From 8f149f7514f3fb98d2a81e10f0a1192a8a925042 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?B=E1=B4=87=CA=80=C9=B4=E1=B4=85=20S=E1=B4=84=CA=9C?= =?UTF-8?q?=E1=B4=8F=CA=80=C9=A2=E1=B4=87=CA=80s?= Date: Mon, 8 May 2023 11:15:49 +0200 Subject: [PATCH] feat: Release common version 1.5.0 (#141) * feat(common): omit replicas field in Deployment if null is given (#134) * feat(common): Add cron job backoff limit (#137) * feat(common): add hostPID and hostIPC (#140) Signed-off-by: Maurits <75321636+maurits-funda@users.noreply.github.com> Signed-off-by: Gabe Cook Signed-off-by: Angel Nunez Mencias Co-authored-by: Maurits <75321636+maurits-funda@users.noreply.github.com> Co-authored-by: Gabe Cook Co-authored-by: Angel Nunez Mencias --- .github/workflows/charts-test.yaml | 3 +- charts/library/common/Chart.yaml | 19 +++++----- charts/library/common/README.md | 23 ++++++------ .../common/templates/classes/_cronjob.tpl | 1 + .../common/templates/classes/_deployment.tpl | 2 ++ .../common/templates/lib/controller/_pod.tpl | 6 ++++ charts/library/common/values.yaml | 14 ++++++-- charts/other/app-template/Chart.yaml | 6 ++-- .../tests/configmap/metadata_test.yaml | 6 ++-- .../controller/metadata_cronjob_test.yaml | 6 ++-- .../controller/metadata_daemonset_test.yaml | 6 ++-- .../controller/metadata_deployment_test.yaml | 6 ++-- .../controller/metadata_statefulset_test.yaml | 6 ++-- .../tests/ingress/metadata_test.yaml | 6 ++-- .../app-template/tests/pod/hostIPC_test.yaml | 35 +++++++++++++++++++ .../app-template/tests/pod/hostPID_test.yaml | 35 +++++++++++++++++++ .../app-template/tests/pvc/metadata_test.yaml | 8 ++--- .../tests/route/metadata_test.yaml | 6 ++-- .../tests/secret/metadata_test.yaml | 6 ++-- .../tests/service/metadata_test.yaml | 6 ++-- .../serviceMonitor/servicemonitor_test.yaml | 2 +- 21 files changed, 149 insertions(+), 59 deletions(-) create mode 100644 charts/other/app-template/tests/pod/hostIPC_test.yaml create mode 100644 charts/other/app-template/tests/pod/hostPID_test.yaml diff --git a/.github/workflows/charts-test.yaml b/.github/workflows/charts-test.yaml index ad383c47..dcae6752 100644 --- a/.github/workflows/charts-test.yaml +++ b/.github/workflows/charts-test.yaml @@ -29,7 +29,8 @@ jobs: strategy: matrix: chart: ${{ fromJSON(inputs.chartsToTest) }} - k8s_version: ["v1.22.17", "v1.23.15", "v1.24.9", "v1.25.5"] + k8s_version: + ["v1.22.17", "v1.23.17", "v1.24.13", "v1.25.9", "v1.26.4", "v1.27.1"] fail-fast: false steps: - name: Checkout diff --git a/charts/library/common/Chart.yaml b/charts/library/common/Chart.yaml index 51309838..3fb33347 100644 --- a/charts/library/common/Chart.yaml +++ b/charts/library/common/Chart.yaml @@ -3,7 +3,7 @@ apiVersion: v2 name: common description: Function library for Helm charts type: library -version: 1.4.0 +version: 1.5.0 kubeVersion: ">=1.22.0-0" keywords: - common @@ -15,15 +15,14 @@ maintainers: annotations: artifacthub.io/changes: |- - kind: added - description: Reload Pod when secrets change + description: support for for hostPID + - kind: added + description: support for for hostPID + - kind: added + description: Add support for CronJob backoffLimit - kind: changed - description: Quoting command and args strings to support multiline arguments + description: Omit replicas field in Deployment if null is given - kind: changed - description: Updated code-server image tag to v4.11.0 + description: Updated code-server image tag to v4.12.0 - kind: changed - description: Updated gluetun image tag to v3.33.0 - - kind: fixed - description: Integer style image tags now render correctly - links: - - name: GitHub Issue - url: https://github.com/bjw-s/helm-charts/issues/128 + description: Updated netshoot image tag to v0.10 diff --git a/charts/library/common/README.md b/charts/library/common/README.md index 951e9051..5acf288c 100644 --- a/charts/library/common/README.md +++ b/charts/library/common/README.md @@ -1,6 +1,6 @@ # common -![Version: 1.3.2](https://img.shields.io/badge/Version-1.3.2-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) +![Version: 1.5.0](https://img.shields.io/badge/Version-1.5.0-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) Function library for Helm charts @@ -29,7 +29,7 @@ Include this chart as a dependency in your `Chart.yaml` e.g. # Chart.yaml dependencies: - name: common - version: 1.3.1 + version: 1.5.0 repository: https://bjw-s.github.io/helm-charts/ ``` @@ -50,7 +50,7 @@ N/A | Key | Type | Default | Description | |-----|------|---------|-------------| | addons | object | See below | The common chart supports several add-ons. These can be configured under this key. | -| addons.codeserver | object | See values.yaml | The common library supports adding a code-server add-on to access files. It can be configured under this key. For more info, check out [our docs](https://bjw-s.github.io/helm-charts/docs/common-library/common-library-add-ons/##code-server) | +| addons.codeserver | object | See values.yaml | The common library supports adding a code-server add-on to access files. It can be configured under this key. | | addons.codeserver.args | list | `["--auth","none"]` | Set codeserver command line arguments. Consider setting --user-data-dir to a persistent location to preserve code-server setting changes | | addons.codeserver.enabled | bool | `false` | Enable running a code-server container in the pod | | addons.codeserver.env | object | `{}` | Set any environment variables for code-server here | @@ -60,7 +60,7 @@ N/A | addons.codeserver.git.deployKeySecret | string | `""` | Existing secret containing SSH private key The chart expects it to be present under the `id_rsa` key. | | addons.codeserver.image.pullPolicy | string | `"IfNotPresent"` | Specify the code-server image pull policy | | addons.codeserver.image.repository | string | `"ghcr.io/coder/code-server"` | Specify the code-server image | -| addons.codeserver.image.tag | string | `"4.9.1"` | Specify the code-server image tag | +| addons.codeserver.image.tag | string | `"4.12.0"` | Specify the code-server image tag | | addons.codeserver.ingress.enabled | bool | `false` | Enable an ingress for the code-server add-on. | | addons.codeserver.ingress.ingressClassName | string | `nil` | Set the ingressClass that is used for this ingress. | | addons.codeserver.service.enabled | bool | `true` | Enable a service for the code-server add-on. | @@ -71,7 +71,7 @@ N/A | addons.netshoot.env | object | `{}` | Set any environment variables for netshoot here | | addons.netshoot.image.pullPolicy | string | `"IfNotPresent"` | Specify the netshoot image pull policy | | addons.netshoot.image.repository | string | `"ghcr.io/nicolaka/netshoot"` | Specify the netshoot image | -| addons.netshoot.image.tag | string | `"v0.8"` | Specify the netshoot image tag | +| addons.netshoot.image.tag | string | `"v0.10"` | Specify the netshoot image tag | | addons.vpn | object | See values.yaml | The common chart supports adding a VPN add-on. It can be configured under this key. | | addons.vpn.args | list | `[]` | Override the args for the vpn sidecar container | | addons.vpn.configFile | string | `nil` | Provide a customized vpn configuration file to be used by the VPN. | @@ -81,7 +81,7 @@ N/A | addons.vpn.gluetun | object | See below | Make sure to read the [documentation](https://github.com/qdm12/gluetun/wiki) to see how to configure this addon! | | addons.vpn.gluetun.image.pullPolicy | string | `"IfNotPresent"` | Specify the Gluetun image pull policy | | addons.vpn.gluetun.image.repository | string | `"docker.io/qmcgaw/gluetun"` | Specify the Gluetun image | -| addons.vpn.gluetun.image.tag | string | `"v3.32.0"` | Specify the Gluetun image tag | +| addons.vpn.gluetun.image.tag | string | `"v3.33.0"` | Specify the Gluetun image tag | | addons.vpn.livenessProbe | object | `{}` | Optionally specify a livenessProbe, e.g. to check if the connection is still being protected by the VPN | | addons.vpn.networkPolicy.annotations | object | `{}` | Provide additional annotations which may be required. | | addons.vpn.networkPolicy.egress | string | `nil` | The egress configuration for your network policy, All outbound traffic from the pod will be blocked unless specified here. [[ref]](https://kubernetes.io/docs/concepts/services-networking/network-policies/) [[recipes]](https://github.com/ahmetb/kubernetes-network-policy-recipes) | @@ -102,7 +102,8 @@ N/A | configMaps.config.labels | object | `{}` | Labels to add to the configMap | | controller.annotations | object | `{}` | Set annotations on the deployment/statefulset/daemonset/cronjob | | controller.cronjob | object | See below | CronJob configuration. Required only when using `controller.type: cronjob`. | -| controller.cronjob.concurrencyPolicy | string | `"Forbid"` | Specifies how to treat concurrent executions of a job that is created by this cron job, valid values are Allow, Forbid or Replace | +| controller.cronjob.backoffLimit | int | `6` | Limits the number of times a failed job will be retried | +| controller.cronjob.concurrencyPolicy | string | `"Forbid"` | Specifies how to treat concurrent executions of a job that is created by this cron job valid values are Allow, Forbid or Replace | | controller.cronjob.failedJobsHistory | int | `1` | The number of failed Jobs to keep | | controller.cronjob.schedule | string | `"*/20 * * * *"` | Sets the CronJob time when to execute your jobs | | controller.cronjob.startingDeadlineSeconds | int | `30` | The deadline in seconds for starting the job if it misses its scheduled time for any reason | @@ -111,7 +112,7 @@ N/A | controller.enabled | bool | `true` | enable the controller. | | controller.labels | object | `{}` | Set labels on the deployment/statefulset/daemonset/cronjob | | controller.podManagementPolicy | string | `nil` | Set statefulset podManagementPolicy, valid values are Parallel and OrderedReady (default). | -| controller.replicas | int | `1` | Number of desired pods | +| controller.replicas | int | `1` | Number of desired pods. When using a HorizontalPodAutoscaler, set this to `null`. | | controller.restartPolicy | string | `Always`. When `controller.type` is `cronjob` it defaults to `Never`. | Set Container restart policy. | | controller.revisionHistoryLimit | int | `3` | ReplicaSet revision history limit | | controller.rollingUpdate.partition | string | `nil` | Set statefulset RollingUpdate partition | @@ -119,7 +120,7 @@ N/A | controller.rollingUpdate.unavailable | string | `nil` | Set deployment RollingUpdate max unavailable | | controller.strategy | string | `nil` | Set the controller upgrade strategy For Deployments, valid values are Recreate (default) and RollingUpdate. For StatefulSets, valid values are OnDelete and RollingUpdate (default). DaemonSets/CronJobs ignore this. | | controller.type | string | `"deployment"` | Set the controller type. Valid options are deployment, daemonset, statefulset or cronjob | -| dnsConfig | object | `{}` | Optional DNS settings, configuring the ndots option may resolve nslookup issues on some Kubernetes setups. | +| dnsConfig | object | `{}` | Configuring the ndots option may resolve nslookup issues on some Kubernetes setups. | | dnsPolicy | string | `nil` | Defaults to "ClusterFirst" if hostNetwork is false and "ClusterFirstWithHostNet" if hostNetwork is true. | | enableServiceLinks | bool | `true` | Enable/disable the generation of environment variables for services. [[ref]](https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#accessing-the-service) | | env | string | `nil` | Main environment variables. Template enabled. Syntax options: A) TZ: UTC B) PASSWD: '{{ .Release.Name }}' C) PASSWD: configMapKeyRef: name: config-map-name key: key-name D) PASSWD: valueFrom: secretKeyRef: name: secret-name key: key-name ... E) - name: TZ value: UTC F) - name: TZ value: '{{ .Release.Name }}' | @@ -129,7 +130,9 @@ N/A | global.labels | object | `{}` | Set additional global labels. Helm templates can be used. | | global.nameOverride | string | `nil` | Set an override for the prefix of the fullname | | hostAliases | list | `[]` | Use hostAliases to add custom entries to /etc/hosts - mapping IP addresses to hostnames. [[ref]](https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/) | +| hostIPC | bool | `false` | Use the host's ipc namespace | | hostNetwork | bool | `false` | When using hostNetwork make sure you set dnsPolicy to `ClusterFirstWithHostNet` | +| hostPID | bool | `false` | Use the host's pid namespace | | hostname | string | `nil` | Allows specifying explicit hostname setting | | image.pullPolicy | string | `nil` | image pull policy | | image.repository | string | `nil` | image repository | @@ -234,7 +237,7 @@ N/A | serviceMonitor.main.nameOverride | string | `nil` | Override the name suffix that is used for this serviceMonitor. | | serviceMonitor.main.selector | object | `{}` | Configures a custom selector for the serviceMonitor, this takes precedence over specifying a service name. Helm templates can be used. | | serviceMonitor.main.serviceName | string | `"{{ include \"bjw-s.common.lib.chart.names.fullname\" $ }}"` | Configures the target Service for the serviceMonitor. Helm templates can be used. | -| sidecars | object | `{}` | Specify any sidecar containers here as dictionary items. Each sidecar container should have its own key. Helm templates can be used. | +| sidecars | object | `{}` | Specify any sidecar containers here as dictionary items. Each sidecar container should have its own key. The dictionary item key will determine the order. Helm templates can be used. | | termination.gracePeriodSeconds | string | `nil` | [[ref](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#lifecycle)] | | termination.messagePath | string | `nil` | [[ref](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#lifecycle-1)] | | termination.messagePolicy | string | `nil` | [[ref](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#lifecycle-1)] | diff --git a/charts/library/common/templates/classes/_cronjob.tpl b/charts/library/common/templates/classes/_cronjob.tpl index 46333e97..087ae510 100644 --- a/charts/library/common/templates/classes/_cronjob.tpl +++ b/charts/library/common/templates/classes/_cronjob.tpl @@ -30,6 +30,7 @@ spec: {{- with .Values.controller.cronjob.ttlSecondsAfterFinished }} ttlSecondsAfterFinished: {{ . }} {{- end }} + backoffLimit: {{ .Values.controller.cronjob.backoffLimit }} template: metadata: {{- with include ("bjw-s.common.lib.metadata.podAnnotations") . }} diff --git a/charts/library/common/templates/classes/_deployment.tpl b/charts/library/common/templates/classes/_deployment.tpl index d9c86c03..3407b940 100644 --- a/charts/library/common/templates/classes/_deployment.tpl +++ b/charts/library/common/templates/classes/_deployment.tpl @@ -20,7 +20,9 @@ metadata: {{- end }} spec: revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }} + {{- if not (eq .Values.controller.replicas nil) }} replicas: {{ .Values.controller.replicas }} + {{- end }} strategy: type: {{ $strategy }} {{- with .Values.controller.rollingUpdate }} diff --git a/charts/library/common/templates/lib/controller/_pod.tpl b/charts/library/common/templates/lib/controller/_pod.tpl index 93a227a0..333ab4ad 100644 --- a/charts/library/common/templates/lib/controller/_pod.tpl +++ b/charts/library/common/templates/lib/controller/_pod.tpl @@ -20,9 +20,15 @@ runtimeClassName: {{ . }} {{- end }} {{- with .Values.schedulerName }} schedulerName: {{ . }} + {{- end }} + {{- with .Values.hostIPC }} +hostIPC: {{ . }} {{- end }} {{- with .Values.hostNetwork }} hostNetwork: {{ . }} + {{- end }} + {{- with .Values.hostPID }} +hostPID: {{ . }} {{- end }} {{- with .Values.hostname }} hostname: {{ . }} diff --git a/charts/library/common/values.yaml b/charts/library/common/values.yaml index 49d297c6..43bfd64a 100644 --- a/charts/library/common/values.yaml +++ b/charts/library/common/values.yaml @@ -19,7 +19,7 @@ controller: annotations: {} # -- Set labels on the deployment/statefulset/daemonset/cronjob labels: {} - # -- Number of desired pods + # -- Number of desired pods. When using a HorizontalPodAutoscaler, set this to `null`. replicas: 1 # -- Set the controller upgrade strategy # For Deployments, valid values are Recreate (default) and RollingUpdate. @@ -57,6 +57,8 @@ controller: # -- If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to # be automatically deleted. ttlSecondsAfterFinished: + # -- Limits the number of times a failed job will be retried + backoffLimit: 6 image: # -- image repository @@ -168,9 +170,15 @@ schedulerName: # awkward-dangerous-scheduler # -- Allows specifying explicit hostname setting hostname: +# -- Use the host's ipc namespace +hostIPC: false + # -- When using hostNetwork make sure you set dnsPolicy to `ClusterFirstWithHostNet` hostNetwork: false +# -- Use the host's pid namespace +hostPID: false + # -- Defaults to "ClusterFirst" if hostNetwork is false # and "ClusterFirstWithHostNet" if hostNetwork is true. dnsPolicy: # ClusterFirst @@ -725,7 +733,7 @@ addons: # -- Specify the code-server image repository: ghcr.io/coder/code-server # -- Specify the code-server image tag - tag: 4.11.0 + tag: 4.12.0 # -- Specify the code-server image pull policy pullPolicy: IfNotPresent @@ -819,7 +827,7 @@ addons: # -- Specify the netshoot image repository: ghcr.io/nicolaka/netshoot # -- Specify the netshoot image tag - tag: v0.9 + tag: v0.10 # -- Specify the netshoot image pull policy pullPolicy: IfNotPresent diff --git a/charts/other/app-template/Chart.yaml b/charts/other/app-template/Chart.yaml index 3fc1ea1b..19305c2d 100644 --- a/charts/other/app-template/Chart.yaml +++ b/charts/other/app-template/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 description: A common powered chart template. This can be useful for small projects that don't have their own chart. name: app-template -version: 1.4.0 +version: 1.5.0 kubeVersion: ">=1.22.0-0" maintainers: - name: bjw-s @@ -10,12 +10,12 @@ maintainers: dependencies: - name: common repository: https://bjw-s.github.io/helm-charts - version: 1.4.0 + version: 1.5.0 annotations: artifacthub.io/changes: |- - kind: changed description: | - Updated library version to 1.4.0. + Updated library version to 1.5.0. links: - name: Common library chart definition url: https://github.com/bjw-s/helm-charts/blob/main/charts/library/common/Chart.yaml diff --git a/charts/other/app-template/tests/configmap/metadata_test.yaml b/charts/other/app-template/tests/configmap/metadata_test.yaml index de053216..38a55365 100644 --- a/charts/other/app-template/tests/configmap/metadata_test.yaml +++ b/charts/other/app-template/tests/configmap/metadata_test.yaml @@ -23,7 +23,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 - it: custom metadata should pass set: @@ -52,7 +52,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test - it: custom metadata with global metadata should pass @@ -89,5 +89,5 @@ tests: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME global_label: test - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test diff --git a/charts/other/app-template/tests/controller/metadata_cronjob_test.yaml b/charts/other/app-template/tests/controller/metadata_cronjob_test.yaml index 6bb6664e..fbc6b1a8 100644 --- a/charts/other/app-template/tests/controller/metadata_cronjob_test.yaml +++ b/charts/other/app-template/tests/controller/metadata_cronjob_test.yaml @@ -19,7 +19,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 - it: custom metadata should pass set: @@ -45,7 +45,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test - it: custom metadata with global metadata should pass @@ -79,7 +79,7 @@ tests: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME global_label: test - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test - it: jobTemplate metadata should pass diff --git a/charts/other/app-template/tests/controller/metadata_daemonset_test.yaml b/charts/other/app-template/tests/controller/metadata_daemonset_test.yaml index eaf9a252..1ac21322 100644 --- a/charts/other/app-template/tests/controller/metadata_daemonset_test.yaml +++ b/charts/other/app-template/tests/controller/metadata_daemonset_test.yaml @@ -19,7 +19,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 - it: custom metadata should pass set: @@ -45,7 +45,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test - it: custom metadata with global metadata should pass @@ -79,5 +79,5 @@ tests: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME global_label: test - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test diff --git a/charts/other/app-template/tests/controller/metadata_deployment_test.yaml b/charts/other/app-template/tests/controller/metadata_deployment_test.yaml index 1c02b0c7..7c2f8482 100644 --- a/charts/other/app-template/tests/controller/metadata_deployment_test.yaml +++ b/charts/other/app-template/tests/controller/metadata_deployment_test.yaml @@ -19,7 +19,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 - it: custom metadata should pass set: @@ -45,7 +45,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test - it: custom metadata with global metadata should pass @@ -79,5 +79,5 @@ tests: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME global_label: test - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test diff --git a/charts/other/app-template/tests/controller/metadata_statefulset_test.yaml b/charts/other/app-template/tests/controller/metadata_statefulset_test.yaml index c37682c6..59762e40 100644 --- a/charts/other/app-template/tests/controller/metadata_statefulset_test.yaml +++ b/charts/other/app-template/tests/controller/metadata_statefulset_test.yaml @@ -19,7 +19,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 - it: custom metadata should pass set: @@ -45,7 +45,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test - it: custom metadata with global metadata should pass @@ -79,5 +79,5 @@ tests: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME global_label: test - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test diff --git a/charts/other/app-template/tests/ingress/metadata_test.yaml b/charts/other/app-template/tests/ingress/metadata_test.yaml index 58abba1c..a8141cd5 100644 --- a/charts/other/app-template/tests/ingress/metadata_test.yaml +++ b/charts/other/app-template/tests/ingress/metadata_test.yaml @@ -19,7 +19,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 - it: custom metadata should pass set: @@ -45,7 +45,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test - it: custom metadata with global metadata should pass @@ -79,5 +79,5 @@ tests: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME global_label: test - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test diff --git a/charts/other/app-template/tests/pod/hostIPC_test.yaml b/charts/other/app-template/tests/pod/hostIPC_test.yaml new file mode 100644 index 00000000..3256dc9e --- /dev/null +++ b/charts/other/app-template/tests/pod/hostIPC_test.yaml @@ -0,0 +1,35 @@ +suite: pod security +templates: + - common.yaml +tests: + - it: default should pass + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + isNull: + path: spec.template.spec.hostIPC + + - it: hostIPC disabled should pass + set: + hostIPC: false + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + isNull: + path: spec.template.spec.hostIPC + + - it: hostIPC enabled should pass + set: + hostIPC: true + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.hostIPC + value: true diff --git a/charts/other/app-template/tests/pod/hostPID_test.yaml b/charts/other/app-template/tests/pod/hostPID_test.yaml new file mode 100644 index 00000000..d902f217 --- /dev/null +++ b/charts/other/app-template/tests/pod/hostPID_test.yaml @@ -0,0 +1,35 @@ +suite: pod security +templates: + - common.yaml +tests: + - it: default should pass + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + isNull: + path: spec.template.spec.hostPID + + - it: hostPID disabled should pass + set: + hostPID: false + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + isNull: + path: spec.template.spec.hostPID + + - it: hostPID enabled should pass + set: + hostPID: true + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.hostPID + value: true diff --git a/charts/other/app-template/tests/pvc/metadata_test.yaml b/charts/other/app-template/tests/pvc/metadata_test.yaml index d42e32cb..44155e5a 100644 --- a/charts/other/app-template/tests/pvc/metadata_test.yaml +++ b/charts/other/app-template/tests/pvc/metadata_test.yaml @@ -19,7 +19,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 - it: retain enabled should pass set: @@ -42,7 +42,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 - it: custom metadata should pass set: @@ -68,7 +68,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test - it: custom metadata with global metadata should pass @@ -102,5 +102,5 @@ tests: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME global_label: test - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test diff --git a/charts/other/app-template/tests/route/metadata_test.yaml b/charts/other/app-template/tests/route/metadata_test.yaml index cb61f43b..52fd85f1 100644 --- a/charts/other/app-template/tests/route/metadata_test.yaml +++ b/charts/other/app-template/tests/route/metadata_test.yaml @@ -23,7 +23,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 - it: custom metadata should pass set: @@ -52,7 +52,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test - it: custom metadata with global metadata should pass @@ -89,5 +89,5 @@ tests: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME global_label: test - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test diff --git a/charts/other/app-template/tests/secret/metadata_test.yaml b/charts/other/app-template/tests/secret/metadata_test.yaml index 03884e16..b112dd67 100644 --- a/charts/other/app-template/tests/secret/metadata_test.yaml +++ b/charts/other/app-template/tests/secret/metadata_test.yaml @@ -23,7 +23,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 - it: custom metadata should pass set: @@ -52,7 +52,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test - it: custom metadata with global metadata should pass @@ -89,7 +89,7 @@ tests: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME global_label: test - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test - it: custom secret type should pass diff --git a/charts/other/app-template/tests/service/metadata_test.yaml b/charts/other/app-template/tests/service/metadata_test.yaml index 352492c8..41559efe 100644 --- a/charts/other/app-template/tests/service/metadata_test.yaml +++ b/charts/other/app-template/tests/service/metadata_test.yaml @@ -18,7 +18,7 @@ tests: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME app.kubernetes.io/service: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 - it: custom metadata should pass set: @@ -45,7 +45,7 @@ tests: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME app.kubernetes.io/service: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test - it: custom metadata with global metadata should pass @@ -80,5 +80,5 @@ tests: app.kubernetes.io/name: RELEASE-NAME app.kubernetes.io/service: RELEASE-NAME global_label: test - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test_label: test diff --git a/charts/other/app-template/tests/serviceMonitor/servicemonitor_test.yaml b/charts/other/app-template/tests/serviceMonitor/servicemonitor_test.yaml index efb7c63f..368aa84a 100644 --- a/charts/other/app-template/tests/serviceMonitor/servicemonitor_test.yaml +++ b/charts/other/app-template/tests/serviceMonitor/servicemonitor_test.yaml @@ -74,7 +74,7 @@ tests: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: RELEASE-NAME - helm.sh/chart: app-template-1.4.0 + helm.sh/chart: app-template-1.5.0 test.label: testvalue - it: a serviceMonitor is created with nameOverride