Skip to content
Snippets Groups Projects
Commit a98e56ca authored by OZGCloud's avatar OZGCloud
Browse files

OZG-6105 add netpol required values unittests

parent 991904e9
Branches
Tags
No related merge requests found
Show whitespace changes
Inline Side-by-side
src/test/helm/network_policy_test.yaml
+ 79
3
View file @ a98e56ca
...@@ -27,21 +27,28 @@ release: ...@@ -27,21 +27,28 @@ release:
namespace: by-helm-test namespace: by-helm-test
templates: templates:
- templates/network_policy.yaml - templates/network_policy.yaml
tests:
- it: should match apiVersion
set: set:
networkPolicy: networkPolicy:
dnsServerNamespace: test-dns-namespace dnsServerNamespace: test-dns-namespace
tests:
- it: should match apiVersion
asserts: asserts:
- isAPIVersion: - isAPIVersion:
of: networking.k8s.io/v1 of: networking.k8s.io/v1
- it: should match kind - it: should match kind
set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
asserts: asserts:
- isKind: - isKind:
of: NetworkPolicy of: NetworkPolicy
- it: validate metadata - it: validate metadata
set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
asserts: asserts:
- equal: - equal:
path: metadata path: metadata
...@@ -50,6 +57,9 @@ tests: ...@@ -50,6 +57,9 @@ tests:
namespace: by-helm-test namespace: by-helm-test
- it: should set policy target matchLabel - it: should set policy target matchLabel
set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
asserts: asserts:
- equal: - equal:
path: spec.podSelector path: spec.podSelector
...@@ -59,18 +69,27 @@ tests: ...@@ -59,18 +69,27 @@ tests:
- it: should add policyType Egress - it: should add policyType Egress
set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
asserts: asserts:
- contains: - contains:
path: spec.policyTypes path: spec.policyTypes
content: Egress content: Egress
- it: should add policyType Ingress - it: should add policyType Ingress
set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
asserts: asserts:
- contains: - contains:
path: spec.policyTypes path: spec.policyTypes
content: Ingress content: Ingress
- it: should add ingress rule for eingangsmanager and alfa - it: should add ingress rule for eingangsmanager and alfa
set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
asserts: asserts:
- contains: - contains:
path: spec.ingress path: spec.ingress
...@@ -90,6 +109,8 @@ tests: ...@@ -90,6 +109,8 @@ tests:
- it: should add ingress rule for antragraum if antragraum is enabled - it: should add ingress rule for antragraum if antragraum is enabled
set: set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
ozgcloud: ozgcloud:
antragraum: antragraum:
enabled: true enabled: true
...@@ -109,6 +130,8 @@ tests: ...@@ -109,6 +130,8 @@ tests:
- it: should not add ingress rule for antragraum if antragraum is disabled - it: should not add ingress rule for antragraum if antragraum is disabled
set: set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
ozgcloud: ozgcloud:
antragraum: antragraum:
enabled: false enabled: false
...@@ -126,6 +149,8 @@ tests: ...@@ -126,6 +149,8 @@ tests:
- it: should throw error if antragraum is enabled but antragraum namespace is not set - it: should throw error if antragraum is enabled but antragraum namespace is not set
set: set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
ozgcloud: ozgcloud:
antragraum: antragraum:
enabled: true enabled: true
...@@ -135,6 +160,9 @@ tests: ...@@ -135,6 +160,9 @@ tests:
- it: should add egress rule to elasticsearch - it: should add egress rule to elasticsearch
set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
asserts: asserts:
- contains: - contains:
path: spec.egress path: spec.egress
...@@ -151,6 +179,9 @@ tests: ...@@ -151,6 +179,9 @@ tests:
protocol: TCP protocol: TCP
- it: should add egress rule to mongodb - it: should add egress rule to mongodb
set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
asserts: asserts:
- contains: - contains:
path: spec.egress path: spec.egress
...@@ -164,6 +195,9 @@ tests: ...@@ -164,6 +195,9 @@ tests:
protocol: TCP protocol: TCP
- it: should add egress rule to user-manager - it: should add egress rule to user-manager
set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
asserts: asserts:
- contains: - contains:
path: spec.egress path: spec.egress
...@@ -178,6 +212,8 @@ tests: ...@@ -178,6 +212,8 @@ tests:
- it: should add egress rule to nachrichten-bayernid-proxy if bayernid is enabled - it: should add egress rule to nachrichten-bayernid-proxy if bayernid is enabled
set: set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
ozgcloud: ozgcloud:
bayernid: bayernid:
enabled: true enabled: true
...@@ -200,6 +236,8 @@ tests: ...@@ -200,6 +236,8 @@ tests:
- it: should not add egress rule to bayernid-proxy if bayernid is disabled - it: should not add egress rule to bayernid-proxy if bayernid is disabled
set: set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
ozgcloud: ozgcloud:
bayernid: bayernid:
enabled: false enabled: false
...@@ -220,6 +258,8 @@ tests: ...@@ -220,6 +258,8 @@ tests:
- it: should throw error if bayernid-proxy is enabled but bayernid namespace is not set - it: should throw error if bayernid-proxy is enabled but bayernid namespace is not set
set: set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
ozgcloud: ozgcloud:
bayernid: bayernid:
enabled: true enabled: true
...@@ -229,6 +269,8 @@ tests: ...@@ -229,6 +269,8 @@ tests:
- it: should add egress rule to info-manager if antragraum is enabled - it: should add egress rule to info-manager if antragraum is enabled
set: set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
ozgcloud: ozgcloud:
antragraum: antragraum:
enabled: true enabled: true
...@@ -247,6 +289,8 @@ tests: ...@@ -247,6 +289,8 @@ tests:
- it: should not add egress rule to info-manager if antragraum is disabled - it: should not add egress rule to info-manager if antragraum is disabled
set: set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
ozgcloud: ozgcloud:
antragraum: antragraum:
enabled: false enabled: false
...@@ -264,6 +308,8 @@ tests: ...@@ -264,6 +308,8 @@ tests:
- it: should add egress rule to zufi server if zufi is enabled - it: should add egress rule to zufi server if zufi is enabled
set: set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
zufiManager: zufiManager:
enabled: true enabled: true
namespace: zufi namespace: zufi
...@@ -285,6 +331,8 @@ tests: ...@@ -285,6 +331,8 @@ tests:
- it: should not add egress rule to zufi server if zufi is disabled - it: should not add egress rule to zufi server if zufi is disabled
set: set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
zufiManager: zufiManager:
enabled: false enabled: false
asserts: asserts:
...@@ -302,6 +350,8 @@ tests: ...@@ -302,6 +350,8 @@ tests:
- it: should throw error if zufi is enabled but zufi namespace is not set - it: should throw error if zufi is enabled but zufi namespace is not set
set: set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
zufiManager: zufiManager:
enabled: true enabled: true
asserts: asserts:
...@@ -309,6 +359,9 @@ tests: ...@@ -309,6 +359,9 @@ tests:
errorMessage: zufiManager.namespace must be set if zufiManager server is enabled errorMessage: zufiManager.namespace must be set if zufiManager server is enabled
- it: should not enable zufi netpol by default - it: should not enable zufi netpol by default
set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
asserts: asserts:
- notContains: - notContains:
path: spec.egress path: spec.egress
...@@ -324,6 +377,9 @@ tests: ...@@ -324,6 +377,9 @@ tests:
- it: should add egress rule to dns service - it: should add egress rule to dns service
set:
networkPolicy:
dnsServerNamespace: test-dns-namespace
asserts: asserts:
- contains: - contains:
path: spec.egress path: spec.egress
...@@ -345,6 +401,7 @@ tests: ...@@ -345,6 +401,7 @@ tests:
- it: add ingress rule local by values - it: add ingress rule local by values
set: set:
networkPolicy: networkPolicy:
dnsServerNamespace: test-dns-namespace
ssoPublicIp: 51.89.117.53/32 ssoPublicIp: 51.89.117.53/32
additionalIngressConfigGlobal: additionalIngressConfigGlobal:
- from: - from:
...@@ -362,6 +419,7 @@ tests: ...@@ -362,6 +419,7 @@ tests:
- it: add ingress rule global by values - it: add ingress rule global by values
set: set:
networkPolicy: networkPolicy:
dnsServerNamespace: test-dns-namespace
ssoPublicIp: 51.89.117.53/32 ssoPublicIp: 51.89.117.53/32
additionalIngressConfigLocal: additionalIngressConfigLocal:
- from: - from:
...@@ -380,6 +438,7 @@ tests: ...@@ -380,6 +438,7 @@ tests:
- it: add egress rules local by values - it: add egress rules local by values
set: set:
networkPolicy: networkPolicy:
dnsServerNamespace: test-dns-namespace
additionalEgressConfigGlobal: additionalEgressConfigGlobal:
- to: - to:
- ipBlock: - ipBlock:
...@@ -411,6 +470,7 @@ tests: ...@@ -411,6 +470,7 @@ tests:
- it: add egress rules global by values - it: add egress rules global by values
set: set:
networkPolicy: networkPolicy:
dnsServerNamespace: test-dns-namespace
additionalEgressConfigLocal: additionalEgressConfigLocal:
- to: - to:
- ipBlock: - ipBlock:
...@@ -440,6 +500,22 @@ tests: ...@@ -440,6 +500,22 @@ tests:
set: set:
networkPolicy: networkPolicy:
disabled: false disabled: false
dnsServerNamespace: test-dns-namespace
asserts:
- hasDocuments:
count: 1
- it: test network policy dnsServerNamespace must be set message
set:
networkPolicy:
disabled: false
asserts:
- failedTemplate:
errorMessage: networkPolicy.dnsServerNamespace must be set
- it: test network policy should be enabled by default
set:
networkPolicy:
dnsServerNamespace: test-dns-server-namespace
asserts: asserts:
- hasDocuments: - hasDocuments:
count: 1 count: 1
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Impressum - Datenschutz - Barrierefreiheit