char_test.yaml
+++ b/src/test/helm/deployment_63_char_test.yaml
@@ -36,7 +36,7 @@ set:
environment: dev
sso.serverUrl: https://sso.company.local
baseUrl: test.company.local
-
+ imagePullSecret: image-pull-secret
tests:
- it: should fail on .Release.Namespace length longer than 63 characters
release:
diff --git a/src/test/helm/deployment_container_security_context_test.yaml b/src/test/helm/deployment_container_security_context_test.yaml
index 205e5aacb363d70e1a2c56b539884f2b89f361c3..5d501b0257db20283c5c91fb5d47637d274ac2f4 100644
--- a/src/test/helm/deployment_container_security_context_test.yaml
+++ b/src/test/helm/deployment_container_security_context_test.yaml
@@ -35,6 +35,7 @@ set:
environment: dev
sso.serverUrl: https://sso.company.local
baseUrl: test.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: check default values
asserts:
diff --git a/src/test/helm/deployment_default_spec_test.yaml b/src/test/helm/deployment_default_spec_test.yaml
index 5e2d17265c8784c968aa85f7a92650482815ab60..b06b33828954193f2bfc18dcb2911656ed74380b 100644
--- a/src/test/helm/deployment_default_spec_test.yaml
+++ b/src/test/helm/deployment_default_spec_test.yaml
@@ -36,6 +36,7 @@ set:
baseUrl: test.sh.ozg-cloud.de
sso:
serverUrl: sso.test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: check for some standard values
asserts:
diff --git a/src/test/helm/deployment_defaults_labels_test.yaml b/src/test/helm/deployment_defaults_labels_test.yaml
index ea21aa38d22f88efda171b35fc4a35de23793f11..5cfcd5a5f66cb725df5ad7a89d623dcc0e764c89 100644
--- a/src/test/helm/deployment_defaults_labels_test.yaml
+++ b/src/test/helm/deployment_defaults_labels_test.yaml
@@ -36,6 +36,7 @@ set:
sso:
serverUrl: https://sso.company.local
baseUrl: test.sh.ozg-cloud.local
+ imagePullSecret: image-pull-secret
tests:
- it: check default labels
asserts:
diff --git a/src/test/helm/deployment_defaults_topologySpreadConstraints_test.yaml b/src/test/helm/deployment_defaults_topologySpreadConstraints_test.yaml
index 1071ef23a3be6854378fbc812c25cf467e6f16de..a71b7e6773585c848e690e3a22099871f4da5665 100644
--- a/src/test/helm/deployment_defaults_topologySpreadConstraints_test.yaml
+++ b/src/test/helm/deployment_defaults_topologySpreadConstraints_test.yaml
@@ -36,6 +36,7 @@ set:
baseUrl: test.sh.ozg-cloud.de
sso:
serverUrl: sso.test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: check default values
asserts:
diff --git a/src/test/helm/deployment_env_test.yaml b/src/test/helm/deployment_env_test.yaml
index 50bd0bbee1e5e3e775c78c3f85395c6f27d1ddc0..c0acc80b8d90dd1c36534024f7fa19a1277d40a8 100644
--- a/src/test/helm/deployment_env_test.yaml
+++ b/src/test/helm/deployment_env_test.yaml
@@ -33,6 +33,7 @@ set:
sso:
serverUrl: sso.test.sh.ozg-cloud.de
baseUrl: test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: check customList
set:
diff --git a/src/test/helm/deployment_host_aliases_test.yaml b/src/test/helm/deployment_host_aliases_test.yaml
index 35a67366a7a9a481f609f4d6c055b035b5da8f7b..0d704cc7fe5e7972d3ed5debcde32db567b72c77 100644
--- a/src/test/helm/deployment_host_aliases_test.yaml
+++ b/src/test/helm/deployment_host_aliases_test.yaml
@@ -36,6 +36,7 @@ set:
sso:
serverUrl: sso.test.sh.ozg-cloud.de
baseUrl: test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: should not set hostAliases
asserts:
diff --git a/src/test/helm/deployment_imagepull_secret_test.yaml b/src/test/helm/deployment_imagepull_secret_test.yaml
index 557926dee620da96a52f1595cbe8a7d68420ec4e..196a5f4d0baf953159a6f0acfb1ae42589838312 100644
--- a/src/test/helm/deployment_imagepull_secret_test.yaml
+++ b/src/test/helm/deployment_imagepull_secret_test.yaml
@@ -36,16 +36,16 @@ set:
sso:
serverUrl: sso.test.sh.ozg-cloud.de
baseUrl: test.sh.ozg-cloud.de
+
tests:
- - it: should use default imagePull secret
- asserts:
- - equal:
- path: spec.template.spec.imagePullSecrets[0].name
- value: user-manager-image-pull-secret
- it: should set the imagePull secret
- set:
+ set:
imagePullSecret: image-pull-secret
asserts:
- equal:
path: spec.template.spec.imagePullSecrets[0].name
- value: image-pull-secret
\ No newline at end of file
+ value: image-pull-secret
+ - it: should fail if the imagePull secret not set
+ asserts:
+ - failedTemplate:
+ errorMessage: imagePullSecret must be set
\ No newline at end of file
diff --git a/src/test/helm/deployment_keycloak_values_test.yaml b/src/test/helm/deployment_keycloak_values_env_test.yaml
similarity index 98%
rename from src/test/helm/deployment_keycloak_values_test.yaml
rename to src/test/helm/deployment_keycloak_values_env_test.yaml
index b458a4a1571422fdc8bb5757731f3430682edf01..f9579ff7fcc9a3f45b72fa1af47f2fd90e8e30f2 100644
--- a/src/test/helm/deployment_keycloak_values_test.yaml
+++ b/src/test/helm/deployment_keycloak_values_env_test.yaml
@@ -22,7 +22,7 @@
# unter der Lizenz sind dem Lizenztext zu entnehmen.
#
-suite: test deployment
+suite: test deployment kc values
release:
name: user-manager
templates:
@@ -35,6 +35,7 @@ set:
sso:
serverUrl: https://sso.test.by.ozg-cloud.local
baseUrl: test.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: validate keycloak configuration values
asserts:
diff --git a/src/test/helm/deployment_mongodb_passwort_secretref_test.yaml b/src/test/helm/deployment_mongodb_passwort_secretref_test.yaml
index 5398f844fced5c2a7f48fd3b590082129b17e92a..b717977cefc915a7a49b876049acfa0e91e6df52 100644
--- a/src/test/helm/deployment_mongodb_passwort_secretref_test.yaml
+++ b/src/test/helm/deployment_mongodb_passwort_secretref_test.yaml
@@ -22,7 +22,7 @@
# unter der Lizenz sind dem Lizenztext zu entnehmen.
#
-suite: test deployment
+suite: test deployment mongodb psw secretref
release:
name: user-manager
templates:
@@ -34,11 +34,11 @@ set:
environment: dev
sso.serverUrl: https://sso.company.local
baseUrl: test.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: should reference mongodb connection service for user-manager
set:
database.secretName: pluto-database-admin-user-manager-database-user
- template: deployment.yaml
release:
namespace: sh-helm-test
asserts:
@@ -52,7 +52,6 @@ tests:
name: pluto-database-admin-user-manager-database-user
optional: false
- it: check default mongodb connection service for user-manager
- template: deployment.yaml
release:
namespace: sh-helm-test
asserts:
diff --git a/src/test/helm/deployment_optional_trust_store_test.yaml b/src/test/helm/deployment_optional_trust_store_test.yaml
index 6944e3d12a5b294131790ba9768fd4225bdfce08..056003a511e08cf064e696fccde61fabc81dd3d0 100644
--- a/src/test/helm/deployment_optional_trust_store_test.yaml
+++ b/src/test/helm/deployment_optional_trust_store_test.yaml
@@ -33,6 +33,7 @@ set:
sso:
serverUrl: sso.test.sh.ozg-cloud.de
baseUrl: test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: check without truststore
asserts:
diff --git a/src/test/helm/deployment_probes_test.yaml b/src/test/helm/deployment_probes_test.yaml
index 16ea20423dde663ea04deaaae675ceec08dfaea6..b0b21391ef3675e497828239825c412782eeaa6b 100644
--- a/src/test/helm/deployment_probes_test.yaml
+++ b/src/test/helm/deployment_probes_test.yaml
@@ -36,6 +36,7 @@ set:
sso:
serverUrl: https://sso.company.local
baseUrl: test.by.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: livenessProbe should be disabled by default
asserts:
diff --git a/src/test/helm/deployment_resources_test.yaml b/src/test/helm/deployment_resources_test.yaml
index ca06a606bbdf1be7beae8d9dbf991c6d4df072e9..0cbca6c0634829036ed85d55600563c56c6c98ba 100644
--- a/src/test/helm/deployment_resources_test.yaml
+++ b/src/test/helm/deployment_resources_test.yaml
@@ -35,6 +35,7 @@ set:
sso:
serverUrl: sso.test.sh.ozg-cloud.de
baseUrl: test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: test resources
set:
diff --git a/src/test/helm/deployment_service_account_test.yaml b/src/test/helm/deployment_service_account_test.yaml
index 92b60bc0a21c4aa83d588999fc75560d7d9eaf38..75a15ba03eff0a01f9c3568c7ef2d9a0428c7ce0 100644
--- a/src/test/helm/deployment_service_account_test.yaml
+++ b/src/test/helm/deployment_service_account_test.yaml
@@ -36,6 +36,7 @@ set:
sso:
serverUrl: sso.test.sh.ozg-cloud.de
baseUrl: test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: should use service account with default name
diff --git a/src/test/helm/deployment_url_value_test.yaml b/src/test/helm/deployment_url_value_test.yaml
index 49a89498d0844bf7ff414088a9aa44f0808f228c..981fe2a4ef21f71a6f658730a5fa25f43c866a5a 100644
--- a/src/test/helm/deployment_url_value_test.yaml
+++ b/src/test/helm/deployment_url_value_test.yaml
@@ -34,9 +34,9 @@ set:
environment: dev
sso.serverUrl: https://sso.company.local
baseUrl: test.company.local
+ imagePullSecret: image-pull-secret
tests:
- it: validate keycloak configuration values
- template: deployment.yaml
release:
namespace: sh-name-dev
asserts:
@@ -47,7 +47,6 @@ tests:
value: https://helm-user-manager.test.company.local
- it: set baseDomain for ozgcloud_user_manager_url
- template: deployment.yaml
set:
baseDomain: helm-usm.test.company.local
asserts:
diff --git a/src/test/helm/deplyoment_cert_bindings_test.yaml b/src/test/helm/deplyoment_cert_bindings_test.yaml
index 3fec0d1b00b5d5750bfb97bb558de92287837d98..4ac96535cd8c1817d7f1d165d2a5d5c33d661bc8 100644
--- a/src/test/helm/deplyoment_cert_bindings_test.yaml
+++ b/src/test/helm/deplyoment_cert_bindings_test.yaml
@@ -36,6 +36,7 @@ set:
baseUrl: test.sh.ozg-cloud.de
sso:
serverUrl: sso.test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: should mount volumes for user-manager root ca
asserts:
diff --git a/src/test/helm/deyploment_general_value_and_default_spec_test.yaml b/src/test/helm/deyploment_general_value_and_default_spec_test.yaml
index 173b04d8a0b81bba2c5db1fbaf5173b410489d33..c412536fdeef909e209fec2a62cd1924d1e3d4c4 100644
--- a/src/test/helm/deyploment_general_value_and_default_spec_test.yaml
+++ b/src/test/helm/deyploment_general_value_and_default_spec_test.yaml
@@ -36,6 +36,7 @@ set:
baseUrl: test.sh.ozg-cloud.de
sso:
serverUrl: sso.test.sh.ozg-cloud.de
+ imagePullSecret: image-pull-secret
tests:
- it: should have correct apiVersion
diff --git a/src/test/helm/imagepull_secret_test.yaml b/src/test/helm/imagepull_secret_test.yaml
deleted file mode 100644
index 80631de80e914cb5c9516674525efa367c191b83..0000000000000000000000000000000000000000
--- a/src/test/helm/imagepull_secret_test.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
-#
-# Copyright (C) 2022 Das Land Schleswig-Holstein vertreten durch den
-# Ministerpräsidenten des Landes Schleswig-Holstein
-# Staatskanzlei
-# Abteilung Digitalisierung und zentrales IT-Management der Landesregierung
-#
-# Lizenziert unter der EUPL, Version 1.2 oder - sobald
-# diese von der Europäischen Kommission genehmigt wurden -
-# Folgeversionen der EUPL ("Lizenz");
-# Sie dürfen dieses Werk ausschließlich gemäß
-# dieser Lizenz nutzen.
-# Eine Kopie der Lizenz finden Sie hier:
-#
-# https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12
-#
-# Sofern nicht durch anwendbare Rechtsvorschriften
-# gefordert oder in schriftlicher Form vereinbart, wird
-# die unter der Lizenz verbreitete Software "so wie sie
-# ist", OHNE JEGLICHE GEWÄHRLEISTUNG ODER BEDINGUNGEN -
-# ausdrücklich oder stillschweigend - verbreitet.
-# Die sprachspezifischen Genehmigungen und Beschränkungen
-# unter der Lizenz sind dem Lizenztext zu entnehmen.
-#
-
-suite: test image pull secret
-templates:
- - templates/image_pull_secret.yaml
-release:
- name: user-manager
- namespace: helm-test
-tests:
- - it: should match basic data
- set:
- imageCredentials:
- registry: docker.ozg-sh.de
- username: test
- password: test1234
- email: webmaster@ozg-sh.de
- asserts:
- - hasDocuments:
- count: 1
- - containsDocument:
- kind: Secret
- apiVersion: v1
- - equal:
- path: metadata.name
- value: user-manager-image-pull-secret
- - equal:
- path: metadata.namespace
- value: helm-test
- - isNotNullOrEmpty:
- path: data[".dockerconfigjson"]
-
- - it: should not create image pull secret
- set:
- imagePullSecret: "image-pull-secret"
- asserts:
- - hasDocuments:
- count: 0
\ No newline at end of file
diff --git a/src/test/linter-values.yaml b/src/test/linter-values.yaml
index 90be37129692fc2427cdf559da3139282d7fd2c1..1aa9fbc048e7c6ecc2a747d5e32856e65d044f18 100644
--- a/src/test/linter-values.yaml
+++ b/src/test/linter-values.yaml
@@ -38,4 +38,4 @@ sso:
networkPolicy:
ssoPublicIp: 51.89.117.53/32
dnsServerNamespace: test-dns-namespace
-
\ No newline at end of file
+imagePullSecret: image-pull-secret