From 1048cb8216845a25cf5cd1a97d93d379311d8e9a Mon Sep 17 00:00:00 2001 From: Tom Fenech Date: Tue, 28 Feb 2023 09:55:37 +0100 Subject: [PATCH 1/3] Add chart with disabled subchart containing CRDs Extract the existing "chart-0.1.0-v3.with-crd" and add it as a dependency of this chart. Installing this chart does not install any CRDs, since the condition for the chart is false. However, the NotContainCRDs check fails, since it doesn't take the condition into account. --- .../testchart/.helmignore | 23 + .../testchart/Chart.yaml | 7 + .../testchart/crds/backend.yaml | 16 + .../testchart/templates/NOTES.txt | 22 + .../testchart/templates/_helpers.tpl | 62 ++ .../testchart/templates/deployment.yaml | 61 ++ .../testchart/templates/hpa.yaml | 28 + .../testchart/templates/ingress.yaml | 41 ++ .../testchart/templates/service.yaml | 15 + .../testchart/templates/serviceaccount.yaml | 12 + .../templates/tests/test-connection.yaml | 15 + .../testchart/values.schema.json | 545 ++++++++++++++++++ .../testchart/values.yaml | 79 +++ .../testchart/.helmignore | 23 + .../testchart/Chart.lock | 6 + .../testchart/Chart.yaml | 14 + .../testchart/README.md | 1 + .../testchart/charts/testchart-0.1.0.tgz | Bin 0 -> 5542 bytes .../testchart/templates/NOTES.txt | 22 + .../testchart/templates/_helpers.tpl | 62 ++ .../testchart/templates/deployment.yaml | 61 ++ .../testchart/templates/hpa.yaml | 28 + .../testchart/templates/ingress.yaml | 41 ++ .../testchart/templates/service.yaml | 15 + .../testchart/templates/serviceaccount.yaml | 12 + .../templates/tests/test-connection.yaml | 15 + .../testchart/values.schema.json | 35 ++ .../testchart/values.yaml | 85 +++ 28 files changed, 1346 insertions(+) create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/.helmignore create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/Chart.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/crds/backend.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/NOTES.txt create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/_helpers.tpl create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/deployment.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/hpa.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/ingress.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/service.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/serviceaccount.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/tests/test-connection.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/values.schema.json create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/values.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/.helmignore create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/Chart.lock create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/Chart.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/README.md create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/charts/testchart-0.1.0.tgz create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/NOTES.txt create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/_helpers.tpl create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/deployment.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/hpa.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/ingress.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/service.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/serviceaccount.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/tests/test-connection.yaml create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/values.schema.json create mode 100644 internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/values.yaml diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/.helmignore b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/Chart.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/Chart.yaml new file mode 100644 index 00000000..28f9a92b --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/Chart.yaml @@ -0,0 +1,7 @@ +apiVersion: v2 +appVersion: 1.16.0 +description: A Helm chart for Kubernetes +name: testchart +type: application +version: 0.1.0 +kubeVersion: 1.20.0 diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/crds/backend.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/crds/backend.yaml new file mode 100644 index 00000000..e6b427a7 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/crds/backend.yaml @@ -0,0 +1,16 @@ +kind: CustomResourceDefinition +metadata: + name: backservs.service.example.com +spec: + group: service.example.com + versions: + - name: v1 + served: true + storage: true + scope: Namespaced + names: + plural: backservs + singular: backserv + kind: Backserv + shortNames: + - bs diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/NOTES.txt b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/NOTES.txt new file mode 100644 index 00000000..9ca33635 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "testchart.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "testchart.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "testchart.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "testchart.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/_helpers.tpl b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/_helpers.tpl new file mode 100644 index 00000000..4b0db05b --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "testchart.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "testchart.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "testchart.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "testchart.labels" -}} +helm.sh/chart: {{ include "testchart.chart" . }} +{{ include "testchart.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "testchart.selectorLabels" -}} +app.kubernetes.io/name: {{ include "testchart.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "testchart.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "testchart.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/deployment.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/deployment.yaml new file mode 100644 index 00000000..cde22bc4 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/deployment.yaml @@ -0,0 +1,61 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "testchart.fullname" . }} + labels: + {{- include "testchart.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "testchart.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "testchart.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "testchart.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 80 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/hpa.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/hpa.yaml new file mode 100644 index 00000000..51734471 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "testchart.fullname" . }} + labels: + {{- include "testchart.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "testchart.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/ingress.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/ingress.yaml new file mode 100644 index 00000000..4f349af2 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/ingress.yaml @@ -0,0 +1,41 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "testchart.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "testchart.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ . }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/service.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/service.yaml new file mode 100644 index 00000000..86baf148 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "testchart.fullname" . }} + labels: + {{- include "testchart.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "testchart.selectorLabels" . | nindent 4 }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/serviceaccount.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/serviceaccount.yaml new file mode 100644 index 00000000..f728deb2 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "testchart.serviceAccountName" . }} + labels: + {{- include "testchart.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/tests/test-connection.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/tests/test-connection.yaml new file mode 100644 index 00000000..a391ef1c --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "testchart.fullname" . }}-test-connection" + labels: + {{- include "testchart.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "testchart.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/values.schema.json b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/values.schema.json new file mode 100644 index 00000000..6cb29dbd --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/values.schema.json @@ -0,0 +1,545 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema", + "$id": "http://example.com/example.json", + "type": "object", + "title": "The root schema", + "description": "The root schema comprises the entire JSON document.", + "default": {}, + "examples": [ + { + "replicaCount": 1, + "image": { + "repository": "nginx", + "pullPolicy": "IfNotPresent", + "tag": "" + }, + "imagePullSecrets": [], + "nameOverride": "", + "fullnameOverride": "", + "serviceAccount": { + "create": true, + "annotations": {}, + "name": "" + }, + "podAnnotations": {}, + "podSecurityContext": {}, + "securityContext": {}, + "service": { + "type": "ClusterIP", + "port": 80 + }, + "ingress": { + "enabled": false, + "annotations": {}, + "hosts": [ + { + "host": "chart-example.local", + "paths": [] + } + ], + "tls": [] + }, + "resources": {}, + "autoscaling": { + "enabled": false, + "minReplicas": 1, + "maxReplicas": 100, + "targetCPUUtilizationPercentage": 80 + }, + "nodeSelector": {}, + "tolerations": [], + "affinity": {} + } + ], + "required": [ + "replicaCount", + "image", + "imagePullSecrets", + "nameOverride", + "fullnameOverride", + "serviceAccount", + "podAnnotations", + "podSecurityContext", + "securityContext", + "service", + "ingress", + "resources", + "autoscaling", + "nodeSelector", + "tolerations", + "affinity" + ], + "properties": { + "replicaCount": { + "$id": "#/properties/replicaCount", + "type": "integer", + "title": "The replicaCount schema", + "description": "An explanation about the purpose of this instance.", + "default": 0, + "examples": [ + 1 + ] + }, + "image": { + "$id": "#/properties/image", + "type": "object", + "title": "The image schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + { + "repository": "nginx", + "pullPolicy": "IfNotPresent", + "tag": "" + } + ], + "required": [ + "repository", + "pullPolicy", + "tag" + ], + "properties": { + "repository": { + "$id": "#/properties/image/properties/repository", + "type": "string", + "title": "The repository schema", + "description": "An explanation about the purpose of this instance.", + "default": "", + "examples": [ + "nginx" + ] + }, + "pullPolicy": { + "$id": "#/properties/image/properties/pullPolicy", + "type": "string", + "title": "The pullPolicy schema", + "description": "An explanation about the purpose of this instance.", + "default": "", + "examples": [ + "IfNotPresent" + ] + }, + "tag": { + "$id": "#/properties/image/properties/tag", + "type": "string", + "title": "The tag schema", + "description": "An explanation about the purpose of this instance.", + "default": "", + "examples": [ + "" + ] + } + }, + "additionalProperties": true + }, + "imagePullSecrets": { + "$id": "#/properties/imagePullSecrets", + "type": "array", + "title": "The imagePullSecrets schema", + "description": "An explanation about the purpose of this instance.", + "default": [], + "examples": [ + [] + ], + "additionalItems": true, + "items": { + "$id": "#/properties/imagePullSecrets/items" + } + }, + "nameOverride": { + "$id": "#/properties/nameOverride", + "type": "string", + "title": "The nameOverride schema", + "description": "An explanation about the purpose of this instance.", + "default": "", + "examples": [ + "" + ] + }, + "fullnameOverride": { + "$id": "#/properties/fullnameOverride", + "type": "string", + "title": "The fullnameOverride schema", + "description": "An explanation about the purpose of this instance.", + "default": "", + "examples": [ + "" + ] + }, + "serviceAccount": { + "$id": "#/properties/serviceAccount", + "type": "object", + "title": "The serviceAccount schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + { + "create": true, + "annotations": {}, + "name": "" + } + ], + "required": [ + "create", + "annotations", + "name" + ], + "properties": { + "create": { + "$id": "#/properties/serviceAccount/properties/create", + "type": "boolean", + "title": "The create schema", + "description": "An explanation about the purpose of this instance.", + "default": false, + "examples": [ + true + ] + }, + "annotations": { + "$id": "#/properties/serviceAccount/properties/annotations", + "type": "object", + "title": "The annotations schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + {} + ], + "required": [], + "additionalProperties": true + }, + "name": { + "$id": "#/properties/serviceAccount/properties/name", + "type": "string", + "title": "The name schema", + "description": "An explanation about the purpose of this instance.", + "default": "", + "examples": [ + "" + ] + } + }, + "additionalProperties": true + }, + "podAnnotations": { + "$id": "#/properties/podAnnotations", + "type": "object", + "title": "The podAnnotations schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + {} + ], + "required": [], + "additionalProperties": true + }, + "podSecurityContext": { + "$id": "#/properties/podSecurityContext", + "type": "object", + "title": "The podSecurityContext schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + {} + ], + "required": [], + "additionalProperties": true + }, + "securityContext": { + "$id": "#/properties/securityContext", + "type": "object", + "title": "The securityContext schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + {} + ], + "required": [], + "additionalProperties": true + }, + "service": { + "$id": "#/properties/service", + "type": "object", + "title": "The service schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + { + "type": "ClusterIP", + "port": 80 + } + ], + "required": [ + "type", + "port" + ], + "properties": { + "type": { + "$id": "#/properties/service/properties/type", + "type": "string", + "title": "The type schema", + "description": "An explanation about the purpose of this instance.", + "default": "", + "examples": [ + "ClusterIP" + ] + }, + "port": { + "$id": "#/properties/service/properties/port", + "type": "integer", + "title": "The port schema", + "description": "An explanation about the purpose of this instance.", + "default": 0, + "examples": [ + 80 + ] + } + }, + "additionalProperties": true + }, + "ingress": { + "$id": "#/properties/ingress", + "type": "object", + "title": "The ingress schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + { + "enabled": false, + "annotations": {}, + "hosts": [ + { + "host": "chart-example.local", + "paths": [] + } + ], + "tls": [] + } + ], + "required": [ + "enabled", + "annotations", + "hosts", + "tls" + ], + "properties": { + "enabled": { + "$id": "#/properties/ingress/properties/enabled", + "type": "boolean", + "title": "The enabled schema", + "description": "An explanation about the purpose of this instance.", + "default": false, + "examples": [ + false + ] + }, + "annotations": { + "$id": "#/properties/ingress/properties/annotations", + "type": "object", + "title": "The annotations schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + {} + ], + "required": [], + "additionalProperties": true + }, + "hosts": { + "$id": "#/properties/ingress/properties/hosts", + "type": "array", + "title": "The hosts schema", + "description": "An explanation about the purpose of this instance.", + "default": [], + "examples": [ + [ + { + "host": "chart-example.local", + "paths": [] + } + ] + ], + "additionalItems": true, + "items": { + "$id": "#/properties/ingress/properties/hosts/items", + "anyOf": [ + { + "$id": "#/properties/ingress/properties/hosts/items/anyOf/0", + "type": "object", + "title": "The first anyOf schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + { + "host": "chart-example.local", + "paths": [] + } + ], + "required": [ + "host", + "paths" + ], + "properties": { + "host": { + "$id": "#/properties/ingress/properties/hosts/items/anyOf/0/properties/host", + "type": "string", + "title": "The host schema", + "description": "An explanation about the purpose of this instance.", + "default": "", + "examples": [ + "chart-example.local" + ] + }, + "paths": { + "$id": "#/properties/ingress/properties/hosts/items/anyOf/0/properties/paths", + "type": "array", + "title": "The paths schema", + "description": "An explanation about the purpose of this instance.", + "default": [], + "examples": [ + [] + ], + "additionalItems": true, + "items": { + "$id": "#/properties/ingress/properties/hosts/items/anyOf/0/properties/paths/items" + } + } + }, + "additionalProperties": true + } + ] + } + }, + "tls": { + "$id": "#/properties/ingress/properties/tls", + "type": "array", + "title": "The tls schema", + "description": "An explanation about the purpose of this instance.", + "default": [], + "examples": [ + [] + ], + "additionalItems": true, + "items": { + "$id": "#/properties/ingress/properties/tls/items" + } + } + }, + "additionalProperties": true + }, + "resources": { + "$id": "#/properties/resources", + "type": "object", + "title": "The resources schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + {} + ], + "required": [], + "additionalProperties": true + }, + "autoscaling": { + "$id": "#/properties/autoscaling", + "type": "object", + "title": "The autoscaling schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + { + "enabled": false, + "minReplicas": 1, + "maxReplicas": 100, + "targetCPUUtilizationPercentage": 80 + } + ], + "required": [ + "enabled", + "minReplicas", + "maxReplicas", + "targetCPUUtilizationPercentage" + ], + "properties": { + "enabled": { + "$id": "#/properties/autoscaling/properties/enabled", + "type": "boolean", + "title": "The enabled schema", + "description": "An explanation about the purpose of this instance.", + "default": false, + "examples": [ + false + ] + }, + "minReplicas": { + "$id": "#/properties/autoscaling/properties/minReplicas", + "type": "integer", + "title": "The minReplicas schema", + "description": "An explanation about the purpose of this instance.", + "default": 0, + "examples": [ + 1 + ] + }, + "maxReplicas": { + "$id": "#/properties/autoscaling/properties/maxReplicas", + "type": "integer", + "title": "The maxReplicas schema", + "description": "An explanation about the purpose of this instance.", + "default": 0, + "examples": [ + 100 + ] + }, + "targetCPUUtilizationPercentage": { + "$id": "#/properties/autoscaling/properties/targetCPUUtilizationPercentage", + "type": "integer", + "title": "The targetCPUUtilizationPercentage schema", + "description": "An explanation about the purpose of this instance.", + "default": 0, + "examples": [ + 80 + ] + } + }, + "additionalProperties": true + }, + "nodeSelector": { + "$id": "#/properties/nodeSelector", + "type": "object", + "title": "The nodeSelector schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + {} + ], + "required": [], + "additionalProperties": true + }, + "tolerations": { + "$id": "#/properties/tolerations", + "type": "array", + "title": "The tolerations schema", + "description": "An explanation about the purpose of this instance.", + "default": [], + "examples": [ + [] + ], + "additionalItems": true, + "items": { + "$id": "#/properties/tolerations/items" + } + }, + "affinity": { + "$id": "#/properties/affinity", + "type": "object", + "title": "The affinity schema", + "description": "An explanation about the purpose of this instance.", + "default": {}, + "examples": [ + {} + ], + "required": [], + "additionalProperties": true + } + }, + "additionalProperties": true +} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/values.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/values.yaml new file mode 100644 index 00000000..6c45a415 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-crd/testchart/values.yaml @@ -0,0 +1,79 @@ +# Default values for testchart. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: nginx + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: [] + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/.helmignore b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/Chart.lock b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/Chart.lock new file mode 100644 index 00000000..2da12689 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: testchart + repository: file://../../chart-0.1.0-v3.with-crd/testchart + version: 0.1.0 +digest: sha256:12a5104c556ef2707f843181c0a156359e6edab238ff70dfde80eda5c34ccc07 +generated: "2023-02-28T08:55:10.964621187+01:00" diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/Chart.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/Chart.yaml new file mode 100644 index 00000000..6d6f22b7 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v2 +appVersion: 1.16.0 +description: A Helm chart for Kubernetes +icon: https://www.example.com/chart-icon.png +kubeVersion: '>=1.20.0' +name: chart +type: application +version: 0.1.0-v3.subchart +dependencies: + - name: testchart + alias: subchart + version: 0.1.0 + repository: file://../../chart-0.1.0-v3.with-crd/testchart + condition: subchart.enabled diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/README.md b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/README.md new file mode 100644 index 00000000..e845566c --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/README.md @@ -0,0 +1 @@ +README diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/charts/testchart-0.1.0.tgz b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/charts/testchart-0.1.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..5b4ca6306c729143e2bd835b1dbe5f70b2245bf1 GIT binary patch literal 5542 zcmV;X6Dc zVQyr3R8em|NM&qo0PH<~Z`-!E{ac^nJhd0y`fAxu(xfoZ2jr%GyLq=ugQn}nFbo4N z(KZ`d)JQ6cm*su-3zGUlNt7(duG8F^f3%K79v+_GJfuj0x$tL*iT;WF*IS@@_+-On zFc=ID4-VA-gTbKs|6p%#@ML(fe{{6JKYX=+^kgvH-x~~{z+lse*h<0$VowHZ_f;L- zBPl2*pE2WvMkBb|b5I=Te-6Fjp*L^>%zZ{;p`IPXKX5n)B{49e4E~vnF^jOk+__A~ z*l4^r@CHtV=6D3TkU3%z;}M`Z4vCK>NareRG4O`oz}>|Cp3w~2!@VB=4gsX z4gkY3F|httu0q!<~#>vBniXXLx*E_MSOhh z`)WuEvx^w}WI`~9>lqd^%m6`J50I`1d`6Qnko58yMgj*8q`yWWSb`Ox<0zs+*-J%S z6a?}=Ii3nQ2LKgyM{s+m+JBm1kSGJ4*jhjuMLw3`mw+@N z!eNRd%p}H;a1u=w;EXmouN?sG10;=N8XQ-!lg}=&pD-d8Co~fHM&wve_z#RG@d)+? zgMp;5y_%0=G$tVt1anPyfPm3B``v@%_wUtjhEeb#3Kt(K75_^@%okkXxj|=^M92J$ zMzTWn@lPDH5e!pQ6#Zlm+M}I>2^W~1o=ah+OpM_5z;Q@4Wtc0Za3obD7{LUE99!8W zd%DcssYhr(ZSVOZ;=Is?dPNcP9`Y5LCDN_~Fr!?ko+Sa~A0sXMJ$!@aafrQ;`Y2TI z0b(R(TG|0bnEiSxn{uTJXNrd<06h`%l)^=4Pc^)rwJ(QZP7~(iLNNb@A>j!M!v!$x z)A<}nff7GKfh+A<yq-el9zRu#Y)MZ1GZ!pW!)G zqsQPUEL^~tAw`>szzm)jq<-$DK@b^RadQ6CPlANx52YOEnE5yo(lR;Anrai~qJ!Zj}dcpJ}$cBXDOz#G`&+3P3Lv2Fj-WfT4-#4UYP0 z&6jCI5*Up#d+*bE{#yddYD;G+tJCop?2G&<5uti4!xTnk@KNf+n1Nbqfluc#BRq}& za3l!B@P8K{&LE(EB5kZ!KvJ&6l?tCeO3~!*2!2VuA;4|^OVu%hRd)o#m*v+gY?Lrd zkF%C(Fe@=v4%~fNuU5pjvYHv;+G-0lbyYxRKE1OcWyG>_e7{!em{F{PSb1NKbZvFY zaj%^UI)-$0L}eL}5epftsiC@j(B%Nr0?Vz3o3>iKOBFS4`+ze!&%;71(SjULD54x!g*jGrZVP*sONbfh*am8ZJvJkd1wn2;4S}2sXox4g4ps(E4n$JR3~4W zw8%uwcxZ~4Ib@Sz#&eTVCX|dpC6>gD#+b=DZ%KNqzN+HMQg{8dUo`JGun|l{Mk0Zy znAKjFJhuU-?7{Q;6;FN~0ltYt6sbW28q-A2hvJ0Al&9$m!hu9w$Vr-42bekZie}mU zdRB&|CxsEYt4VPu3RVRk8e<(h<#f(!>m;jLidLH09YMzk2Ud=9pfS>cnv4 zN~@ISwX`H!-`C>~TUb<*)^#}5Dp7DxP8C2OJ*P^BU=4<8W3djWB!tbeNTBJX=S^pR zv__~X2#6dK3eQdRnC91OZESPbu3p$4WrE2<#2BioqQxH@khbrdYf*YDyDHP5T7;jI z|5V^Px6Z>|lD@L|tS-dv>-J?aurjxjQ0TzehG_sS)ypzhO)%T%Xf1Kl%F&AA*&|d- zdZq(4TP9YkQnU){KZ2@D5?WT8Hcm)k#hE}E&?B7^EJ^o4x4aZIr~P2f89<8Ql5|;9 z7ILllKc~$KaY|Vz%r}h#0aNbAl!h2Zor0Ehx&OiAmWGrYbPiog!G&461(Ox|+yt}Q zWeb*CilUauFazqtbFER2JF)Dxp85rQ`WLD?-c+YcsyvZyTrzu z;tk(1rjarB#ppHcL7W2Wm$T z?wbT%#E(BpDI{f$8AU2h>v2Z`S;8IrT5VCS?Cw~D9nI@+fjyR85zv`C7WIT}RvdzZkve+gP9vDSS|bug>B zn2g-3C%80iZHsFmU(Y!eBCyH|otAp@QS;c~zB#WHT(}IqU3mTmlSPclY2y2%m z=e%Z`u{gDyPlWFE^cN~^PkaRI8ocI_#F z_*$A&>13G+EmiNNVP;v*x*Ya;dX@BNauDhD%Ft(wtMrX?sD%NHzt8d=Yrj(r_bkxL^wBZ5d zQFnX~fozMg>CH5_DQbSo%$_uC@HTTus6i zzs-fOm$^3wW_xXn$mVt02hxi2S4r&~^0-UyZz;WB){XU<)h?0%_gs`Vz&@k$ zuEVU7iP`|OS`7r;n^^_e$Ih%l=bZ$r8`w>7a7h;%WNLd)kDSjBv|*%rOvm!Tui=~s zSTXW5!F=oM&j-tl$rEgPWW4|nH3Zler6_yKEs zWSq(mKYe@;;{~uJiqfNB3=O_yJ$hp1k0hxgJS)Uo2ol~66wD0az4ThpAhG%MJ zbM&TGTkq?+lV+r-?df$V^>ijge0wW9dRA>KLRp93-U5zff1`f?_EvYL;KJSA?Jal( zbY0D<{tP*m@O>HyL?RCE84d6`Wx~zTO?P2?YA3sbhi}xj>9Y@S-~D#};p3+_&%V1% z#@H7jOtFAoFG6$7W8`CyNPNU0MjU%*`O~{Q=u!B>X(UJc#=Z4;jD1f+<-ZJm^`aDs zJ2(5(f=fsw^1~#+;1=hzXJ6pEYOLQ^kUKrEpe6zHdm*U2vBZrFBogkSAdrl}>RI~7 zovRS=XB5)&K%b>(jGpDhYM}djih{qRQ2IaCMtcB|=4k|{0_JD|0$pN2Fu~U_Cs87@ z6YOUgOptJTo}NmNt`G^On0lti`0xQHpXWem8|wBB|K&d zm)siVkF`n4IqZHWoQRCk!@VPK;0?Ut==I?BAiYsQ-}_)V78%cHn0LZhV$qvWc8yqI zpfCFvJu4H%H0}@WRv%5V#ecuea2R98JrQr@Dwx&pe|dE{*xSW_+bFlU{TI%=n^;|` zP`M=}y#nS%KQ+(+o{-350(-@Kby0(-uM$(%F0m&v4RK{U zC{K55tHIL*^!pUFXGlys(Bu44Ci$)&Qsprc>8j)GS&`6JA}tFmEe*40we8_wZf&#N_)XXpuQe!yaUC^E_!M05zR|Xixkw#TNesI1cGTU7WFz+W?owe}{*a z`0sFke|P`iR*HH5CyHa=g8q!=VX5cWMYGZVR4=D)SXh3VA|Z5X96nUENDflU{dvfC@Z!_GNl05E40T9 z^zO`cx<*_Y@Tne(R3J0lD?`>dY=Ud3hI-@~r@r6ajcTt2n!=yenLsI6bF00a8~1hA z;2B4km+(^wr}B6+g3W}8E6bautdwORX3VIdJ`G3k>Ezsa7m_O+Vb0GP9piFuvX>ul zh2;8j#1ZtXPgS=S#27{a`HIl9JN=dkMX~SNE)F$~E$tD>tCgD zyxJRMfwGA4AC!?lq*)HnX>goY!|Y+hM}@;DwV&}Lo@iLMpjSSx1-{A%u7Yvtnp4B` znRGR`H|s{`Rj5skjBU2M5f+U2CUNXsT(XrjwQjxi9^;Rx<8aCzr!bS68h)JQPjm;z zSD2wGHack>N;ixuwteXcTkeCs=OFbBx9g6x16~iAkFeSQY?H;Ne83X>zc)A-)YgB7 zyY-)~lqEZPvK-$tY3a_=MS&%TFmJ=Jd>NdZdw)vn{zd|kOhmofx;fd;d(vIJ>z22O_c=NU!3eA}p>cyOc_J`C8|WhuTr)xx;D`d?Rqg)yC6O zU9F4SF`R1R*!@{Sp|xF?ZAP8)1y%C{wcJ2M9D7j9d{pu)_8nH~eegNtbdy$7-R!RU zN?e_`GB$ka(o?3>Ox>HUDs%nf8hY8N_}l6*N`J5<#7oCeLN2>8U-qQ7lhsgEyB>0M z_5Jxyc}`Z}&{m9F&-#ijYDF0%{}M+*b()we&RK)FS*q%Jv8ty{hj2eRVk8-}(P-6w?RhssD5>^kFA%I###r87#K`85zS~nlfwI zV`zr)=hgh0EnQg3J(iaV?vXk__$JM1i~gsp!|R)YrTRZOsObOE@Nlrx|80~`3;5Mw zxoRlV>YeRH%W}+yg3pPS;e_&9Es@)0e<-hy=OPCrBF4Q4}~&A;MGrh2eKG!xM6Y1MRT?>w6DA zMBxHxq*_XpAjS+r5@FBr-d_B6At=MnQ%JY5em=Q?fH3ZOQzH86UyZ)wjsIYM^>6lI zHtoxQvOoD%)Gq*yk$;)QFd-r4&I^xU$Ic6Hj4quQo|wzul#!|P;{Tne@EI{e6Aq_u z-*Lx_8U2EN;dms#sIRLt`o;0CxK9Jze`wwAQVRX|S-|^g_GzQbzsvQ1uNwa!92^aI z`oE2$9sWte1)XQ>VsEk9ia}`Pl=rM@S1M&hy0^l~We4>7bnX-z!={WT@d#{{;pHZeJFQp-j`D0M~UD=gg*_9{%4gdiE|CsZ6W&orB0H9&;#{d8T literal 0 HcmV?d00001 diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/NOTES.txt b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/NOTES.txt new file mode 100644 index 00000000..319f01bd --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "chart.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "chart.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "chart.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "chart.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/_helpers.tpl b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/_helpers.tpl new file mode 100644 index 00000000..7ba5edc2 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "chart.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "chart.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "chart.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "chart.labels" -}} +helm.sh/chart: {{ include "chart.chart" . }} +{{ include "chart.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "chart.selectorLabels" -}} +app.kubernetes.io/name: {{ include "chart.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "chart.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "chart.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/deployment.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/deployment.yaml new file mode 100644 index 00000000..a5de2152 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/deployment.yaml @@ -0,0 +1,61 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "chart.fullname" . }} + labels: + {{- include "chart.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "chart.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "chart.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "chart.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: '{{ .Values.image.repository }}{{ .Values.image.name }}:{{ .Values.image.tag }}' + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 80 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/hpa.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/hpa.yaml new file mode 100644 index 00000000..548ee03b --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "chart.fullname" . }} + labels: + {{- include "chart.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "chart.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/ingress.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/ingress.yaml new file mode 100644 index 00000000..38de004c --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/ingress.yaml @@ -0,0 +1,41 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "chart.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "chart.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/service.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/service.yaml new file mode 100644 index 00000000..dfc5b3a3 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "chart.fullname" . }} + labels: + {{- include "chart.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "chart.selectorLabels" . | nindent 4 }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/serviceaccount.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/serviceaccount.yaml new file mode 100644 index 00000000..26a57fa8 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "chart.serviceAccountName" . }} + labels: + {{- include "chart.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/tests/test-connection.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/tests/test-connection.yaml new file mode 100644 index 00000000..7735b9bf --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "chart.fullname" . }}-test-connection" + labels: + {{- include "chart.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: 'docker.io/library/busybox' + command: ['wget'] + args: ['{{ include "chart.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/values.schema.json b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/values.schema.json new file mode 100644 index 00000000..86f5230b --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/values.schema.json @@ -0,0 +1,35 @@ +{ + "$schema": "https://json-schema.org/draft-07/schema#", + "properties": { + "image": { + "description": "Container Image", + "properties": { + "repo": { + "type": "string" + }, + "tag": { + "type": "string" + } + }, + "type": "object" + }, + "name": { + "description": "Service name", + "type": "string" + }, + "port": { + "description": "Port", + "minimum": 0, + "type": "integer" + }, + "protocol": { + "type": "string" + } + }, + "required": [ + "protocol", + "port" + ], + "title": "Values", + "type": "object" +} diff --git a/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/values.yaml b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/values.yaml new file mode 100644 index 00000000..8b858ce8 --- /dev/null +++ b/internal/chartverifier/checks/chart-0.1.0-v3.with-subchart/testchart/values.yaml @@ -0,0 +1,85 @@ +# Default values for chart. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + name: /library/nginx + repository: docker.io + pullPolicy: IfNotPresent + tag: "1.23" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: [] + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +protocol: http +port: 80 + +subchart: + enabled: false From 245837108a7fbe5c8661762383edf0f00505d0c1 Mon Sep 17 00:00:00 2001 From: Tom Fenech Date: Tue, 28 Feb 2023 09:59:23 +0100 Subject: [PATCH 2/3] Build with podman for local testing --- hack/build-image.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/build-image.sh b/hack/build-image.sh index a1a70e1f..5477cfa6 100755 --- a/hack/build-image.sh +++ b/hack/build-image.sh @@ -16,4 +16,4 @@ # COMMIT_ID=$(git rev-parse --short HEAD) -docker build -t quay.io/redhat-certification/chart-verifier:"$COMMIT_ID" . +podman build -t quay.io/redhat-certification/chart-verifier:"$COMMIT_ID" . From 4eeea6931cc6f693fa5d93a85296e60f12efe9fc Mon Sep 17 00:00:00 2001 From: Tom Fenech Date: Tue, 28 Feb 2023 10:03:13 +0100 Subject: [PATCH 3/3] Prevent disabled subcharts from causing NotContainCRDs test failure Process dependencies according to chart values to remove unused subcharts, so any CRDs they may contain are not taken into account. --- internal/chartverifier/checks/checks.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/internal/chartverifier/checks/checks.go b/internal/chartverifier/checks/checks.go index 9004dcdc..b6e6039d 100644 --- a/internal/chartverifier/checks/checks.go +++ b/internal/chartverifier/checks/checks.go @@ -29,6 +29,7 @@ import ( "github.com/pkg/errors" "golang.org/x/mod/semver" "helm.sh/helm/v3/pkg/action" + "helm.sh/helm/v3/pkg/chartutil" "helm.sh/helm/v3/pkg/lint" "helm.sh/helm/v3/pkg/lint/support" @@ -216,6 +217,8 @@ func NotContainCRDs(opts *CheckOptions) (Result, error) { return NewResult(false, err.Error()), err } + chartutil.ProcessDependencies(c, c.Values) + r := NewResult(true, ChartDoesNotContainCRDs) if len(c.CRDObjects()) > 0 {