mirror of
https://github.com/bjw-s-labs/helm-charts.git
synced 2025-07-04 00:47:04 +02:00
64 lines
1.7 KiB
YAML
64 lines
1.7 KiB
YAML
---
|
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
|
|
suite: pod securityContext
|
|
templates:
|
|
- common.yaml
|
|
tests:
|
|
- it: default should pass
|
|
asserts:
|
|
- documentIndex: 0
|
|
isKind:
|
|
of: Deployment
|
|
- documentIndex: 0
|
|
notExists:
|
|
path: spec.template.spec.securityContext
|
|
|
|
- it: defaultPodOption should pass
|
|
set:
|
|
defaultPodOptions:
|
|
securityContext:
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
fsGroup: 1000
|
|
fsGroupChangePolicy: OnRootMismatch
|
|
asserts:
|
|
- documentIndex: 0
|
|
isKind:
|
|
of: Deployment
|
|
- documentIndex: 0
|
|
equal:
|
|
path: spec.template.spec.securityContext
|
|
value:
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
fsGroup: 1000
|
|
fsGroupChangePolicy: OnRootMismatch
|
|
|
|
- it: defaultPodOption with pod override should pass
|
|
set:
|
|
defaultPodOptions:
|
|
securityContext:
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
fsGroup: 1000
|
|
fsGroupChangePolicy: OnRootMismatch
|
|
controllers:
|
|
main:
|
|
pod:
|
|
securityContext:
|
|
runAsUser: 568
|
|
runAsGroup: 568
|
|
fsGroup: 568
|
|
fsGroupChangePolicy: OnRootMismatch
|
|
asserts:
|
|
- documentIndex: 0
|
|
isKind:
|
|
of: Deployment
|
|
- documentIndex: 0
|
|
equal:
|
|
path: spec.template.spec.securityContext
|
|
value:
|
|
runAsUser: 568
|
|
runAsGroup: 568
|
|
fsGroup: 568
|
|
fsGroupChangePolicy: OnRootMismatch
|