Skip to content

Commit 9f9016a

Browse files
mikhail-klimkomikhail-klimko
authored
feat(cf-common): secret key ref feature for onprem (#58)
1 parent 70167f1 commit 9f9016a

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

47 files changed

+1310
-244
lines changed

charts/cf-common-test/tests/env-vars/firebase_env_var_secret_ref_test.yaml

Lines changed: 66 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,66 @@
1+
# yaml-language-server: $schema=https://raw.githubusercontent.com/quintush/helm-unittest/master/schema/helm-testsuite.json
2+
suite: firebase env vars
3+
templates:
4+
- templates/controller.yaml
5+
- templates/secret.yaml
6+
tests:
7+
- it: Test FIREBASE_* env vars from default secret
8+
values:
9+
- values.yaml
10+
template: templates/controller.yaml
11+
set:
12+
global:
13+
firebaseUrl: "firebase0.example.com"
14+
firebasePassword: "mypassword"
15+
asserts:
16+
- contains:
17+
path: spec.template.spec.containers[0].env
18+
content:
19+
name: FIREBASE_URL
20+
valueFrom:
21+
secretKeyRef:
22+
name: RELEASE-NAME-cf-common-test-secret
23+
key: FIREBASE_URL
24+
optional: true
25+
- contains:
26+
path: spec.template.spec.containers[0].env
27+
content:
28+
name: FIREBASE_SECRET
29+
valueFrom:
30+
secretKeyRef:
31+
name: RELEASE-NAME-cf-common-test-secret
32+
key: FIREBASE_SECRET
33+
optional: true
34+
35+
36+
- it: Test FIREBASE_* env vars from custom secret
37+
values:
38+
- values.yaml
39+
template: templates/controller.yaml
40+
set:
41+
global:
42+
firebaseUrlSecretKeyRef:
43+
name: my-firebase-secret
44+
key: firebase-url
45+
firebaseSecretSecretKeyRef:
46+
name: my-firebase-secret
47+
key: firebase-secret
48+
asserts:
49+
- contains:
50+
path: spec.template.spec.containers[0].env
51+
content:
52+
name: FIREBASE_URL
53+
valueFrom:
54+
secretKeyRef:
55+
name: my-firebase-secret
56+
key: firebase-url
57+
optional: true
58+
- contains:
59+
path: spec.template.spec.containers[0].env
60+
content:
61+
name: FIREBASE_SECRET
62+
valueFrom:
63+
secretKeyRef:
64+
name: my-firebase-secret
65+
key: firebase-secret
66+
optional: true

charts/cf-common-test/tests/env-vars/mongodb_env_var_secret_ref_test.yaml

Lines changed: 161 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,161 @@
1+
# yaml-language-server: $schema=https://raw.githubusercontent.com/quintush/helm-unittest/master/schema/helm-testsuite.json
2+
suite: mongodb env vars
3+
templates:
4+
- templates/controller.yaml
5+
- templates/secret.yaml
6+
tests:
7+
- it: Test MONGODB_* env vars from default secret
8+
values:
9+
- values.yaml
10+
template: templates/controller.yaml
11+
set:
12+
global:
13+
mongoURI: ""
14+
mongodbProtocol: mongodb+srv
15+
mongodbUser: cfuser
16+
mongodbPassword: cfpassword
17+
mongodbHost: mongodb0.example.com:27017
18+
mongodbOptions: retryWrites=true
19+
asserts:
20+
- contains:
21+
path: spec.template.spec.containers[0].env
22+
content:
23+
name: MONGODB_PROTOCOL
24+
value: mongodb+srv
25+
- contains:
26+
path: spec.template.spec.containers[0].env
27+
content:
28+
name: MONGODB_USER
29+
valueFrom:
30+
secretKeyRef:
31+
name: RELEASE-NAME-cf-common-test-secret
32+
key: MONGODB_USER
33+
optional: true
34+
- contains:
35+
path: spec.template.spec.containers[0].env
36+
content:
37+
name: MONGODB_PASSWORD
38+
valueFrom:
39+
secretKeyRef:
40+
name: RELEASE-NAME-cf-common-test-secret
41+
key: MONGODB_PASSWORD
42+
optional: true
43+
- contains:
44+
path: spec.template.spec.containers[0].env
45+
content:
46+
name: MONGODB_HOST
47+
valueFrom:
48+
secretKeyRef:
49+
name: RELEASE-NAME-cf-common-test-secret
50+
key: MONGODB_HOST
51+
optional: true
52+
- contains:
53+
path: spec.template.spec.containers[0].env
54+
content:
55+
name: MONGODB_OPTIONS
56+
value: retryWrites=true
57+
- contains:
58+
path: spec.template.spec.containers[0].env
59+
content:
60+
name: MONGO_URI
61+
value: $(MONGODB_PROTOCOL)://$(MONGODB_USER):$(MONGODB_PASSWORD)@$(MONGODB_HOST)/$(MONGODB_DATABASE)?$(MONGODB_OPTIONS)
62+
- contains:
63+
path: spec.template.spec.containers[0].env
64+
content:
65+
name: MONGO_URI
66+
value: $(MONGODB_PROTOCOL)://$(MONGODB_USER):$(MONGODB_PASSWORD)@$(MONGODB_HOST)/$(MONGODB_DATABASE)?$(MONGODB_OPTIONS)
67+
- contains:
68+
path: spec.template.spec.containers[0].env
69+
content:
70+
name: MONGO_URI_ANNOTATION
71+
value: $(MONGO_URI)
72+
- contains:
73+
path: spec.template.spec.containers[0].env
74+
content:
75+
name: MONGO_URI_ARCHIVE
76+
value: $(MONGODB_PROTOCOL)://$(MONGODB_USER):$(MONGODB_PASSWORD)@$(MONGODB_HOST)/$(MONGODB_DATABASE_ARCHIVE)?$(MONGODB_OPTIONS)
77+
78+
- it: Test MONGODB_* env vars from custom secret
79+
values:
80+
- values.yaml
81+
template: templates/controller.yaml
82+
set:
83+
global:
84+
mongoURI: ""
85+
mongodbProtocol: mongodb+srv
86+
mongodbUserSecretKeyRef:
87+
name: my-mongodb-secret
88+
key: mongodb-user
89+
mongodbPasswordSecretKeyRef:
90+
name: my-mongodb-secret
91+
key: mongodb-password
92+
mongodbHostSecretKeyRef:
93+
name: my-mongodb-secret
94+
key: mongodb-host
95+
mongodbOptions: retryWrites=true
96+
asserts:
97+
- contains:
98+
path: spec.template.spec.containers[0].env
99+
content:
100+
name: MONGODB_PROTOCOL
101+
value: mongodb+srv
102+
- contains:
103+
path: spec.template.spec.containers[0].env
104+
content:
105+
name: MONGODB_USER
106+
valueFrom:
107+
secretKeyRef:
108+
name: my-mongodb-secret
109+
key: mongodb-user
110+
optional: true
111+
- contains:
112+
path: spec.template.spec.containers[0].env
113+
content:
114+
name: MONGODB_PASSWORD
115+
valueFrom:
116+
secretKeyRef:
117+
name: my-mongodb-secret
118+
key: mongodb-password
119+
optional: true
120+
- contains:
121+
path: spec.template.spec.containers[0].env
122+
content:
123+
name: MONGODB_HOST
124+
valueFrom:
125+
secretKeyRef:
126+
name: my-mongodb-secret
127+
key: mongodb-host
128+
optional: true
129+
- contains:
130+
path: spec.template.spec.containers[0].env
131+
content:
132+
name: MONGODB_OPTIONS
133+
value: retryWrites=true
134+
- contains:
135+
path: spec.template.spec.containers[0].env
136+
content:
137+
name: MONGO_URI
138+
value: $(MONGODB_PROTOCOL)://$(MONGODB_USER):$(MONGODB_PASSWORD)@$(MONGODB_HOST)/$(MONGODB_DATABASE)?$(MONGODB_OPTIONS)
139+
- contains:
140+
path: spec.template.spec.containers[0].env
141+
content:
142+
name: MONGO_URI
143+
value: $(MONGODB_PROTOCOL)://$(MONGODB_USER):$(MONGODB_PASSWORD)@$(MONGODB_HOST)/$(MONGODB_DATABASE)?$(MONGODB_OPTIONS)
144+
145+
- it: Test with legacy global.mongoURI present
146+
values:
147+
- values.yaml
148+
set:
149+
global:
150+
mongoURI: "mongodb+srv://cfuser:[email protected]:27017/retryWrites=true"
151+
asserts:
152+
- contains:
153+
path: spec.template.spec.containers[0].env
154+
content:
155+
name: MONGO_URI
156+
value: $(MONGO_URI)
157+
template: templates/controller.yaml
158+
- equal:
159+
path: stringData.MONGO_URI
160+
value: mongodb+srv://cfuser:[email protected]:27017/retryWrites=true
161+
template: templates/secret.yaml

charts/cf-common-test/tests/env-vars/postgres_env_var_secret_ref_test.yaml

Lines changed: 111 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,111 @@
1+
# yaml-language-server: $schema=https://raw.githubusercontent.com/quintush/helm-unittest/master/schema/helm-testsuite.json
2+
suite: postgres env vars
3+
templates:
4+
- templates/controller.yaml
5+
- templates/secret.yaml
6+
tests:
7+
- it: Test POSTGRES_* env vars from default secret
8+
values:
9+
- values.yaml
10+
template: templates/controller.yaml
11+
set:
12+
global:
13+
postgresDatabase: "codefresh"
14+
postgresHostname: "postgres0.example.com"
15+
postgresPassword: "cfpassword"
16+
postgresPort: "5432"
17+
postgresUser: "cfuser"
18+
asserts:
19+
- contains:
20+
path: spec.template.spec.containers[0].env
21+
content:
22+
name: POSTGRES_DATABASE
23+
value: codefresh
24+
- contains:
25+
path: spec.template.spec.containers[0].env
26+
content:
27+
name: POSTGRES_HOSTNAME
28+
valueFrom:
29+
secretKeyRef:
30+
name: RELEASE-NAME-cf-common-test-secret
31+
key: POSTGRES_HOSTNAME
32+
optional: true
33+
- contains:
34+
path: spec.template.spec.containers[0].env
35+
content:
36+
name: POSTGRES_PASSWORD
37+
valueFrom:
38+
secretKeyRef:
39+
name: RELEASE-NAME-cf-common-test-secret
40+
key: POSTGRES_PASSWORD
41+
optional: true
42+
- contains:
43+
path: spec.template.spec.containers[0].env
44+
content:
45+
name: POSTGRES_USER
46+
valueFrom:
47+
secretKeyRef:
48+
name: RELEASE-NAME-cf-common-test-secret
49+
key: POSTGRES_USER
50+
optional: true
51+
- contains:
52+
path: spec.template.spec.containers[0].env
53+
content:
54+
name: POSTGRES_PORT
55+
value: "5432"
56+
57+
- it: Test POSTGRES_* env vars from custom secret
58+
values:
59+
- values.yaml
60+
template: templates/controller.yaml
61+
set:
62+
global:
63+
postgresDatabase: "codefresh"
64+
postgresHostnameSecretKeyRef:
65+
name: my-postgres-secret
66+
key: postgres-hostname
67+
postgresPasswordSecretKeyRef:
68+
name: my-postgres-secret
69+
key: postgres-password
70+
postgresPort: "5432"
71+
postgresUserSecretKeyRef:
72+
name: my-postgres-secret
73+
key: postgres-user
74+
asserts:
75+
- contains:
76+
path: spec.template.spec.containers[0].env
77+
content:
78+
name: POSTGRES_DATABASE
79+
value: codefresh
80+
- contains:
81+
path: spec.template.spec.containers[0].env
82+
content:
83+
name: POSTGRES_HOSTNAME
84+
valueFrom:
85+
secretKeyRef:
86+
name: my-postgres-secret
87+
key: postgres-hostname
88+
optional: true
89+
- contains:
90+
path: spec.template.spec.containers[0].env
91+
content:
92+
name: POSTGRES_PASSWORD
93+
valueFrom:
94+
secretKeyRef:
95+
name: my-postgres-secret
96+
key: postgres-password
97+
optional: true
98+
- contains:
99+
path: spec.template.spec.containers[0].env
100+
content:
101+
name: POSTGRES_USER
102+
valueFrom:
103+
secretKeyRef:
104+
name: my-postgres-secret
105+
key: postgres-user
106+
optional: true
107+
- contains:
108+
path: spec.template.spec.containers[0].env
109+
content:
110+
name: POSTGRES_PORT
111+
value: "5432"

0 commit comments

Comments
 (0)