feat(common): Release 3.5.0 (#357)

Co-authored-by: Lawrence Gil <lawrence.gil@assemblyglobal.com>
2025-07-04 08:57:04 +02:00 · 2024-10-04 15:50:55 +02:00 · 2024-10-04 15:50:55 +02:00 · 90e6b9e7cf
commit 90e6b9e7cf
parent 5a722abfa9
42 changed files with 1092 additions and 164 deletions
--- a/charts/library/common-test/tests/rbac/metadata_test.yaml
+++ b/charts/library/common-test/tests/rbac/metadata_test.yaml
@ -0,0 +1,60 @@
+---
+suite: rbac metadata
+
+set:
+  serviceAccount:
+    name: test-sa
+
+templates:
+  - common.yaml
+values:
+  - ../_values/rbac_values.yaml
+tests:
+  - it: default metadata should pass
+    asserts:
+      - hasDocuments:
+          count: 4
+      - documentIndex: &RoleDocument 2
+        isKind:
+          of: Role
+      - documentIndex: *RoleDocument
+        notExists:
+          path: metadata.annotations
+      - documentIndex: *RoleDocument
+        equal:
+          path: metadata.labels
+          value:
+            app.kubernetes.io/instance: RELEASE-NAME
+            app.kubernetes.io/managed-by: Helm
+            app.kubernetes.io/name: RELEASE-NAME
+            helm.sh/chart: common-test-1.0.0
+
+  - it: custom metadata should pass
+    set:
+      rbac:
+        roles:
+          defaultRole:
+            annotations:
+              test_annotation: test
+            labels:
+              test_label: test
+    asserts:
+      - hasDocuments:
+          count: 4
+      - documentIndex: &RoleDocument 2
+        isKind:
+          of: Role
+      - documentIndex: *RoleDocument
+        equal:
+          path: metadata.annotations
+          value:
+            test_annotation: test
+      - documentIndex: *RoleDocument
+        equal:
+          path: metadata.labels
+          value:
+            app.kubernetes.io/instance: RELEASE-NAME
+            app.kubernetes.io/managed-by: Helm
+            app.kubernetes.io/name: RELEASE-NAME
+            helm.sh/chart: common-test-1.0.0
+            test_label: test
--- a/charts/library/common-test/tests/rbac/names_test.yaml
+++ b/charts/library/common-test/tests/rbac/names_test.yaml
@ -0,0 +1,58 @@
+---
+suite: rbac names
+
+set:
+  serviceAccount:
+    name: test-sa
+
+templates:
+  - common.yaml
+values:
+  - ../_values/rbac_values.yaml
+tests:
+  - it: default role and rolebinding names should pass
+    asserts:
+      - hasDocuments:
+          count: 4
+      - documentIndex: &RoleDocument 2
+        isKind:
+          of: Role
+      - documentIndex: *RoleDocument
+        equal:
+          path: metadata.name
+          value: RELEASE-NAME-defaultRole
+
+      - documentIndex: &BindingDocument 3
+        isKind:
+          of: RoleBinding
+      - documentIndex: *BindingDocument
+        equal:
+          path: metadata.name
+          value: RELEASE-NAME-defaultBinding
+
+  - it: custom role name should pass
+    set:
+      rbac:
+        roles:
+          defaultRole:
+            forceRename: customRole
+        bindings:
+          defaultBinding:
+            forceRename: customBinding
+    asserts:
+      - hasDocuments:
+          count: 4
+      - documentIndex: &RoleDocument 2
+        isKind:
+          of: Role
+      - documentIndex: &BindingDocument 3
+        isKind:
+          of: RoleBinding
+      - documentIndex: *RoleDocument
+        equal:
+          path: metadata.name
+          value: customRole
+      - documentIndex: *BindingDocument
+        equal:
+          path: metadata.name
+          value: customBinding
--- a/charts/library/common-test/tests/rbac/validations_test.yaml
+++ b/charts/library/common-test/tests/rbac/validations_test.yaml
@ -0,0 +1,44 @@
+---
+suite: rbac validations
+
+set:
+  serviceAccount:
+    name: test-sa
+
+templates:
+  - common.yaml
+values:
+  - ../_values/rbac_values.yaml
+tests:
+  - it: role type must be valid
+    set:
+      rbac:
+        roles:
+          invalidRole:
+            type: InvalidRole
+            rules: {}
+    asserts:
+      - failedTemplate:
+          errorMessage: "You selected: `InvalidRole`. Type must be one of:"
+
+  - it: role rules can't be empty
+    set:
+      rbac:
+        roles:
+          invalidRole:
+            type: Role
+            rules: []
+    asserts:
+      - failedTemplate:
+          errorMessage: "Rules can't be empty"
+
+  - it: roleBinding requires roleRef
+    set:
+      rbac:
+        bindings:
+          invalidBinding:
+            type: RoleBinding
+            roleRef: {}
+    asserts:
+      - failedTemplate:
+          errorMessage: "If not using identifier roleRef must have a `name` key"
--- a/charts/library/common-test/tests/rbac/values_test.yaml
+++ b/charts/library/common-test/tests/rbac/values_test.yaml
@ -0,0 +1,52 @@
+---
+suite: rbac values
+
+set:
+  serviceAccount:
+    name: test-sa
+
+templates:
+  - common.yaml
+values:
+  - ../_values/rbac_values.yaml
+tests:
+  - it: default role and rolebinding should pass
+    asserts:
+      - hasDocuments:
+          count: 4
+      - documentIndex: &RoleDocument 2
+        isKind:
+          of: Role
+      - documentIndex: *RoleDocument
+        equal:
+          path: rules[0].verbs
+          value: ["get", "list"]
+
+      - documentIndex: &BindingDocument 3
+        isKind:
+          of: RoleBinding
+      - documentIndex: *BindingDocument
+        equal:
+          path: subjects[0].name
+          value: "test-sa"
+
+  - it: custom role values should pass
+    set:
+      rbac:
+        roles:
+          customRole:
+            type: ClusterRole
+            rules:
+              - apiGroups: ["*"]
+                resources: ["*"]
+                verbs: ["get", "list", "watch"]
+    asserts:
+      - hasDocuments:
+          count: 5
+      - documentIndex: &RoleDocument 2
+        isKind:
+          of: ClusterRole
+      - documentIndex: *RoleDocument
+        equal:
+          path: rules[0].verbs
+          value: ["get", "list", "watch"]