fix: improve chart

This commit is contained in:
2025-10-03 13:04:20 +02:00
parent 744938f8f4
commit d02f63be7a
52 changed files with 3193 additions and 405 deletions

View File

@@ -0,0 +1,88 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: ConfigMap downloadMode
release:
name: athens-proxy-unittest
namespace: testing
templates:
- templates/athens-proxy/configMapDownloadMode.yaml
tests:
- it: Skip rending by using existing config map.
set:
config.downloadMode.existingConfigMap.enabled: true
asserts:
- hasDocuments:
count: 0
- it: Rendering by default.
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: v1
kind: ConfigMap
name: athens-proxy-unittest-download-mode-file
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
- equal:
path: data.downloadMode
value: |
# downloadURL = "https://proxy.golang.org"
#
# mode = "async_redirect"
#
# download "github.com/gomods/*" {
# mode = "sync"
# }
#
# download "golang.org/x/*" {
# mode = "none"
# }
#
# download "github.com/pkg/*" {
# mode = "redirect"
# downloadURL = "https://gocenter.io"
# }
- it: Rendering custom annotations and labels.
set:
config.downloadMode.configMap.annotations:
foo: bar
bar: foo
config.downloadMode.configMap.labels:
foo: bar
bar: foo
asserts:
- equal:
path: metadata.annotations
value:
foo: bar
bar: foo
- isSubset:
path: metadata.labels
content:
foo: bar
bar: foo
- it: Rendering custom configuration
set:
config.downloadMode.configMap.content: |
downloadURL = "https://proxy.golang.org"
mode = "async_redirect"
asserts:
- equal:
path: data.downloadMode
value: |
downloadURL = "https://proxy.golang.org"
mode = "async_redirect"

View File

@@ -0,0 +1,77 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: ConfigMap gitConfig
release:
name: athens-proxy-unittest
namespace: testing
templates:
- templates/athens-proxy/configMapGitConfig.yaml
tests:
- it: Skip rending by using existing config map.
set:
config.gitConfig.existingConfigMap.enabled: true
asserts:
- hasDocuments:
count: 0
- it: Rendering by default.
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: v1
kind: ConfigMap
name: athens-proxy-unittest-git-config
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
- isNullOrEmpty:
path: data[".gitconfig"]
- it: Rendering custom annotations and labels.
set:
config.gitConfig.configMap.annotations:
foo: bar
bar: foo
config.gitConfig.configMap.labels:
foo: bar
bar: foo
asserts:
- equal:
path: metadata.annotations
value:
foo: bar
bar: foo
- isSubset:
path: metadata.labels
content:
foo: bar
bar: foo
- it: Rendering custom configuration
set:
config.gitConfig.configMap.content: |
[url "git@github.com:"]
insteadOf = https://github.com/
[url "git@git.cryptic.systems:"]
insteadOf = https://git.cryptic.systems/
asserts:
- equal:
path: data[".gitconfig"]
value: |
[url "git@github.com:"]
insteadOf = https://github.com/
[url "git@git.cryptic.systems:"]
insteadOf = https://git.cryptic.systems/

View File

@@ -0,0 +1,528 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: Deployment template
release:
name: athens-proxy-unittest
namespace: testing
templates:
- templates/athens-proxy/deployment.yaml
tests:
- it: Rendering default
asserts:
- hasDocuments:
count: 1
template: templates/athens-proxy/deployment.yaml
- containsDocument:
apiVersion: apps/v1
kind: Deployment
name: athens-proxy-unittest
namespace: testing
template: templates/athens-proxy/deployment.yaml
- notExists:
path: metadata.annotations
template: templates/athens-proxy/deployment.yaml
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
template: templates/athens-proxy/deployment.yaml
- equal:
path: spec.replicas
value: 1
template: templates/athens-proxy/deployment.yaml
- equal:
path: spec.template.metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.affinity
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.containers[0].args
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.containers[0].command
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.containers[0].envFrom
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.containers[0].volumeMounts
template: templates/athens-proxy/deployment.yaml
- equal:
path: spec.template.spec.containers[0].image
value: docker.io/gomods/athens:v0.1.0
template: templates/athens-proxy/deployment.yaml
- equal:
path: spec.template.spec.containers[0].imagePullPolicy
value: IfNotPresent
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.containers[0].resources
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.containers[0].securityContext
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.dnsConfig
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.dnsPolicy
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.hostname
template: templates/athens-proxy/deployment.yaml
- equal:
path: spec.template.spec.hostNetwork
value: false
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.imagePullSecrets
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.nodeSelector
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.priorityClassName
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.restartPolicy
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.subdomain
template: templates/athens-proxy/deployment.yaml
- equal:
path: spec.template.spec.terminationGracePeriodSeconds
value: 60
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.tolerations
template: templates/athens-proxy/deployment.yaml
- notExists:
path: spec.template.spec.topologySpreadConstraints
template: templates/athens-proxy/deployment.yaml
- equal:
path: spec.strategy
value:
type: "RollingUpdate"
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
template: templates/athens-proxy/deployment.yaml
- it: Test custom replicas
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.replicas: 3
asserts:
- equal:
path: spec.replicas
value: 3
template: templates/athens-proxy/deployment.yaml
- it: Test custom affinity
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: topology.kubernetes.io/zone
operator: In
values:
- antarctica-east1
- antarctica-west1
asserts:
- equal:
path: spec.template.spec.affinity
value:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: topology.kubernetes.io/zone
operator: In
values:
- antarctica-east1
- antarctica-west1
template: templates/athens-proxy/deployment.yaml
- it: Test additional arguments
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.athensProxy.args:
- "--foo=bar"
- "--bar=foo"
asserts:
- equal:
path: spec.template.spec.containers[0].args
value:
- --foo=bar
- --bar=foo
template: templates/athens-proxy/deployment.yaml
- it: Test additional command
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.athensProxy.command:
- "/bin/sh"
- "-c"
- "echo hello"
asserts:
- equal:
path: spec.template.spec.containers[0].command
value:
- "/bin/sh"
- "-c"
- "echo hello"
template: templates/athens-proxy/deployment.yaml
- it: Test custom imageRegistry and imageRepository
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.athensProxy.image.registry: registry.example.local
deployment.athensProxy.image.repository: path/special/athens-proxy
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: registry.example.local/path/special/athens-proxy:v0.1.0
template: templates/athens-proxy/deployment.yaml
- it: Test custom imagePullPolicy
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.athensProxy.image.pullPolicy: Always
asserts:
- equal:
path: spec.template.spec.containers[0].imagePullPolicy
value: Always
template: templates/athens-proxy/deployment.yaml
- it: Test custom resource limits and requests
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.athensProxy.resources:
limits:
cpu: 100m
memory: 250MB
requests:
cpu: 25m
memory: 100MB
asserts:
- equal:
path: spec.template.spec.containers[0].env
value:
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
divisor: "1"
resource: limits.cpu
template: templates/athens-proxy/deployment.yaml
- equal:
path: spec.template.spec.containers[0].resources
value:
limits:
cpu: 100m
memory: 250MB
requests:
cpu: 25m
memory: 100MB
template: templates/athens-proxy/deployment.yaml
- it: Test custom securityContext
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.athensProxy.securityContext:
capabilities:
add:
- NET_RAW
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
asserts:
- equal:
path: spec.template.spec.containers[0].securityContext
value:
capabilities:
add:
- NET_RAW
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
template: templates/athens-proxy/deployment.yaml
- it: Test dnsConfig
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.dnsConfig:
nameservers:
- "8.8.8.8"
- "8.8.4.4"
asserts:
- equal:
path: spec.template.spec.dnsConfig
value:
nameservers:
- "8.8.8.8"
- "8.8.4.4"
template: templates/athens-proxy/deployment.yaml
- it: Test dnsPolicy
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.dnsPolicy: ClusterFirst
asserts:
- equal:
path: spec.template.spec.dnsPolicy
value: ClusterFirst
template: templates/athens-proxy/deployment.yaml
- it: Test hostNetwork, hostname, subdomain
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.hostNetwork: true
deployment.hostname: pg-exporter
deployment.subdomain: exporters.internal
asserts:
- equal:
path: spec.template.spec.hostNetwork
value: true
template: templates/athens-proxy/deployment.yaml
- equal:
path: spec.template.spec.hostname
value: pg-exporter
template: templates/athens-proxy/deployment.yaml
- equal:
path: spec.template.spec.subdomain
value: exporters.internal
template: templates/athens-proxy/deployment.yaml
- it: Test imagePullSecrets
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.imagePullSecrets:
- name: my-pull-secret
- name: my-special-secret
asserts:
- equal:
path: spec.template.spec.imagePullSecrets
value:
- name: my-pull-secret
- name: my-special-secret
template: templates/athens-proxy/deployment.yaml
- it: Test nodeSelector
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.nodeSelector:
foo: bar
asserts:
- equal:
path: spec.template.spec.nodeSelector
value:
foo: bar
template: templates/athens-proxy/deployment.yaml
- it: Test priorityClassName
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.priorityClassName: my-priority
asserts:
- equal:
path: spec.template.spec.priorityClassName
value: my-priority
template: templates/athens-proxy/deployment.yaml
- it: Test restartPolicy
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.restartPolicy: Always
asserts:
- equal:
path: spec.template.spec.restartPolicy
value: Always
template: templates/athens-proxy/deployment.yaml
- it: Test terminationGracePeriodSeconds
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.terminationGracePeriodSeconds: 120
asserts:
- equal:
path: spec.template.spec.terminationGracePeriodSeconds
value: 120
template: templates/athens-proxy/deployment.yaml
- it: Test tolerations
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.tolerations:
- key: database/type
operator: Equal
value: postgres
effect: NoSchedule
asserts:
- equal:
path: spec.template.spec.tolerations
value:
- key: database/type
operator: Equal
value: postgres
effect: NoSchedule
template: templates/athens-proxy/deployment.yaml
- it: Test topologySpreadConstraints
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.topologySpreadConstraints:
- topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotSchedule
labelSelector:
matchLabels:
app.kubernetes.io/instance: athens-proxy
asserts:
- equal:
path: spec.template.spec.topologySpreadConstraints
value:
- topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotSchedule
labelSelector:
matchLabels:
app.kubernetes.io/instance: athens-proxy
template: templates/athens-proxy/deployment.yaml
- it: Test additional volumeMounts and volumes
set:
# Ensure that the secrets and config maps are well configured.
# Normal test values
deployment.athensProxy.volumeMounts:
- name: data
mountPath: /usr/lib/athens-proxy/data
deployment.volumes:
- name: data
hostPath:
path: /usr/lib/athens-proxy/data
asserts:
- equal:
path: spec.template.spec.containers[0].volumeMounts
value:
- name: data
mountPath: /usr/lib/athens-proxy/data
template: templates/athens-proxy/deployment.yaml
- it: Test persistent volume claim
set:
persistence.enabled: true
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: ATHENS_STORAGE_TYPE
value: disk
template: templates/athens-proxy/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: ATHENS_DISK_STORAGE_ROOT
value: /var/www/athens-proxy/data
template: templates/athens-proxy/deployment.yaml
- contains:
path: spec.template.spec.containers[0].volumeMounts
content:
name: data
mountPath: /var/www/athens-proxy/data
template: templates/athens-proxy/deployment.yaml
- contains:
path: spec.template.spec.volumes
content:
name: data
persistentVolumeClaim:
claimName: athens-proxy-unittest-data
template: templates/athens-proxy/deployment.yaml
- it: Test existing persistent volume claim
set:
persistence.enabled: true
persistence.data.mountPath: "/mnt/go-proxy/data"
persistence.data.existingPersistentVolumeClaim.enabled: true
persistence.data.existingPersistentVolumeClaim.persistentVolumeClaimName: "my-special-pvc"
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: ATHENS_STORAGE_TYPE
value: disk
template: templates/athens-proxy/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: ATHENS_DISK_STORAGE_ROOT
value: /mnt/go-proxy/data
template: templates/athens-proxy/deployment.yaml
- contains:
path: spec.template.spec.containers[0].volumeMounts
content:
name: data
mountPath: /mnt/go-proxy/data
template: templates/athens-proxy/deployment.yaml
- contains:
path: spec.template.spec.volumes
content:
name: data
persistentVolumeClaim:
claimName: my-special-pvc
template: templates/athens-proxy/deployment.yaml

116
unittests/hpa/default.yaml Normal file
View File

@@ -0,0 +1,116 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: HPA template (basic)
release:
name: athens-proxy-unittest
namespace: testing
templates:
- templates/athens-proxy/hpa.yaml
tests:
- it: Skip rendering by default.
asserts:
- hasDocuments:
count: 0
- it: Rendering when enabled - default
set:
hpa.enabled: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
name: athens-proxy-unittest
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
- contains:
path: spec.metrics
content:
resource:
name: cpu
target:
averageUtilization: 65
type: Utilization
type: Resource
- equal:
path: spec.maxReplicas
value: 10
- equal:
path: spec.minReplicas
value: 1
- equal:
path: spec.scaleTargetRef
value:
apiVersion: apps/v1
kind: Deployment
name: athens-proxy-unittest
- it: Rendering when enabled - custom values
set:
hpa.enabled: true
hpa.annotations:
foo: bar
hpa.labels:
bar: foo
hpa.maxReplicas: 25
hpa.minReplicas: 5
hpa.metrics:
- resource:
name: memory
target:
averageUtilization: 65
type: Utilization
type: Resource
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
name: athens-proxy-unittest
namespace: testing
- equal:
path: metadata.annotations
value:
foo: bar
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
bar: foo
helm.sh/chart: athens-proxy-0.1.0
- contains:
path: spec.metrics
content:
resource:
name: memory
target:
averageUtilization: 65
type: Utilization
type: Resource
- equal:
path: spec.maxReplicas
value: 25
- equal:
path: spec.minReplicas
value: 5
- equal:
path: spec.scaleTargetRef
value:
apiVersion: apps/v1
kind: Deployment
name: athens-proxy-unittest

View File

@@ -0,0 +1,139 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: Ingress template
release:
name: athens-proxy-unittest
namespace: testing
templates:
- templates/athens-proxy/ingress.yaml
tests:
- it: Skip ingress by default.
asserts:
- hasDocuments:
count: 0
- it: Skip ingress, when service is disabled.
set:
services.http.enabled: false
ingress.enabled: true
asserts:
- hasDocuments:
count: 0
- it: Render ingress with default values.
set:
ingress.enabled: true
ingress.hosts:
- host: athens-proxy.example.local
paths:
- path: /
pathType: Prefix
ingress.tls:
- secretName: athens-proxy-http-tls
hosts:
- athens-proxy.example.local
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: networking.k8s.io/v1
kind: Ingress
name: athens-proxy-unittest
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
- equal:
path: spec.ingressClassName
value: nginx
- contains:
path: spec.rules
content:
host: athens-proxy.example.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: athens-proxy-unittest-http
port:
number: 3000
- contains:
path: spec.tls
content:
hosts:
- athens-proxy.example.local
secretName: athens-proxy-http-tls
- it: Render ingress with custom values.
set:
ingress.enabled: true
ingress.annotations:
foo: bar
ingress.className: nginx
ingress.labels:
bar: foo
ingress.hosts:
- host: athens-proxy.example.local
paths:
- path: /
pathType: Prefix
ingress.tls:
- secretName: athens-proxy-http-tls
hosts:
- athens-proxy.example.local
services.http.port: 8080
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: networking.k8s.io/v1
kind: Ingress
name: athens-proxy-unittest
namespace: testing
- equal:
path: metadata.annotations
value:
foo: bar
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
bar: foo
- equal:
path: spec.ingressClassName
value: nginx
- contains:
path: spec.rules
content:
host: athens-proxy.example.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: athens-proxy-unittest-http
port:
number: 8080
- contains:
path: spec.tls
content:
hosts:
- athens-proxy.example.local
secretName: athens-proxy-http-tls

View File

@@ -0,0 +1,118 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: NetworkPolicies template
release:
name: athens-proxy-unittest
namespace: testing
templates:
- templates/athens-proxy/networkPolicies.yaml
tests:
- it: Skip networkPolicies in general disabled.
set:
networkPolicies.enabled: false
asserts:
- hasDocuments:
count: 0
- it: Skip networkPolicy 'default' when disabled.
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: false
asserts:
- hasDocuments:
count: 0
- it: Loop over networkPolicies
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: false
networkPolicies.nginx.enabled: true
networkPolicies.prometheus.enabled: true
asserts:
- hasDocuments:
count: 2
- it: Template networkPolicy 'default' without policyTypes, egress and ingress configuration
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
name: athens-proxy-unittest-default
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
- equal:
path: spec.podSelector.matchLabels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/name: athens-proxy
- notExists:
path: spec.policyTypes
- notExists:
path: spec.egress
- notExists:
path: spec.ingress
- it: Template networkPolicy 'default' with policyTypes, egress and ingress configuration
set:
networkPolicies.enabled: true
networkPolicies.default.enabled: true
networkPolicies.default.policyTypes:
- Egress
- Ingress
networkPolicies.default.ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: khv-production
podSelector:
matchLabels:
app.kubernetes.io/name: prometheus
networkPolicies.default.egress:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: database
podSelector:
matchLabels:
app.kubernetes.io/name: oracle
asserts:
- equal:
path: spec.policyTypes
value:
- Egress
- Ingress
- equal:
path: spec.egress
value:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: database
podSelector:
matchLabels:
app.kubernetes.io/name: oracle
- equal:
path: spec.ingress
value:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: khv-production
podSelector:
matchLabels:
app.kubernetes.io/name: prometheus

View File

@@ -0,0 +1,90 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: PersistentVolumeClaim template
release:
name: athens-proxy-unittest
namespace: testing
templates:
- templates/athens-proxy/persistentVolumeClaim.yaml
tests:
- it: Rendering default
asserts:
- hasDocuments:
count: 0
- it: Rendering with enabled persistent storage
set:
persistence.enabled: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: v1
kind: PersistentVolumeClaim
name: athens-proxy-unittest-data
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
- equal:
path: spec.accessModes
value:
- ReadWriteMany
- isSubset:
path: spec.resources
content:
requests:
storage: 5Gi
- notExists:
path: spec.storageClassName
- it: Rendering with custom enabled persistent storage
set:
persistence.enabled: true
persistence.data.persistentVolumeClaim.annotations:
foo: bar
persistence.data.persistentVolumeClaim.labels:
bar: foo
persistence.data.persistentVolumeClaim.storageClassName: my-storage-class
persistence.data.persistentVolumeClaim.storageSize: 10Gi
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: v1
kind: PersistentVolumeClaim
name: athens-proxy-unittest-data
namespace: testing
- equal:
path: metadata.annotations
value:
foo: bar
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
bar: foo
helm.sh/chart: athens-proxy-0.1.0
- equal:
path: spec.accessModes
value:
- ReadWriteMany
- isSubset:
path: spec.resources
content:
requests:
storage: 10Gi
- equal:
path: spec.storageClassName
value: my-storage-class

View File

@@ -0,0 +1,67 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: Secret environment variables
release:
name: athens-proxy-unittest
namespace: testing
templates:
- templates/athens-proxy/secretEnv.yaml
tests:
- it: Skip rendering by using existing secret.
set:
config.env.existingSecret.enabled: true
asserts:
- hasDocuments:
count: 0
- it: Rendering env secret with default values.
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: v1
kind: Secret
name: athens-proxy-unittest-env
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
- isNullOrEmpty:
path: stringData
- it: Rendering env secret with custom values.
set:
config.env.secret.envs.ATHENS_GITHUB_TOKEN: my-secret-token
asserts:
- isSubset:
path: stringData
content:
ATHENS_GITHUB_TOKEN: my-secret-token
- it: Rendering custom annotations and labels.
set:
config.env.secret.annotations:
foo: bar
bar: foo
config.env.secret.labels:
foo: bar
bar: foo
asserts:
- equal:
path: metadata.annotations
value:
foo: bar
bar: foo
- isSubset:
path: metadata.labels
content:
foo: bar
bar: foo

View File

@@ -0,0 +1,83 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: Secret netrc template
release:
name: athens-proxy-unittest
namespace: testing
templates:
- templates/athens-proxy/secretNetRC.yaml
tests:
- it: Skip rendering by using existing secret.
set:
config.netrc.existingSecret.enabled: true
asserts:
- hasDocuments:
count: 0
- it: Rendering netrc secret with default values.
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: v1
kind: Secret
name: athens-proxy-unittest-netrc
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
- equal:
path: stringData[".netrc"]
value: |
# The .netrc file
#
# The .netrc file contains login and initialization information used by the auto-login process. It generally
# resides in the user's home directory, but a location outside of the home directory can be set using the
# environment variable NETRC. Both locations are overridden by the command line option -N. The selected file
# must be a regular file, or access will be denied.
#
# https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html
#
# default login [name] password [password/token]
# machine github.com [octocat] password [PAT]
# machine api.github.com [octocat] password [PAT]
- it: Rendering netrc secret with custom values.
set:
config.netrc.secret.content: |
default github.com hugo password kinnock
default api.github.com hugo password kinnock
asserts:
- equal:
path: stringData[".netrc"]
value: |
default github.com hugo password kinnock
default api.github.com hugo password kinnock
- it: Rendering custom annotations and labels.
set:
config.netrc.secret.annotations:
foo: bar
bar: foo
config.netrc.secret.labels:
foo: bar
bar: foo
asserts:
- equal:
path: metadata.annotations
value:
foo: bar
bar: foo
- isSubset:
path: metadata.labels
content:
foo: bar
bar: foo

109
unittests/secrets/ssh.yaml Normal file
View File

@@ -0,0 +1,109 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: Secret ssh template
release:
name: athens-proxy-unittest
namespace: testing
templates:
- templates/athens-proxy/secretSSH.yaml
tests:
- it: Skip rendering by using existing secret.
set:
config.ssh.existingSecret.enabled: true
asserts:
- hasDocuments:
count: 0
- it: Rendering ssh secret with default values.
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: v1
kind: Secret
name: athens-proxy-unittest-ssh
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
- equal:
path: stringData.config
value: |
# Host *
# IdentityFile ~/.ssh/id_ed25519
# IdentityFile ~/.ssh/id_rsa
- notExists:
path: stringData.id_ed25519
- notExists:
path: stringData["id_ed25519.pub"]
- notExists:
path: stringData.id_rsa
- notExists:
path: stringData["id_rsa.pub"]
- it: Rendering ssh secret with custom values.
set:
config.ssh.secret.config: |
Host *
IdentityFile ~/.ssh/id_ed25519
IdentityFile ~/.ssh/id_rsa
config.ssh.secret.id_ed25519: |
my-private-25519-key
config.ssh.secret.id_ed25519_pub: |
my-public-25519-key
config.ssh.secret.id_rsa: |
my-private-rsa-key
config.ssh.secret.id_rsa_pub: |
my-public-rsa-key
asserts:
- equal:
path: stringData.config
value: |
Host *
IdentityFile ~/.ssh/id_ed25519
IdentityFile ~/.ssh/id_rsa
- equal:
path: stringData.id_ed25519
value: |
my-private-25519-key
- equal:
path: stringData["id_ed25519.pub"]
value: |
my-public-25519-key
- equal:
path: stringData.id_rsa
value: |
my-private-rsa-key
- equal:
path: stringData["id_rsa.pub"]
value: |
my-public-rsa-key
- it: Rendering custom annotations and labels.
set:
config.ssh.secret.annotations:
foo: bar
bar: foo
config.ssh.secret.labels:
foo: bar
bar: foo
asserts:
- equal:
path: metadata.annotations
value:
foo: bar
bar: foo
- isSubset:
path: metadata.labels
content:
foo: bar
bar: foo

View File

@@ -0,0 +1,79 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: ServiceAccount athens-proxy template
release:
name: athens-proxy-unittest
namespace: testing
templates:
- templates/athens-proxy/serviceAccount.yaml
tests:
- it: Skip rendering.
set:
serviceAccount.existing.enabled: true
asserts:
- hasDocuments:
count: 0
- it: Rendering serviceAccount with default values.
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: v1
kind: ServiceAccount
name: athens-proxy-unittest
namespace: testing
- notExists:
path: metadata.annotations
- notExists:
path: metadata.labels
- equal:
path: automountServiceAccountToken
value: true
- notExists:
path: imagePullSecrets
- notExists:
path: secrets
- it: Rendering serviceAccount with custom values.
set:
serviceAccount.new.annotations:
foo: bar
serviceAccount.new.labels:
bar: foo
serviceAccount.new.automountServiceAccountToken: false
serviceAccount.new.imagePullSecrets:
- name: "my-pull-secret"
serviceAccount.new.secrets:
- name: "my-secret"
namespace: "my-namespace"
fieldPath: "my-path"
asserts:
- hasDocuments:
count: 1
- equal:
path: metadata.annotations
value:
foo: bar
- equal:
path: metadata.labels
value:
bar: foo
- equal:
path: metadata.name
value: athens-proxy-unittest
- equal:
path: automountServiceAccountToken
value: false
- equal:
path: imagePullSecrets
value:
- name: "my-pull-secret"
- equal:
path: secrets
value:
- name: "my-secret"
namespace: "my-namespace"
fieldPath: "my-path"

View File

@@ -0,0 +1,174 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: Service http template
release:
name: athens-proxy-unittest
namespace: testing
templates:
- templates/athens-proxy/serviceHTTP.yaml
tests:
- it: Skip service when disabled.
set:
services.http.enabled: false
asserts:
- hasDocuments:
count: 0
- it: Rendering service with default values.
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: v1
kind: Service
name: athens-proxy-unittest-http
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/service-name: http
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
- notExists:
path: spec.externalIPs
- notExists:
path: spec.externalTrafficPolicy
- equal:
path: spec.internalTrafficPolicy
value: Cluster
- notExists:
path: spec.ipFamilies
- notExists:
path: spec.loadBalancerClass
- notExists:
path: spec.loadBalancerIP
- notExists:
path: spec.loadBalancerSourceRanges
- equal:
path: spec.ports[0].name
value: http
- equal:
path: spec.ports[0].protocol
value: TCP
- equal:
path: spec.ports[0].port
value: 3000
- equal:
path: spec.selector
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/name: athens-proxy
- equal:
path: spec.sessionAffinity
value: None
- notExists:
path: spec.sessionAffinityConfig
- equal:
path: spec.type
value: ClusterIP
- it: Require internalTrafficPolicy.
set:
services.http.internalTrafficPolicy: ""
asserts:
- failedTemplate:
errorMessage: No internal traffic policy defined!
- it: Require port.
set:
services.http.port: ""
asserts:
- failedTemplate:
errorMessage: No service port defined!
- it: Require sessionAffinity.
set:
services.http.sessionAffinity: ""
asserts:
- failedTemplate:
errorMessage: No session affinity defined!
- it: Require service type.
set:
services.http.type: ""
asserts:
- failedTemplate:
errorMessage: No service type defined!
- it: Render service with custom annotations and labels.
set:
services.http.annotations:
foo: bar
services.http.labels:
bar: foo
asserts:
- equal:
path: metadata.annotations
value:
foo: bar
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: athens-proxy-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: athens-proxy
app.kubernetes.io/service-name: http
app.kubernetes.io/version: 0.1.0
helm.sh/chart: athens-proxy-0.1.0
bar: foo
- it: Change defaults
set:
services.http.externalIPs:
- "10.11.12.13/32"
services.http.externalTrafficPolicy: Local
services.http.internalTrafficPolicy: Local
services.http.ipFamilies:
- IPv4
services.http.loadBalancerClass: aws
services.http.loadBalancerIP: "11.12.13.14"
services.http.loadBalancerSourceRanges:
- "11.12.0.0/17"
services.http.port: 10443
services.http.sessionAffinity: ClientIP
services.http.type: LoadBalancer
asserts:
- equal:
path: spec.externalIPs
value:
- 10.11.12.13/32
- equal:
path: spec.externalTrafficPolicy
value: Local
- equal:
path: spec.internalTrafficPolicy
value: Local
- equal:
path: spec.ipFamilies
value:
- IPv4
- equal:
path: spec.loadBalancerClass
value: aws
- equal:
path: spec.loadBalancerIP
value: "11.12.13.14"
- equal:
path: spec.loadBalancerSourceRanges
value:
- "11.12.0.0/17"
- equal:
path: spec.ports[0].port
value: 10443
- equal:
path: spec.sessionAffinity
value: ClientIP
- equal:
path: spec.type
value: LoadBalancer