volker.raschek/reposilite-charts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(secret): support annotations and labels for the basic auth secret
All checks were successful
Helm / helm-lint (push) Successful in 6s
Details
Helm / helm-unittest (push) Successful in 6s
Details
Generate README / generate-parameters (push) Successful in 28s
Details
Markdown linter / markdown-link-checker (push) Successful in 18s
Details
Release / publish-chart (push) Successful in 8s
Details
Markdown linter / markdown-lint (push) Successful in 28s
Details

Browse Source
This commit is contained in:
Markus Pesch
2025-09-29 22:53:21 +02:00
parent ba1fd42cfc
commit 334a8b877b
12 changed files with 372 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
unittests/deployment/prometheusPodMonitor.yaml
View File

@@ -35,3 +35,73 @@ tests:
name: reposilite-unittest-basic-auth-credentials
key: username
template: templates/deployment.yaml
- it: Rendering default environment variables with enabled prometheus metrics serviceMonitor and external secret
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: my-username-key
prometheus.metrics.secret.existing.basicAuthPasswordKey: my-password-key
prometheus.metrics.secret.existing.secretName: my-secret
prometheus.metrics.podMonitor.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: REPOSILITE_PROMETHEUS_PASSWORD
valueFrom:
secretKeyRef:
name: my-secret
key: my-password-key
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: REPOSILITE_PROMETHEUS_USER
valueFrom:
secretKeyRef:
name: my-secret
key: my-username-key
template: templates/deployment.yaml
- it: Fail when existing secret name is undefined
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
prometheus.metrics.secret.existing.secretName: ""
prometheus.metrics.podMonitor.enabled: true
asserts:
- failedTemplate:
errorMessage: "Name of the existing secret that contains the credentials for basic auth is not defined!"
template: templates/deployment.yaml
- it: Fail when the name of the key in the secret that contains the username for basic auth is undefined
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: ""
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
prometheus.metrics.secret.existing.secretName: "my-secret"
prometheus.metrics.podMonitor.enabled: true
asserts:
- failedTemplate:
errorMessage: "Name of the key in the secret that contains the username for basic auth is not defined!"
template: templates/deployment.yaml
- it: Fail when the name of the key in the secret that contains the password for basic auth is undefined
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
prometheus.metrics.secret.existing.basicAuthPasswordKey: ""
prometheus.metrics.secret.existing.secretName: "my-secret"
prometheus.metrics.podMonitor.enabled: true
asserts:
- failedTemplate:
errorMessage: "Name of the key in the secret that contains the password for basic auth is not defined!"
template: templates/deployment.yaml

107
unittests/deployment/prometheusServiceMonitor.yaml Normal file
View File

@@ -0,0 +1,107 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: Add prometheus basic auth variables
release:
name: reposilite-unittest
namespace: testing
templates:
- templates/deployment.yaml
- templates/secretPrometheusBasicAuth.yaml
tests:
- it: Rendering default environment variables with enabled prometheus metrics serviceMonitor
set:
prometheus.metrics.enabled: true
prometheus.metrics.serviceMonitor.enabled: true
asserts:
- exists:
path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: REPOSILITE_PROMETHEUS_PASSWORD
valueFrom:
secretKeyRef:
name: reposilite-unittest-basic-auth-credentials
key: password
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: REPOSILITE_PROMETHEUS_USER
valueFrom:
secretKeyRef:
name: reposilite-unittest-basic-auth-credentials
key: username
template: templates/deployment.yaml
- it: Rendering default environment variables with enabled prometheus metrics serviceMonitor and external secret
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: my-username-key
prometheus.metrics.secret.existing.basicAuthPasswordKey: my-password-key
prometheus.metrics.secret.existing.secretName: my-secret
prometheus.metrics.serviceMonitor.enabled: true
asserts:
- notExists:
path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: REPOSILITE_PROMETHEUS_PASSWORD
valueFrom:
secretKeyRef:
name: my-secret
key: my-password-key
template: templates/deployment.yaml
- contains:
path: spec.template.spec.containers[0].env
content:
name: REPOSILITE_PROMETHEUS_USER
valueFrom:
secretKeyRef:
name: my-secret
key: my-username-key
template: templates/deployment.yaml
- it: Fail when existing secret name is undefined
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
prometheus.metrics.secret.existing.secretName: ""
prometheus.metrics.serviceMonitor.enabled: true
asserts:
- failedTemplate:
errorMessage: "Name of the existing secret that contains the credentials for basic auth is not defined!"
template: templates/deployment.yaml
- it: Fail when the name of the key in the secret that contains the username for basic auth is undefined
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: ""
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
prometheus.metrics.secret.existing.secretName: "my-secret"
prometheus.metrics.serviceMonitor.enabled: true
asserts:
- failedTemplate:
errorMessage: "Name of the key in the secret that contains the username for basic auth is not defined!"
template: templates/deployment.yaml
- it: Fail when the name of the key in the secret that contains the password for basic auth is undefined
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
prometheus.metrics.secret.existing.basicAuthPasswordKey: ""
prometheus.metrics.secret.existing.secretName: "my-secret"
prometheus.metrics.serviceMonitor.enabled: true
asserts:
- failedTemplate:
errorMessage: "Name of the key in the secret that contains the password for basic auth is not defined!"
template: templates/deployment.yaml

78
unittests/secrets/basicAuth.yaml Normal file
View File

@@ -0,0 +1,78 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: Secret reposilite template
release:
name: reposilite-unittest
namespace: testing
templates:
- templates/secretPrometheusBasicAuth.yaml
tests:
- it: Skip rendering
asserts:
- hasDocuments:
count: 0
- it: Rendering secret with default values.
set:
prometheus.metrics.enabled: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: v1
kind: Secret
name: reposilite-unittest-basic-auth-credentials
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: reposilite-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: reposilite
app.kubernetes.io/version: 0.1.0
helm.sh/chart: reposilite-0.1.0
- exists:
path: stringData.password
- exists:
path: stringData.username
- it: Rendering secret with custom values.
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.new.basicAuthPassword: foo
prometheus.metrics.secret.new.basicAuthUsername: bar
prometheus.metrics.secret.new.annotations:
foo: bar
prometheus.metrics.secret.new.labels:
bar: foo
asserts:
- hasDocuments:
count: 1
- exists:
path: metadata.annotations
value:
foo: bar
- exists:
path: metadata.labels
value:
bar: foo
- equal:
path: metadata.name
value: reposilite-unittest-basic-auth-credentials
- equal:
path: stringData.password
value: foo
- equal:
path: stringData.username
value: bar
- it: Skip rendering if existing secret is used
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
asserts:
- hasDocuments:
count: 0

13
unittests/serviceMonitors/serviceMonitor.yaml
View File

@@ -129,6 +129,10 @@ tests:
- it: Change defaults
set:
prometheus.metrics.enabled: true
prometheus.metrics.secret.existing.enabled: true
prometheus.metrics.secret.existing.secretName: "my-secret"
prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key"
prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key"
prometheus.metrics.serviceMonitor.enabled: true
prometheus.metrics.serviceMonitor.enableHttp2: false
prometheus.metrics.serviceMonitor.followRedirects: true
@@ -147,6 +151,15 @@ tests:
asserts:
- hasDocuments:
count: 1
- isSubset:
path: spec.endpoints[0].basicAuth
content:
password:
key: my-password-key
name: my-secret
username:
key: my-username-key
name: my-secret
- equal:
path: spec.endpoints[0].enableHttp2
value: false