From 9928235b846954432785b17486199b90b3e6bdd6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?B=E1=B4=87=CA=80=C9=B4=E1=B4=85=20S=E1=B4=84=CA=9C?= =?UTF-8?q?=E1=B4=8F=CA=80=C9=A2=E1=B4=87=CA=80s?= Date: Thu, 14 Sep 2023 15:40:49 +0200 Subject: [PATCH] feat(common): Release 2.0.0-beta.2 (#176) --- .github/workflows/charts-test.yaml | 10 +- .../common-test/ci/advanced-values.yaml | 3 +- .../tests/configmap/metadata_test.yaml | 4 +- .../tests/configmap/names_test.yaml | 6 +- .../tests/configmap/pod_metadata_test.yaml | 2 + .../tests/container/args_test.yaml | 4 +- .../tests/container/command_test.yaml | 4 +- .../common-test/tests/container/env_test.yaml | 4 +- .../tests/container/envfrom_test.yaml | 4 +- .../tests/container/image_test.yaml | 2 + .../tests/container/name_test.yaml | 2 + .../tests/container/ports_test.yaml | 4 +- .../tests/container/probes_test.yaml | 8 +- .../tests/container/volumemounts_test.yaml | 4 +- .../tests/controller/cronjob_test.yaml | 4 +- .../controller/metadata_cronjob_test.yaml | 4 +- .../controller/metadata_daemonset_test.yaml | 4 +- .../controller/metadata_deployment_test.yaml | 4 +- .../controller/metadata_statefulset_test.yaml | 4 +- .../tests/controller/type_test.yaml | 2 + .../tests/ingress/metadata_test.yaml | 4 +- .../tests/ingress/presence_test.yaml | 2 + .../tests/ingress/service_reference_test.yaml | 2 + .../common-test/tests/ingress/tls_test.yaml | 4 +- .../tests/ingress/values_test.yaml | 2 + .../tests/misc/nameoverride_test.yaml | 2 + .../tests/networkpolicy/metadata_test.yaml | 89 +++++++++++++++++ .../tests/networkpolicy/names_test.yaml | 36 +++++++ .../tests/networkpolicy/validations_test.yaml | 36 +++++++ .../tests/networkpolicy/values_test.yaml | 95 +++++++++++++++++++ .../tests/persistence/claimnames_test.yaml | 2 + .../tests/persistence/emptydir_test.yaml | 2 + .../tests/persistence/hostpath_test.yaml | 2 + .../tests/persistence/types_test.yaml | 2 + .../volumeclaimtemplates_test.yaml | 2 + .../tests/pod/container_order_test.yaml | 81 ++++++++++++++++ .../tests/pod/field_affinity_test.yaml | 89 +++++++++++++++++ .../tests/pod/field_dnsConfig_test.yaml | 59 ++++++++++++ ...network_test.yaml => field_dnsPolicy.yaml} | 29 +----- .../tests/pod/field_hostAliases_test.yaml | 62 ++++++++++++ ...tIPC_test.yaml => field_hostIPC_test.yaml} | 2 + .../tests/pod/field_hostNetwork_test.yaml | 41 ++++++++ ...tPID_test.yaml => field_hostPID_test.yaml} | 2 + .../pod/field_imagePullSecrets_test.yaml | 49 ++++++++++ .../tests/pod/field_nodeSelector_test.yaml | 49 ++++++++++ ...cas_test.yaml => field_replicas_test.yaml} | 2 + .../tests/pod/field_securityContext_test.yaml | 64 +++++++++++++ .../tests/pod/field_tolerations_test.yaml | 64 +++++++++++++ .../field_topologySpreadConstraints_test.yaml | 74 +++++++++++++++ .../tests/pod/initcontainers_test.yaml | 45 +++++++++ .../common-test/tests/pod/sidecars_test.yaml | 18 ++-- .../common-test/tests/pvc/metadata_test.yaml | 4 +- .../common-test/tests/pvc/names_test.yaml | 2 + .../tests/pvc/storageclass_test.yaml | 4 +- .../tests/route/metadata_test.yaml | 4 +- .../tests/route/presence_test.yaml | 2 + .../tests/route/service_reference_test.yaml | 2 + .../common-test/tests/route/values_test.yaml | 36 +++---- .../tests/secret/metadata_test.yaml | 4 +- .../common-test/tests/secret/names_test.yaml | 6 +- .../tests/secret/pod_metadata_test.yaml | 2 + .../tests/service/metadata_test.yaml | 4 +- .../common-test/tests/service/names_test.yaml | 2 + .../tests/service/port_protocols_test.yaml | 4 +- .../common-test/tests/service/ports_test.yaml | 2 + .../serviceAccount/serviceaccount_test.yaml | 2 + .../serviceMonitor/servicemonitor_test.yaml | 2 + charts/library/common/Chart.yaml | 9 +- charts/library/common/README.md | 7 +- .../templates/classes/_networkpolicy.tpl | 49 ++++++++++ .../lib/container/_volumemounts_old.tpl | 58 ----------- .../lib/controller/_enabled_containers.tpl | 2 +- .../templates/lib/networkpolicy/_validate.tpl | 22 +++++ .../lib/networkpolicy/_valuesToObject.tpl | 24 +++++ .../common/templates/lib/pod/_spec.tpl | 16 ++-- .../templates/lib/pod/fields/_containers.tpl | 9 +- .../lib/pod/fields/_initContainers.tpl | 29 ++++-- .../common/templates/loader/_generate.tpl | 1 + .../templates/render/_networkpolicies.tpl | 26 +++++ charts/library/common/values.yaml | 38 +++++++- 80 files changed, 1306 insertions(+), 161 deletions(-) create mode 100644 charts/library/common-test/tests/networkpolicy/metadata_test.yaml create mode 100644 charts/library/common-test/tests/networkpolicy/names_test.yaml create mode 100644 charts/library/common-test/tests/networkpolicy/validations_test.yaml create mode 100644 charts/library/common-test/tests/networkpolicy/values_test.yaml create mode 100644 charts/library/common-test/tests/pod/container_order_test.yaml create mode 100644 charts/library/common-test/tests/pod/field_affinity_test.yaml create mode 100644 charts/library/common-test/tests/pod/field_dnsConfig_test.yaml rename charts/library/common-test/tests/pod/{network_test.yaml => field_dnsPolicy.yaml} (56%) create mode 100644 charts/library/common-test/tests/pod/field_hostAliases_test.yaml rename charts/library/common-test/tests/pod/{hostIPC_test.yaml => field_hostIPC_test.yaml} (86%) create mode 100644 charts/library/common-test/tests/pod/field_hostNetwork_test.yaml rename charts/library/common-test/tests/pod/{hostPID_test.yaml => field_hostPID_test.yaml} (86%) create mode 100644 charts/library/common-test/tests/pod/field_imagePullSecrets_test.yaml create mode 100644 charts/library/common-test/tests/pod/field_nodeSelector_test.yaml rename charts/library/common-test/tests/pod/{replicas_test.yaml => field_replicas_test.yaml} (79%) create mode 100644 charts/library/common-test/tests/pod/field_securityContext_test.yaml create mode 100644 charts/library/common-test/tests/pod/field_tolerations_test.yaml create mode 100644 charts/library/common-test/tests/pod/field_topologySpreadConstraints_test.yaml create mode 100644 charts/library/common/templates/classes/_networkpolicy.tpl delete mode 100644 charts/library/common/templates/lib/container/_volumemounts_old.tpl create mode 100644 charts/library/common/templates/lib/networkpolicy/_validate.tpl create mode 100644 charts/library/common/templates/lib/networkpolicy/_valuesToObject.tpl create mode 100644 charts/library/common/templates/render/_networkpolicies.tpl diff --git a/.github/workflows/charts-test.yaml b/.github/workflows/charts-test.yaml index 9c80f8b0..303240ca 100644 --- a/.github/workflows/charts-test.yaml +++ b/.github/workflows/charts-test.yaml @@ -30,7 +30,15 @@ jobs: matrix: chart: ${{ fromJSON(inputs.chartsToTest) }} k8s_version: - ["v1.22.17", "v1.23.17", "v1.24.13", "v1.25.9", "v1.26.4", "v1.27.1"] + [ + "v1.22.17", + "v1.23.17", + "v1.24.17", + "v1.25.13", + "v1.26.8", + "v1.27.5", + "v1.28.1", + ] fail-fast: false steps: - name: Checkout diff --git a/charts/library/common-test/ci/advanced-values.yaml b/charts/library/common-test/ci/advanced-values.yaml index e696a577..ec528757 100644 --- a/charts/library/common-test/ci/advanced-values.yaml +++ b/charts/library/common-test/ci/advanced-values.yaml @@ -2,6 +2,7 @@ controllers: main: containers: main: + order: 1 image: repository: ghcr.io/mendhak/http-https-echo tag: 30 @@ -19,7 +20,7 @@ controllers: startup: enabled: true - second-container: + a-container: image: repository: ghcr.io/mendhak/http-https-echo tag: 30 diff --git a/charts/library/common-test/tests/configmap/metadata_test.yaml b/charts/library/common-test/tests/configmap/metadata_test.yaml index a24aee5f..3fe31eab 100644 --- a/charts/library/common-test/tests/configmap/metadata_test.yaml +++ b/charts/library/common-test/tests/configmap/metadata_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: configmap metadata templates: - common.yaml @@ -14,7 +16,7 @@ tests: isKind: of: ConfigMap - documentIndex: *ConfigmapDocument - isNull: + notExists: path: metadata.annotations - documentIndex: *ConfigmapDocument equal: diff --git a/charts/library/common-test/tests/configmap/names_test.yaml b/charts/library/common-test/tests/configmap/names_test.yaml index dea7e9c8..86b1b377 100644 --- a/charts/library/common-test/tests/configmap/names_test.yaml +++ b/charts/library/common-test/tests/configmap/names_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: configMap names templates: - common.yaml @@ -48,13 +50,13 @@ tests: isKind: of: ConfigMap - documentIndex: *FirstConfigmapDocument - isNotNull: + isNotNullOrEmpty: path: metadata.name - documentIndex: &SecondConfigmapDocument 3 isKind: of: ConfigMap - documentIndex: *SecondConfigmapDocument - isNotNull: + isNotNullOrEmpty: path: metadata.name - it: default name should pass diff --git a/charts/library/common-test/tests/configmap/pod_metadata_test.yaml b/charts/library/common-test/tests/configmap/pod_metadata_test.yaml index 3184a162..4d1f9952 100644 --- a/charts/library/common-test/tests/configmap/pod_metadata_test.yaml +++ b/charts/library/common-test/tests/configmap/pod_metadata_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: configmap Pod metadata templates: - common.yaml diff --git a/charts/library/common-test/tests/container/args_test.yaml b/charts/library/common-test/tests/container/args_test.yaml index 2393fb2a..e81fc952 100644 --- a/charts/library/common-test/tests/container/args_test.yaml +++ b/charts/library/common-test/tests/container/args_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: container args override templates: - common.yaml @@ -8,7 +10,7 @@ tests: isKind: of: Deployment - documentIndex: 0 - isNull: + notExists: path: spec.template.spec.containers[0].args - it: single string should pass diff --git a/charts/library/common-test/tests/container/command_test.yaml b/charts/library/common-test/tests/container/command_test.yaml index 3e9326f1..53d4cd38 100644 --- a/charts/library/common-test/tests/container/command_test.yaml +++ b/charts/library/common-test/tests/container/command_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: container command override templates: - common.yaml @@ -8,7 +10,7 @@ tests: isKind: of: Deployment - documentIndex: 0 - isNull: + notExists: path: spec.template.spec.containers[0].command - it: single string should pass diff --git a/charts/library/common-test/tests/container/env_test.yaml b/charts/library/common-test/tests/container/env_test.yaml index 22a50e86..f89b9cdb 100644 --- a/charts/library/common-test/tests/container/env_test.yaml +++ b/charts/library/common-test/tests/container/env_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: container env values templates: - common.yaml @@ -8,7 +10,7 @@ tests: isKind: of: Deployment - documentIndex: *DeploymentDoc - isNull: + notExists: path: spec.template.spec.containers[0].env - it: KeyValue string should pass diff --git a/charts/library/common-test/tests/container/envfrom_test.yaml b/charts/library/common-test/tests/container/envfrom_test.yaml index d010d4b9..d0fd0325 100644 --- a/charts/library/common-test/tests/container/envfrom_test.yaml +++ b/charts/library/common-test/tests/container/envfrom_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: container envFrom values templates: - common.yaml @@ -8,7 +10,7 @@ tests: isKind: of: Deployment - documentIndex: *DeploymentDoc - isNull: + notExists: path: spec.template.spec.containers[0].envFrom - it: explicit envFrom should pass diff --git a/charts/library/common-test/tests/container/image_test.yaml b/charts/library/common-test/tests/container/image_test.yaml index 663bbbb9..3183feea 100644 --- a/charts/library/common-test/tests/container/image_test.yaml +++ b/charts/library/common-test/tests/container/image_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: container image tag templates: - common.yaml diff --git a/charts/library/common-test/tests/container/name_test.yaml b/charts/library/common-test/tests/container/name_test.yaml index 788d182c..8a12ca07 100644 --- a/charts/library/common-test/tests/container/name_test.yaml +++ b/charts/library/common-test/tests/container/name_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: container name templates: - common.yaml diff --git a/charts/library/common-test/tests/container/ports_test.yaml b/charts/library/common-test/tests/container/ports_test.yaml index 685a0e85..027c6c4e 100644 --- a/charts/library/common-test/tests/container/ports_test.yaml +++ b/charts/library/common-test/tests/container/ports_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: container ports templates: - common.yaml @@ -8,7 +10,7 @@ tests: isKind: of: Deployment - documentIndex: 0 - isNull: + notExists: path: spec.template.spec.containers[0].ports - it: custom port should pass diff --git a/charts/library/common-test/tests/container/probes_test.yaml b/charts/library/common-test/tests/container/probes_test.yaml index ce81cd73..636bbea8 100644 --- a/charts/library/common-test/tests/container/probes_test.yaml +++ b/charts/library/common-test/tests/container/probes_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: container probes templates: - common.yaml @@ -145,13 +147,13 @@ tests: isKind: of: Deployment - documentIndex: 0 - isNull: + notExists: path: spec.template.spec.containers[0].livenessProbe - documentIndex: 0 - isNull: + notExists: path: spec.template.spec.containers[0].readinessProbe - documentIndex: 0 - isNull: + notExists: path: spec.template.spec.containers[0].startupProbe - it: AUTO type probe should pass diff --git a/charts/library/common-test/tests/container/volumemounts_test.yaml b/charts/library/common-test/tests/container/volumemounts_test.yaml index f784a497..8be12326 100644 --- a/charts/library/common-test/tests/container/volumemounts_test.yaml +++ b/charts/library/common-test/tests/container/volumemounts_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: container volumeMounts templates: - common.yaml @@ -8,7 +10,7 @@ tests: isKind: of: Deployment - documentIndex: *DeploymentDoc - isNull: + notExists: path: spec.template.spec.containers[0].volumeMounts - it: default should pass diff --git a/charts/library/common-test/tests/controller/cronjob_test.yaml b/charts/library/common-test/tests/controller/cronjob_test.yaml index dfc616f5..07c6042a 100644 --- a/charts/library/common-test/tests/controller/cronjob_test.yaml +++ b/charts/library/common-test/tests/controller/cronjob_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: cronjob configuration templates: - common.yaml @@ -28,7 +30,7 @@ tests: path: spec.failedJobsHistoryLimit value: 1 - documentIndex: *ControllerDoc - isNull: + notExists: path: spec.jobTemplate.spec.ttlSecondsAfterFinished - documentIndex: *ControllerDoc equal: diff --git a/charts/library/common-test/tests/controller/metadata_cronjob_test.yaml b/charts/library/common-test/tests/controller/metadata_cronjob_test.yaml index 348586ee..3dcf0cc2 100644 --- a/charts/library/common-test/tests/controller/metadata_cronjob_test.yaml +++ b/charts/library/common-test/tests/controller/metadata_cronjob_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: controller metadata cronjob templates: - common.yaml @@ -10,7 +12,7 @@ tests: isKind: of: CronJob - documentIndex: *ControllerDoc - isNull: + notExists: path: metadata.annotations - documentIndex: *ControllerDoc equal: diff --git a/charts/library/common-test/tests/controller/metadata_daemonset_test.yaml b/charts/library/common-test/tests/controller/metadata_daemonset_test.yaml index 63758eae..3df79c3f 100644 --- a/charts/library/common-test/tests/controller/metadata_daemonset_test.yaml +++ b/charts/library/common-test/tests/controller/metadata_daemonset_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: controller metadata daemonset templates: - common.yaml @@ -10,7 +12,7 @@ tests: isKind: of: DaemonSet - documentIndex: *ControllerDoc - isNull: + notExists: path: metadata.annotations - documentIndex: *ControllerDoc equal: diff --git a/charts/library/common-test/tests/controller/metadata_deployment_test.yaml b/charts/library/common-test/tests/controller/metadata_deployment_test.yaml index 01adab17..59800904 100644 --- a/charts/library/common-test/tests/controller/metadata_deployment_test.yaml +++ b/charts/library/common-test/tests/controller/metadata_deployment_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: controller metadata deployment templates: - common.yaml @@ -10,7 +12,7 @@ tests: isKind: of: Deployment - documentIndex: *ControllerDoc - isNull: + notExists: path: metadata.annotations - documentIndex: *ControllerDoc equal: diff --git a/charts/library/common-test/tests/controller/metadata_statefulset_test.yaml b/charts/library/common-test/tests/controller/metadata_statefulset_test.yaml index 1c3a1caa..00bd75c2 100644 --- a/charts/library/common-test/tests/controller/metadata_statefulset_test.yaml +++ b/charts/library/common-test/tests/controller/metadata_statefulset_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: controller metadata statefulset templates: - common.yaml @@ -10,7 +12,7 @@ tests: isKind: of: StatefulSet - documentIndex: *ControllerDoc - isNull: + notExists: path: metadata.annotations - documentIndex: *ControllerDoc equal: diff --git a/charts/library/common-test/tests/controller/type_test.yaml b/charts/library/common-test/tests/controller/type_test.yaml index 4a002b14..a917c526 100644 --- a/charts/library/common-test/tests/controller/type_test.yaml +++ b/charts/library/common-test/tests/controller/type_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: controller types templates: - common.yaml diff --git a/charts/library/common-test/tests/ingress/metadata_test.yaml b/charts/library/common-test/tests/ingress/metadata_test.yaml index 7f84c294..3294fb95 100644 --- a/charts/library/common-test/tests/ingress/metadata_test.yaml +++ b/charts/library/common-test/tests/ingress/metadata_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: ingress metadata templates: - common.yaml @@ -10,7 +12,7 @@ tests: isKind: of: Ingress - documentIndex: *IngressDocument - isNull: + notExists: path: metadata.annotations - documentIndex: *IngressDocument equal: diff --git a/charts/library/common-test/tests/ingress/presence_test.yaml b/charts/library/common-test/tests/ingress/presence_test.yaml index ace5582e..bcbd4430 100644 --- a/charts/library/common-test/tests/ingress/presence_test.yaml +++ b/charts/library/common-test/tests/ingress/presence_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: ingress presence templates: - common.yaml diff --git a/charts/library/common-test/tests/ingress/service_reference_test.yaml b/charts/library/common-test/tests/ingress/service_reference_test.yaml index 9fa4ce39..2f314000 100644 --- a/charts/library/common-test/tests/ingress/service_reference_test.yaml +++ b/charts/library/common-test/tests/ingress/service_reference_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: ingress service reference templates: - common.yaml diff --git a/charts/library/common-test/tests/ingress/tls_test.yaml b/charts/library/common-test/tests/ingress/tls_test.yaml index 5575835c..d2e2b768 100644 --- a/charts/library/common-test/tests/ingress/tls_test.yaml +++ b/charts/library/common-test/tests/ingress/tls_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: ingress tls templates: - common.yaml @@ -10,7 +12,7 @@ tests: isKind: of: Ingress - documentIndex: *IngressDocument - isNull: + notExists: path: spec.tls - it: tls enabled should pass diff --git a/charts/library/common-test/tests/ingress/values_test.yaml b/charts/library/common-test/tests/ingress/values_test.yaml index ce9aad6a..695570c9 100644 --- a/charts/library/common-test/tests/ingress/values_test.yaml +++ b/charts/library/common-test/tests/ingress/values_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: ingress values templates: - common.yaml diff --git a/charts/library/common-test/tests/misc/nameoverride_test.yaml b/charts/library/common-test/tests/misc/nameoverride_test.yaml index ad81db9b..6cdec855 100644 --- a/charts/library/common-test/tests/misc/nameoverride_test.yaml +++ b/charts/library/common-test/tests/misc/nameoverride_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: nameOverride tests templates: - common.yaml diff --git a/charts/library/common-test/tests/networkpolicy/metadata_test.yaml b/charts/library/common-test/tests/networkpolicy/metadata_test.yaml new file mode 100644 index 00000000..d2602713 --- /dev/null +++ b/charts/library/common-test/tests/networkpolicy/metadata_test.yaml @@ -0,0 +1,89 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: networkPolicy metadata +templates: + - common.yaml +tests: + - it: default metadata should pass + set: + networkpolicies: + main: + enabled: true + asserts: + - documentIndex: &NetworkPolicyDocument 2 + isKind: + of: NetworkPolicy + - documentIndex: *NetworkPolicyDocument + notExists: + path: metadata.annotations + - documentIndex: *NetworkPolicyDocument + equal: + path: metadata.labels + value: + app.kubernetes.io/instance: RELEASE-NAME + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: RELEASE-NAME + helm.sh/chart: common-test-1.0.0 + + - it: custom metadata should pass + set: + networkpolicies: + main: + enabled: true + annotations: + test_annotation: test + labels: + test_label: test + asserts: + - documentIndex: &NetworkPolicyDocument 2 + isKind: + of: NetworkPolicy + - documentIndex: *NetworkPolicyDocument + equal: + path: metadata.annotations + value: + test_annotation: test + - documentIndex: *NetworkPolicyDocument + equal: + path: metadata.labels + value: + app.kubernetes.io/instance: RELEASE-NAME + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: RELEASE-NAME + helm.sh/chart: common-test-1.0.0 + test_label: test + + - it: custom metadata with global metadata should pass + set: + global: + labels: + global_label: test + annotations: + global_annotation: test + networkpolicies: + main: + enabled: true + annotations: + test_annotation: test + labels: + test_label: test + asserts: + - documentIndex: &NetworkPolicyDocument 2 + isKind: + of: NetworkPolicy + - documentIndex: *NetworkPolicyDocument + equal: + path: metadata.annotations + value: + global_annotation: test + test_annotation: test + - documentIndex: *NetworkPolicyDocument + equal: + path: metadata.labels + value: + app.kubernetes.io/instance: RELEASE-NAME + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: RELEASE-NAME + global_label: test + helm.sh/chart: common-test-1.0.0 + test_label: test diff --git a/charts/library/common-test/tests/networkpolicy/names_test.yaml b/charts/library/common-test/tests/networkpolicy/names_test.yaml new file mode 100644 index 00000000..1a508488 --- /dev/null +++ b/charts/library/common-test/tests/networkpolicy/names_test.yaml @@ -0,0 +1,36 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: networkPolicy names +templates: + - common.yaml +tests: + - it: default should pass + set: + networkpolicies: + main: + enabled: true + asserts: + - hasDocuments: + count: 3 + - documentIndex: &NetworkPolicyDocument 2 + isKind: + of: NetworkPolicy + - documentIndex: *NetworkPolicyDocument + equal: + path: metadata.name + value: RELEASE-NAME + + - it: custom name suffix should pass + set: + networkpolicies: + main: + enabled: true + nameOverride: block-ingress + asserts: + - documentIndex: &NetworkPolicyDocument 2 + isKind: + of: NetworkPolicy + - documentIndex: *NetworkPolicyDocument + equal: + path: metadata.name + value: RELEASE-NAME-block-ingress diff --git a/charts/library/common-test/tests/networkpolicy/validations_test.yaml b/charts/library/common-test/tests/networkpolicy/validations_test.yaml new file mode 100644 index 00000000..84d1b261 --- /dev/null +++ b/charts/library/common-test/tests/networkpolicy/validations_test.yaml @@ -0,0 +1,36 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: NetworkPolicy validations +templates: + - common.yaml +tests: + - it: networkpolicy requires either controller reference or podSelector + set: + networkpolicies: + main: + enabled: true + controller: "" + asserts: + - failedTemplate: + errorMessage: "controller reference or podSelector is required for NetworkPolicy. (NetworkPolicy main)" + + - it: policyTypes is required + set: + networkpolicies: + main: + enabled: true + policyTypes: [] + asserts: + - failedTemplate: + errorMessage: "policyTypes is required for NetworkPolicy. (NetworkPolicy main)" + + - it: policyTypes values check + set: + networkpolicies: + main: + enabled: true + policyTypes: + - test + asserts: + - failedTemplate: + errorMessage: "Not a valid policyType for NetworkPolicy. (NetworkPolicy main, value test)" diff --git a/charts/library/common-test/tests/networkpolicy/values_test.yaml b/charts/library/common-test/tests/networkpolicy/values_test.yaml new file mode 100644 index 00000000..36c312f9 --- /dev/null +++ b/charts/library/common-test/tests/networkpolicy/values_test.yaml @@ -0,0 +1,95 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: NetworkPolicy values +templates: + - common.yaml +tests: + - it: main networkpolicy is disabled by default + asserts: + - hasDocuments: + count: 2 + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 1 + isKind: + of: Service + + - it: main networkpolicy can be enabled + set: + networkpolicies: + main: + enabled: true + asserts: + - hasDocuments: + count: 3 + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 1 + isKind: + of: Service + - documentIndex: 2 + isKind: + of: NetworkPolicy + + - it: networkpolicy targets the correct controller + set: + networkpolicies: + main: + enabled: true + controller: main + asserts: + - documentIndex: &NetworkPolicyDocument 2 + isKind: + of: NetworkPolicy + - documentIndex: *NetworkPolicyDocument + equal: + path: spec.podSelector + value: + matchLabels: + app.kubernetes.io/component: main + app.kubernetes.io/instance: RELEASE-NAME + app.kubernetes.io/name: RELEASE-NAME + + - it: networkpolicy targets supports custom podSelector + set: + networkpolicies: + main: + enabled: true + controller: main + podSelector: {} + asserts: + - documentIndex: &NetworkPolicyDocument 2 + isKind: + of: NetworkPolicy + - documentIndex: *NetworkPolicyDocument + equal: + path: spec.podSelector + value: {} + + - it: networkpolicy rules are passed through + set: + networkpolicies: + main: + enabled: true + controller: main + rules: + ingress: + - {} + egress: + - {} + asserts: + - documentIndex: &NetworkPolicyDocument 2 + isKind: + of: NetworkPolicy + - documentIndex: *NetworkPolicyDocument + equal: + path: spec.ingress + value: + - {} + - documentIndex: *NetworkPolicyDocument + equal: + path: spec.egress + value: + - {} diff --git a/charts/library/common-test/tests/persistence/claimnames_test.yaml b/charts/library/common-test/tests/persistence/claimnames_test.yaml index f517b958..60bac5b8 100644 --- a/charts/library/common-test/tests/persistence/claimnames_test.yaml +++ b/charts/library/common-test/tests/persistence/claimnames_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: persistence claimnames templates: - common.yaml diff --git a/charts/library/common-test/tests/persistence/emptydir_test.yaml b/charts/library/common-test/tests/persistence/emptydir_test.yaml index 02cb1914..0f3a04d4 100644 --- a/charts/library/common-test/tests/persistence/emptydir_test.yaml +++ b/charts/library/common-test/tests/persistence/emptydir_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: persistence emptydir templates: - common.yaml diff --git a/charts/library/common-test/tests/persistence/hostpath_test.yaml b/charts/library/common-test/tests/persistence/hostpath_test.yaml index 883259eb..e564ce59 100644 --- a/charts/library/common-test/tests/persistence/hostpath_test.yaml +++ b/charts/library/common-test/tests/persistence/hostpath_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: persistence hostpath templates: - common.yaml diff --git a/charts/library/common-test/tests/persistence/types_test.yaml b/charts/library/common-test/tests/persistence/types_test.yaml index e650aab3..7b6ac0f8 100644 --- a/charts/library/common-test/tests/persistence/types_test.yaml +++ b/charts/library/common-test/tests/persistence/types_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: persistence types templates: - common.yaml diff --git a/charts/library/common-test/tests/persistence/volumeclaimtemplates_test.yaml b/charts/library/common-test/tests/persistence/volumeclaimtemplates_test.yaml index ce8e2765..30ea8c91 100644 --- a/charts/library/common-test/tests/persistence/volumeclaimtemplates_test.yaml +++ b/charts/library/common-test/tests/persistence/volumeclaimtemplates_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: persistence volumeclaimtemplates templates: - common.yaml diff --git a/charts/library/common-test/tests/pod/container_order_test.yaml b/charts/library/common-test/tests/pod/container_order_test.yaml new file mode 100644 index 00000000..bc6e12b2 --- /dev/null +++ b/charts/library/common-test/tests/pod/container_order_test.yaml @@ -0,0 +1,81 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: pod sidecar containers +templates: + - common.yaml +tests: + - it: with default order + set: + controllers.main.containers: + additional1: + image: + repository: test + tag: test + additional2: + image: + repository: test + tag: test + asserts: + - documentIndex: &DeploymentDocument 0 + isKind: + of: Deployment + - documentIndex: &DeploymentDocument 0 + lengthEqual: + path: spec.template.spec.containers + count: 3 + - documentIndex: *DeploymentDocument + equal: + path: spec.template.spec.containers[0].name + value: main + - documentIndex: *DeploymentDocument + equal: + path: spec.template.spec.containers[1].name + value: additional1 + - documentIndex: *DeploymentDocument + equal: + path: spec.template.spec.containers[2].name + value: additional2 + + - it: with custom order + set: + controllers.main.containers: + main: + order: 2 + additional1: + order: 3 + image: + repository: test + tag: test + additional2: + order: 1 + image: + repository: test + tag: test + additional3: + image: + repository: test + tag: test + asserts: + - documentIndex: &DeploymentDocument 0 + isKind: + of: Deployment + - documentIndex: &DeploymentDocument 0 + lengthEqual: + path: spec.template.spec.containers + count: 4 + - documentIndex: *DeploymentDocument + equal: + path: spec.template.spec.containers[0].name + value: additional2 + - documentIndex: *DeploymentDocument + equal: + path: spec.template.spec.containers[1].name + value: main + - documentIndex: *DeploymentDocument + equal: + path: spec.template.spec.containers[2].name + value: additional1 + - documentIndex: *DeploymentDocument + equal: + path: spec.template.spec.containers[3].name + value: additional3 diff --git a/charts/library/common-test/tests/pod/field_affinity_test.yaml b/charts/library/common-test/tests/pod/field_affinity_test.yaml new file mode 100644 index 00000000..744a53ec --- /dev/null +++ b/charts/library/common-test/tests/pod/field_affinity_test.yaml @@ -0,0 +1,89 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: pod affinity +templates: + - common.yaml +tests: + - it: default should pass + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + notExists: + path: spec.template.spec.affinity + + - it: defaultPodOption should pass + set: + defaultPodOptions: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: topology.kubernetes.io/zone + operator: In + values: + - antarctica-east1 + - antarctica-west1 + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: topology.kubernetes.io/zone + operator: In + values: + - antarctica-east1 + - antarctica-west1 + + - it: defaultPodOption with pod override should pass + set: + defaultPodOptions: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: topology.kubernetes.io/zone + operator: In + values: + - antarctica-east1 + - antarctica-west1 + controllers: + main: + pod: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: topology.kubernetes.io/zone + operator: In + values: + - asia-east1 + - asia-west1 + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: topology.kubernetes.io/zone + operator: In + values: + - asia-east1 + - asia-west1 diff --git a/charts/library/common-test/tests/pod/field_dnsConfig_test.yaml b/charts/library/common-test/tests/pod/field_dnsConfig_test.yaml new file mode 100644 index 00000000..025c0edd --- /dev/null +++ b/charts/library/common-test/tests/pod/field_dnsConfig_test.yaml @@ -0,0 +1,59 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: pod dnsConfig +templates: + - common.yaml +tests: + - it: default should pass + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + notExists: + path: spec.template.spec.dnsConfig + + - it: defaultPodOption should pass + set: + defaultPodOptions: + dnsConfig: + options: + - name: ndots + value: "1" + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.dnsConfig + value: + options: + - name: ndots + value: "1" + + - it: defaultPodOption with pod override should pass + set: + defaultPodOptions: + dnsConfig: + options: + - name: ndots + value: "1" + controllers: + main: + pod: + dnsConfig: + options: + - name: ndots + value: "5" + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.dnsConfig + value: + options: + - name: ndots + value: "5" diff --git a/charts/library/common-test/tests/pod/network_test.yaml b/charts/library/common-test/tests/pod/field_dnsPolicy.yaml similarity index 56% rename from charts/library/common-test/tests/pod/network_test.yaml rename to charts/library/common-test/tests/pod/field_dnsPolicy.yaml index b309f912..1ec0b184 100644 --- a/charts/library/common-test/tests/pod/network_test.yaml +++ b/charts/library/common-test/tests/pod/field_dnsPolicy.yaml @@ -1,4 +1,6 @@ -suite: pod network +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: pod dnsPolicy templates: - common.yaml tests: @@ -7,27 +9,6 @@ tests: - documentIndex: 0 isKind: of: Deployment - - documentIndex: 0 - equal: - path: spec.template.spec.hostNetwork - value: false - - documentIndex: 0 - equal: - path: spec.template.spec.dnsPolicy - value: ClusterFirst - - - it: hostNetwork disabled should pass - set: - defaultPodOptions: - hostNetwork: false - asserts: - - documentIndex: 0 - isKind: - of: Deployment - - documentIndex: 0 - equal: - path: spec.template.spec.hostNetwork - value: false - documentIndex: 0 equal: path: spec.template.spec.dnsPolicy @@ -41,10 +22,6 @@ tests: - documentIndex: 0 isKind: of: Deployment - - documentIndex: 0 - equal: - path: spec.template.spec.hostNetwork - value: true - documentIndex: 0 equal: path: spec.template.spec.dnsPolicy diff --git a/charts/library/common-test/tests/pod/field_hostAliases_test.yaml b/charts/library/common-test/tests/pod/field_hostAliases_test.yaml new file mode 100644 index 00000000..34b09ce9 --- /dev/null +++ b/charts/library/common-test/tests/pod/field_hostAliases_test.yaml @@ -0,0 +1,62 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: pod hostAliases +templates: + - common.yaml +tests: + - it: default should pass + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + notExists: + path: spec.template.spec.hostAliases + + - it: defaultPodOption should pass + set: + defaultPodOptions: + hostAliases: + - ip: "192.168.1.100" + hostnames: + - "example.com" + - "www.example.com" + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.hostAliases + value: + - ip: "192.168.1.100" + hostnames: + - "example.com" + - "www.example.com" + + - it: defaultPodOption with pod override should pass + set: + defaultPodOptions: + hostAliases: + - ip: "192.168.1.100" + hostnames: + - "example.com" + - "www.example.com" + controllers: + main: + pod: + hostAliases: + - ip: "127.0.0.1" + hostnames: + - "localhost" + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.hostAliases + value: + - ip: "127.0.0.1" + hostnames: + - "localhost" diff --git a/charts/library/common-test/tests/pod/hostIPC_test.yaml b/charts/library/common-test/tests/pod/field_hostIPC_test.yaml similarity index 86% rename from charts/library/common-test/tests/pod/hostIPC_test.yaml rename to charts/library/common-test/tests/pod/field_hostIPC_test.yaml index 00b2a20b..9071ba21 100644 --- a/charts/library/common-test/tests/pod/hostIPC_test.yaml +++ b/charts/library/common-test/tests/pod/field_hostIPC_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: pod security templates: - common.yaml diff --git a/charts/library/common-test/tests/pod/field_hostNetwork_test.yaml b/charts/library/common-test/tests/pod/field_hostNetwork_test.yaml new file mode 100644 index 00000000..0434bd31 --- /dev/null +++ b/charts/library/common-test/tests/pod/field_hostNetwork_test.yaml @@ -0,0 +1,41 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: pod hostNetwork +templates: + - common.yaml +tests: + - it: default should pass + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.hostNetwork + value: false + + - it: hostNetwork disabled should pass + set: + defaultPodOptions: + hostNetwork: false + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.hostNetwork + value: false + + - it: hostNetwork enabled should pass + set: + defaultPodOptions: + hostNetwork: true + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.hostNetwork + value: true diff --git a/charts/library/common-test/tests/pod/hostPID_test.yaml b/charts/library/common-test/tests/pod/field_hostPID_test.yaml similarity index 86% rename from charts/library/common-test/tests/pod/hostPID_test.yaml rename to charts/library/common-test/tests/pod/field_hostPID_test.yaml index 2dde4aae..e644dc7f 100644 --- a/charts/library/common-test/tests/pod/hostPID_test.yaml +++ b/charts/library/common-test/tests/pod/field_hostPID_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: pod security templates: - common.yaml diff --git a/charts/library/common-test/tests/pod/field_imagePullSecrets_test.yaml b/charts/library/common-test/tests/pod/field_imagePullSecrets_test.yaml new file mode 100644 index 00000000..bc6b6806 --- /dev/null +++ b/charts/library/common-test/tests/pod/field_imagePullSecrets_test.yaml @@ -0,0 +1,49 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: pod imagePullSecrets +templates: + - common.yaml +tests: + - it: default should pass + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + notExists: + path: spec.template.spec.imagePullSecrets + + - it: defaultPodOption should pass + set: + defaultPodOptions: + imagePullSecrets: + - name: my-pull-secret + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.imagePullSecrets + value: + - name: my-pull-secret + + - it: defaultPodOption with pod override should pass + set: + defaultPodOptions: + imagePullSecrets: + - name: my-pull-secret + controllers: + main: + pod: + imagePullSecrets: + - name: my-other-secret + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.imagePullSecrets + value: + - name: my-other-secret diff --git a/charts/library/common-test/tests/pod/field_nodeSelector_test.yaml b/charts/library/common-test/tests/pod/field_nodeSelector_test.yaml new file mode 100644 index 00000000..230d0265 --- /dev/null +++ b/charts/library/common-test/tests/pod/field_nodeSelector_test.yaml @@ -0,0 +1,49 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: pod nodeSelector +templates: + - common.yaml +tests: + - it: default should pass + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + notExists: + path: spec.template.spec.nodeSelector + + - it: defaultPodOption should pass + set: + defaultPodOptions: + nodeSelector: + disktype: ssd + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.nodeSelector + value: + disktype: ssd + + - it: defaultPodOption with pod override should pass + set: + defaultPodOptions: + nodeSelector: + disktype: ssd + controllers: + main: + pod: + nodeSelector: + disktype: hdd + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.nodeSelector + value: + disktype: hdd diff --git a/charts/library/common-test/tests/pod/replicas_test.yaml b/charts/library/common-test/tests/pod/field_replicas_test.yaml similarity index 79% rename from charts/library/common-test/tests/pod/replicas_test.yaml rename to charts/library/common-test/tests/pod/field_replicas_test.yaml index c800b7b2..b299d004 100644 --- a/charts/library/common-test/tests/pod/replicas_test.yaml +++ b/charts/library/common-test/tests/pod/field_replicas_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: pod replicas templates: - common.yaml diff --git a/charts/library/common-test/tests/pod/field_securityContext_test.yaml b/charts/library/common-test/tests/pod/field_securityContext_test.yaml new file mode 100644 index 00000000..29ca5833 --- /dev/null +++ b/charts/library/common-test/tests/pod/field_securityContext_test.yaml @@ -0,0 +1,64 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: pod securityContext +templates: + - common.yaml +tests: + - it: default should pass + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + notExists: + path: spec.template.spec.securityContext + + - it: defaultPodOption should pass + set: + defaultPodOptions: + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.securityContext + value: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + + - it: defaultPodOption with pod override should pass + set: + defaultPodOptions: + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + controllers: + main: + pod: + securityContext: + runAsUser: 568 + runAsGroup: 568 + fsGroup: 568 + fsGroupChangePolicy: OnRootMismatch + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.securityContext + value: + runAsUser: 568 + runAsGroup: 568 + fsGroup: 568 + fsGroupChangePolicy: OnRootMismatch diff --git a/charts/library/common-test/tests/pod/field_tolerations_test.yaml b/charts/library/common-test/tests/pod/field_tolerations_test.yaml new file mode 100644 index 00000000..2b9a8c63 --- /dev/null +++ b/charts/library/common-test/tests/pod/field_tolerations_test.yaml @@ -0,0 +1,64 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: pod tolerations +templates: + - common.yaml +tests: + - it: default should pass + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + notExists: + path: spec.template.spec.tolerations + + - it: defaultPodOption should pass + set: + defaultPodOptions: + tolerations: + - key: "key1" + operator: "Equal" + value: "value1" + effect: "NoSchedule" + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.tolerations + value: + - key: "key1" + operator: "Equal" + value: "value1" + effect: "NoSchedule" + + - it: defaultPodOption with pod override should pass + set: + defaultPodOptions: + tolerations: + - key: "key1" + operator: "Equal" + value: "value1" + effect: "NoSchedule" + controllers: + main: + pod: + tolerations: + - key: "master" + operator: "Equal" + value: "value1" + effect: "NoSchedule" + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.tolerations + value: + - key: "master" + operator: "Equal" + value: "value1" + effect: "NoSchedule" diff --git a/charts/library/common-test/tests/pod/field_topologySpreadConstraints_test.yaml b/charts/library/common-test/tests/pod/field_topologySpreadConstraints_test.yaml new file mode 100644 index 00000000..8c52fcb9 --- /dev/null +++ b/charts/library/common-test/tests/pod/field_topologySpreadConstraints_test.yaml @@ -0,0 +1,74 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: pod topologySpreadConstraints +templates: + - common.yaml +tests: + - it: default should pass + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + notExists: + path: spec.template.spec.topologySpreadConstraints + + - it: defaultPodOption should pass + set: + defaultPodOptions: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app: foo + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.topologySpreadConstraints + value: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app: foo + + - it: defaultPodOption with pod override should pass + set: + defaultPodOptions: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app: foo + controllers: + main: + pod: + topologySpreadConstraints: + - maxSkew: 2 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app: foo + asserts: + - documentIndex: 0 + isKind: + of: Deployment + - documentIndex: 0 + equal: + path: spec.template.spec.topologySpreadConstraints + value: + - maxSkew: 2 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app: foo diff --git a/charts/library/common-test/tests/pod/initcontainers_test.yaml b/charts/library/common-test/tests/pod/initcontainers_test.yaml index fd28b1c0..0ecc0923 100644 --- a/charts/library/common-test/tests/pod/initcontainers_test.yaml +++ b/charts/library/common-test/tests/pod/initcontainers_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: pod initContainers templates: - common.yaml @@ -41,3 +43,46 @@ tests: value: name: template value: RELEASE-NAME-admin + + - it: disabled should pass + set: + controllers.main.initContainers: + init1: + enabled: false + image: + repository: ghcr.io/mendhak/http-https-echo + asserts: + - documentIndex: &DeploymentDocument 0 + isKind: + of: Deployment + - documentIndex: *DeploymentDocument + notExists: + path: spec.template.spec.initContainers + + - it: custom order should pass + set: + controllers.main.initContainers: + init1: + order: 2 + image: + repository: ghcr.io/mendhak/http-https-echo + init2: + order: 1 + image: + repository: ghcr.io/mendhak/http-https-echo + asserts: + - documentIndex: &DeploymentDocument 0 + isKind: + of: Deployment + - documentIndex: *DeploymentDocument + lengthEqual: + path: spec.template.spec.initContainers + count: 2 + - documentIndex: *DeploymentDocument + equal: + path: spec.template.spec.initContainers[0].name + value: init2 + - documentIndex: *DeploymentDocument + equal: + path: spec.template.spec.initContainers[1].name + value: init1 diff --git a/charts/library/common-test/tests/pod/sidecars_test.yaml b/charts/library/common-test/tests/pod/sidecars_test.yaml index 5233f8c6..65ed67c6 100644 --- a/charts/library/common-test/tests/pod/sidecars_test.yaml +++ b/charts/library/common-test/tests/pod/sidecars_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: pod sidecar containers templates: - common.yaml @@ -16,7 +18,7 @@ tests: of: Deployment - documentIndex: 0 equal: - path: spec.template.spec.containers[0].name + path: spec.template.spec.containers[1].name value: template-test - it: with implicit name should pass @@ -32,7 +34,7 @@ tests: of: Deployment - documentIndex: 0 equal: - path: spec.template.spec.containers[0].name + path: spec.template.spec.containers[1].name value: additional1 - it: with templated name should pass @@ -49,7 +51,7 @@ tests: of: Deployment - documentIndex: 0 equal: - path: spec.template.spec.containers[0].name + path: spec.template.spec.containers[1].name value: RELEASE-NAME-container - it: with custom env vars dict should pass @@ -73,31 +75,31 @@ tests: of: Deployment - documentIndex: *DeploymentDocument equal: - path: spec.template.spec.containers[1].env[0] + path: spec.template.spec.containers[0].env[0] value: name: main_env value: "value" - documentIndex: *DeploymentDocument equal: - path: spec.template.spec.containers[0].env[0] + path: spec.template.spec.containers[1].env[0] value: name: float value: "1.5" - documentIndex: *DeploymentDocument equal: - path: spec.template.spec.containers[0].env[1] + path: spec.template.spec.containers[1].env[1] value: name: int value: "1" - documentIndex: *DeploymentDocument equal: - path: spec.template.spec.containers[0].env[2] + path: spec.template.spec.containers[1].env[2] value: name: string value: value_of_env - documentIndex: *DeploymentDocument equal: - path: spec.template.spec.containers[0].env[3] + path: spec.template.spec.containers[1].env[3] value: name: template value: RELEASE-NAME-admin diff --git a/charts/library/common-test/tests/pvc/metadata_test.yaml b/charts/library/common-test/tests/pvc/metadata_test.yaml index 7047d250..2dc42d4d 100644 --- a/charts/library/common-test/tests/pvc/metadata_test.yaml +++ b/charts/library/common-test/tests/pvc/metadata_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: pvc metadata templates: - common.yaml @@ -10,7 +12,7 @@ tests: isKind: of: PersistentVolumeClaim - documentIndex: *PersistentVolumeClaimDocument - isNull: + notExists: path: metadata.annotations - documentIndex: *PersistentVolumeClaimDocument equal: diff --git a/charts/library/common-test/tests/pvc/names_test.yaml b/charts/library/common-test/tests/pvc/names_test.yaml index d9c6a2b4..25c8f261 100644 --- a/charts/library/common-test/tests/pvc/names_test.yaml +++ b/charts/library/common-test/tests/pvc/names_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: pvc names templates: - common.yaml diff --git a/charts/library/common-test/tests/pvc/storageclass_test.yaml b/charts/library/common-test/tests/pvc/storageclass_test.yaml index 4b24a1ec..d2202dc2 100644 --- a/charts/library/common-test/tests/pvc/storageclass_test.yaml +++ b/charts/library/common-test/tests/pvc/storageclass_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: pvc storageclass templates: - common.yaml @@ -10,7 +12,7 @@ tests: isKind: of: PersistentVolumeClaim - documentIndex: *PersistentVolumeClaimDocument - isNull: + notExists: path: spec.storageClassName - it: custom should pass diff --git a/charts/library/common-test/tests/route/metadata_test.yaml b/charts/library/common-test/tests/route/metadata_test.yaml index 8e583e83..e55ed892 100644 --- a/charts/library/common-test/tests/route/metadata_test.yaml +++ b/charts/library/common-test/tests/route/metadata_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: route metadata templates: - common.yaml @@ -14,7 +16,7 @@ tests: isKind: of: HTTPRoute - documentIndex: *routeDocument - isNull: + notExists: path: metadata.annotations - documentIndex: *routeDocument equal: diff --git a/charts/library/common-test/tests/route/presence_test.yaml b/charts/library/common-test/tests/route/presence_test.yaml index c3b87603..d597fb57 100644 --- a/charts/library/common-test/tests/route/presence_test.yaml +++ b/charts/library/common-test/tests/route/presence_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: route presence templates: - common.yaml diff --git a/charts/library/common-test/tests/route/service_reference_test.yaml b/charts/library/common-test/tests/route/service_reference_test.yaml index 37cf89b1..97038f1b 100644 --- a/charts/library/common-test/tests/route/service_reference_test.yaml +++ b/charts/library/common-test/tests/route/service_reference_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: ingress service reference templates: - common.yaml diff --git a/charts/library/common-test/tests/route/values_test.yaml b/charts/library/common-test/tests/route/values_test.yaml index 8953b819..a4bb770d 100644 --- a/charts/library/common-test/tests/route/values_test.yaml +++ b/charts/library/common-test/tests/route/values_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: route values templates: - common.yaml @@ -51,8 +53,8 @@ tests: namespace: parentNamespace rules: - backendRefs: - - name: test - namespace: test + - name: test + namespace: test matches: - path: type: PathPrefix @@ -65,8 +67,8 @@ tests: namespace: parentNamespace rules: - backendRefs: - - name: test - namespace: test + - name: test + namespace: test matches: - path: type: PathPrefix @@ -79,8 +81,8 @@ tests: namespace: parentNamespace rules: - backendRefs: - - name: test - namespace: test + - name: test + namespace: test matches: - path: type: PathPrefix @@ -93,8 +95,8 @@ tests: namespace: parentNamespace rules: - backendRefs: - - name: test - namespace: test + - name: test + namespace: test matches: - path: type: PathPrefix @@ -107,8 +109,8 @@ tests: namespace: parentNamespace rules: - backendRefs: - - name: test - namespace: test + - name: test + namespace: test matches: - path: type: PathPrefix @@ -118,7 +120,7 @@ tests: isKind: of: GRPCRoute - documentIndex: &HTTPRouteDocument 2 - isNull: + notExists: path: spec.rules[0].matches - documentIndex: &HTTPRouteDocument 3 isKind: @@ -134,19 +136,19 @@ tests: isKind: of: TCPRoute - documentIndex: &HTTPRouteDocument 4 - isNull: + notExists: path: spec.rules[0].matches - documentIndex: &HTTPRouteDocument 5 isKind: of: TLSRoute - documentIndex: &HTTPRouteDocument 5 - isNull: + notExists: path: spec.rules[0].matches - documentIndex: &HTTPRouteDocument 6 isKind: of: UDPRoute - documentIndex: &HTTPRouteDocument 6 - isNull: + notExists: path: spec.rules[0].matches - it: hostnames shouldn't be used for TCPRoutes and UDPRoutes @@ -173,13 +175,13 @@ tests: isKind: of: TCPRoute - documentIndex: &HTTPRouteDocument 2 - isNull: + notExists: path: spec.hostnames - documentIndex: &HTTPRouteDocument 3 isKind: of: UDPRoute - documentIndex: &HTTPRouteDocument 3 - isNull: + notExists: path: spec.hostnames - it: sectionName in parentRefs should be optional @@ -201,7 +203,7 @@ tests: isKind: of: HTTPRoute - documentIndex: &HTTPRouteDocument 2 - isNull: + notExists: path: spec.parentRefs[0].sectionName - documentIndex: &HTTPRouteDocument 3 isKind: diff --git a/charts/library/common-test/tests/secret/metadata_test.yaml b/charts/library/common-test/tests/secret/metadata_test.yaml index 1d9d9d19..e8178379 100644 --- a/charts/library/common-test/tests/secret/metadata_test.yaml +++ b/charts/library/common-test/tests/secret/metadata_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: secret metadata templates: - common.yaml @@ -14,7 +16,7 @@ tests: isKind: of: Secret - documentIndex: *SecretDocument - isNull: + notExists: path: metadata.annotations - documentIndex: *SecretDocument equal: diff --git a/charts/library/common-test/tests/secret/names_test.yaml b/charts/library/common-test/tests/secret/names_test.yaml index bdac6cd6..4b5c456b 100644 --- a/charts/library/common-test/tests/secret/names_test.yaml +++ b/charts/library/common-test/tests/secret/names_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: secret names templates: - common.yaml @@ -48,13 +50,13 @@ tests: isKind: of: Secret - documentIndex: *FirstSecretDocument - isNotNull: + isNotNullOrEmpty: path: metadata.name - documentIndex: &SecondSecretDocument 3 isKind: of: Secret - documentIndex: *SecondSecretDocument - isNotNull: + isNotNullOrEmpty: path: metadata.name - it: default name should pass diff --git a/charts/library/common-test/tests/secret/pod_metadata_test.yaml b/charts/library/common-test/tests/secret/pod_metadata_test.yaml index 3bba66cc..0b52e233 100644 --- a/charts/library/common-test/tests/secret/pod_metadata_test.yaml +++ b/charts/library/common-test/tests/secret/pod_metadata_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: secret Pod metadata templates: - common.yaml diff --git a/charts/library/common-test/tests/service/metadata_test.yaml b/charts/library/common-test/tests/service/metadata_test.yaml index acb5dd97..d437a638 100644 --- a/charts/library/common-test/tests/service/metadata_test.yaml +++ b/charts/library/common-test/tests/service/metadata_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: service metadata templates: - common.yaml @@ -8,7 +10,7 @@ tests: isKind: of: Service - documentIndex: *ServiceDocument - isNull: + notExists: path: metadata.annotations - documentIndex: *ServiceDocument equal: diff --git a/charts/library/common-test/tests/service/names_test.yaml b/charts/library/common-test/tests/service/names_test.yaml index 518665d2..58da58b2 100644 --- a/charts/library/common-test/tests/service/names_test.yaml +++ b/charts/library/common-test/tests/service/names_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: service names templates: - common.yaml diff --git a/charts/library/common-test/tests/service/port_protocols_test.yaml b/charts/library/common-test/tests/service/port_protocols_test.yaml index 7d43cb3f..82049d14 100644 --- a/charts/library/common-test/tests/service/port_protocols_test.yaml +++ b/charts/library/common-test/tests/service/port_protocols_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: service protocols templates: - common.yaml @@ -50,7 +52,7 @@ tests: path: spec.ports[0].protocol value: TCP - documentIndex: *ServiceDocument - isNull: + notExists: path: metadata.annotations - it: explicit HTTPS should pass diff --git a/charts/library/common-test/tests/service/ports_test.yaml b/charts/library/common-test/tests/service/ports_test.yaml index 4d52d16a..4a35eb7b 100644 --- a/charts/library/common-test/tests/service/ports_test.yaml +++ b/charts/library/common-test/tests/service/ports_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: service ports templates: - common.yaml diff --git a/charts/library/common-test/tests/serviceAccount/serviceaccount_test.yaml b/charts/library/common-test/tests/serviceAccount/serviceaccount_test.yaml index f2f5b40b..2a6edd3a 100644 --- a/charts/library/common-test/tests/serviceAccount/serviceaccount_test.yaml +++ b/charts/library/common-test/tests/serviceAccount/serviceaccount_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: serviceAccount values templates: - common.yaml diff --git a/charts/library/common-test/tests/serviceMonitor/servicemonitor_test.yaml b/charts/library/common-test/tests/serviceMonitor/servicemonitor_test.yaml index ef009d9c..0a58ebfb 100644 --- a/charts/library/common-test/tests/serviceMonitor/servicemonitor_test.yaml +++ b/charts/library/common-test/tests/serviceMonitor/servicemonitor_test.yaml @@ -1,3 +1,5 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json suite: serviceMonitor values templates: - common.yaml diff --git a/charts/library/common/Chart.yaml b/charts/library/common/Chart.yaml index 5bef7dc5..fd501f5f 100644 --- a/charts/library/common/Chart.yaml +++ b/charts/library/common/Chart.yaml @@ -3,7 +3,7 @@ apiVersion: v2 name: common description: Function library for Helm charts type: library -version: 2.0.0-beta.1 +version: 2.0.0-beta.2 kubeVersion: ">=1.22.0-0" keywords: - common @@ -17,3 +17,10 @@ annotations: artifacthub.io/changes: |- - kind: changed description: Many things :P + - kind: removed + description: |- + **BREAKING CHANGE** Removed support for add-ons. These can be configured through other means nowadays. + - kind: added + description: Added support for ordering (init)Containers within a controller. + - kind: added + description: Added support for creating Network Policies. diff --git a/charts/library/common/README.md b/charts/library/common/README.md index f4620860..fd30fd44 100644 --- a/charts/library/common/README.md +++ b/charts/library/common/README.md @@ -1,6 +1,6 @@ # common -![Version: 2.0.0](https://img.shields.io/badge/Version-2.0.0-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) +![Version: 2.0.0-beta.2](https://img.shields.io/badge/Version-2.0.0--beta.2-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) Function library for Helm charts @@ -29,7 +29,7 @@ Include this chart as a dependency in your `Chart.yaml` e.g. # Chart.yaml dependencies: - name: common - version: 2.0.0 + version: 2.0.0-beta.2 repository: https://bjw-s.github.io/helm-charts/ ``` @@ -64,6 +64,7 @@ N/A | controllers.main.containers.main.image.tag | string | `nil` | image tag | | controllers.main.containers.main.lifecycle | object | `{}` | Configure the lifecycle for the container | | controllers.main.containers.main.nameOverride | string | `nil` | Override the container name | +| controllers.main.containers.main.order | int | 99 | Override the default container order Containers get sorted alphanumerically by the `-` combination. | | controllers.main.containers.main.probes | object | See below | [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) | | controllers.main.containers.main.probes.liveness | object | See below | Liveness probe configuration | | controllers.main.containers.main.probes.liveness.custom | bool | `false` | Set this to `true` if you wish to specify your own livenessProbe | @@ -93,7 +94,7 @@ N/A | controllers.main.cronjob.successfulJobsHistory | int | `1` | The number of succesful Jobs to keep | | controllers.main.cronjob.ttlSecondsAfterFinished | string | `nil` | If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. | | controllers.main.enabled | bool | `true` | enable the controller. | -| controllers.main.initContainers | object | `{}` | Specify any initContainers here as dictionary items. Each initContainer should have its own key. The dictionary item key will determine the order. Helm templates can be used. | +| controllers.main.initContainers | object | `{}` | Specify any initContainers here as dictionary items. Each initContainer should have its own key initContainers get sorted alphanumerically by the `-` combination. | | controllers.main.labels | object | `{}` | Set labels on the deployment/statefulset/daemonset/cronjob | | controllers.main.replicas | int | `1` | Number of desired pods. When using a HorizontalPodAutoscaler, set this to `null`. | | controllers.main.revisionHistoryLimit | int | `3` | ReplicaSet revision history limit | diff --git a/charts/library/common/templates/classes/_networkpolicy.tpl b/charts/library/common/templates/classes/_networkpolicy.tpl new file mode 100644 index 00000000..0854d145 --- /dev/null +++ b/charts/library/common/templates/classes/_networkpolicy.tpl @@ -0,0 +1,49 @@ +{{/* +This template serves as a blueprint for all networkPolicy objects that are created +within the common library. +*/}} +{{- define "bjw-s.common.class.networkpolicy" -}} + {{- $rootContext := .rootContext -}} + {{- $networkPolicyObject := .object -}} + + {{- $labels := merge + ($networkPolicyObject.labels | default dict) + (include "bjw-s.common.lib.metadata.allLabels" $rootContext | fromYaml) + -}} + {{- $annotations := merge + ($networkPolicyObject.annotations | default dict) + (include "bjw-s.common.lib.metadata.globalAnnotations" $rootContext | fromYaml) + -}} + {{- $podSelector := dict -}} + {{- if (hasKey $networkPolicyObject "podSelector") -}} + {{- $podSelector = $networkPolicyObject.podSelector -}} + {{- else -}} + {{- $podSelector = dict "matchLabels" (merge + ($networkPolicyObject.extraSelectorLabels | default dict) + (dict "app.kubernetes.io/component" $networkPolicyObject.controller) + (include "bjw-s.common.lib.metadata.selectorLabels" $rootContext | fromYaml) + ) -}} + {{- end -}} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ $networkPolicyObject.name }} + {{- with $labels }} + labels: {{- toYaml . | nindent 4 -}} + {{- end }} + {{- with $annotations }} + annotations: {{- toYaml . | nindent 4 -}} + {{- end }} +spec: + podSelector: {{- toYaml $podSelector | nindent 4 }} + {{- with $networkPolicyObject.policyTypes }} + policyTypes: {{- toYaml . | nindent 4 -}} + {{- end }} + {{- with $networkPolicyObject.rules.ingress }} + ingress: {{- tpl (toYaml .) $rootContext | nindent 4 -}} + {{- end }} + {{- with $networkPolicyObject.rules.egress }} + egress: {{- tpl (toYaml .) $rootContext | nindent 4 -}} + {{- end }} +{{- end -}} diff --git a/charts/library/common/templates/lib/container/_volumemounts_old.tpl b/charts/library/common/templates/lib/container/_volumemounts_old.tpl deleted file mode 100644 index 4e60be2a..00000000 --- a/charts/library/common/templates/lib/container/_volumemounts_old.tpl +++ /dev/null @@ -1,58 +0,0 @@ - {{- /* TODO: Remove this file */ -}} - -{{/* Volumes included by the controller */}} -{{- define "bjw-s.common.lib.container.volumeMounts" -}} - {{- range $persistenceIndex, $persistenceItem := .Values.persistence }} - {{- if $persistenceItem.enabled -}} - {{- if kindIs "slice" $persistenceItem.subPath -}} - {{- if $persistenceItem.mountPath -}} - {{- fail (printf "Cannot use persistence.mountPath with a subPath list (%s)" $persistenceIndex) }} - {{- end -}} - {{- range $subPathIndex, $subPathItem := $persistenceItem.subPath }} -- name: {{ $persistenceIndex }} - subPath: {{ required "subPaths as a list of maps require a path field" $subPathItem.path }} - mountPath: {{ required "subPaths as a list of maps require an explicit mountPath field" $subPathItem.mountPath }} - {{- with $subPathItem.readOnly }} - readOnly: {{ . }} - {{- end }} - {{- with $subPathItem.mountPropagation }} - mountPropagation: {{ . }} - {{- end }} - {{- end -}} - {{- else -}} - {{/* Set the default mountPath to / */}} - {{- $mountPath := (printf "/%v" $persistenceIndex) -}} - {{- if eq "hostPath" (default "pvc" $persistenceItem.type) -}} - {{- $mountPath = $persistenceItem.hostPath -}} - {{- end -}} - {{/* Use the specified mountPath if provided */}} - {{- with $persistenceItem.mountPath -}} - {{- $mountPath = . -}} - {{- end }} - {{- if ne $mountPath "-" }} -- name: {{ $persistenceIndex }} - mountPath: {{ $mountPath }} - {{- with $persistenceItem.subPath }} - subPath: {{ . }} - {{- end }} - {{- with $persistenceItem.readOnly }} - readOnly: {{ . }} - {{- end }} - {{- with $persistenceItem.mountPropagation }} - mountPropagation: {{ . }} - {{- end }} - {{- end }} - {{- end -}} - {{- end -}} - {{- end }} - - {{- if eq .Values.controller.type "statefulset" }} - {{- range $index, $vct := .Values.volumeClaimTemplates }} -- mountPath: {{ $vct.mountPath }} - name: {{ $vct.name }} - {{- if $vct.subPath }} - subPath: {{ $vct.subPath }} - {{- end }} - {{- end }} - {{- end }} -{{- end -}} diff --git a/charts/library/common/templates/lib/controller/_enabled_containers.tpl b/charts/library/common/templates/lib/controller/_enabled_containers.tpl index 9835c006..a4910496 100644 --- a/charts/library/common/templates/lib/controller/_enabled_containers.tpl +++ b/charts/library/common/templates/lib/controller/_enabled_containers.tpl @@ -15,7 +15,7 @@ Return the enabled containers for a controller. {{- end -}} {{- if $containerEnabled -}} - {{- $_ := set $enabledContainers $name . -}} + {{- $_ := set $enabledContainers $name $container -}} {{- end -}} {{- end -}} {{- end -}} diff --git a/charts/library/common/templates/lib/networkpolicy/_validate.tpl b/charts/library/common/templates/lib/networkpolicy/_validate.tpl new file mode 100644 index 00000000..c490d1b7 --- /dev/null +++ b/charts/library/common/templates/lib/networkpolicy/_validate.tpl @@ -0,0 +1,22 @@ +{{/* +Validate networkPolicy values +*/}} +{{- define "bjw-s.common.lib.networkpolicy.validate" -}} + {{- $rootContext := .rootContext -}} + {{- $networkpolicyObject := .object -}} + + {{- if and (not (hasKey $networkpolicyObject "podSelector")) (empty (get $networkpolicyObject "controller")) -}} + {{- fail (printf "controller reference or podSelector is required for NetworkPolicy. (NetworkPolicy %s)" $networkpolicyObject.identifier) -}} + {{- end -}} + + {{- if empty (get $networkpolicyObject "policyTypes") -}} + {{- fail (printf "policyTypes is required for NetworkPolicy. (NetworkPolicy %s)" $networkpolicyObject.identifier) -}} + {{- end -}} + + {{- $allowedpolicyTypes := list "Ingress" "Egress" -}} + {{- range $networkpolicyObject.policyTypes -}} + {{- if not (has . $allowedpolicyTypes) -}} + {{- fail (printf "Not a valid policyType for NetworkPolicy. (NetworkPolicy %s, value %s)" $networkpolicyObject.identifier .) -}} + {{- end -}} + {{- end -}} +{{- end -}} diff --git a/charts/library/common/templates/lib/networkpolicy/_valuesToObject.tpl b/charts/library/common/templates/lib/networkpolicy/_valuesToObject.tpl new file mode 100644 index 00000000..805f33a5 --- /dev/null +++ b/charts/library/common/templates/lib/networkpolicy/_valuesToObject.tpl @@ -0,0 +1,24 @@ +{{/* +Convert networkPolicy values to an object +*/}} +{{- define "bjw-s.common.lib.networkpolicy.valuesToObject" -}} + {{- $rootContext := .rootContext -}} + {{- $identifier := .id -}} + {{- $objectValues := .values -}} + + {{- /* Determine and inject the networkPolicy name */ -}} + {{- $objectName := (include "bjw-s.common.lib.chart.names.fullname" $rootContext) -}} + + {{- if $objectValues.nameOverride -}} + {{- $objectName = printf "%s-%s" $objectName $objectValues.nameOverride -}} + {{- else -}} + {{- if ne $identifier "main" -}} + {{- $objectName = printf "%s-%s" $objectName $identifier -}} + {{- end -}} + {{- end -}} + {{- $_ := set $objectValues "name" $objectName -}} + {{- $_ := set $objectValues "identifier" $identifier -}} + + {{- /* Return the networkPolicy object */ -}} + {{- $objectValues | toYaml -}} +{{- end -}} diff --git a/charts/library/common/templates/lib/pod/_spec.tpl b/charts/library/common/templates/lib/pod/_spec.tpl index 48b293eb..103acc3c 100644 --- a/charts/library/common/templates/lib/pod/_spec.tpl +++ b/charts/library/common/templates/lib/pod/_spec.tpl @@ -19,7 +19,7 @@ runtimeClassName: {{ . | trim }} schedulerName: {{ . | trim }} {{- end -}} {{- with ($controllerObject.pod.securityContext) }} -securityContext: {{ . | trim | nindent 2 }} +securityContext: {{ . | toYaml | nindent 2 }} {{- end -}} {{- with ($controllerObject.pod.hostname) }} hostname: {{ . | trim }} @@ -29,13 +29,13 @@ hostNetwork: {{ $controllerObject.pod.hostNetwork }} hostPID: {{ $controllerObject.pod.hostPID }} dnsPolicy: {{ include "bjw-s.common.lib.pod.field.dnsPolicy" (dict "ctx" $ctx) | trim }} {{- with $controllerObject.pod.dnsConfig }} -dnsConfig: {{ . | trim | nindent 2 }} +dnsConfig: {{ . | toYaml | nindent 2 }} {{- end -}} {{- with $controllerObject.pod.hostAliases }} -hostAliases: {{ . | trim | nindent 2 }} +hostAliases: {{ . | toYaml | nindent 2 }} {{- end -}} {{- with $controllerObject.pod.imagePullSecrets }} -imagePullSecrets: {{ . | trim | nindent 2 }} +imagePullSecrets: {{ . | toYaml | nindent 2 }} {{- end -}} {{- with $controllerObject.pod.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ . | trim }} @@ -44,16 +44,16 @@ terminationGracePeriodSeconds: {{ . | trim }} restartPolicy: {{ . | trim }} {{- end -}} {{- with $controllerObject.pod.nodeSelector }} -nodeSelector: {{ . | trim | nindent 2 }} +nodeSelector: {{ . | toYaml | nindent 2 }} {{- end -}} {{- with $controllerObject.pod.affinity }} -affinity: {{ . | trim | nindent 2 }} +affinity: {{ . | toYaml | nindent 2 }} {{- end -}} {{- with $controllerObject.pod.topologySpreadConstraints }} -topologySpreadConstraints: {{ . | trim | nindent 2 }} +topologySpreadConstraints: {{ . | toYaml | nindent 2 }} {{- end -}} {{- with $controllerObject.pod.tolerations }} -tolerations: {{ . | trim | nindent 2 }} +tolerations: {{ . | toYaml | nindent 2 }} {{- end }} {{- with (include "bjw-s.common.lib.pod.field.initContainers" (dict "ctx" $ctx) | trim) }} initContainers: {{ . | nindent 2 }} diff --git a/charts/library/common/templates/lib/pod/fields/_containers.tpl b/charts/library/common/templates/lib/pod/fields/_containers.tpl index 07b13408..a2783d27 100644 --- a/charts/library/common/templates/lib/pod/fields/_containers.tpl +++ b/charts/library/common/templates/lib/pod/fields/_containers.tpl @@ -6,6 +6,7 @@ Returns the value for containers {{- $controllerObject := .ctx.controllerObject -}} {{- /* Default to empty list */ -}} + {{- $orderedContainers := dict -}} {{- $containers := list -}} {{- /* Fetch configured containers for this controller */ -}} @@ -19,7 +20,13 @@ Returns the value for containers {{- /* Generate the Container spec */ -}} {{- $renderedContainer := include "bjw-s.common.lib.container.spec" (dict "rootContext" $rootContext "controllerObject" $controllerObject "containerObject" $containerObject) | fromYaml -}} - {{- $containers = append $containers $renderedContainer -}} + + {{- $containerOrder := (dig "order" 99 $containerValues) -}} + {{- $_ := set $orderedContainers (printf "%v-%s" $containerOrder $key) $renderedContainer -}} + {{- end -}} + + {{- range $key, $containerValues := $orderedContainers -}} + {{- $containers = append $containers $containerValues -}} {{- end -}} {{- if not (empty $containers) -}} diff --git a/charts/library/common/templates/lib/pod/fields/_initContainers.tpl b/charts/library/common/templates/lib/pod/fields/_initContainers.tpl index 01cbb6d5..7da5a3a7 100644 --- a/charts/library/common/templates/lib/pod/fields/_initContainers.tpl +++ b/charts/library/common/templates/lib/pod/fields/_initContainers.tpl @@ -6,19 +6,34 @@ Returns the value for initContainers {{- $controllerObject := .ctx.controllerObject -}} {{- /* Default to empty list */ -}} + {{- $orderedContainers := dict -}} {{- $containers := list -}} {{- /* Fetch configured containers for this controller */ -}} {{- range $key, $containerValues := $controllerObject.initContainers -}} - {{- /* Create object from the container values */ -}} - {{- $containerObject := (include "bjw-s.common.lib.container.valuesToObject" (dict "rootContext" $ "id" $key "values" $containerValues)) | fromYaml -}} + {{- /* Enable container by default, but allow override */ -}} + {{- $containerEnabled := true -}} + {{- if hasKey $containerValues "enabled" -}} + {{- $containerEnabled = $containerValues.enabled -}} + {{- end -}} - {{- /* Perform validations on the Container before rendering */ -}} - {{- include "bjw-s.common.lib.container.validate" (dict "rootContext" $ "object" $containerObject) -}} + {{- if $containerEnabled -}} + {{- /* Create object from the container values */ -}} + {{- $containerObject := (include "bjw-s.common.lib.container.valuesToObject" (dict "rootContext" $ "id" $key "values" $containerValues)) | fromYaml -}} - {{- /* Generate the Container spec */ -}} - {{- $renderedContainer := include "bjw-s.common.lib.container.spec" (dict "rootContext" $rootContext "containerObject" $containerObject) | fromYaml -}} - {{- $containers = append $containers $renderedContainer -}} + {{- /* Perform validations on the Container before rendering */ -}} + {{- include "bjw-s.common.lib.container.validate" (dict "rootContext" $ "object" $containerObject) -}} + + {{- /* Generate the Container spec */ -}} + {{- $renderedContainer := include "bjw-s.common.lib.container.spec" (dict "rootContext" $rootContext "containerObject" $containerObject) | fromYaml -}} + + {{- $containerOrder := (dig "order" 99 $containerValues) -}} + {{- $_ := set $orderedContainers (printf "%v-%s" $containerOrder $key) $renderedContainer -}} + {{- end -}} + {{- end -}} + + {{- range $key, $containerValues := $orderedContainers -}} + {{- $containers = append $containers $containerValues -}} {{- end -}} {{- if not (empty $containers) -}} diff --git a/charts/library/common/templates/loader/_generate.tpl b/charts/library/common/templates/loader/_generate.tpl index e5ffaa1d..43750162 100644 --- a/charts/library/common/templates/loader/_generate.tpl +++ b/charts/library/common/templates/loader/_generate.tpl @@ -12,4 +12,5 @@ Secondary entrypoint and primary loader for the common chart {{- include "bjw-s.common.render.routes" . | nindent 0 -}} {{- include "bjw-s.common.render.configMaps" . | nindent 0 -}} {{- include "bjw-s.common.render.secrets" . | nindent 0 -}} + {{- include "bjw-s.common.render.networkpolicies" . | nindent 0 -}} {{- end -}} diff --git a/charts/library/common/templates/render/_networkpolicies.tpl b/charts/library/common/templates/render/_networkpolicies.tpl new file mode 100644 index 00000000..d35a591b --- /dev/null +++ b/charts/library/common/templates/render/_networkpolicies.tpl @@ -0,0 +1,26 @@ +{{/* +Renders the networkPolicy objects required by the chart. +*/}} +{{- define "bjw-s.common.render.networkpolicies" -}} + {{- /* Generate named networkPolicy as required */ -}} + {{- range $key, $networkPolicy := .Values.networkpolicies }} + {{- /* Enable networkPolicy by default, but allow override */ -}} + {{- $networkPolicyEnabled := true -}} + {{- if hasKey $networkPolicy "enabled" -}} + {{- $networkPolicyEnabled = $networkPolicy.enabled -}} + {{- end -}} + + {{- if $networkPolicyEnabled -}} + {{- $networkPolicyValues := (mustDeepCopy $networkPolicy) -}} + + {{- /* Create object from the raw networkPolicy values */ -}} + {{- $networkPolicyObject := (include "bjw-s.common.lib.networkpolicy.valuesToObject" (dict "rootContext" $ "id" $key "values" $networkPolicyValues)) | fromYaml -}} + + {{- /* Perform validations on the networkPolicy before rendering */ -}} + {{- include "bjw-s.common.lib.networkpolicy.validate" (dict "rootContext" $ "object" $networkPolicyObject) -}} + + {{/* Include the networkPolicy class */}} + {{- include "bjw-s.common.class.networkpolicy" (dict "rootContext" $ "object" $networkPolicyObject) | nindent 0 -}} + {{- end -}} + {{- end -}} +{{- end -}} diff --git a/charts/library/common/values.yaml b/charts/library/common/values.yaml index 7686d095..acc1d1f1 100644 --- a/charts/library/common/values.yaml +++ b/charts/library/common/values.yaml @@ -176,6 +176,11 @@ controllers: # -- Override the container name nameOverride: + # -- Override the default container order + # Containers get sorted alphanumerically by the `-` combination. + # @default -- 99 + order: 1 + image: # -- image repository repository: @@ -309,8 +314,8 @@ controllers: terminationMessagePolicy: # -- Specify any initContainers here as dictionary items. - # Each initContainer should have its own key. The dictionary item key will determine the order. - # Helm templates can be used. + # Each initContainer should have its own key + # initContainers get sorted alphanumerically by the `-` combination. initContainers: {} serviceAccount: @@ -626,3 +631,32 @@ persistence: # readOnly: false # subPath: config.yaml advancedMounts: {} + +# -- Configure the networkPolicies for the chart here. +# Additional networkPolicies can be added by adding a dictionary key similar to the 'main' networkPolicy. +# @default -- See below +networkpolicies: + main: + # -- Enables or disables the networkPolicy item. Defaults to true + enabled: false + + # -- Configure which controller this networkPolicy should target + controller: main + + # -- Define a custom podSelector for the networkPolicy. This takes precedence over targeting a controller. + # podSelector: {} + + # -- The policyTypes for this networkPolicy + policyTypes: + - Ingress + - Egress + + # -- The rulesets for this networkPolicy + # [[ref]](https://kubernetes.io/docs/concepts/services-networking/network-policies/#networkpolicy-resource) + rules: + # -- The ingress rules for this networkPolicy. Allows all ingress traffic by default. + ingress: + - {} + # -- The egress rules for this networkPolicy. Allows all egress traffic by default. + egress: + - {}