public/helm-charts
1
0
Fork 0
mirror of https://github.com/bjw-s-labs/helm-charts.git synced 2025-07-04 08:57:04 +02:00
Code Issues Projects Releases Packages Wiki Activity

feat(common): Release common 4.0.0 (#398)

Browse source 
Co-authored-by: lab-assistant[bot] <180935599+lab-assistant[bot]@users.noreply.github.com>
This commit is contained in:
Bernd Schorgers 2025-05-16 08:40:39 +02:00
parent 1e210f43e3
commit a01a89cb13
No known key found for this signature in database
327 changed files with 11181 additions and 7330 deletions
Download patch file Download diff file Expand all files Collapse all files

44
charts/library/common/test-chart/unittests/rbac/metadata_annotations_test.yaml Normal file
View file

@ -0,0 +1,44 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
suite: rbac - metadata - annotations
templates:
- common.yaml
values:
- ../_values/rbac_values.yaml
tests:
- it: no annotations are set by default
documentSelector:
path: $[?(@.kind == "Role")].metadata.name
value: release-name
asserts:
- notExists:
path: metadata.annotations
- it: custom annotations
set:
rbac.roles.defaultRole.annotations:
test_annotation: test
documentSelector:
path: $[?(@.kind == "Role")].metadata.name
value: release-name
asserts:
- equal:
path: metadata.annotations
value:
test_annotation: test
- it: custom annotations mixed with global annotations
set:
global.annotations:
global_annotation: test
rbac.roles.defaultRole.annotations:
test_annotation: test
documentSelector:
path: $[?(@.kind == "Role")].metadata.name
value: release-name
asserts:
- equal:
path: metadata.annotations
value:
global_annotation: test
test_annotation: test

57
charts/library/common/test-chart/unittests/rbac/metadata_labels_test.yaml Normal file
View file

@ -0,0 +1,57 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
suite: rbac - metadata - labels
templates:
- common.yaml
values:
- ../_values/rbac_values.yaml
tests:
- it: default labels
documentSelector:
path: $[?(@.kind == "Role")].metadata.name
value: release-name
asserts:
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: RELEASE-NAME
helm.sh/chart: common-test-1.0.0
- it: custom labels
set:
rbac.roles.defaultRole.labels:
test_label: test
documentSelector:
path: $[?(@.kind == "Role")].metadata.name
value: release-name
asserts:
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: RELEASE-NAME
helm.sh/chart: common-test-1.0.0
test_label: test
- it: custom labels mixed with global labels
set:
global.labels:
global_label: test
rbac.roles.defaultRole.labels:
test_label: test
documentSelector:
path: $[?(@.kind == "Role")].metadata.name
value: release-name
asserts:
- equal:
path: metadata.labels
value:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: RELEASE-NAME
global_label: test
helm.sh/chart: common-test-1.0.0
test_label: test

60
charts/library/common/test-chart/unittests/rbac/metadata_test.yaml
View file

@ -1,60 +0,0 @@
---
suite: rbac metadata
set:
serviceAccount:
name: test-sa
templates:
- common.yaml
values:
- ../_values/rbac_values.yaml
tests:
- it: default metadata should pass
asserts:
- hasDocuments:
count: 4
- documentIndex: &RoleDocument 2
isKind:
of: Role
- documentIndex: *RoleDocument
notExists:
path: metadata.annotations
- documentIndex: *RoleDocument
equal:
path: metadata.labels
value:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: RELEASE-NAME
helm.sh/chart: common-test-1.0.0
- it: custom metadata should pass
set:
rbac:
roles:
defaultRole:
annotations:
test_annotation: test
labels:
test_label: test
asserts:
- hasDocuments:
count: 4
- documentIndex: &RoleDocument 2
isKind:
of: Role
- documentIndex: *RoleDocument
equal:
path: metadata.annotations
value:
test_annotation: test
- documentIndex: *RoleDocument
equal:
path: metadata.labels
value:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: RELEASE-NAME
helm.sh/chart: common-test-1.0.0
test_label: test

58
charts/library/common/test-chart/unittests/rbac/names_test.yaml
View file

@ -1,58 +0,0 @@
---
suite: rbac names
set:
serviceAccount:
name: test-sa
templates:
- common.yaml
values:
- ../_values/rbac_values.yaml
tests:
- it: default role and rolebinding names should pass
asserts:
- hasDocuments:
count: 4
- documentIndex: &RoleDocument 2
isKind:
of: Role
- documentIndex: *RoleDocument
equal:
path: metadata.name
value: RELEASE-NAME-defaultRole
- documentIndex: &BindingDocument 3
isKind:
of: RoleBinding
- documentIndex: *BindingDocument
equal:
path: metadata.name
value: RELEASE-NAME-defaultBinding
- it: custom role name should pass
set:
rbac:
roles:
defaultRole:
forceRename: customRole
bindings:
defaultBinding:
forceRename: customBinding
asserts:
- hasDocuments:
count: 4
- documentIndex: &RoleDocument 2
isKind:
of: Role
- documentIndex: &BindingDocument 3
isKind:
of: RoleBinding
- documentIndex: *RoleDocument
equal:
path: metadata.name
value: customRole
- documentIndex: *BindingDocument
equal:
path: metadata.name
value: customBinding

72
charts/library/common/test-chart/unittests/rbac/presence_test.yaml Normal file
View file

@ -0,0 +1,72 @@
---
suite: rbac - presence
templates:
- common.yaml
tests:
- it: role and rolebinding can be configured are not created by default
asserts:
- not: true
containsDocument:
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
any: true
- not: true
containsDocument:
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
any: true
- it: role and rolebinding can be configured
values:
- ../_values/rbac_values.yaml
asserts:
- documentSelector:
path: $[?(@.kind == "Role")].metadata.name
value: release-name
equal:
path: rules[0].verbs
value: ["get", "list"]
- documentSelector:
path: $[?(@.kind == "RoleBinding")].metadata.name
value: release-name
equal:
path: subjects[0].name
value: "release-name"
- it: role and rolebinding can be disabled
values:
- ../_values/rbac_values.yaml
set:
rbac.roles.defaultRole:
enabled: false
rbac.bindings.defaultBinding:
enabled: false
asserts:
- not: true
containsDocument:
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
any: true
- not: true
containsDocument:
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
any: true
- it: multiple role and rolebinding can be configured
values:
- ../_values/rbac_values.yaml
set:
rbac.roles.customRole:
type: ClusterRole
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["get", "list", "watch"]
asserts:
- documentSelector:
path: $[?(@.kind == "ClusterRole")].metadata.name
value: release-name-customrole
equal:
path: rules[0].verbs
value: ["get", "list", "watch"]

32
charts/library/common/test-chart/unittests/rbac/validations_test.yaml
View file

@ -1,10 +1,5 @@
---
suite: rbac validations
set:
serviceAccount:
name: test-sa
suite: rbac - validations
templates:
- common.yaml
values:
@ -19,10 +14,17 @@ tests:
rules: {}
asserts:
- failedTemplate:
errorMessage: |
You selected: `InvalidRole`. Type must be one of:
- Role
- ClusterRole
errorPattern: "values don't meet the specifications of the schema"
- it: rolebinding type must be valid
set:
rbac:
bindings:
invalidRole:
type: InvalidRole
asserts:
- failedTemplate:
errorPattern: "values don't meet the specifications of the schema"
- it: role rules can't be empty
set:
@ -44,4 +46,12 @@ tests:
roleRef: {}
asserts:
- failedTemplate:
errorMessage: "If not using identifier roleRef must have a `name` key"
errorPattern: "values don't meet the specifications of the schema"
- it: serviceAccount reference to non-existing serviceAccount should fail
set:
rbac.bindings.defaultBinding.subjects:
- identifier: main
asserts:
- failedTemplate:
errorMessage: "No enabled ServiceAccount found with this identifier. (rolebinding: 'defaultBinding', identifier: 'main')"

52
charts/library/common/test-chart/unittests/rbac/values_test.yaml
View file

@ -1,52 +0,0 @@
---
suite: rbac values
set:
serviceAccount:
name: test-sa
templates:
- common.yaml
values:
- ../_values/rbac_values.yaml
tests:
- it: default role and rolebinding should pass
asserts:
- hasDocuments:
count: 4
- documentIndex: &RoleDocument 2
isKind:
of: Role
- documentIndex: *RoleDocument
equal:
path: rules[0].verbs
value: ["get", "list"]
- documentIndex: &BindingDocument 3
isKind:
of: RoleBinding
- documentIndex: *BindingDocument
equal:
path: subjects[0].name
value: "test-sa"
- it: custom role values should pass
set:
rbac:
roles:
customRole:
type: ClusterRole
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["get", "list", "watch"]
asserts:
- hasDocuments:
count: 5
- documentIndex: &RoleDocument 2
isKind:
of: ClusterRole
- documentIndex: *RoleDocument
equal:
path: rules[0].verbs
value: ["get", "list", "watch"]