diff --git a/.github/workflows/helm-publish.yml b/.github/workflows/helm-publish.yml index 9f57719..aca9dad 100644 --- a/.github/workflows/helm-publish.yml +++ b/.github/workflows/helm-publish.yml @@ -65,6 +65,10 @@ jobs: - name: Helm template run: helm template ./chart --values ./chart/linter_values.yaml + - uses: extractions/setup-just@v3 + - name: Run Helm unit tests + run: just test + - name: Helm template (snapshots) run: ./chart/update-snapshots.sh --check-diff-only diff --git a/chart/tests/common/extra_manifest_test.yaml b/chart/tests/common/extra_manifest_test.yaml new file mode 100644 index 0000000..c117bdc --- /dev/null +++ b/chart/tests/common/extra_manifest_test.yaml @@ -0,0 +1,73 @@ +suite: extraManifests tests +templates: + - templates/extraManifests.yaml +tests: + - it: should render 0 documents when extraManifests is not set + set: {} + asserts: + - hasDocuments: + count: 0 + + - it: should render 0 documents when extraManifests is an empty list + set: + extraManifests: [] + asserts: + - hasDocuments: + count: 0 + + - it: should render 0 documents when extraManifests is an empty map + set: + extraManifests: {} + asserts: + - hasDocuments: + count: 0 + + - it: should render multiple documents when extraManifests is a slice of objects + set: + extraManifests: + - apiVersion: v1 + kind: ConfigMap + metadata: + name: cm-one + data: + A: "1" + - apiVersion: v1 + kind: Namespace + metadata: + name: ns-two + asserts: + - hasDocuments: + count: 2 + + - it: should render a document when extraManifests contains a string template (tpl evaluated) + set: + environment: TEST + extraManifests: + - | + apiVersion: v1 + kind: ConfigMap + metadata: + name: "cm-{{ .Values.environment | lower }}" + data: + ENV: "{{ .Values.environment }}" + asserts: + - hasDocuments: + count: 1 + + - it: should render multiple documents when extraManifests is a map (one manifest per key) + set: + extraManifests: + first: + apiVersion: v1 + kind: ConfigMap + metadata: + name: ConfigMap-first + second: + apiVersion: v1 + kind: ServiceAccount + metadata: + name: ServiceAccount-second + asserts: + - hasDocuments: + count: 2 + diff --git a/chart/tests/config/configmap_test.yaml b/chart/tests/config/configmap_test.yaml new file mode 100644 index 0000000..1d764b7 --- /dev/null +++ b/chart/tests/config/configmap_test.yaml @@ -0,0 +1,56 @@ +suite: ConfigMap tests +templates: + - templates/config/configmap.yaml +tests: + - it: should render ConfigMap with correct metadata labels and env data (tpl evaluated) + set: + environment: TEST + ingress: + host: myapp.example.com + postgresql: + auth: + database: "my-app" + env: + ENV_1: VALUE_1 + # tpl evaluation from values + POSTGRES_DB: "{{ .Values.postgresql.auth.database }}" + INGRESS_HOST: "{{ .Values.ingress.host }}" + + asserts: + - isKind: + of: ConfigMap + - isAPIVersion: + of: v1 + - isNotEmpty: + path: metadata.name + - equal: + path: metadata.labels.environment + value: TEST + - equal: + path: metadata.labels.release + value: RELEASE-NAME + - isNotEmpty: + path: metadata.labels.app + - equal: + path: data.ENV_1 + value: "VALUE_1" + - equal: + path: data.POSTGRES_DB + value: "my-app" + - equal: + path: data.INGRESS_HOST + value: "myapp.example.com" + + - it: should render ConfigMap with empty data when env is empty + set: + environment: TEST + env: {} + asserts: + - isKind: + of: ConfigMap + - equal: + path: metadata.labels.environment + value: TEST + - equal: + path: data + value: null diff --git a/chart/tests/config/secret_test.yaml b/chart/tests/config/secret_test.yaml new file mode 100644 index 0000000..bf9240d --- /dev/null +++ b/chart/tests/config/secret_test.yaml @@ -0,0 +1,73 @@ +suite: Config Secret tests +templates: + - templates/config/secret.yaml +tests: + - it: should render Secret with expected metadata and stringData (tpl evaluated) + set: + environment: TEST + secretsStoreCsiDriver: + create: false + # values used by tpl in secrets + postgresql: + auth: + database: "my-app" + postgresPassword: "random-strong-password" + secrets: + SIMPLE: plain + POSTGRES_DB: "{{ .Values.postgresql.auth.database }}" + POSTGRES_USER: "postgres" + POSTGRES_PASSWORD: "{{ .Values.postgresql.auth.postgresPassword }}" + + asserts: + - isKind: + of: Secret + - isAPIVersion: + of: v1 + - isNotEmpty: + path: metadata.name + - equal: + path: metadata.labels.environment + value: TEST + - equal: + path: metadata.labels.release + value: RELEASE-NAME + - isNotEmpty: + path: metadata.labels.app + - equal: + path: type + value: Opaque + - equal: + path: stringData.SIMPLE + value: "plain" + - equal: + path: stringData.POSTGRES_DB + value: "my-app" + - equal: + path: stringData.POSTGRES_PASSWORD + value: "random-strong-password" + + - it: should not render Secret when secretsStoreCsiDriver.create=true (Azure Key Vault enabled) + set: + secretsStoreCsiDriver: + create: true + secrets: + SIMPLE: plain + asserts: + - hasDocuments: + count: 0 + + - it: should render Secret with empty stringData when secrets is empty + set: + environment: TEST + secretsStoreCsiDriver: + create: false + secrets: {} + asserts: + - isKind: + of: Secret + - equal: + path: metadata.labels.environment + value: TEST + - equal: + path: stringData + value: null diff --git a/justfile b/justfile new file mode 100644 index 0000000..628232c --- /dev/null +++ b/justfile @@ -0,0 +1,19 @@ +# Install just: https://github.com/casey/just + +set shell := ["bash", "-eu", "-o", "pipefail", "-c"] + +CHART_DIR := "chart" +TEST_GLOB := "tests/**/*_test.yaml" + +default: + @just --list + +install-unittest: + @if helm plugin list | awk '{print $1}' | grep -qx 'unittest'; then \ + echo "helm-unittest already installed"; \ + else \ + helm plugin install https://github.com/helm-unittest/helm-unittest; \ + fi + +test: install-unittest + helm unittest {{CHART_DIR}} -f {{TEST_GLOB}}