public/helm-charts
1
0
Fork 0
mirror of https://github.com/bjw-s-labs/helm-charts.git synced 2025-07-04 08:57:04 +02:00
Code Issues Projects Releases Packages Wiki Activity
helm-charts/charts/library/common-test/tests/serviceAccount/serviceaccount_test.yaml

256 lines
7.3 KiB
YAML
Raw Blame History

---
# yaml-language-server: $schema=https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json
suite: serviceAccount values
templates:
- common.yaml
values:
- ../_values/controllers_main_default_container.yaml
tests:
- it: a serviceAccount is not created by default
asserts:
- hasDocuments:
count: 1
- documentIndex: 0
not: true
isKind:
of: ServiceAccount
- it: a serviceAccount is not created when disabled
set:
serviceAccount:
create: false
asserts:
- hasDocuments:
count: 1
- documentIndex: 0
not: true
isKind:
of: ServiceAccount
- it: controller uses named ServiceAccount by default
set:
serviceAccount:
create: false
name: &ServiceAccountName test
asserts:
- hasDocuments:
count: 1
- documentIndex: &DeploymentDocument 0
isKind:
of: Deployment
- documentIndex: *DeploymentDocument
equal:
path: spec.template.spec.serviceAccountName
value: *ServiceAccountName
- it: controller uses `default` ServiceAccount if flag is enabled
set:
enforceServiceAccountCreation: true
serviceAccount:
create: false
name: test
asserts:
- hasDocuments:
count: 1
- documentIndex: &DeploymentDocument 0
isKind:
of: Deployment
- documentIndex: *DeploymentDocument
equal:
path: spec.template.spec.serviceAccountName
value: default
- it: a serviceAccount and Secret are created when enabled
set:
serviceAccount:
create: true
asserts:
- hasDocuments:
count: 3
- documentIndex: &ServiceAccountDocument 0
isKind:
of: ServiceAccount
- documentIndex: &DeploymentDocument 1
isKind:
of: Deployment
- documentIndex: &SecretDocument 2
isKind:
of: Secret
- documentIndex: *ServiceAccountDocument
equal:
path: metadata.name
value: &ServiceAccountName RELEASE-NAME
- documentIndex: *ServiceAccountDocument
equal:
path: secrets
value:
- name: RELEASE-NAME-default-sa-token
- documentIndex: *DeploymentDocument
equal:
path: spec.template.spec.serviceAccountName
value: *ServiceAccountName
- documentIndex: *SecretDocument
equal:
path: metadata.annotations
value:
kubernetes.io/service-account.name: RELEASE-NAME
- it: a serviceAccount and Secret are created with custom name
set:
serviceAccount:
create: true
name: &ServiceAccountName myAccount
asserts:
- hasDocuments:
count: 3
- documentIndex: &ServiceAccountDocument 0
isKind:
of: ServiceAccount
- documentIndex: &DeploymentDocument 1
isKind:
of: Deployment
- documentIndex: &SecretDocument 2
isKind:
of: Secret
- documentIndex: *ServiceAccountDocument
equal:
path: metadata.name
value: *ServiceAccountName
- documentIndex: *ServiceAccountDocument
equal:
path: secrets
value:
- name: RELEASE-NAME-default-sa-token
- documentIndex: *DeploymentDocument
equal:
path: spec.template.spec.serviceAccountName
value: *ServiceAccountName
- documentIndex: *SecretDocument
equal:
path: metadata.annotations
value:
kubernetes.io/service-account.name: *ServiceAccountName
- it: multiple serviceAccounts and Secrets are created when enabled
set:
serviceAccount:
create: true
name: &ServiceAccountName myAccount
extraServiceAccounts:
mySA:
create: true
asserts:
- hasDocuments:
count: 5
- documentIndex: &ServiceAccountDocument 0
isKind:
of: ServiceAccount
- documentIndex: &ServiceAccountDocument2 1
isKind:
of: ServiceAccount
- documentIndex: &DeploymentDocument 2
isKind:
of: Deployment
- documentIndex: &SecretDocument 3
isKind:
of: Secret
- documentIndex: &SecretDocument2 4
isKind:
of: Secret
- documentIndex: *ServiceAccountDocument
equal:
path: metadata.name
value: *ServiceAccountName
- documentIndex: *ServiceAccountDocument2
equal:
path: metadata.name
value: RELEASE-NAME-mySA
- documentIndex: *ServiceAccountDocument
equal:
path: secrets
value:
- name: RELEASE-NAME-default-sa-token
- documentIndex: *ServiceAccountDocument2
equal:
path: secrets
value:
- name: RELEASE-NAME-mySA-sa-token
- documentIndex: *DeploymentDocument
equal:
path: spec.template.spec.serviceAccountName
value: *ServiceAccountName
- documentIndex: *SecretDocument
equal:
path: metadata.annotations
value:
kubernetes.io/service-account.name: *ServiceAccountName
- documentIndex: *SecretDocument2
equal:
path: metadata.annotations
value:
kubernetes.io/service-account.name: RELEASE-NAME-mySA
- it: multiple serviceAccounts and Secrets are created with custom names
set:
serviceAccount:
create: true
name: &ServiceAccountName myAccount
extraServiceAccounts:
mySA:
create: true
name: &ServiceAccountName2 mySAcustom
mySA2:
create: false
name: &ServiceAccountName3 mySAcustom2
asserts:
- hasDocuments:
count: 5
- documentIndex: &ServiceAccountDocument 0
isKind:
of: ServiceAccount
- documentIndex: &ServiceAccountDocument2 1
isKind:
of: ServiceAccount
- documentIndex: &DeploymentDocument 2
isKind:
of: Deployment
- documentIndex: &SecretDocument 3
isKind:
of: Secret
- documentIndex: &SecretDocument2 4
isKind:
of: Secret
- documentIndex: *ServiceAccountDocument
equal:
path: metadata.name
value: *ServiceAccountName
- documentIndex: *ServiceAccountDocument2
equal:
path: metadata.name
value: *ServiceAccountName2
- documentIndex: *ServiceAccountDocument
equal:
path: secrets
value:
- name: RELEASE-NAME-default-sa-token
- documentIndex: *ServiceAccountDocument2
equal:
path: secrets
value:
- name: RELEASE-NAME-mySA-sa-token
- documentIndex: *DeploymentDocument
equal:
path: spec.template.spec.serviceAccountName
value: *ServiceAccountName
- documentIndex: *SecretDocument
equal:
path: metadata.annotations
value:
kubernetes.io/service-account.name: *ServiceAccountName
- documentIndex: *SecretDocument2
equal:
path: metadata.annotations
value:
kubernetes.io/service-account.name: *ServiceAccountName2
Reference in a new issue View git blame Copy permalink