From a98e56cafa447422eea8bf1d83e5f19bb06edd48 Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Wed, 17 Jul 2024 09:55:22 +0200
Subject: [PATCH] OZG-6105 add netpol required values unittests

---
 src/test/helm/network_policy_test.yaml | 82 +++++++++++++++++++++++++-
 1 file changed, 79 insertions(+), 3 deletions(-)

diff --git a/src/test/helm/network_policy_test.yaml b/src/test/helm/network_policy_test.yaml
index d5567df17..605382ed7 100644
--- a/src/test/helm/network_policy_test.yaml
+++ b/src/test/helm/network_policy_test.yaml
@@ -27,21 +27,28 @@ release:
   namespace: by-helm-test
 templates:
   - templates/network_policy.yaml
-set: 
-  networkPolicy:
-    dnsServerNamespace: test-dns-namespace
+
 tests:
   - it: should match apiVersion
+    set: 
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
     asserts:
       - isAPIVersion:
           of: networking.k8s.io/v1
 
   - it: should match kind
+    set: 
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
     asserts:
       - isKind:
           of: NetworkPolicy
 
   - it: validate metadata
+    set: 
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
     asserts:
       - equal:
           path: metadata
@@ -50,6 +57,9 @@ tests:
             namespace: by-helm-test
 
   - it: should set policy target matchLabel
+    set: 
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
     asserts:
       - equal:
           path: spec.podSelector
@@ -59,18 +69,27 @@ tests:
 
 
   - it: should add policyType Egress
+    set: 
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
     asserts:
       - contains:
           path: spec.policyTypes
           content: Egress
 
   - it: should add policyType Ingress
+    set: 
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
     asserts:
       - contains:
           path: spec.policyTypes
           content: Ingress
 
   - it: should add ingress rule for eingangsmanager and alfa
+    set: 
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
     asserts:
       - contains:
           path: spec.ingress
@@ -90,6 +109,8 @@ tests:
 
   - it: should add ingress rule for antragraum if antragraum is enabled
     set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
       ozgcloud:
         antragraum:
           enabled: true
@@ -109,6 +130,8 @@ tests:
 
   - it: should not add ingress rule for antragraum if antragraum is disabled
     set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
       ozgcloud:
         antragraum:
           enabled: false
@@ -126,6 +149,8 @@ tests:
 
   - it: should throw error if antragraum is enabled but antragraum namespace is not set
     set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
       ozgcloud:
         antragraum:
           enabled: true
@@ -135,6 +160,9 @@ tests:
 
 
   - it: should add egress rule to elasticsearch
+    set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
     asserts:
       - contains:
           path: spec.egress
@@ -151,6 +179,9 @@ tests:
                   protocol: TCP
 
   - it: should add egress rule to mongodb
+    set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
     asserts:
       - contains:
           path: spec.egress
@@ -164,6 +195,9 @@ tests:
                   protocol: TCP
 
   - it: should add egress rule to user-manager
+    set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
     asserts:
       - contains:
           path: spec.egress
@@ -178,6 +212,8 @@ tests:
 
   - it: should add egress rule to nachrichten-bayernid-proxy if bayernid is enabled
     set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
       ozgcloud:
         bayernid:
           enabled: true
@@ -200,6 +236,8 @@ tests:
 
   - it: should not add egress rule to bayernid-proxy if bayernid is disabled
     set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
       ozgcloud:
         bayernid:
           enabled: false
@@ -220,6 +258,8 @@ tests:
   
   - it: should throw error if bayernid-proxy is enabled but bayernid namespace is not set
     set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
       ozgcloud:
         bayernid:
           enabled: true
@@ -229,6 +269,8 @@ tests:
 
   - it: should add egress rule to info-manager if antragraum is enabled
     set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
       ozgcloud:
         antragraum:
           enabled: true
@@ -247,6 +289,8 @@ tests:
 
   - it: should not add egress rule to info-manager if antragraum is disabled
     set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
       ozgcloud:
         antragraum:
           enabled: false
@@ -264,6 +308,8 @@ tests:
 
   - it: should add egress rule to zufi server if zufi is enabled
     set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
       zufiManager:
         enabled: true
         namespace: zufi
@@ -285,6 +331,8 @@ tests:
 
   - it: should not add egress rule to zufi server if zufi is disabled
     set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
       zufiManager:
         enabled: false
     asserts:
@@ -302,6 +350,8 @@ tests:
   
   - it: should throw error if zufi is enabled but zufi namespace is not set
     set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
       zufiManager:
         enabled: true
     asserts:
@@ -309,6 +359,9 @@ tests:
           errorMessage: zufiManager.namespace must be set if zufiManager server is enabled
 
   - it: should not enable zufi netpol by default
+    set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
     asserts:
       - notContains:
           path: spec.egress
@@ -324,6 +377,9 @@ tests:
 
 
   - it: should add egress rule to dns service
+    set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-namespace
     asserts:
       - contains:
           path: spec.egress
@@ -345,6 +401,7 @@ tests:
   - it: add ingress rule local by values
     set:
       networkPolicy:
+        dnsServerNamespace: test-dns-namespace
         ssoPublicIp: 51.89.117.53/32
         additionalIngressConfigGlobal:
         - from:
@@ -362,6 +419,7 @@ tests:
   - it: add ingress rule global by values
     set:
       networkPolicy:
+        dnsServerNamespace: test-dns-namespace
         ssoPublicIp: 51.89.117.53/32
         additionalIngressConfigLocal:
         - from:
@@ -380,6 +438,7 @@ tests:
   - it: add egress rules local by values
     set:
       networkPolicy:
+        dnsServerNamespace: test-dns-namespace
         additionalEgressConfigGlobal:
         - to:
           - ipBlock:
@@ -411,6 +470,7 @@ tests:
   - it: add egress rules global by values
     set:
       networkPolicy:
+        dnsServerNamespace: test-dns-namespace
         additionalEgressConfigLocal:
         - to:
           - ipBlock:
@@ -440,6 +500,22 @@ tests:
     set:
       networkPolicy:
         disabled: false
+        dnsServerNamespace: test-dns-namespace
+    asserts:
+      - hasDocuments:
+          count: 1
+  - it: test network policy dnsServerNamespace must be set message
+    set:
+      networkPolicy:
+        disabled: false
+    asserts:
+      - failedTemplate:
+          errorMessage: networkPolicy.dnsServerNamespace must be set
+
+  - it: test network policy should be enabled by default
+    set:
+      networkPolicy:
+        dnsServerNamespace: test-dns-server-namespace
     asserts:
       - hasDocuments:
           count: 1
\ No newline at end of file
-- 
GitLab