feat(common): Release 2.0.0-beta.2 (#176)

2025-07-03 16:37:04 +02:00 · 2023-09-14 15:40:49 +02:00 · 2023-09-14 15:40:49 +02:00 · 9928235b84
commit 9928235b84
parent ed407c00df
80 changed files with 1306 additions and 161 deletions
--- a/.github/workflows/charts-test.yaml
+++ b/.github/workflows/charts-test.yaml
@ -30,7 +30,15 @@ jobs:
      matrix:
        chart: ${{ fromJSON(inputs.chartsToTest) }}
        k8s_version:
-          ["v1.22.17", "v1.23.17", "v1.24.13", "v1.25.9", "v1.26.4", "v1.27.1"]
+          [
            "v1.22.17",
            "v1.23.17",
            "v1.24.17",
            "v1.25.13",
            "v1.26.8",
            "v1.27.5",
            "v1.28.1",
          ]
      fail-fast: false
    steps:
      - name: Checkout
--- a/charts/library/common-test/ci/advanced-values.yaml
+++ b/charts/library/common-test/ci/advanced-values.yaml
@ -2,6 +2,7 @@ controllers:
  main:
    containers:
      main:
        order: 1
        image:
          repository: ghcr.io/mendhak/http-https-echo
          tag: 30
@ -19,7 +20,7 @@ controllers:
          startup:
            enabled: true
-      second-container:
+      a-container:
        image:
          repository: ghcr.io/mendhak/http-https-echo
          tag: 30
--- a/charts/library/common-test/tests/configmap/metadata_test.yaml
+++ b/charts/library/common-test/tests/configmap/metadata_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: configmap metadata
 templates:
  - common.yaml
@ -14,7 +16,7 @@ tests:
        isKind:
          of: ConfigMap
      - documentIndex: *ConfigmapDocument
-        isNull:
+        notExists:
          path: metadata.annotations
      - documentIndex: *ConfigmapDocument
        equal:
--- a/charts/library/common-test/tests/configmap/names_test.yaml
+++ b/charts/library/common-test/tests/configmap/names_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: configMap names
 templates:
  - common.yaml
@ -48,13 +50,13 @@ tests:
        isKind:
          of: ConfigMap
      - documentIndex: *FirstConfigmapDocument
-        isNotNull:
+        isNotNullOrEmpty:
          path: metadata.name
      - documentIndex: &SecondConfigmapDocument 3
        isKind:
          of: ConfigMap
      - documentIndex: *SecondConfigmapDocument
-        isNotNull:
+        isNotNullOrEmpty:
          path: metadata.name
  - it: default name should pass
--- a/charts/library/common-test/tests/configmap/pod_metadata_test.yaml
+++ b/charts/library/common-test/tests/configmap/pod_metadata_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: configmap Pod metadata
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/container/args_test.yaml
+++ b/charts/library/common-test/tests/container/args_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: container args override
 templates:
  - common.yaml
@ -8,7 +10,7 @@ tests:
        isKind:
          of: Deployment
      - documentIndex: 0
-        isNull:
+        notExists:
          path: spec.template.spec.containers[0].args
  - it: single string should pass
--- a/charts/library/common-test/tests/container/command_test.yaml
+++ b/charts/library/common-test/tests/container/command_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: container command override
 templates:
  - common.yaml
@ -8,7 +10,7 @@ tests:
        isKind:
          of: Deployment
      - documentIndex: 0
-        isNull:
+        notExists:
          path: spec.template.spec.containers[0].command
  - it: single string should pass
--- a/charts/library/common-test/tests/container/env_test.yaml
+++ b/charts/library/common-test/tests/container/env_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: container env values
 templates:
  - common.yaml
@ -8,7 +10,7 @@ tests:
        isKind:
          of: Deployment
      - documentIndex: *DeploymentDoc
-        isNull:
+        notExists:
          path: spec.template.spec.containers[0].env
  - it: KeyValue string should pass
--- a/charts/library/common-test/tests/container/envfrom_test.yaml
+++ b/charts/library/common-test/tests/container/envfrom_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: container envFrom values
 templates:
  - common.yaml
@ -8,7 +10,7 @@ tests:
        isKind:
          of: Deployment
      - documentIndex: *DeploymentDoc
-        isNull:
+        notExists:
          path: spec.template.spec.containers[0].envFrom
  - it: explicit envFrom should pass
--- a/charts/library/common-test/tests/container/image_test.yaml
+++ b/charts/library/common-test/tests/container/image_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: container image tag
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/container/name_test.yaml
+++ b/charts/library/common-test/tests/container/name_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: container name
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/container/ports_test.yaml
+++ b/charts/library/common-test/tests/container/ports_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: container ports
 templates:
  - common.yaml
@ -8,7 +10,7 @@ tests:
        isKind:
          of: Deployment
      - documentIndex: 0
-        isNull:
+        notExists:
          path: spec.template.spec.containers[0].ports
  - it: custom port should pass
--- a/charts/library/common-test/tests/container/probes_test.yaml
+++ b/charts/library/common-test/tests/container/probes_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: container probes
 templates:
  - common.yaml
@ -145,13 +147,13 @@ tests:
        isKind:
          of: Deployment
      - documentIndex: 0
-        isNull:
+        notExists:
          path: spec.template.spec.containers[0].livenessProbe
      - documentIndex: 0
-        isNull:
+        notExists:
          path: spec.template.spec.containers[0].readinessProbe
      - documentIndex: 0
-        isNull:
+        notExists:
          path: spec.template.spec.containers[0].startupProbe
  - it: AUTO type probe should pass
--- a/charts/library/common-test/tests/container/volumemounts_test.yaml
+++ b/charts/library/common-test/tests/container/volumemounts_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: container volumeMounts
 templates:
  - common.yaml
@ -8,7 +10,7 @@ tests:
        isKind:
          of: Deployment
      - documentIndex: *DeploymentDoc
-        isNull:
+        notExists:
          path: spec.template.spec.containers[0].volumeMounts
  - it: default should pass
--- a/charts/library/common-test/tests/controller/cronjob_test.yaml
+++ b/charts/library/common-test/tests/controller/cronjob_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: cronjob configuration
 templates:
  - common.yaml
@ -28,7 +30,7 @@ tests:
          path: spec.failedJobsHistoryLimit
          value: 1
      - documentIndex: *ControllerDoc
-        isNull:
+        notExists:
          path: spec.jobTemplate.spec.ttlSecondsAfterFinished
      - documentIndex: *ControllerDoc
        equal:
--- a/charts/library/common-test/tests/controller/metadata_cronjob_test.yaml
+++ b/charts/library/common-test/tests/controller/metadata_cronjob_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: controller metadata cronjob
 templates:
  - common.yaml
@ -10,7 +12,7 @@ tests:
        isKind:
          of: CronJob
      - documentIndex: *ControllerDoc
-        isNull:
+        notExists:
          path: metadata.annotations
      - documentIndex: *ControllerDoc
        equal:
--- a/charts/library/common-test/tests/controller/metadata_daemonset_test.yaml
+++ b/charts/library/common-test/tests/controller/metadata_daemonset_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: controller metadata daemonset
 templates:
  - common.yaml
@ -10,7 +12,7 @@ tests:
        isKind:
          of: DaemonSet
      - documentIndex: *ControllerDoc
-        isNull:
+        notExists:
          path: metadata.annotations
      - documentIndex: *ControllerDoc
        equal:
--- a/charts/library/common-test/tests/controller/metadata_deployment_test.yaml
+++ b/charts/library/common-test/tests/controller/metadata_deployment_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: controller metadata deployment
 templates:
  - common.yaml
@ -10,7 +12,7 @@ tests:
        isKind:
          of: Deployment
      - documentIndex: *ControllerDoc
-        isNull:
+        notExists:
          path: metadata.annotations
      - documentIndex: *ControllerDoc
        equal:
--- a/charts/library/common-test/tests/controller/metadata_statefulset_test.yaml
+++ b/charts/library/common-test/tests/controller/metadata_statefulset_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: controller metadata statefulset
 templates:
  - common.yaml
@ -10,7 +12,7 @@ tests:
        isKind:
          of: StatefulSet
      - documentIndex: *ControllerDoc
-        isNull:
+        notExists:
          path: metadata.annotations
      - documentIndex: *ControllerDoc
        equal:
--- a/charts/library/common-test/tests/controller/type_test.yaml
+++ b/charts/library/common-test/tests/controller/type_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: controller types
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/ingress/metadata_test.yaml
+++ b/charts/library/common-test/tests/ingress/metadata_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: ingress metadata
 templates:
  - common.yaml
@ -10,7 +12,7 @@ tests:
        isKind:
          of: Ingress
      - documentIndex: *IngressDocument
-        isNull:
+        notExists:
          path: metadata.annotations
      - documentIndex: *IngressDocument
        equal:
--- a/charts/library/common-test/tests/ingress/presence_test.yaml
+++ b/charts/library/common-test/tests/ingress/presence_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: ingress presence
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/ingress/service_reference_test.yaml
+++ b/charts/library/common-test/tests/ingress/service_reference_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: ingress service reference
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/ingress/tls_test.yaml
+++ b/charts/library/common-test/tests/ingress/tls_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: ingress tls
 templates:
  - common.yaml
@ -10,7 +12,7 @@ tests:
        isKind:
          of: Ingress
      - documentIndex: *IngressDocument
-        isNull:
+        notExists:
          path: spec.tls
  - it: tls enabled should pass
--- a/charts/library/common-test/tests/ingress/values_test.yaml
+++ b/charts/library/common-test/tests/ingress/values_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: ingress values
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/misc/nameoverride_test.yaml
+++ b/charts/library/common-test/tests/misc/nameoverride_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: nameOverride tests
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/networkpolicy/metadata_test.yaml
+++ b/charts/library/common-test/tests/networkpolicy/metadata_test.yaml
@ -0,0 +1,89 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: networkPolicy metadata
 templates:
  - common.yaml
 tests:
  - it: default metadata should pass
    set:
      networkpolicies:
        main:
          enabled: true
    asserts:
      - documentIndex: &NetworkPolicyDocument 2
        isKind:
          of: NetworkPolicy
      - documentIndex: *NetworkPolicyDocument
        notExists:
          path: metadata.annotations
      - documentIndex: *NetworkPolicyDocument
        equal:
          path: metadata.labels
          value:
            app.kubernetes.io/instance: RELEASE-NAME
            app.kubernetes.io/managed-by: Helm
            app.kubernetes.io/name: RELEASE-NAME
            helm.sh/chart: common-test-1.0.0
  - it: custom metadata should pass
    set:
      networkpolicies:
        main:
          enabled: true
          annotations:
            test_annotation: test
          labels:
            test_label: test
    asserts:
      - documentIndex: &NetworkPolicyDocument 2
        isKind:
          of: NetworkPolicy
      - documentIndex: *NetworkPolicyDocument
        equal:
          path: metadata.annotations
          value:
            test_annotation: test
      - documentIndex: *NetworkPolicyDocument
        equal:
          path: metadata.labels
          value:
            app.kubernetes.io/instance: RELEASE-NAME
            app.kubernetes.io/managed-by: Helm
            app.kubernetes.io/name: RELEASE-NAME
            helm.sh/chart: common-test-1.0.0
            test_label: test
  - it: custom metadata with global metadata should pass
    set:
      global:
        labels:
          global_label: test
        annotations:
          global_annotation: test
      networkpolicies:
        main:
          enabled: true
          annotations:
            test_annotation: test
          labels:
            test_label: test
    asserts:
      - documentIndex: &NetworkPolicyDocument 2
        isKind:
          of: NetworkPolicy
      - documentIndex: *NetworkPolicyDocument
        equal:
          path: metadata.annotations
          value:
            global_annotation: test
            test_annotation: test
      - documentIndex: *NetworkPolicyDocument
        equal:
          path: metadata.labels
          value:
            app.kubernetes.io/instance: RELEASE-NAME
            app.kubernetes.io/managed-by: Helm
            app.kubernetes.io/name: RELEASE-NAME
            global_label: test
            helm.sh/chart: common-test-1.0.0
            test_label: test
--- a/charts/library/common-test/tests/networkpolicy/names_test.yaml
+++ b/charts/library/common-test/tests/networkpolicy/names_test.yaml
@ -0,0 +1,36 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: networkPolicy names
 templates:
  - common.yaml
 tests:
  - it: default should pass
    set:
      networkpolicies:
        main:
          enabled: true
    asserts:
      - hasDocuments:
          count: 3
      - documentIndex: &NetworkPolicyDocument 2
        isKind:
          of: NetworkPolicy
      - documentIndex: *NetworkPolicyDocument
        equal:
          path: metadata.name
          value: RELEASE-NAME
  - it: custom name suffix should pass
    set:
      networkpolicies:
        main:
          enabled: true
          nameOverride: block-ingress
    asserts:
      - documentIndex: &NetworkPolicyDocument 2
        isKind:
          of: NetworkPolicy
      - documentIndex: *NetworkPolicyDocument
        equal:
          path: metadata.name
          value: RELEASE-NAME-block-ingress
--- a/charts/library/common-test/tests/networkpolicy/validations_test.yaml
+++ b/charts/library/common-test/tests/networkpolicy/validations_test.yaml
@ -0,0 +1,36 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: NetworkPolicy validations
 templates:
  - common.yaml
 tests:
  - it: networkpolicy requires either controller reference or podSelector
    set:
      networkpolicies:
        main:
          enabled: true
          controller: ""
    asserts:
      - failedTemplate:
          errorMessage: "controller reference or podSelector is required for NetworkPolicy. (NetworkPolicy main)"
  - it: policyTypes is required
    set:
      networkpolicies:
        main:
          enabled: true
          policyTypes: []
    asserts:
      - failedTemplate:
          errorMessage: "policyTypes is required for NetworkPolicy. (NetworkPolicy main)"
  - it: policyTypes values check
    set:
      networkpolicies:
        main:
          enabled: true
          policyTypes:
            - test
    asserts:
      - failedTemplate:
          errorMessage: "Not a valid policyType for NetworkPolicy. (NetworkPolicy main, value test)"
--- a/charts/library/common-test/tests/networkpolicy/values_test.yaml
+++ b/charts/library/common-test/tests/networkpolicy/values_test.yaml
@ -0,0 +1,95 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: NetworkPolicy values
 templates:
  - common.yaml
 tests:
  - it: main networkpolicy is disabled by default
    asserts:
      - hasDocuments:
          count: 2
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 1
        isKind:
          of: Service
  - it: main networkpolicy can be enabled
    set:
      networkpolicies:
        main:
          enabled: true
    asserts:
      - hasDocuments:
          count: 3
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 1
        isKind:
          of: Service
      - documentIndex: 2
        isKind:
          of: NetworkPolicy
  - it: networkpolicy targets the correct controller
    set:
      networkpolicies:
        main:
          enabled: true
          controller: main
    asserts:
      - documentIndex: &NetworkPolicyDocument 2
        isKind:
          of: NetworkPolicy
      - documentIndex: *NetworkPolicyDocument
        equal:
          path: spec.podSelector
          value:
            matchLabels:
              app.kubernetes.io/component: main
              app.kubernetes.io/instance: RELEASE-NAME
              app.kubernetes.io/name: RELEASE-NAME
  - it: networkpolicy targets supports custom podSelector
    set:
      networkpolicies:
        main:
          enabled: true
          controller: main
          podSelector: {}
    asserts:
      - documentIndex: &NetworkPolicyDocument 2
        isKind:
          of: NetworkPolicy
      - documentIndex: *NetworkPolicyDocument
        equal:
          path: spec.podSelector
          value: {}
  - it: networkpolicy rules are passed through
    set:
      networkpolicies:
        main:
          enabled: true
          controller: main
          rules:
            ingress:
              - {}
            egress:
              - {}
    asserts:
      - documentIndex: &NetworkPolicyDocument 2
        isKind:
          of: NetworkPolicy
      - documentIndex: *NetworkPolicyDocument
        equal:
          path: spec.ingress
          value:
            - {}
      - documentIndex: *NetworkPolicyDocument
        equal:
          path: spec.egress
          value:
            - {}
--- a/charts/library/common-test/tests/persistence/claimnames_test.yaml
+++ b/charts/library/common-test/tests/persistence/claimnames_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: persistence claimnames
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/persistence/emptydir_test.yaml
+++ b/charts/library/common-test/tests/persistence/emptydir_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: persistence emptydir
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/persistence/hostpath_test.yaml
+++ b/charts/library/common-test/tests/persistence/hostpath_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: persistence hostpath
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/persistence/types_test.yaml
+++ b/charts/library/common-test/tests/persistence/types_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: persistence types
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/persistence/volumeclaimtemplates_test.yaml
+++ b/charts/library/common-test/tests/persistence/volumeclaimtemplates_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: persistence volumeclaimtemplates
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/pod/container_order_test.yaml
+++ b/charts/library/common-test/tests/pod/container_order_test.yaml
@ -0,0 +1,81 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod sidecar containers
 templates:
  - common.yaml
 tests:
  - it: with default order
    set:
      controllers.main.containers:
        additional1:
          image:
            repository: test
            tag: test
        additional2:
          image:
            repository: test
            tag: test
    asserts:
      - documentIndex: &DeploymentDocument 0
        isKind:
          of: Deployment
      - documentIndex: &DeploymentDocument 0
        lengthEqual:
          path: spec.template.spec.containers
          count: 3
      - documentIndex: *DeploymentDocument
        equal:
          path: spec.template.spec.containers[0].name
          value: main
      - documentIndex: *DeploymentDocument
        equal:
          path: spec.template.spec.containers[1].name
          value: additional1
      - documentIndex: *DeploymentDocument
        equal:
          path: spec.template.spec.containers[2].name
          value: additional2
  - it: with custom order
    set:
      controllers.main.containers:
        main:
          order: 2
        additional1:
          order: 3
          image:
            repository: test
            tag: test
        additional2:
          order: 1
          image:
            repository: test
            tag: test
        additional3:
          image:
            repository: test
            tag: test
    asserts:
      - documentIndex: &DeploymentDocument 0
        isKind:
          of: Deployment
      - documentIndex: &DeploymentDocument 0
        lengthEqual:
          path: spec.template.spec.containers
          count: 4
      - documentIndex: *DeploymentDocument
        equal:
          path: spec.template.spec.containers[0].name
          value: additional2
      - documentIndex: *DeploymentDocument
        equal:
          path: spec.template.spec.containers[1].name
          value: main
      - documentIndex: *DeploymentDocument
        equal:
          path: spec.template.spec.containers[2].name
          value: additional1
      - documentIndex: *DeploymentDocument
        equal:
          path: spec.template.spec.containers[3].name
          value: additional3
--- a/charts/library/common-test/tests/pod/field_affinity_test.yaml
+++ b/charts/library/common-test/tests/pod/field_affinity_test.yaml
@ -0,0 +1,89 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod affinity
 templates:
  - common.yaml
 tests:
  - it: default should pass
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        notExists:
          path: spec.template.spec.affinity
  - it: defaultPodOption should pass
    set:
      defaultPodOptions:
        affinity:
          nodeAffinity:
            requiredDuringSchedulingIgnoredDuringExecution:
              nodeSelectorTerms:
                - matchExpressions:
                    - key: topology.kubernetes.io/zone
                      operator: In
                      values:
                        - antarctica-east1
                        - antarctica-west1
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.affinity
          value:
            nodeAffinity:
              requiredDuringSchedulingIgnoredDuringExecution:
                nodeSelectorTerms:
                  - matchExpressions:
                      - key: topology.kubernetes.io/zone
                        operator: In
                        values:
                          - antarctica-east1
                          - antarctica-west1
  - it: defaultPodOption with pod override should pass
    set:
      defaultPodOptions:
        affinity:
          nodeAffinity:
            requiredDuringSchedulingIgnoredDuringExecution:
              nodeSelectorTerms:
                - matchExpressions:
                    - key: topology.kubernetes.io/zone
                      operator: In
                      values:
                        - antarctica-east1
                        - antarctica-west1
      controllers:
        main:
          pod:
            affinity:
              nodeAffinity:
                requiredDuringSchedulingIgnoredDuringExecution:
                  nodeSelectorTerms:
                    - matchExpressions:
                        - key: topology.kubernetes.io/zone
                          operator: In
                          values:
                            - asia-east1
                            - asia-west1
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.affinity
          value:
            nodeAffinity:
              requiredDuringSchedulingIgnoredDuringExecution:
                nodeSelectorTerms:
                  - matchExpressions:
                      - key: topology.kubernetes.io/zone
                        operator: In
                        values:
                          - asia-east1
                          - asia-west1
--- a/charts/library/common-test/tests/pod/field_dnsConfig_test.yaml
+++ b/charts/library/common-test/tests/pod/field_dnsConfig_test.yaml
@ -0,0 +1,59 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod dnsConfig
 templates:
  - common.yaml
 tests:
  - it: default should pass
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        notExists:
          path: spec.template.spec.dnsConfig
  - it: defaultPodOption should pass
    set:
      defaultPodOptions:
        dnsConfig:
          options:
            - name: ndots
              value: "1"
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.dnsConfig
          value:
            options:
              - name: ndots
                value: "1"
  - it: defaultPodOption with pod override should pass
    set:
      defaultPodOptions:
        dnsConfig:
          options:
            - name: ndots
              value: "1"
      controllers:
        main:
          pod:
            dnsConfig:
              options:
                - name: ndots
                  value: "5"
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.dnsConfig
          value:
            options:
              - name: ndots
                value: "5"
--- a/charts/library/common-test/tests/pod/field_dnsPolicy.yaml
+++ b/charts/library/common-test/tests/pod/field_dnsPolicy.yaml
@ -1,4 +1,6 @@
-suite: pod network
+---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod dnsPolicy
 templates:
  - common.yaml
 tests:
@ -7,27 +9,6 @@ tests:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.hostNetwork
          value: false
      - documentIndex: 0
        equal:
          path: spec.template.spec.dnsPolicy
          value: ClusterFirst
  - it: hostNetwork disabled should pass
    set:
      defaultPodOptions:
        hostNetwork: false
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.hostNetwork
          value: false
      - documentIndex: 0
        equal:
          path: spec.template.spec.dnsPolicy
@ -41,10 +22,6 @@ tests:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.hostNetwork
          value: true
      - documentIndex: 0
        equal:
          path: spec.template.spec.dnsPolicy
--- a/charts/library/common-test/tests/pod/field_hostAliases_test.yaml
+++ b/charts/library/common-test/tests/pod/field_hostAliases_test.yaml
@ -0,0 +1,62 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod hostAliases
 templates:
  - common.yaml
 tests:
  - it: default should pass
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        notExists:
          path: spec.template.spec.hostAliases
  - it: defaultPodOption should pass
    set:
      defaultPodOptions:
        hostAliases:
          - ip: "192.168.1.100"
            hostnames:
              - "example.com"
              - "www.example.com"
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.hostAliases
          value:
            - ip: "192.168.1.100"
              hostnames:
                - "example.com"
                - "www.example.com"
  - it: defaultPodOption with pod override should pass
    set:
      defaultPodOptions:
        hostAliases:
          - ip: "192.168.1.100"
            hostnames:
              - "example.com"
              - "www.example.com"
      controllers:
        main:
          pod:
            hostAliases:
              - ip: "127.0.0.1"
                hostnames:
                  - "localhost"
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.hostAliases
          value:
            - ip: "127.0.0.1"
              hostnames:
                - "localhost"
--- a/charts/library/common-test/tests/pod/field_hostIPC_test.yaml
+++ b/charts/library/common-test/tests/pod/field_hostIPC_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod security
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/pod/field_hostNetwork_test.yaml
+++ b/charts/library/common-test/tests/pod/field_hostNetwork_test.yaml
@ -0,0 +1,41 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod hostNetwork
 templates:
  - common.yaml
 tests:
  - it: default should pass
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.hostNetwork
          value: false
  - it: hostNetwork disabled should pass
    set:
      defaultPodOptions:
        hostNetwork: false
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.hostNetwork
          value: false
  - it: hostNetwork enabled should pass
    set:
      defaultPodOptions:
        hostNetwork: true
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.hostNetwork
          value: true
--- a/charts/library/common-test/tests/pod/field_hostPID_test.yaml
+++ b/charts/library/common-test/tests/pod/field_hostPID_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod security
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/pod/field_imagePullSecrets_test.yaml
+++ b/charts/library/common-test/tests/pod/field_imagePullSecrets_test.yaml
@ -0,0 +1,49 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod imagePullSecrets
 templates:
  - common.yaml
 tests:
  - it: default should pass
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        notExists:
          path: spec.template.spec.imagePullSecrets
  - it: defaultPodOption should pass
    set:
      defaultPodOptions:
        imagePullSecrets:
          - name: my-pull-secret
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.imagePullSecrets
          value:
            - name: my-pull-secret
  - it: defaultPodOption with pod override should pass
    set:
      defaultPodOptions:
        imagePullSecrets:
          - name: my-pull-secret
      controllers:
        main:
          pod:
            imagePullSecrets:
              - name: my-other-secret
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.imagePullSecrets
          value:
            - name: my-other-secret
--- a/charts/library/common-test/tests/pod/field_nodeSelector_test.yaml
+++ b/charts/library/common-test/tests/pod/field_nodeSelector_test.yaml
@ -0,0 +1,49 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod nodeSelector
 templates:
  - common.yaml
 tests:
  - it: default should pass
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        notExists:
          path: spec.template.spec.nodeSelector
  - it: defaultPodOption should pass
    set:
      defaultPodOptions:
        nodeSelector:
          disktype: ssd
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.nodeSelector
          value:
            disktype: ssd
  - it: defaultPodOption with pod override should pass
    set:
      defaultPodOptions:
        nodeSelector:
          disktype: ssd
      controllers:
        main:
          pod:
            nodeSelector:
              disktype: hdd
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.nodeSelector
          value:
            disktype: hdd
--- a/charts/library/common-test/tests/pod/field_replicas_test.yaml
+++ b/charts/library/common-test/tests/pod/field_replicas_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod replicas
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/pod/field_securityContext_test.yaml
+++ b/charts/library/common-test/tests/pod/field_securityContext_test.yaml
@ -0,0 +1,64 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod securityContext
 templates:
  - common.yaml
 tests:
  - it: default should pass
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        notExists:
          path: spec.template.spec.securityContext
  - it: defaultPodOption should pass
    set:
      defaultPodOptions:
        securityContext:
          runAsUser: 1000
          runAsGroup: 1000
          fsGroup: 1000
          fsGroupChangePolicy: OnRootMismatch
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.securityContext
          value:
            runAsUser: 1000
            runAsGroup: 1000
            fsGroup: 1000
            fsGroupChangePolicy: OnRootMismatch
  - it: defaultPodOption with pod override should pass
    set:
      defaultPodOptions:
        securityContext:
          runAsUser: 1000
          runAsGroup: 1000
          fsGroup: 1000
          fsGroupChangePolicy: OnRootMismatch
      controllers:
        main:
          pod:
            securityContext:
              runAsUser: 568
              runAsGroup: 568
              fsGroup: 568
              fsGroupChangePolicy: OnRootMismatch
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.securityContext
          value:
            runAsUser: 568
            runAsGroup: 568
            fsGroup: 568
            fsGroupChangePolicy: OnRootMismatch
--- a/charts/library/common-test/tests/pod/field_tolerations_test.yaml
+++ b/charts/library/common-test/tests/pod/field_tolerations_test.yaml
@ -0,0 +1,64 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod tolerations
 templates:
  - common.yaml
 tests:
  - it: default should pass
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        notExists:
          path: spec.template.spec.tolerations
  - it: defaultPodOption should pass
    set:
      defaultPodOptions:
        tolerations:
          - key: "key1"
            operator: "Equal"
            value: "value1"
            effect: "NoSchedule"
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.tolerations
          value:
            - key: "key1"
              operator: "Equal"
              value: "value1"
              effect: "NoSchedule"
  - it: defaultPodOption with pod override should pass
    set:
      defaultPodOptions:
        tolerations:
          - key: "key1"
            operator: "Equal"
            value: "value1"
            effect: "NoSchedule"
      controllers:
        main:
          pod:
            tolerations:
              - key: "master"
                operator: "Equal"
                value: "value1"
                effect: "NoSchedule"
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.tolerations
          value:
            - key: "master"
              operator: "Equal"
              value: "value1"
              effect: "NoSchedule"
--- a/charts/library/common-test/tests/pod/field_topologySpreadConstraints_test.yaml
+++ b/charts/library/common-test/tests/pod/field_topologySpreadConstraints_test.yaml
@ -0,0 +1,74 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod topologySpreadConstraints
 templates:
  - common.yaml
 tests:
  - it: default should pass
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        notExists:
          path: spec.template.spec.topologySpreadConstraints
  - it: defaultPodOption should pass
    set:
      defaultPodOptions:
        topologySpreadConstraints:
          - maxSkew: 1
            topologyKey: kubernetes.io/hostname
            whenUnsatisfiable: DoNotSchedule
            labelSelector:
              matchLabels:
                app: foo
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.topologySpreadConstraints
          value:
            - maxSkew: 1
              topologyKey: kubernetes.io/hostname
              whenUnsatisfiable: DoNotSchedule
              labelSelector:
                matchLabels:
                  app: foo
  - it: defaultPodOption with pod override should pass
    set:
      defaultPodOptions:
        topologySpreadConstraints:
          - maxSkew: 1
            topologyKey: kubernetes.io/hostname
            whenUnsatisfiable: DoNotSchedule
            labelSelector:
              matchLabels:
                app: foo
      controllers:
        main:
          pod:
            topologySpreadConstraints:
              - maxSkew: 2
                topologyKey: kubernetes.io/hostname
                whenUnsatisfiable: DoNotSchedule
                labelSelector:
                  matchLabels:
                    app: foo
    asserts:
      - documentIndex: 0
        isKind:
          of: Deployment
      - documentIndex: 0
        equal:
          path: spec.template.spec.topologySpreadConstraints
          value:
            - maxSkew: 2
              topologyKey: kubernetes.io/hostname
              whenUnsatisfiable: DoNotSchedule
              labelSelector:
                matchLabels:
                  app: foo
--- a/charts/library/common-test/tests/pod/initcontainers_test.yaml
+++ b/charts/library/common-test/tests/pod/initcontainers_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod initContainers
 templates:
  - common.yaml
@ -41,3 +43,46 @@ tests:
          value:
            name: template
            value: RELEASE-NAME-admin
  - it: disabled should pass
    set:
      controllers.main.initContainers:
        init1:
          enabled: false
          image:
            repository: ghcr.io/mendhak/http-https-echo
    asserts:
      - documentIndex: &DeploymentDocument 0
        isKind:
          of: Deployment
      - documentIndex: *DeploymentDocument
        notExists:
          path: spec.template.spec.initContainers
  - it: custom order should pass
    set:
      controllers.main.initContainers:
        init1:
          order: 2
          image:
            repository: ghcr.io/mendhak/http-https-echo
        init2:
          order: 1
          image:
            repository: ghcr.io/mendhak/http-https-echo
    asserts:
      - documentIndex: &DeploymentDocument 0
        isKind:
          of: Deployment
      - documentIndex: *DeploymentDocument
        lengthEqual:
          path: spec.template.spec.initContainers
          count: 2
      - documentIndex: *DeploymentDocument
        equal:
          path: spec.template.spec.initContainers[0].name
          value: init2
      - documentIndex: *DeploymentDocument
        equal:
          path: spec.template.spec.initContainers[1].name
          value: init1
--- a/charts/library/common-test/tests/pod/sidecars_test.yaml
+++ b/charts/library/common-test/tests/pod/sidecars_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pod sidecar containers
 templates:
  - common.yaml
@ -16,7 +18,7 @@ tests:
          of: Deployment
      - documentIndex: 0
        equal:
-          path: spec.template.spec.containers[0].name
+          path: spec.template.spec.containers[1].name
          value: template-test
  - it: with implicit name should pass
@ -32,7 +34,7 @@ tests:
          of: Deployment
      - documentIndex: 0
        equal:
-          path: spec.template.spec.containers[0].name
+          path: spec.template.spec.containers[1].name
          value: additional1
  - it: with templated name should pass
@ -49,7 +51,7 @@ tests:
          of: Deployment
      - documentIndex: 0
        equal:
-          path: spec.template.spec.containers[0].name
+          path: spec.template.spec.containers[1].name
          value: RELEASE-NAME-container
  - it: with custom env vars dict should pass
@ -73,31 +75,31 @@ tests:
          of: Deployment
      - documentIndex: *DeploymentDocument
        equal:
-          path: spec.template.spec.containers[1].env[0]
+          path: spec.template.spec.containers[0].env[0]
          value:
            name: main_env
            value: "value"
      - documentIndex: *DeploymentDocument
        equal:
-          path: spec.template.spec.containers[0].env[0]
+          path: spec.template.spec.containers[1].env[0]
          value:
            name: float
            value: "1.5"
      - documentIndex: *DeploymentDocument
        equal:
-          path: spec.template.spec.containers[0].env[1]
+          path: spec.template.spec.containers[1].env[1]
          value:
            name: int
            value: "1"
      - documentIndex: *DeploymentDocument
        equal:
-          path: spec.template.spec.containers[0].env[2]
+          path: spec.template.spec.containers[1].env[2]
          value:
            name: string
            value: value_of_env
      - documentIndex: *DeploymentDocument
        equal:
-          path: spec.template.spec.containers[0].env[3]
+          path: spec.template.spec.containers[1].env[3]
          value:
            name: template
            value: RELEASE-NAME-admin
--- a/charts/library/common-test/tests/pvc/metadata_test.yaml
+++ b/charts/library/common-test/tests/pvc/metadata_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pvc metadata
 templates:
  - common.yaml
@ -10,7 +12,7 @@ tests:
        isKind:
          of: PersistentVolumeClaim
      - documentIndex: *PersistentVolumeClaimDocument
-        isNull:
+        notExists:
          path: metadata.annotations
      - documentIndex: *PersistentVolumeClaimDocument
        equal:
--- a/charts/library/common-test/tests/pvc/names_test.yaml
+++ b/charts/library/common-test/tests/pvc/names_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pvc names
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/pvc/storageclass_test.yaml
+++ b/charts/library/common-test/tests/pvc/storageclass_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: pvc storageclass
 templates:
  - common.yaml
@ -10,7 +12,7 @@ tests:
        isKind:
          of: PersistentVolumeClaim
      - documentIndex: *PersistentVolumeClaimDocument
-        isNull:
+        notExists:
          path: spec.storageClassName
  - it: custom should pass
--- a/charts/library/common-test/tests/route/metadata_test.yaml
+++ b/charts/library/common-test/tests/route/metadata_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: route metadata
 templates:
  - common.yaml
@ -14,7 +16,7 @@ tests:
        isKind:
          of: HTTPRoute
      - documentIndex: *routeDocument
-        isNull:
+        notExists:
          path: metadata.annotations
      - documentIndex: *routeDocument
        equal:
--- a/charts/library/common-test/tests/route/presence_test.yaml
+++ b/charts/library/common-test/tests/route/presence_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: route presence
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/route/service_reference_test.yaml
+++ b/charts/library/common-test/tests/route/service_reference_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: ingress service reference
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/route/values_test.yaml
+++ b/charts/library/common-test/tests/route/values_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: route values
 templates:
  - common.yaml
@ -118,7 +120,7 @@ tests:
        isKind:
          of: GRPCRoute
      - documentIndex: &HTTPRouteDocument 2
-        isNull:
+        notExists:
          path: spec.rules[0].matches
      - documentIndex: &HTTPRouteDocument 3
        isKind:
@ -134,19 +136,19 @@ tests:
        isKind:
          of: TCPRoute
      - documentIndex: &HTTPRouteDocument 4
-        isNull:
+        notExists:
          path: spec.rules[0].matches
      - documentIndex: &HTTPRouteDocument 5
        isKind:
          of: TLSRoute
      - documentIndex: &HTTPRouteDocument 5
-        isNull:
+        notExists:
          path: spec.rules[0].matches
      - documentIndex: &HTTPRouteDocument 6
        isKind:
          of: UDPRoute
      - documentIndex: &HTTPRouteDocument 6
-        isNull:
+        notExists:
          path: spec.rules[0].matches
  - it: hostnames shouldn't be used for TCPRoutes and UDPRoutes
@ -173,13 +175,13 @@ tests:
        isKind:
          of: TCPRoute
      - documentIndex: &HTTPRouteDocument 2
-        isNull:
+        notExists:
          path: spec.hostnames
      - documentIndex: &HTTPRouteDocument 3
        isKind:
          of: UDPRoute
      - documentIndex: &HTTPRouteDocument 3
-        isNull:
+        notExists:
          path: spec.hostnames
  - it: sectionName in parentRefs should be optional
@ -201,7 +203,7 @@ tests:
        isKind:
          of: HTTPRoute
      - documentIndex: &HTTPRouteDocument 2
-        isNull:
+        notExists:
          path: spec.parentRefs[0].sectionName
      - documentIndex: &HTTPRouteDocument 3
        isKind:
--- a/charts/library/common-test/tests/secret/metadata_test.yaml
+++ b/charts/library/common-test/tests/secret/metadata_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: secret metadata
 templates:
  - common.yaml
@ -14,7 +16,7 @@ tests:
        isKind:
          of: Secret
      - documentIndex: *SecretDocument
-        isNull:
+        notExists:
          path: metadata.annotations
      - documentIndex: *SecretDocument
        equal:
--- a/charts/library/common-test/tests/secret/names_test.yaml
+++ b/charts/library/common-test/tests/secret/names_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: secret names
 templates:
  - common.yaml
@ -48,13 +50,13 @@ tests:
        isKind:
          of: Secret
      - documentIndex: *FirstSecretDocument
-        isNotNull:
+        isNotNullOrEmpty:
          path: metadata.name
      - documentIndex: &SecondSecretDocument 3
        isKind:
          of: Secret
      - documentIndex: *SecondSecretDocument
-        isNotNull:
+        isNotNullOrEmpty:
          path: metadata.name
  - it: default name should pass
--- a/charts/library/common-test/tests/secret/pod_metadata_test.yaml
+++ b/charts/library/common-test/tests/secret/pod_metadata_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: secret Pod metadata
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/service/metadata_test.yaml
+++ b/charts/library/common-test/tests/service/metadata_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: service metadata
 templates:
  - common.yaml
@ -8,7 +10,7 @@ tests:
        isKind:
          of: Service
      - documentIndex: *ServiceDocument
-        isNull:
+        notExists:
          path: metadata.annotations
      - documentIndex: *ServiceDocument
        equal:
--- a/charts/library/common-test/tests/service/names_test.yaml
+++ b/charts/library/common-test/tests/service/names_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: service names
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/service/port_protocols_test.yaml
+++ b/charts/library/common-test/tests/service/port_protocols_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: service protocols
 templates:
  - common.yaml
@ -50,7 +52,7 @@ tests:
          path: spec.ports[0].protocol
          value: TCP
      - documentIndex: *ServiceDocument
-        isNull:
+        notExists:
          path: metadata.annotations
  - it: explicit HTTPS should pass
--- a/charts/library/common-test/tests/service/ports_test.yaml
+++ b/charts/library/common-test/tests/service/ports_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: service ports
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/serviceAccount/serviceaccount_test.yaml
+++ b/charts/library/common-test/tests/serviceAccount/serviceaccount_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: serviceAccount values
 templates:
  - common.yaml
--- a/charts/library/common-test/tests/serviceMonitor/servicemonitor_test.yaml
+++ b/charts/library/common-test/tests/serviceMonitor/servicemonitor_test.yaml
@ -1,3 +1,5 @@
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
 suite: serviceMonitor values
 templates:
  - common.yaml
--- a/charts/library/common/Chart.yaml
+++ b/charts/library/common/Chart.yaml
@ -3,7 +3,7 @@ apiVersion: v2
 name: common
 description: Function library for Helm charts
 type: library
-version: 2.0.0-beta.1
+version: 2.0.0-beta.2
 kubeVersion: ">=1.22.0-0"
 keywords:
  - common
@ -17,3 +17,10 @@ annotations:
  artifacthub.io/changes: |-
    - kind: changed
      description: Many things :P
    - kind: removed
      description: |-
        **BREAKING CHANGE** Removed support for add-ons. These can be configured through other means nowadays.
    - kind: added
      description: Added support for ordering (init)Containers within a controller.
    - kind: added
      description: Added support for creating Network Policies.
--- a/charts/library/common/README.md
+++ b/charts/library/common/README.md
@ -1,6 +1,6 @@
 # common
-![Version: 2.0.0](https://img.shields.io/badge/Version-2.0.0-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square)
+![Version: 2.0.0-beta.2](https://img.shields.io/badge/Version-2.0.0--beta.2-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square)
 Function library for Helm charts
@ -29,7 +29,7 @@ Include this chart as a dependency in your `Chart.yaml` e.g.
 # Chart.yaml
 dependencies:
 - name: common
-  version: 2.0.0
+  version: 2.0.0-beta.2
  repository: https://bjw-s.github.io/helm-charts/
 ```
@ -64,6 +64,7 @@ N/A
 | controllers.main.containers.main.image.tag | string | `nil` | image tag |
 | controllers.main.containers.main.lifecycle | object | `{}` | Configure the lifecycle for the container |
 | controllers.main.containers.main.nameOverride | string | `nil` | Override the container name |
 | controllers.main.containers.main.order | int | 99 | Override the default container order Containers get sorted alphanumerically by the `<order>-<identifier>` combination. |
 | controllers.main.containers.main.probes | object | See below | [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) |
 | controllers.main.containers.main.probes.liveness | object | See below | Liveness probe configuration |
 | controllers.main.containers.main.probes.liveness.custom | bool | `false` | Set this to `true` if you wish to specify your own livenessProbe |
@ -93,7 +94,7 @@ N/A
 | controllers.main.cronjob.successfulJobsHistory | int | `1` | The number of succesful Jobs to keep |
 | controllers.main.cronjob.ttlSecondsAfterFinished | string | `nil` | If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. |
 | controllers.main.enabled | bool | `true` | enable the controller. |
-| controllers.main.initContainers | object | `{}` | Specify any initContainers here as dictionary items. Each initContainer should have its own key. The dictionary item key will determine the order. Helm templates can be used. |
+| controllers.main.initContainers | object | `{}` | Specify any initContainers here as dictionary items. Each initContainer should have its own key initContainers get sorted alphanumerically by the `<order>-<identifier>` combination. |
 | controllers.main.labels | object | `{}` | Set labels on the deployment/statefulset/daemonset/cronjob |
 | controllers.main.replicas | int | `1` | Number of desired pods. When using a HorizontalPodAutoscaler, set this to `null`. |
 | controllers.main.revisionHistoryLimit | int | `3` | ReplicaSet revision history limit |
--- a/charts/library/common/templates/classes/_networkpolicy.tpl
+++ b/charts/library/common/templates/classes/_networkpolicy.tpl
@ -0,0 +1,49 @@
 {{/*
 This template serves as a blueprint for all networkPolicy objects that are created
 within the common library.
 */}}
 {{- define "bjw-s.common.class.networkpolicy" -}}
  {{- $rootContext := .rootContext -}}
  {{- $networkPolicyObject := .object -}}
  {{- $labels := merge
    ($networkPolicyObject.labels | default dict)
    (include "bjw-s.common.lib.metadata.allLabels" $rootContext | fromYaml)
  -}}
  {{- $annotations := merge
    ($networkPolicyObject.annotations | default dict)
    (include "bjw-s.common.lib.metadata.globalAnnotations" $rootContext | fromYaml)
  -}}
  {{- $podSelector := dict -}}
  {{- if (hasKey $networkPolicyObject "podSelector") -}}
    {{- $podSelector = $networkPolicyObject.podSelector -}}
  {{- else -}}
    {{- $podSelector = dict "matchLabels" (merge
      ($networkPolicyObject.extraSelectorLabels | default dict)
      (dict "app.kubernetes.io/component" $networkPolicyObject.controller)
      (include "bjw-s.common.lib.metadata.selectorLabels" $rootContext | fromYaml)
    ) -}}
  {{- end -}}
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  name: {{ $networkPolicyObject.name }}
  {{- with $labels }}
  labels: {{- toYaml . | nindent 4 -}}
  {{- end }}
  {{- with $annotations }}
  annotations: {{- toYaml . | nindent 4 -}}
  {{- end }}
 spec:
  podSelector: {{- toYaml $podSelector | nindent 4 }}
  {{- with $networkPolicyObject.policyTypes }}
  policyTypes: {{- toYaml . | nindent 4 -}}
  {{- end }}
  {{- with $networkPolicyObject.rules.ingress }}
  ingress: {{- tpl (toYaml .) $rootContext | nindent 4 -}}
  {{- end }}
  {{- with $networkPolicyObject.rules.egress }}
  egress: {{- tpl (toYaml .) $rootContext | nindent 4 -}}
  {{- end }}
 {{- end -}}
--- a/charts/library/common/templates/lib/container/_volumemounts_old.tpl
+++ b/charts/library/common/templates/lib/container/_volumemounts_old.tpl
@ -1,58 +0,0 @@
  {{- /* TODO: Remove this file */ -}}
 {{/* Volumes included by the controller */}}
 {{- define "bjw-s.common.lib.container.volumeMounts" -}}
  {{- range $persistenceIndex, $persistenceItem := .Values.persistence }}
    {{- if $persistenceItem.enabled -}}
      {{- if kindIs "slice" $persistenceItem.subPath -}}
        {{- if $persistenceItem.mountPath -}}
          {{- fail (printf "Cannot use persistence.mountPath with a subPath list (%s)" $persistenceIndex) }}
        {{- end -}}
        {{- range $subPathIndex, $subPathItem := $persistenceItem.subPath }}
 - name: {{ $persistenceIndex }}
  subPath: {{ required "subPaths as a list of maps require a path field" $subPathItem.path }}
  mountPath: {{ required "subPaths as a list of maps require an explicit mountPath field" $subPathItem.mountPath }}
          {{- with $subPathItem.readOnly }}
  readOnly: {{ . }}
          {{- end }}
          {{- with $subPathItem.mountPropagation }}
  mountPropagation: {{ . }}
          {{- end }}
        {{- end -}}
      {{- else -}}
        {{/* Set the default mountPath to /<name_of_the_peristence_item> */}}
        {{- $mountPath := (printf "/%v" $persistenceIndex) -}}
        {{- if eq "hostPath" (default "pvc" $persistenceItem.type) -}}
          {{- $mountPath = $persistenceItem.hostPath -}}
        {{- end -}}
        {{/* Use the specified mountPath if provided */}}
        {{- with $persistenceItem.mountPath -}}
          {{- $mountPath = . -}}
        {{- end }}
        {{- if ne $mountPath "-" }}
 - name: {{ $persistenceIndex }}
  mountPath: {{ $mountPath }}
          {{- with $persistenceItem.subPath }}
  subPath: {{ . }}
          {{- end }}
          {{- with $persistenceItem.readOnly }}
  readOnly: {{ . }}
          {{- end }}
          {{- with $persistenceItem.mountPropagation }}
  mountPropagation: {{ . }}
          {{- end }}
        {{- end }}
      {{- end -}}
    {{- end -}}
  {{- end }}
  {{- if eq .Values.controller.type "statefulset" }}
    {{- range $index, $vct := .Values.volumeClaimTemplates }}
 - mountPath: {{ $vct.mountPath }}
  name: {{ $vct.name }}
      {{- if $vct.subPath }}
  subPath: {{ $vct.subPath }}
      {{- end }}
    {{- end }}
  {{- end }}
 {{- end -}}
--- a/charts/library/common/templates/lib/controller/_enabled_containers.tpl
+++ b/charts/library/common/templates/lib/controller/_enabled_containers.tpl
@ -15,7 +15,7 @@ Return the enabled containers for a controller.
      {{- end -}}
      {{- if $containerEnabled -}}
-        {{- $_ := set $enabledContainers $name . -}}
+        {{- $_ := set $enabledContainers $name $container -}}
      {{- end -}}
    {{- end -}}
  {{- end -}}
--- a/charts/library/common/templates/lib/networkpolicy/_validate.tpl
+++ b/charts/library/common/templates/lib/networkpolicy/_validate.tpl
@ -0,0 +1,22 @@
 {{/*
 Validate networkPolicy values
 */}}
 {{- define "bjw-s.common.lib.networkpolicy.validate" -}}
  {{- $rootContext := .rootContext -}}
  {{- $networkpolicyObject := .object -}}
  {{- if and (not (hasKey $networkpolicyObject "podSelector")) (empty (get $networkpolicyObject "controller")) -}}
    {{- fail (printf "controller reference or podSelector is required for NetworkPolicy. (NetworkPolicy %s)" $networkpolicyObject.identifier) -}}
  {{- end -}}
  {{- if empty (get $networkpolicyObject "policyTypes") -}}
    {{- fail (printf "policyTypes is required for NetworkPolicy. (NetworkPolicy %s)" $networkpolicyObject.identifier) -}}
  {{- end -}}
  {{- $allowedpolicyTypes := list "Ingress" "Egress" -}}
  {{- range $networkpolicyObject.policyTypes -}}
    {{- if not (has . $allowedpolicyTypes) -}}
      {{- fail (printf "Not a valid policyType for NetworkPolicy. (NetworkPolicy %s, value %s)" $networkpolicyObject.identifier .) -}}
    {{- end -}}
  {{- end -}}
 {{- end -}}
--- a/charts/library/common/templates/lib/networkpolicy/_valuesToObject.tpl
+++ b/charts/library/common/templates/lib/networkpolicy/_valuesToObject.tpl
@ -0,0 +1,24 @@
 {{/*
 Convert networkPolicy values to an object
 */}}
 {{- define "bjw-s.common.lib.networkpolicy.valuesToObject" -}}
  {{- $rootContext := .rootContext -}}
  {{- $identifier := .id -}}
  {{- $objectValues := .values -}}
  {{- /* Determine and inject the networkPolicy name */ -}}
  {{- $objectName := (include "bjw-s.common.lib.chart.names.fullname" $rootContext) -}}
  {{- if $objectValues.nameOverride -}}
    {{- $objectName = printf "%s-%s" $objectName $objectValues.nameOverride -}}
  {{- else -}}
    {{- if ne $identifier "main" -}}
      {{- $objectName = printf "%s-%s" $objectName $identifier -}}
    {{- end -}}
  {{- end -}}
  {{- $_ := set $objectValues "name" $objectName -}}
  {{- $_ := set $objectValues "identifier" $identifier -}}
  {{- /* Return the networkPolicy object */ -}}
  {{- $objectValues | toYaml -}}
 {{- end -}}
--- a/charts/library/common/templates/lib/pod/_spec.tpl
+++ b/charts/library/common/templates/lib/pod/_spec.tpl
@ -19,7 +19,7 @@ runtimeClassName: {{ . | trim }}
 schedulerName: {{ . | trim }}
  {{- end -}}
  {{- with ($controllerObject.pod.securityContext) }}
-securityContext: {{ . | trim | nindent 2 }}
+securityContext: {{ . | toYaml | nindent 2 }}
  {{- end -}}
  {{- with ($controllerObject.pod.hostname) }}
 hostname: {{ . | trim }}
@ -29,13 +29,13 @@ hostNetwork: {{ $controllerObject.pod.hostNetwork }}
 hostPID: {{ $controllerObject.pod.hostPID }}
 dnsPolicy: {{ include "bjw-s.common.lib.pod.field.dnsPolicy" (dict "ctx" $ctx) | trim }}
  {{- with $controllerObject.pod.dnsConfig }}
-dnsConfig: {{ . | trim | nindent 2 }}
+dnsConfig: {{ . | toYaml | nindent 2 }}
  {{- end -}}
  {{- with $controllerObject.pod.hostAliases }}
-hostAliases: {{ . | trim | nindent 2 }}
+hostAliases: {{ . | toYaml | nindent 2 }}
  {{- end -}}
  {{- with $controllerObject.pod.imagePullSecrets }}
-imagePullSecrets: {{ . | trim | nindent 2 }}
+imagePullSecrets: {{ . | toYaml | nindent 2 }}
  {{- end -}}
  {{- with $controllerObject.pod.terminationGracePeriodSeconds }}
 terminationGracePeriodSeconds: {{ . | trim }}
@ -44,16 +44,16 @@ terminationGracePeriodSeconds: {{ . | trim }}
 restartPolicy: {{ . | trim }}
  {{- end -}}
  {{- with $controllerObject.pod.nodeSelector }}
-nodeSelector: {{ . | trim | nindent 2 }}
+nodeSelector: {{ . | toYaml | nindent 2 }}
  {{- end -}}
  {{- with $controllerObject.pod.affinity }}
-affinity: {{ . | trim | nindent 2 }}
+affinity: {{ . | toYaml | nindent 2 }}
  {{- end -}}
  {{- with $controllerObject.pod.topologySpreadConstraints }}
-topologySpreadConstraints: {{ . | trim | nindent 2 }}
+topologySpreadConstraints: {{ . | toYaml | nindent 2 }}
  {{- end -}}
  {{- with $controllerObject.pod.tolerations }}
-tolerations: {{ . | trim | nindent 2 }}
+tolerations: {{ . | toYaml | nindent 2 }}
  {{- end }}
  {{- with (include "bjw-s.common.lib.pod.field.initContainers" (dict "ctx" $ctx) | trim) }}
 initContainers: {{ . | nindent 2 }}
--- a/charts/library/common/templates/lib/pod/fields/_containers.tpl
+++ b/charts/library/common/templates/lib/pod/fields/_containers.tpl
@ -6,6 +6,7 @@ Returns the value for containers
  {{- $controllerObject := .ctx.controllerObject -}}
  {{- /* Default to empty list */ -}}
  {{- $orderedContainers := dict -}}
  {{- $containers := list -}}
  {{- /* Fetch configured containers for this controller */ -}}
@ -19,7 +20,13 @@ Returns the value for containers
    {{- /* Generate the Container spec */ -}}
    {{- $renderedContainer := include "bjw-s.common.lib.container.spec" (dict "rootContext" $rootContext "controllerObject" $controllerObject "containerObject" $containerObject) | fromYaml -}}
-    {{- $containers = append $containers $renderedContainer -}}
+
    {{- $containerOrder := (dig "order" 99 $containerValues) -}}
    {{- $_ := set $orderedContainers (printf "%v-%s" $containerOrder $key) $renderedContainer -}}
  {{- end -}}
  {{- range $key, $containerValues := $orderedContainers -}}
    {{- $containers = append $containers $containerValues -}}
  {{- end -}}
  {{- if not (empty $containers) -}}
--- a/charts/library/common/templates/lib/pod/fields/_initContainers.tpl
+++ b/charts/library/common/templates/lib/pod/fields/_initContainers.tpl
@ -6,10 +6,18 @@ Returns the value for initContainers
  {{- $controllerObject := .ctx.controllerObject -}}
  {{- /* Default to empty list */ -}}
  {{- $orderedContainers := dict -}}
  {{- $containers := list -}}
  {{- /* Fetch configured containers for this controller */ -}}
  {{- range $key, $containerValues := $controllerObject.initContainers -}}
    {{- /* Enable container by default, but allow override */ -}}
    {{- $containerEnabled := true -}}
    {{- if hasKey $containerValues "enabled" -}}
      {{- $containerEnabled = $containerValues.enabled -}}
    {{- end -}}
    {{- if $containerEnabled -}}
      {{- /* Create object from the container values */ -}}
      {{- $containerObject := (include "bjw-s.common.lib.container.valuesToObject" (dict "rootContext" $ "id" $key "values" $containerValues)) | fromYaml -}}
@ -18,7 +26,14 @@ Returns the value for initContainers
      {{- /* Generate the Container spec */ -}}
      {{- $renderedContainer := include "bjw-s.common.lib.container.spec" (dict "rootContext" $rootContext "containerObject" $containerObject) | fromYaml -}}
-    {{- $containers = append $containers $renderedContainer -}}
+
      {{- $containerOrder := (dig "order" 99 $containerValues) -}}
      {{- $_ := set $orderedContainers (printf "%v-%s" $containerOrder $key) $renderedContainer -}}
    {{- end -}}
  {{- end -}}
  {{- range $key, $containerValues := $orderedContainers -}}
    {{- $containers = append $containers $containerValues -}}
  {{- end -}}
  {{- if not (empty $containers) -}}
--- a/charts/library/common/templates/loader/_generate.tpl
+++ b/charts/library/common/templates/loader/_generate.tpl
@ -12,4 +12,5 @@ Secondary entrypoint and primary loader for the common chart
  {{- include "bjw-s.common.render.routes" . | nindent 0 -}}
  {{- include "bjw-s.common.render.configMaps" . | nindent 0 -}}
  {{- include "bjw-s.common.render.secrets" . | nindent 0 -}}
  {{- include "bjw-s.common.render.networkpolicies" . | nindent 0 -}}
 {{- end -}}
--- a/charts/library/common/templates/render/_networkpolicies.tpl
+++ b/charts/library/common/templates/render/_networkpolicies.tpl
@ -0,0 +1,26 @@
 {{/*
 Renders the networkPolicy objects required by the chart.
 */}}
 {{- define "bjw-s.common.render.networkpolicies" -}}
  {{- /* Generate named networkPolicy as required */ -}}
  {{- range $key, $networkPolicy := .Values.networkpolicies }}
    {{- /* Enable networkPolicy by default, but allow override */ -}}
    {{- $networkPolicyEnabled := true -}}
    {{- if hasKey $networkPolicy "enabled" -}}
      {{- $networkPolicyEnabled = $networkPolicy.enabled -}}
    {{- end -}}
    {{- if $networkPolicyEnabled -}}
      {{- $networkPolicyValues := (mustDeepCopy $networkPolicy) -}}
      {{- /* Create object from the raw networkPolicy values */ -}}
      {{- $networkPolicyObject := (include "bjw-s.common.lib.networkpolicy.valuesToObject" (dict "rootContext" $ "id" $key "values" $networkPolicyValues)) | fromYaml -}}
      {{- /* Perform validations on the networkPolicy before rendering */ -}}
      {{- include "bjw-s.common.lib.networkpolicy.validate" (dict "rootContext" $ "object" $networkPolicyObject) -}}
      {{/* Include the networkPolicy class */}}
      {{- include "bjw-s.common.class.networkpolicy" (dict "rootContext" $ "object" $networkPolicyObject) | nindent 0 -}}
    {{- end -}}
  {{- end -}}
 {{- end -}}
--- a/charts/library/common/values.yaml
+++ b/charts/library/common/values.yaml
@ -176,6 +176,11 @@ controllers:
        # -- Override the container name
        nameOverride:
        # -- Override the default container order
        # Containers get sorted alphanumerically by the `<order>-<identifier>` combination.
        # @default -- 99
        order: 1
        image:
          # -- image repository
          repository:
@ -309,8 +314,8 @@ controllers:
        terminationMessagePolicy:
    # -- Specify any initContainers here as dictionary items.
-    # Each initContainer should have its own key. The dictionary item key will determine the order.
+    # Each initContainer should have its own key
-    # Helm templates can be used.
+    # initContainers get sorted alphanumerically by the `<order>-<identifier>` combination.
    initContainers: {}
 serviceAccount:
@ -626,3 +631,32 @@ persistence:
    #         readOnly: false
    #         subPath: config.yaml
    advancedMounts: {}
 # -- Configure the networkPolicies for the chart here.
 # Additional networkPolicies can be added by adding a dictionary key similar to the 'main' networkPolicy.
 # @default -- See below
 networkpolicies:
  main:
    # -- Enables or disables the networkPolicy item. Defaults to true
    enabled: false
    # -- Configure which controller this networkPolicy should target
    controller: main
    # -- Define a custom podSelector for the networkPolicy. This takes precedence over targeting a controller.
    # podSelector: {}
    # -- The policyTypes for this networkPolicy
    policyTypes:
      - Ingress
      - Egress
    # -- The rulesets for this networkPolicy
    # [[ref]](https://kubernetes.io/docs/concepts/services-networking/network-policies/#networkpolicy-resource)
    rules:
      # -- The ingress rules for this networkPolicy. Allows all ingress traffic by default.
      ingress:
        - {}
      # -- The egress rules for this networkPolicy. Allows all egress traffic by default.
      egress:
        - {}