Commit c71c4003 authored by Dominik Hebeler's avatar Dominik Hebeler
Browse files

new deployment

parent 03fbcada
......@@ -22,7 +22,7 @@ helm delete yacy
To Remove PVC and admin credential secrets
```console
kubectl delete pvc,secret -lapp=yacy
kubectl delete pvc,secret -lappname=yacy
```
The commands remove all the Kubernetes components associated with the chart and deletes the release.
......
## Contributing
Thank you for your interest in contributing to this GitLab project! We welcome
all contributions. By participating in this project, you agree to abide by the
[code of conduct](#code-of-conduct).
## Developer Certificate of Origin + License
By contributing to GitLab B.V., You accept and agree to the following terms and
conditions for Your present and future Contributions submitted to GitLab B.V.
Except for the license granted herein to GitLab B.V. and recipients of software
distributed by GitLab B.V., You reserve all right, title, and interest in and to
Your Contributions. All Contributions are subject to the following DCO + License
terms.
[DCO + License](https://gitlab.com/gitlab-org/dco/blob/master/README.md)
_This notice should stay as the first item in the CONTRIBUTING.md file._
## Code of conduct
We want to create a welcoming environment for everyone who is interested
in contributing. Please visit our [Code of Conduct
page](https://about.gitlab.com/contributing/code-of-conduct) to learn
more about our commitment to an open and welcoming environment.
## Merge request guidelines
Below are some guidelines for merge requests:
- Any new configuration option should be documented in
the `Configuration` section in README.md.
- For any template changes, we encourage a test case be added or
updated in the
[template tests](https://gitlab.com/gitlab-org/charts/auto-deploy-app/-/blob/master/test/template_test.go).
### Working with the tests
The tests are written in [Go](https://golang.org) (version 1.13 or later,
with [modules enabled](https://golang.org/cmd/go/#hdr-Module_support)) using
the [Terratest](https://github.com/gruntwork-io/terratest) library. To work
on the tests, you need to have [Helm 2](https://v2.helm.sh/docs/) and
[Go](https://golang.org) installed.
To run the tests, run the following commands from the root of your copy of `auto-deploy-app`:
```shell
helm repo add stable https://charts.helm.sh/stable # required only once
helm dependency build . # required any time the dependencies change
cd test
GO111MODULE=auto go test ./... # required for every change to the tests or the template
```
### Windows users
Some of the dependencies might not be available on Windows (e.g., `github.com/sirupsen/logrus/hooks/syslog`). Therefore we recommend running tests on docker, vagrant boxes or similar virtualization tools.
\ No newline at end of file
apiVersion: v1
description: GitLab's Auto-deploy Helm Chart
name: auto-deploy-app
version: 2.11.1
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png
Copyright GitLab B.V.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
# GitLab's Auto-deploy Helm Chart
## Requirements
- Helm `2.9.0` and above is required in order support `"helm.sh/hook-delete-policy": before-hook-creation` for migrations
## Configuration
| Parameter | Description | Default |
| --- | --- | --- |
| replicaCount | | `1` |
| strategyType | Pod deployment [strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy) | `nil` |
| serviceAccountName(**DEPRECATED**) | Pod service account name override | `nil` |
| serviceAccount.name | Name of service account to use for running the pods | `nil` |
| serviceAccount.createNew | If set to `true`, a new service account will be created with the details specified in the other fields under `serviceAccount`. If set to `false`, the service account specified in `serviceAccount.name` is expected to already exist. | `false` |
| serviceAccount.annotations | Annotations for the service account to be created | `nil` |
| image.repository | | `gitlab.example.com/group/project` |
| image.tag | | `stable` |
| image.pullPolicy | | `Always` |
| image.secrets | | `[name: gitlab-registry]` |
| extraLabels | Allow labelling resources with custom key/value pairs | `{}` |
| lifecycle | [Container lifecycle hooks](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/) | `{}` |
| podAnnotations | Pod annotations | `{}` |
| nodeSelector | Node labels for pod assignment | `{}` |
| tolerations | List of node taints to tolerate | `[]` |
| affinity | Node affinity for pod assignment | `{}` |
| application.track | | `stable` |
| application.tier | | `web` |
| application.migrateCommand | If present, this variable will run as a shell command within an application Container as a Helm pre-upgrade Hook. Intended to run migration commands. | `nil` |
| application.initializeCommand | If present, this variable will run as shell command within an application Container as a Helm post-install Hook. Intended to run database initialization commands. When set, the Deployment resource will be skipped.| `nil` |
| application.secretName | Pass in the name of a Secret which the deployment will [load all key-value pairs from the Secret as environment variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) in the application container. | `nil` |
| application.secretChecksum | Pass in the checksum of the secrets referenced by `application.secretName`. | `nil` |
| hpa.enabled | If true, enables horizontal pod autoscaler. A resource request is also required to be set, such as `resources.requests.cpu: 200m`.| `false` |
| hpa.minReplicas | | `1` |
| hpa.maxReplicas | | `5` |
| hpa.targetCPUUtilizationPercentage | Percentage threshold when HPA begins scaling out pods | `80` |
| gitlab.app | GitLab project slug. | `nil` |
| gitlab.env | GitLab environment slug. | `nil` |
| gitlab.envName | GitLab environment name. | `nil` |
| gitlab.envURL | GitLab environment URL. | `nil` |
| gitlab.projectID | Gitlab project ID. | `nil` |
| service.enabled | | `true` |
| service.annotations | Service annotations | `{}` |
| service.name | | `web` |
| service.type | | `ClusterIP` |
| service.url | | `http://my.host.com/` |
| service.additionalHosts | If present, this list will add additional hostnames to the server configuration. | `nil` |
| service.commonName | If present, this will define the ssl certificate common name to be used by CertManager. `service.url` and `service.additionalHosts` will be added as Subject Alternative Names (SANs) | `nil` |
| service.externalPort | | `5000` |
| service.internalPort | | `5000` |
| ingress.enabled | If true, enables ingress | `true` |
| ingress.path | Default path for the ingress | `/` |
| ingress.tls.enabled | If true, enables SSL | `true` |
| ingress.tls.acme | Controls `kubernetes.io/tls-acme` annotation | `true` |
| ingress.tls.secretName | Name of the secret used to terminate SSL traffic | `""` |
| ingress.tls.useDefaultSecret | If set to `true`, the `secretName` is not used, which makes Ingress fall back to the default secret (certificate). This requires [configuration of the default secret](https://kubernetes.github.io/ingress-nginx/user-guide/tls/#default-ssl-certificate). | `false` |
| ingress.modSecurity.enabled | Enable custom configuration for modsecurity, defaulting to [the Core Rule Set](https://coreruleset.org) | `false` |
| ingress.modSecurity.secRuleEngine | Configuration for [ModSecurity's rule engine](https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-(v2.x)#SecRuleEngine) | `DetectionOnly` |
| ingress.modSecurity.secRules | Configuration for custom [ModSecurity's rules](https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-(v2.x)#secrule) | `nil` |
| ingress.annotations | Ingress annotations | `{kubernetes.io/ingress.class: "nginx"}` |
| livenessProbe.path | Path to access on the HTTP server on periodic probe of container liveness. | `/` |
| livenessProbe.scheme | Scheme to access the HTTP server (HTTP or HTTPS). | `HTTP` |
| livenessProbe.initialDelaySeconds | # of seconds after the container has started before liveness probes are initiated. | `15` |
| livenessProbe.timeoutSeconds | # of seconds after which the liveness probe times out. | `15` |
| livenessProbe.probeType | Type of [liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes) to use. | `httpGet`
| livenessProbe.command | Commands for use with probe type 'exec'. | `{}`
| readinessProbe.path | Path to access on the HTTP server on periodic probe of container readiness. | `/` |
| readinessProbe.scheme | Scheme to access the HTTP server (HTTP or HTTPS). | `HTTP` |
| readinessProbe.initialDelaySeconds | # of seconds after the container has started before readiness probes are initiated. | `5` |
| readinessProbe.timeoutSeconds | # of seconds after which the readiness probe times out. | `3` |
| readinessProbe.probeType | Type of [readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes) to use. | `httpGet`
| readinessProbe.command | Commands for use with probe type 'exec'. | `{}`
| postgresql.managed | If true, this will provision a managed Postgres instance via crossplane. | `false` |
| postgresql.managedClassSelector | This will allow provisioning a Postgres instance based on label selectors via Crossplane, eg: `managedClassSelector.matchLabels.stack: gitlab`. The `postgresql.managed` value should be true as well for this to be honoured. [Crossplane Configuration](https://docs.gitlab.com/ee/user/clusters/applications.html#crossplane) | `{}` |
| podDisruptionBudget.enabled | | `false` |
| podDisruptionBudget.maxUnavailable | | `1` |
| podDisruptionBudget.minAvailable | If present, this variable will configure minAvailable in the PodDisruptionBudget. :warning: if you have `replicaCount: 1` and `podDisruptionBudget.minAvailable: 1` `kubectl drain` will be blocked. | `nil` |
| prometheus.metrics | Annotates the service for prometheus auto-discovery. Also denies access to the `/metrics` endpoint from external addresses with Ingress. | `false` |
| networkPolicy.enabled(**DEPRECATED**) | Enable container network policy | `false` |
| networkPolicy.spec(**DEPRECATED**) | [Network policy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) definition | `{ podSelector: { matchLabels: {} }, ingress: [{ from: [{ podSelector: { matchLabels: {} } }, { namespaceSelector: { matchLabels: { app.gitlab.com/managed_by: gitlab } } }] }] }` |
| ciliumNetworkPolicy.enabled | Enable container cilium network policy | `false` |
| ciliumNetworkPolicy.alerts.enabled | Enable alert generation for container cilium network policy | `false` |
| ciliumNetworkPolicy.spec | [Cilium network policy](https://docs.cilium.io/en/v1.8/concepts/kubernetes/policy/#ciliumnetworkpolicy/) definition | `{ endpointSelector: {}, ingress: [{ fromEndpoints: [{ matchLabels: { app.gitlab.com/managed_by: gitlab } }] }] }` |
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 24 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trimSuffix "-app" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "appname" -}}
{{- $releaseName := default .Release.Name .Values.releaseOverride -}}
{{- printf "%s" $releaseName | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "imagename" -}}
{{- if eq .Values.image.tag "" -}}
{{- .Values.image.repository -}}
{{- else -}}
{{- printf "%s:%s" .Values.image.repository .Values.image.tag -}}
{{- end -}}
{{- end -}}
{{- define "trackableappname" -}}
{{- $trackableName := printf "%s-%s" (include "appname" .) .Values.application.track -}}
{{- $trackableName | trimSuffix "-stable" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Get a hostname from URL
*/}}
{{- define "hostname" -}}
{{- . | trimPrefix "http://" | trimPrefix "https://" | trimSuffix "/" | trim | quote -}}
{{- end -}}
{{/*
Get SecRule's arguments with unescaped single&double quotes
*/}}
{{- define "secrule" -}}
{{- $operator := .operator | quote | replace "\"" "\\\"" | replace "'" "\\'" -}}
{{- $action := .action | quote | replace "\"" "\\\"" | replace "'" "\\'" -}}
{{- printf "SecRule %s %s %s" .variable $operator $action -}}
{{- end -}}
{{- define "sharedlabels" -}}
app: {{ template "appname" . }}
appname: yacy
chart: "{{ .Chart.Name }}-{{ .Chart.Version| replace "+" "_" }}"
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
app.kubernetes.io/name: {{ template "appname" . }}
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version| replace "+" "_" }}"
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- if .Values.extraLabels }}
{{ toYaml $.Values.extraLabels }}
{{- end }}
{{- end -}}
\ No newline at end of file
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "Yacy.fullname" . }}-config
name: {{ template "trackableappname" . }}-config
labels:
{{- include "Yacy.labels" . | nindent 4 }}
track: "{{ .Values.application.track }}"
{{ include "sharedlabels" . | indent 4 }}
data:
yacy.init: |
{{- if .Values.yacy.additionalConfig }}
......
apiVersion: v1
kind: Secret
metadata:
name: {{ include "Yacy.fullname" . }}-admin-credentials
name: {{ template "fullname" . }}-admin-credentials
annotations:
"helm.sh/hook": "pre-install"
"helm.sh/hook-delete-policy": "before-hook-creation"
labels:
{{- include "Yacy.labels" . | nindent 4 }}
{{ include "sharedlabels" . | indent 4 }}
data:
ADMIN_USER: {{ default "admin" .Values.yacy.admin.username | b64enc | quote }}
ADMIN_REALM: {{ default "Yacy Admin UI" .Values.yacy.admin.realm | b64enc | quote }}
......
{{- with .Values.serviceAccount -}}
{{- if .createNew }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .name | quote }}
{{- if .annotations }}
annotations:
{{ toYaml .annotations | indent 4 }}
{{- end }}
{{- end }}
{{- end -}}
{{- if .Values.service.enabled -}}
apiVersion: v1
kind: Service
metadata:
name: {{ template "fullname" . }}
annotations:
{{- if .Values.service.annotations }}
{{ toYaml .Values.service.annotations | indent 4 }}
{{- end }}
{{- if .Values.prometheus.metrics }}
prometheus.io/scrape: "true"
prometheus.io/port: "{{ .Values.service.internalPort }}"
{{- end }}
labels:
track: "{{ .Values.application.track }}"
{{ include "sharedlabels" . | indent 4 }}
spec:
type: {{ .Values.service.type }}
externalTrafficPolicy: {{ .Values.service.trafficpolicy }}
ports:
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
protocol: TCP
name: {{ .Values.service.name }}
selector:
app: {{ template "appname" . }}
tier: "{{ .Values.application.tier }}"
track: "{{ .Values.application.track }}"
{{- end -}}
{{- if not .Values.application.initializeCommand -}}
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ template "trackableappname" . }}
annotations:
{{ if .Values.gitlab.app }}app.gitlab.com/app: {{ .Values.gitlab.app | quote }}{{ end }}
{{ if .Values.gitlab.env }}app.gitlab.com/env: {{ .Values.gitlab.env | quote }}{{ end }}
labels:
track: "{{ .Values.application.track }}"
tier: "{{ .Values.application.tier }}"
{{ include "sharedlabels" . | indent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
serviceName: {{ template "fullname" . }}
selector:
matchLabels:
app: {{ template "appname" . }}
track: "{{ .Values.application.track }}"
tier: "{{ .Values.application.tier }}"
release: {{ .Release.Name }}
{{- if .Values.strategyType }}
strategy:
type: {{ .Values.strategyType | quote }}
{{- end }}
template:
metadata:
annotations:
checksum/application-secrets: "{{ .Values.application.secretChecksum }}"
{{ if .Values.gitlab.app }}app.gitlab.com/app: {{ .Values.gitlab.app | quote }}{{ end }}
{{ if .Values.gitlab.env }}app.gitlab.com/env: {{ .Values.gitlab.env | quote }}{{ end }}
{{- if .Values.podAnnotations }}
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
labels:
track: "{{ .Values.application.track }}"
tier: "{{ .Values.application.tier }}"
{{ include "sharedlabels" . | indent 8 }}
spec:
{{- if or (.Values.serviceAccount.name) (.Values.serviceAccountName) }}
serviceAccountName: {{ .Values.serviceAccount.name | default .Values.serviceAccountName | quote }}
{{- end }}
imagePullSecrets:
{{ toYaml .Values.image.secrets | indent 10 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.tolerations }}
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 8 }}
{{- end }}
volumes:
- name: yacy-data
persistentVolumeClaim:
claimName: yacy-data
- name: yacy-config
configMap:
name: {{ template "trackableappname" . }}-config
items:
- key: "yacy.init"
path: "yacy.init"
initContainers:
- name: clear-config
image: busybox:1.28
command: ['sh', '-c', "rm -f /data/yacy_search_server/DATA/SETTINGS/yacy.conf"]
volumeMounts:
- name: yacy-data
mountPath: /data
containers:
- name: {{ .Chart.Name }}
image: "yacy/yacy_search_server:latest"
imagePullPolicy: "IfNotPresent"
command: ['bash']
args:
- -c
- >-
cat /config/yacy.init >> /opt/yacy_search_server/defaults/yacy.init &&
[[ `hostname` =~ -([0-9]+)$ ]] || exit 1 &&
ordinal=${BASH_REMATCH[1]} &&
if [ ! -z $NETWORK_UNIT_AGENT ]; then echo "network.unit.agent = $NETWORK_UNIT_AGENT-$ordinal" >> /opt/yacy_search_server/defaults/yacy.init; fi &&
export ADMIN_PASSWORD=$(echo -n "${ADMIN_USER}:${ADMIN_REALM}:${ADMIN_PASSWORD}" | md5sum | awk '{print $1}') &&
echo "adminAccountUserName = ${ADMIN_USER}" >> /opt/yacy_search_server/defaults/yacy.init &&
echo "adminRealm = ${ADMIN_REALM}" >> /opt/yacy_search_server/defaults/yacy.init &&
echo "adminAccountBase64MD5 = MD5:${ADMIN_PASSWORD}" >> /opt/yacy_search_server/defaults/yacy.init &&
/opt/yacy_search_server/startYACY.sh -f
envFrom:
- secretRef:
name: {{ template "fullname" . }}-admin-credentials
{{- if .Values.application.secretName }}
- secretRef:
name: {{ .Values.application.secretName }}
{{- end }}
env:
- name: NETWORK_UNIT_AGENT
value: {{ .Values.yacy.namePrefix }}
- name: GITLAB_ENVIRONMENT_NAME
value: {{ .Values.gitlab.envName | quote }}
- name: GITLAB_ENVIRONMENT_URL
value: {{ .Values.gitlab.envURL | quote }}
{{- if .Values.lifecycle }}
lifecycle:
{{ toYaml .Values.lifecycle | indent 10 }}
{{- end }}
ports:
- name: http
containerPort: {{ .Values.yacy.port }}
hostPort: {{ .Values.yacy.port }}
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
httpGet:
path: /
port: http
volumeMounts:
- name: yacy-data
mountPath: /opt/yacy_search_server/DATA
- name: yacy-config
mountPath: "/config"
readOnly: false
resources:
{{ toYaml .Values.resources | indent 12 }}
volumeClaimTemplates:
- metadata:
name: yacy-data
labels:
{{ include "sharedlabels" . | indent 8 }}
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: {{ .Values.yacy.volume.class }}
resources:
requests:
storage: {{ .Values.yacy.volume.size }}
{{- end -}}
module gitlab.com/gitlab-org/charts/auto-deploy-app/test
go 1.15
require (
github.com/cilium/cilium v1.8.1
github.com/gruntwork-io/terratest v0.32.1
github.com/stretchr/testify v1.6.1
k8s.io/api v0.19.7
k8s.io/apimachinery v0.19.7
)
replace github.com/optiopay/kafka => github.com/cilium/kafka v0.0.0-20180809090225-01ce283b732b
This diff is collapsed.
package main
import (
"regexp"
"strings"
"testing"
"github.com/gruntwork-io/terratest/modules/helm"
"github.com/gruntwork-io/terratest/modules/k8s"
"github.com/gruntwork-io/terratest/modules/random"
"github.com/stretchr/testify/require"
coreV1 "k8s.io/api/core/v1"
)
func TestServiceAccountTemplate(t *testing.T) {
for _, tc := range []struct {
CaseName string
Release string
Values map[string]string
ExpectedErrorRegexp *regexp.Regexp
ExpectedName string
ExpectedAnnotations map[string]string
}{
{
CaseName: "not created by default",
Release: "production",
Values: map[string]string{},
ExpectedErrorRegexp: regexp.MustCompile(
"Error: could not find template templates/service-account.yaml in chart",
),
},
{
CaseName: "not created if createNew is set to false",
Release: "production",
Values: map[string]string{
"serviceAccount.createNew": "false",
},
ExpectedErrorRegexp: regexp.MustCompile(
"Error: could not find template templates/service-account.yaml in chart",
),
},
{
CaseName: "no annotations",
Release: "production",
Values: map[string]string{
"serviceAccount.createNew": "true",
"serviceAccount.name": "anAccountName",
},
ExpectedName: "anAccountName",
ExpectedAnnotations: nil,
},
{
CaseName: "with annotations",
Release: "production",
Values: map[string]string{
"serviceAccount.createNew": "true",
"serviceAccount.name": "anAccountName",
"serviceAccount.annotations.key1": "value1",
"serviceAccount.annotations.key2": "value2",
},
ExpectedName: "anAccountName",
ExpectedAnnotations: map[string]string{
"key1": "value1",
"key2": "value2",
},
},
} {
t.Run(tc.CaseName, func(t *testing.T) {
namespaceName := "minimal-ruby-app-" + strings.ToLower(random.UniqueId())
values := map[string]string{
"gitlab.app": "auto-devops-examples/minimal-ruby-app",
"gitlab.env": "prod",
}
mergeStringMap(values, tc.Values)
options := &helm.Options{
SetValues: values,
KubectlOptions: k8s.NewKubectlOptions("", "", namespaceName),
}
output, err := helm.RenderTemplateE(
t,
options,
helmChartPath,
tc.Release,
[]string{"templates/service-account.yaml"},
)
if tc.ExpectedErrorRegexp != nil {
require.Regexp(t, tc.ExpectedErrorRegexp, err.Error())
return
}
require.NoError(t, err)
var serviceAccount coreV1.ServiceAccount
helm.UnmarshalK8SYaml(t, output, &serviceAccount)
require.Equal(t, tc.ExpectedName, serviceAccount.Name)
require.Equal(t, tc.ExpectedAnnotations, serviceAccount.Annotations)
})
}
}
package main
import (
"regexp"
"testing"
"github.com/gruntwork-io/terratest/modules/helm"
"github.com/stretchr/testify/require"
coreV1 "k8s.io/api/core/v1"
)
func TestServiceTemplate_DifferentTracks(t *testing.T) {
templates := []string{"templates/service.yaml"}
tcs := []struct {
name string
releaseName string
values map[string]string
expectedName string
expectedLabels map[string]string
expectedSelector map[string]string
expectedErrorRegexp *regexp.Regexp
}{
{
name: "defaults",
releaseName: "production",
expectedName: "production-auto-deploy",
expectedLabels: map[string]string{"app": "production", "release": "production", "track": "stable"},
expectedSelector: map[string]string{"app": "production", "tier": "web", "track": "stable"},