duynguyen/k8s-cluster
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add sonarqube

Browse Source
This commit is contained in:
duynguyen
2026-04-27 21:52:01 +07:00
parent 142dd15922
commit e42544c877
256 changed files with 12484 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
manifest/sonarqube/charts/ingress-nginx/tests/admission-webhooks/cert-manager_test.yaml Normal file
View File

@@ -0,0 +1,34 @@
suite: Admission Webhooks > CertManager
templates:
- admission-webhooks/cert-manager.yaml
tests:
- it: should not create a Certificate if `controller.admissionWebhooks.certManager.enabled` is false
set:
controller.admissionWebhooks.certManager.enabled: false
asserts:
- hasDocuments:
count: 0
- it: should create a Certificate if `controller.admissionWebhooks.certManager.enabled` is true
set:
controller.admissionWebhooks.certManager.enabled: true
controller.admissionWebhooks.certManager.issuerRef: ingress-nginx-issuer
asserts:
- hasDocuments:
count: 1
- isKind:
of: Certificate
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-admission
- it: should create a Certificate with `revisionHistoryLimit` if `controller.admissionWebhooks.certManager.admissionCert.revisionHistoryLimit` is set
set:
controller.admissionWebhooks.certManager.enabled: true
controller.admissionWebhooks.certManager.issuerRef: ingress-nginx-issuer
controller.admissionWebhooks.certManager.admissionCert.revisionHistoryLimit: 3
asserts:
- equal:
path: spec.revisionHistoryLimit
value: 3

11
manifest/sonarqube/charts/ingress-nginx/tests/admission-webhooks/job-patch/clusterrole_test.yaml Normal file
View File

@@ -0,0 +1,11 @@
suite: Admission Webhooks > Patch Job > ClusterRole
templates:
- admission-webhooks/job-patch/clusterrole.yaml
tests:
- it: should not create a ClusterRole if `controller.admissionWebhooks.patch.rbac.create` is false
set:
controller.admissionWebhooks.patch.rbac.create: false
asserts:
- hasDocuments:
count: 0

11
manifest/sonarqube/charts/ingress-nginx/tests/admission-webhooks/job-patch/clusterrolebinding_test.yaml Normal file
View File

@@ -0,0 +1,11 @@
suite: Admission Webhooks > Patch Job > ClusterRoleBinding
templates:
- admission-webhooks/job-patch/clusterrolebinding.yaml
tests:
- it: should not create a ClusterRoleBinding if `controller.admissionWebhooks.patch.rbac.create` is false
set:
controller.admissionWebhooks.patch.rbac.create: false
asserts:
- hasDocuments:
count: 0

78
manifest/sonarqube/charts/ingress-nginx/tests/admission-webhooks/job-patch/job-createSecret_test.yaml Normal file
View File

@@ -0,0 +1,78 @@
suite: Admission Webhooks > Patch Job > Create Secret Job
templates:
- admission-webhooks/job-patch/job-createSecret.yaml
tests:
- it: should create a Job with token auto-mounting disabled if `controller.admissionWebhooks.patch.serviceAccount.automountServiceAccountToken` is false
set:
controller.admissionWebhooks.patch.serviceAccount.automountServiceAccountToken: false
asserts:
- equal:
path: spec.template.spec.automountServiceAccountToken
value: false
- it: should create a Job with `activeDeadlineSeconds` if `controller.admissionWebhooks.createSecretJob.activeDeadlineSeconds ` is set
set:
controller.admissionWebhooks.createSecretJob.activeDeadlineSeconds: 1
asserts:
- equal:
path: spec.activeDeadlineSeconds
value: 1
- it: should create a Job with custom volumes and volume mounts if `controller.admissionWebhooks.createSecretJob.volumes` and `controller.admissionWebhooks.createSecretJob.volumeMounts` are set
set:
controller.admissionWebhooks.patch.serviceAccount.automountServiceAccountToken: false
controller.admissionWebhooks.createSecretJob.volumeMounts:
- name: kube-api-access
mountPath: /var/run/secrets/kubernetes.io/serviceaccount
readOnly: true
controller.admissionWebhooks.createSecretJob.volumes:
- name: kube-api-access
projected:
defaultMode: 0444
sources:
- serviceAccountToken:
path: token
expirationSeconds: 3600
- configMap:
name: kube-root-ca.crt
items:
- key: ca.crt
path: ca.crt
- downwardAPI:
items:
- path: namespace
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
asserts:
- equal:
path: spec.template.spec.automountServiceAccountToken
value: false
- equal:
path: spec.template.spec.containers[0].volumeMounts
value:
- name: kube-api-access
mountPath: /var/run/secrets/kubernetes.io/serviceaccount
readOnly: true
- equal:
path: spec.template.spec.volumes
value:
- name: kube-api-access
projected:
defaultMode: 0444
sources:
- serviceAccountToken:
path: token
expirationSeconds: 3600
- configMap:
name: kube-root-ca.crt
items:
- key: ca.crt
path: ca.crt
- downwardAPI:
items:
- path: namespace
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace

78
manifest/sonarqube/charts/ingress-nginx/tests/admission-webhooks/job-patch/job-patchWebhook_test.yaml Normal file
View File

@@ -0,0 +1,78 @@
suite: Admission Webhooks > Patch Job > Patch Webhook Job
templates:
- admission-webhooks/job-patch/job-patchWebhook.yaml
tests:
- it: should create a Job with token auto-mounting disabled if `controller.admissionWebhooks.patch.serviceAccount.automountServiceAccountToken` is false
set:
controller.admissionWebhooks.patch.serviceAccount.automountServiceAccountToken: false
asserts:
- equal:
path: spec.template.spec.automountServiceAccountToken
value: false
- it: should create a Job with `activeDeadlineSeconds` if `controller.admissionWebhooks.patchWebhookJob.activeDeadlineSeconds ` is set
set:
controller.admissionWebhooks.patchWebhookJob.activeDeadlineSeconds: 1
asserts:
- equal:
path: spec.activeDeadlineSeconds
value: 1
- it: should create a Job with custom volumes and volume mounts if `controller.admissionWebhooks.patchWebhookJob.volumes` and `controller.admissionWebhooks.patchWebhookJob.volumeMounts` are set
set:
controller.admissionWebhooks.patch.serviceAccount.automountServiceAccountToken: false
controller.admissionWebhooks.patchWebhookJob.volumeMounts:
- name: kube-api-access
mountPath: /var/run/secrets/kubernetes.io/serviceaccount
readOnly: true
controller.admissionWebhooks.patchWebhookJob.volumes:
- name: kube-api-access
projected:
defaultMode: 0444
sources:
- serviceAccountToken:
path: token
expirationSeconds: 3600
- configMap:
name: kube-root-ca.crt
items:
- key: ca.crt
path: ca.crt
- downwardAPI:
items:
- path: namespace
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
asserts:
- equal:
path: spec.template.spec.automountServiceAccountToken
value: false
- equal:
path: spec.template.spec.containers[0].volumeMounts
value:
- name: kube-api-access
mountPath: /var/run/secrets/kubernetes.io/serviceaccount
readOnly: true
- equal:
path: spec.template.spec.volumes
value:
- name: kube-api-access
projected:
defaultMode: 0444
sources:
- serviceAccountToken:
path: token
expirationSeconds: 3600
- configMap:
name: kube-root-ca.crt
items:
- key: ca.crt
path: ca.crt
- downwardAPI:
items:
- path: namespace
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace

11
manifest/sonarqube/charts/ingress-nginx/tests/admission-webhooks/job-patch/role_test.yaml Normal file
View File

@@ -0,0 +1,11 @@
suite: Admission Webhooks > Patch Job > Role
templates:
- admission-webhooks/job-patch/role.yaml
tests:
- it: should not create a Role if `controller.admissionWebhooks.patch.rbac.create` is false
set:
controller.admissionWebhooks.patch.rbac.create: false
asserts:
- hasDocuments:
count: 0

11
manifest/sonarqube/charts/ingress-nginx/tests/admission-webhooks/job-patch/rolebinding_test.yaml Normal file
View File

@@ -0,0 +1,11 @@
suite: Admission Webhooks > Patch Job > RoleBinding
templates:
- admission-webhooks/job-patch/rolebinding.yaml
tests:
- it: should not create a RoleBinding if `controller.admissionWebhooks.patch.rbac.create` is false
set:
controller.admissionWebhooks.patch.rbac.create: false
asserts:
- hasDocuments:
count: 0

47
manifest/sonarqube/charts/ingress-nginx/tests/admission-webhooks/job-patch/serviceaccount_test.yaml Normal file
View File

@@ -0,0 +1,47 @@
suite: Admission Webhooks > Patch Job > ServiceAccount
templates:
- admission-webhooks/job-patch/serviceaccount.yaml
tests:
- it: should not create a ServiceAccount if `controller.admissionWebhooks.patch.serviceAccount.create` is false
set:
controller.admissionWebhooks.patch.serviceAccount.create: false
asserts:
- hasDocuments:
count: 0
- it: should create a ServiceAccount if `controller.admissionWebhooks.patch.serviceAccount.create` is true
set:
controller.admissionWebhooks.patch.serviceAccount.create: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: ServiceAccount
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-admission
- it: should create a ServiceAccount with specified name if `controller.admissionWebhooks.patch.serviceAccount.name` is set
set:
controller.admissionWebhooks.patch.serviceAccount.name: ingress-nginx-admission-test-sa
asserts:
- hasDocuments:
count: 1
- isKind:
of: ServiceAccount
- equal:
path: metadata.name
value: ingress-nginx-admission-test-sa
- it: should create a ServiceAccount with token auto-mounting disabled if `controller.admissionWebhooks.patch.serviceAccount.automountServiceAccountToken` is false
set:
controller.admissionWebhooks.patch.serviceAccount.automountServiceAccountToken: false
asserts:
- hasDocuments:
count: 1
- isKind:
of: ServiceAccount
- equal:
path: automountServiceAccountToken
value: false

32
manifest/sonarqube/charts/ingress-nginx/tests/admission-webhooks/validating-webhook_test.yaml Normal file
View File

@@ -0,0 +1,32 @@
suite: Admission Webhooks > ValidatingWebhookConfiguration
templates:
- admission-webhooks/validating-webhook.yaml
tests:
- it: should not create a ValidatingWebhookConfiguration if `controller.admissionWebhooks.enabled` is false
set:
controller.admissionWebhooks.enabled: false
asserts:
- hasDocuments:
count: 0
- it: should create a ValidatingWebhookConfiguration if `controller.admissionWebhooks.enabled` is true
set:
controller.admissionWebhooks.enabled: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: ValidatingWebhookConfiguration
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-admission
- it: should create a ValidatingWebhookConfiguration with a custom port if `controller.admissionWebhooks.service.servicePort` is set
set:
controller.admissionWebhooks.enabled: true
controller.admissionWebhooks.service.servicePort: 9443
asserts:
- equal:
path: webhooks[0].clientConfig.service.port
value: 9443

27
manifest/sonarqube/charts/ingress-nginx/tests/controller-configmap-addheaders_test.yaml Normal file
View File

@@ -0,0 +1,27 @@
suite: Controller > ConfigMap > Add Headers
templates:
- controller-configmap-addheaders.yaml
tests:
- it: should not create a ConfigMap if `controller.addHeaders` is not set
set:
controller.addHeaders: null
asserts:
- hasDocuments:
count: 0
- it: should create a ConfigMap if `controller.addHeaders` is set
set:
controller.addHeaders:
X-Another-Custom-Header: Value
asserts:
- hasDocuments:
count: 1
- isKind:
of: ConfigMap
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-custom-add-headers
- equal:
path: data.X-Another-Custom-Header
value: Value

27
manifest/sonarqube/charts/ingress-nginx/tests/controller-configmap-proxyheaders_test.yaml Normal file
View File

@@ -0,0 +1,27 @@
suite: Controller > ConfigMap > Proxy Headers
templates:
- controller-configmap-proxyheaders.yaml
tests:
- it: should not create a ConfigMap if `controller.proxySetHeaders` is not set
set:
controller.proxySetHeaders: null
asserts:
- hasDocuments:
count: 0
- it: should create a ConfigMap if `controller.proxySetHeaders` is set
set:
controller.proxySetHeaders:
X-Custom-Header: Value
asserts:
- hasDocuments:
count: 1
- isKind:
of: ConfigMap
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-custom-proxy-headers
- equal:
path: data.X-Custom-Header
value: Value

31
manifest/sonarqube/charts/ingress-nginx/tests/controller-configmap_test.yaml Normal file
View File

@@ -0,0 +1,31 @@
suite: Controller > ConfigMap
templates:
- controller-configmap.yaml
tests:
- it: should create a ConfigMap
asserts:
- hasDocuments:
count: 1
- isKind:
of: ConfigMap
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller
- it: should create a ConfigMap with templated values if `controller.config` contains templates
set:
controller.config:
template: "test.{{ .Release.Namespace }}.svc.kubernetes.local"
integer: 12345
boolean: true
asserts:
- equal:
path: data.template
value: test.NAMESPACE.svc.kubernetes.local
- equal:
path: data.integer
value: "12345"
- equal:
path: data.boolean
value: "true"

248
manifest/sonarqube/charts/ingress-nginx/tests/controller-daemonset_test.yaml Normal file
View File

@@ -0,0 +1,248 @@
suite: Controller > DaemonSet
templates:
- controller-daemonset.yaml
tests:
- it: should create a DaemonSet if `controller.kind` is "DaemonSet"
set:
controller.kind: DaemonSet
asserts:
- hasDocuments:
count: 1
- isKind:
of: DaemonSet
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller
- it: should create a DaemonSet with argument `--enable-metrics=true` if `controller.metrics.enabled` is true
set:
controller.kind: DaemonSet
controller.metrics.enabled: true
asserts:
- contains:
path: spec.template.spec.containers[0].args
content: --enable-metrics=true
- it: should create a DaemonSet without argument `--enable-metrics=true` if `controller.metrics.enabled` is false
set:
controller.kind: DaemonSet
controller.metrics.enabled: false
asserts:
- notContains:
path: spec.template.spec.containers[0].args
content: --enable-metrics=true
- it: should create a DaemonSet with argument `--controller-class=k8s.io/ingress-nginx-internal` if `controller.ingressClassResource.controllerValue` is "k8s.io/ingress-nginx-internal"
set:
controller.kind: DaemonSet
controller.ingressClassResource.controllerValue: k8s.io/ingress-nginx-internal
asserts:
- contains:
path: spec.template.spec.containers[0].args
content: --controller-class=k8s.io/ingress-nginx-internal
- it: should create a DaemonSet with resource limits if `controller.resources.limits` is set
set:
controller.kind: DaemonSet
controller.resources.limits.cpu: 500m
controller.resources.limits.memory: 512Mi
asserts:
- equal:
path: spec.template.spec.containers[0].resources.limits.cpu
value: 500m
- equal:
path: spec.template.spec.containers[0].resources.limits.memory
value: 512Mi
- it: should create a DaemonSet with topology spread constraints if `controller.topologySpreadConstraints` is set
set:
controller.kind: DaemonSet
controller.topologySpreadConstraints:
- labelSelector:
matchLabels:
app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}'
app.kubernetes.io/instance: '{{ .Release.Name }}'
app.kubernetes.io/component: controller
topologyKey: topology.kubernetes.io/zone
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
- labelSelector:
matchLabels:
app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}'
app.kubernetes.io/instance: '{{ .Release.Name }}'
app.kubernetes.io/component: controller
topologyKey: kubernetes.io/hostname
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
asserts:
- equal:
path: spec.template.spec.topologySpreadConstraints
value:
- labelSelector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/component: controller
topologyKey: topology.kubernetes.io/zone
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
- labelSelector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/component: controller
topologyKey: kubernetes.io/hostname
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
- it: should create a DaemonSet with templated init containers if `controller.extraInitContainers` contains Helm templates
set:
controller.kind: DaemonSet
controller.extraInitContainers:
- name: '{{ .Release.Name }}-init'
image: busybox
command:
- sh
- -c
- echo '{{ .Release.Namespace }}';
asserts:
- equal:
path: spec.template.spec.initContainers[0].name
value: RELEASE-NAME-init
- contains:
path: spec.template.spec.initContainers[0].command
content: echo 'NAMESPACE';
- it: should create a DaemonSet with affinity if `controller.affinity` is set
set:
controller.kind: DaemonSet
controller.affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- '{{ include "ingress-nginx.name" . }}'
- key: app.kubernetes.io/instance
operator: In
values:
- '{{ .Release.Name }}'
- key: app.kubernetes.io/component
operator: In
values:
- controller
topologyKey: kubernetes.io/hostname
asserts:
- equal:
path: spec.template.spec.affinity
value:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- ingress-nginx
- key: app.kubernetes.io/instance
operator: In
values:
- RELEASE-NAME
- key: app.kubernetes.io/component
operator: In
values:
- controller
topologyKey: kubernetes.io/hostname
- it: should create a DaemonSet with `runAsGroup` if `controller.image.runAsGroup` is set
set:
controller.kind: DaemonSet
controller.image.runAsGroup: 1000
asserts:
- equal:
path: spec.template.spec.containers[0].securityContext.runAsGroup
value: 1000
- it: should create a DaemonSet with a custom registry if `global.image.registry` is set
set:
global.image.registry: custom.registry.io
controller.kind: DaemonSet
controller.image.tag: v1.0.0-dev
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: custom.registry.io/ingress-nginx/controller:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
- it: should create a DaemonSet with a custom registry if `controller.image.registry` is set
set:
controller.kind: DaemonSet
controller.image.registry: custom.registry.io
controller.image.tag: v1.0.0-dev
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: custom.registry.io/ingress-nginx/controller:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
- it: should create a DaemonSet with a custom image if `controller.image.image` is set
set:
controller.kind: DaemonSet
controller.image.image: custom-repo/custom-image
controller.image.tag: v1.0.0-dev
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: registry.k8s.io/custom-repo/custom-image:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
- it: should create a DaemonSet with a custom tag if `controller.image.tag` is set
set:
controller.kind: DaemonSet
controller.image.tag: custom-tag
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: registry.k8s.io/ingress-nginx/controller:custom-tag@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
- it: should create a DaemonSet with token auto-mounting disabled if `serviceAccount.automountServiceAccountToken` is false
set:
controller.kind: DaemonSet
serviceAccount.automountServiceAccountToken: false
asserts:
- equal:
path: spec.template.spec.automountServiceAccountToken
value: false
- it: should create a DaemonSet with a custom runtime if `controller.runtimeClassName` is set
set:
controller.kind: DaemonSet
controller.runtimeClassName: myClass
asserts:
- equal:
path: spec.template.spec.runtimeClassName
value: myClass
- it: should create a DaemonSet with resize policy if `controller.resizePolicy` is set
capabilities:
majorVersion: 1
minorVersion: 33
set:
controller.kind: DaemonSet
controller.resizePolicy:
- resourceName: cpu
restartPolicy: NotRequired
- resourceName: memory
restartPolicy: RestartContainer
asserts:
- equal:
path: spec.template.spec.containers[0].resizePolicy
value:
- resourceName: cpu
restartPolicy: NotRequired
- resourceName: memory
restartPolicy: RestartContainer

269
manifest/sonarqube/charts/ingress-nginx/tests/controller-deployment_test.yaml Normal file
View File

@@ -0,0 +1,269 @@
suite: Controller > Deployment
templates:
- controller-deployment.yaml
tests:
- it: should create a Deployment
asserts:
- hasDocuments:
count: 1
- isKind:
of: Deployment
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller
- it: should create a Deployment with 3 replicas if `controller.replicaCount` is 3
set:
controller.replicaCount: 3
asserts:
- equal:
path: spec.replicas
value: 3
- it: should create a Deployment without replicas if `controller.autoscaling.enabled` is true
set:
controller.autoscaling.enabled: true
asserts:
- notExists:
path: spec.replicas
- it: should create a Deployment without replicas if `controller.keda.enabled` is true
set:
controller.keda.enabled: true
asserts:
- notExists:
path: spec.replicas
- it: should create a Deployment with replicas if `controller.autoscaling.enabled` is true and `controller.keda.enabled` is true
set:
controller.autoscaling.enabled: true
controller.keda.enabled: true
asserts:
- exists:
path: spec.replicas
- it: should create a Deployment with argument `--enable-metrics=true` if `controller.metrics.enabled` is true
set:
controller.metrics.enabled: true
asserts:
- contains:
path: spec.template.spec.containers[0].args
content: --enable-metrics=true
- it: should create a Deployment without argument `--enable-metrics=true` if `controller.metrics.enabled` is false
set:
controller.metrics.enabled: false
asserts:
- notContains:
path: spec.template.spec.containers[0].args
content: --enable-metrics=true
- it: should create a Deployment with argument `--controller-class=k8s.io/ingress-nginx-internal` if `controller.ingressClassResource.controllerValue` is "k8s.io/ingress-nginx-internal"
set:
controller.ingressClassResource.controllerValue: k8s.io/ingress-nginx-internal
asserts:
- contains:
path: spec.template.spec.containers[0].args
content: --controller-class=k8s.io/ingress-nginx-internal
- it: should create a Deployment with resource limits if `controller.resources.limits` is set
set:
controller.resources.limits.cpu: 500m
controller.resources.limits.memory: 512Mi
asserts:
- equal:
path: spec.template.spec.containers[0].resources.limits.cpu
value: 500m
- equal:
path: spec.template.spec.containers[0].resources.limits.memory
value: 512Mi
- it: should create a Deployment with topology spread constraints if `controller.topologySpreadConstraints` is set
set:
controller.topologySpreadConstraints:
- labelSelector:
matchLabels:
app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}'
app.kubernetes.io/instance: '{{ .Release.Name }}'
app.kubernetes.io/component: controller
topologyKey: topology.kubernetes.io/zone
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
- labelSelector:
matchLabels:
app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}'
app.kubernetes.io/instance: '{{ .Release.Name }}'
app.kubernetes.io/component: controller
topologyKey: kubernetes.io/hostname
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
asserts:
- equal:
path: spec.template.spec.topologySpreadConstraints
value:
- labelSelector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/component: controller
topologyKey: topology.kubernetes.io/zone
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
- labelSelector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/component: controller
topologyKey: kubernetes.io/hostname
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
- it: should create a Deployment with templated init containers if `controller.extraInitContainers` contains Helm templates
set:
controller.extraInitContainers:
- name: '{{ .Release.Name }}-init'
image: busybox
command:
- sh
- -c
- echo '{{ .Release.Namespace }}';
asserts:
- equal:
path: spec.template.spec.initContainers[0].name
value: RELEASE-NAME-init
- contains:
path: spec.template.spec.initContainers[0].command
content: echo 'NAMESPACE';
- it: should create a Deployment with affinity if `controller.affinity` is set
set:
controller.affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- '{{ include "ingress-nginx.name" . }}'
- key: app.kubernetes.io/instance
operator: In
values:
- '{{ .Release.Name }}'
- key: app.kubernetes.io/component
operator: In
values:
- controller
topologyKey: kubernetes.io/hostname
asserts:
- equal:
path: spec.template.spec.affinity
value:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- ingress-nginx
- key: app.kubernetes.io/instance
operator: In
values:
- RELEASE-NAME
- key: app.kubernetes.io/component
operator: In
values:
- controller
topologyKey: kubernetes.io/hostname
- it: should create a Deployment with `runAsGroup` if `controller.image.runAsGroup` is set
set:
controller.image.runAsGroup: 1000
asserts:
- equal:
path: spec.template.spec.containers[0].securityContext.runAsGroup
value: 1000
- it: should create a Deployment with a custom registry if `global.image.registry` is set
set:
global.image.registry: custom.registry.io
controller.image.tag: v1.0.0-dev
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: custom.registry.io/ingress-nginx/controller:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
- it: should create a Deployment with a custom registry if `controller.image.registry` is set
set:
controller.image.registry: custom.registry.io
controller.image.tag: v1.0.0-dev
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: custom.registry.io/ingress-nginx/controller:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
- it: should create a Deployment with a custom image if `controller.image.image` is set
set:
controller.image.image: custom-repo/custom-image
controller.image.tag: v1.0.0-dev
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: registry.k8s.io/custom-repo/custom-image:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
- it: should create a Deployment with a custom tag if `controller.image.tag` is set
set:
controller.image.tag: custom-tag
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: registry.k8s.io/ingress-nginx/controller:custom-tag@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
- it: should create a Deployment with `progressDeadlineSeconds` if `controller.progressDeadlineSeconds` is set
set:
controller.progressDeadlineSeconds: 111
asserts:
- equal:
path: spec.progressDeadlineSeconds
value: 111
- it: should create a Deployment with token auto-mounting disabled if `serviceAccount.automountServiceAccountToken` is false
set:
serviceAccount.automountServiceAccountToken: false
asserts:
- equal:
path: spec.template.spec.automountServiceAccountToken
value: false
- it: should create a Deployment with a custom runtime if `controller.runtimeClassName` is set
set:
controller.runtimeClassName: myClass
asserts:
- equal:
path: spec.template.spec.runtimeClassName
value: myClass
- it: should create a Deployment with resize policy if `controller.resizePolicy` is set
capabilities:
majorVersion: 1
minorVersion: 33
set:
controller.resizePolicy:
- resourceName: cpu
restartPolicy: NotRequired
- resourceName: memory
restartPolicy: RestartContainer
asserts:
- equal:
path: spec.template.spec.containers[0].resizePolicy
value:
- resourceName: cpu
restartPolicy: NotRequired
- resourceName: memory
restartPolicy: RestartContainer

31
manifest/sonarqube/charts/ingress-nginx/tests/controller-hpa_test.yaml Normal file
View File

@@ -0,0 +1,31 @@
suite: Controller > HPA
templates:
- controller-hpa.yaml
tests:
- it: should create an HPA if `controller.autoscaling.enabled` is true
set:
controller.autoscaling.enabled: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: HorizontalPodAutoscaler
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller
- it: should not create an HPA if `controller.autoscaling.enabled` is true and `controller.keda.enabled` is true
set:
controller.autoscaling.enabled: true
controller.keda.enabled: true
asserts:
- hasDocuments:
count: 0
- it: should not create an HPA if `controller.kind` is "DaemonSet"
set:
controller.kind: DaemonSet
asserts:
- hasDocuments:
count: 0

110
manifest/sonarqube/charts/ingress-nginx/tests/controller-ingressclass-aliases_test.yaml Normal file
View File

@@ -0,0 +1,110 @@
suite: Controller > IngressClass > Aliases
templates:
- controller-ingressclass-aliases.yaml
tests:
- it: should not create IngressClass aliases
asserts:
- hasDocuments:
count: 0
- it: should create an IngressClass alias with name "nginx-alias" if `controller.ingressClassResource.aliases` is set
set:
controller.ingressClassResource.aliases:
- nginx-alias
asserts:
- hasDocuments:
count: 1
- isKind:
of: IngressClass
- equal:
path: metadata.name
value: nginx-alias
- it: should create an IngressClass alias without annotation `ingressclass.kubernetes.io/is-default-class` if `controller.ingressClassResource.default` is true
set:
controller.ingressClassResource.aliases:
- nginx-alias
controller.ingressClassResource.default: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: IngressClass
- equal:
path: metadata.name
value: nginx-alias
- notExists:
path: metadata.annotations["ingressclass.kubernetes.io/is-default-class"]
- it: should create an IngressClass alias with annotations if `controller.ingressClassResource.annotations` is set
set:
controller.ingressClassResource.aliases:
- nginx-alias
controller.ingressClassResource.annotations:
my-fancy-annotation: has-a-value
asserts:
- hasDocuments:
count: 1
- isKind:
of: IngressClass
- equal:
path: metadata.name
value: nginx-alias
- equal:
path: metadata.annotations.my-fancy-annotation
value: has-a-value
- it: should create an IngressClass alias with controller "k8s.io/ingress-nginx-internal" if `controller.ingressClassResource.controllerValue` is "k8s.io/ingress-nginx-internal"
set:
controller.ingressClassResource.aliases:
- nginx-alias
controller.ingressClassResource.controllerValue: k8s.io/ingress-nginx-internal
asserts:
- hasDocuments:
count: 1
- isKind:
of: IngressClass
- equal:
path: metadata.name
value: nginx-alias
- equal:
path: spec.controller
value: k8s.io/ingress-nginx-internal
- it: should create an IngressClass alias with parameters if `controller.ingressClassResource.parameters` is set
set:
controller.ingressClassResource.aliases:
- nginx-alias
controller.ingressClassResource.parameters:
apiGroup: k8s.example.com
kind: IngressParameters
name: external-lb
asserts:
- hasDocuments:
count: 1
- isKind:
of: IngressClass
- equal:
path: metadata.name
value: nginx-alias
- equal:
path: spec.parameters
value:
apiGroup: k8s.example.com
kind: IngressParameters
name: external-lb
- it: should create two IngressClass aliases if `controller.ingressClassResource.aliases` has two elements
set:
controller.ingressClassResource.aliases:
- nginx-alias-1
- nginx-alias-2
asserts:
- hasDocuments:
count: 2
- isKind:
of: IngressClass
- matchRegex:
path: metadata.name
pattern: nginx-alias-(1|2)

93
manifest/sonarqube/charts/ingress-nginx/tests/controller-ingressclass_test.yaml Normal file
View File

@@ -0,0 +1,93 @@
suite: Controller > IngressClass
templates:
- controller-ingressclass.yaml
tests:
- it: should create an IngressClass
asserts:
- hasDocuments:
count: 1
- isKind:
of: IngressClass
- equal:
path: metadata.name
value: nginx
- it: should create an IngressClass with name "nginx-internal" if `controller.ingressClassResource.name` is "nginx-internal"
set:
controller.ingressClassResource.name: nginx-internal
asserts:
- hasDocuments:
count: 1
- isKind:
of: IngressClass
- equal:
path: metadata.name
value: nginx-internal
- it: "should create an IngressClass with annotation `ingressclass.kubernetes.io/is-default-class: \"true\"` if `controller.ingressClassResource.default` is true"
set:
controller.ingressClassResource.default: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: IngressClass
- equal:
path: metadata.name
value: nginx
- equal:
path: metadata.annotations["ingressclass.kubernetes.io/is-default-class"]
value: "true"
- it: should create an IngressClass with annotations if `controller.ingressClassResource.annotations` is set
set:
controller.ingressClassResource.annotations:
my-fancy-annotation: has-a-value
asserts:
- hasDocuments:
count: 1
- isKind:
of: IngressClass
- equal:
path: metadata.name
value: nginx
- equal:
path: metadata.annotations.my-fancy-annotation
value: has-a-value
- it: should create an IngressClass with controller "k8s.io/ingress-nginx-internal" if `controller.ingressClassResource.controllerValue` is "k8s.io/ingress-nginx-internal"
set:
controller.ingressClassResource.controllerValue: k8s.io/ingress-nginx-internal
asserts:
- hasDocuments:
count: 1
- isKind:
of: IngressClass
- equal:
path: metadata.name
value: nginx
- equal:
path: spec.controller
value: k8s.io/ingress-nginx-internal
- it: should create an IngressClass with parameters if `controller.ingressClassResource.parameters` is set
set:
controller.ingressClassResource.parameters:
apiGroup: k8s.example.com
kind: IngressParameters
name: external-lb
asserts:
- hasDocuments:
count: 1
- isKind:
of: IngressClass
- equal:
path: metadata.name
value: nginx
- equal:
path: spec.parameters
value:
apiGroup: k8s.example.com
kind: IngressParameters
name: external-lb

31
manifest/sonarqube/charts/ingress-nginx/tests/controller-keda_test.yaml Normal file
View File

@@ -0,0 +1,31 @@
suite: Controller > KEDA
templates:
- controller-keda.yaml
tests:
- it: should create a ScaledObject if `controller.keda.enabled` is true
set:
controller.keda.enabled: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: ScaledObject
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller
- it: should not create a ScaledObject if `controller.keda.enabled` is true and `controller.autoscaling.enabled` is true
set:
controller.keda.enabled: true
controller.autoscaling.enabled: true
asserts:
- hasDocuments:
count: 0
- it: should not create a ScaledObject if `controller.kind` is "DaemonSet"
set:
controller.kind: DaemonSet
asserts:
- hasDocuments:
count: 0

23
manifest/sonarqube/charts/ingress-nginx/tests/controller-networkpolicy_test.yaml Normal file
View File

@@ -0,0 +1,23 @@
suite: Controller > NetworkPolicy
templates:
- controller-networkpolicy.yaml
tests:
- it: should not create a NetworkPolicy if `controller.networkPolicy.enabled` is false
set:
controller.networkPolicy.enabled: false
asserts:
- hasDocuments:
count: 0
- it: should create a NetworkPolicy if `controller.networkPolicy.enabled` is true
set:
controller.networkPolicy.enabled: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: NetworkPolicy
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller

102
manifest/sonarqube/charts/ingress-nginx/tests/controller-poddisruptionbudget_test.yaml Normal file
View File

@@ -0,0 +1,102 @@
suite: Controller > PodDisruptionBudget
templates:
- controller-poddisruptionbudget.yaml
tests:
- it: should create a PodDisruptionBudget if `controller.replicaCount` is greater than 1
set:
controller.replicaCount: 2
asserts:
- hasDocuments:
count: 1
- isKind:
of: PodDisruptionBudget
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller
- it: should not create a PodDisruptionBudget if `controller.replicaCount` is less than or equal 1
set:
controller.replicaCount: 1
asserts:
- hasDocuments:
count: 0
- it: should create a PodDisruptionBudget if `controller.autoscaling.enabled` is true and `controller.autoscaling.minReplicas` is greater than 1
set:
controller.autoscaling.enabled: true
controller.autoscaling.minReplicas: 2
asserts:
- hasDocuments:
count: 1
- isKind:
of: PodDisruptionBudget
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller
- it: should not create a PodDisruptionBudget if `controller.autoscaling.enabled` is true and `controller.autoscaling.minReplicas` is less than or equal 1
set:
controller.autoscaling.enabled: true
controller.autoscaling.minReplicas: 1
asserts:
- hasDocuments:
count: 0
- it: should create a PodDisruptionBudget if `controller.keda.enabled` is true and `controller.keda.minReplicas` is greater than 1
set:
controller.keda.enabled: true
controller.keda.minReplicas: 2
asserts:
- hasDocuments:
count: 1
- isKind:
of: PodDisruptionBudget
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller
- it: should not create a PodDisruptionBudget if `controller.keda.enabled` is true and `controller.keda.minReplicas` is less than or equal 1
set:
controller.keda.enabled: true
controller.keda.minReplicas: 1
asserts:
- hasDocuments:
count: 0
- it: should not create a PodDisruptionBudget if `controller.autoscaling.enabled` is true and `controller.keda.enabled` is true
set:
controller.autoscaling.enabled: true
controller.keda.enabled: true
asserts:
- hasDocuments:
count: 0
- it: should create a PodDisruptionBudget without `minAvailable` and with `maxUnavailable` if `controller.minAvailable` and `controller.maxUnavailable` are set
set:
controller.replicaCount: 2
controller.minAvailable: 1
controller.maxUnavailable: 1
asserts:
- hasDocuments:
count: 1
- isKind:
of: PodDisruptionBudget
- notExists:
path: spec.minAvailable
- equal:
path: spec.maxUnavailable
value: 1
- it: should create a PodDisruptionBudget with `unhealthyPodEvictionPolicy` if `controller.unhealthyPodEvictionPolicy` is set
set:
controller.replicaCount: 2
controller.unhealthyPodEvictionPolicy: IfHealthyBudget
asserts:
- hasDocuments:
count: 1
- isKind:
of: PodDisruptionBudget
- equal:
path: spec.unhealthyPodEvictionPolicy
value: IfHealthyBudget

29
manifest/sonarqube/charts/ingress-nginx/tests/controller-prometheusrule_test.yaml Normal file
View File

@@ -0,0 +1,29 @@
suite: Controller > PrometheusRule
templates:
- controller-prometheusrule.yaml
tests:
- it: should create a PrometheusRule if `controller.metrics.prometheusRule.enabled` is true
set:
controller.metrics.enabled: true
controller.metrics.prometheusRule.enabled: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: PrometheusRule
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller
- it: should create a PrometheusRule with annotations if `controller.metrics.prometheusRule.annotations` is set
set:
controller.metrics.enabled: true
controller.metrics.prometheusRule.enabled: true
controller.metrics.prometheusRule.annotations:
my-little-annotation: test-value
asserts:
- equal:
path: metadata.annotations
value:
my-little-annotation: test-value

75
manifest/sonarqube/charts/ingress-nginx/tests/controller-service-internal_test.yaml Normal file
View File

@@ -0,0 +1,75 @@
suite: Controller > Service > Internal
templates:
- controller-service-internal.yaml
tests:
- it: should not create an internal Service if `controller.service.internal.enabled` is false
set:
controller.service.internal.enabled: false
asserts:
- hasDocuments:
count: 0
- it: should create an internal Service if `controller.service.internal.enabled` is true and `controller.service.internal.annotations` are set
set:
controller.service.internal.enabled: true
controller.service.internal.annotations:
test.annotation: "true"
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller-internal
- it: should create a Service without `clusterIPs` if `controller.service.internal.clusterIPs` is not set
set:
controller.service.internal.enabled: true
controller.service.internal.annotations:
test.annotation: "true"
asserts:
- notExists:
path: spec.clusterIPs
- it: should create a Service with `clusterIPs` if `controller.service.internal.clusterIPs` is set
set:
controller.service.internal.enabled: true
controller.service.internal.annotations:
test.annotation: "true"
controller.service.internal.clusterIPs:
- 10.0.0.1
- fd00::1
asserts:
- equal:
path: spec.clusterIPs
value:
- 10.0.0.1
- fd00::1
- it: should create a Service with `trafficDistribution` if `controller.service.internal.trafficDistribution` is set
capabilities:
majorVersion: 1
minorVersion: 31
set:
controller.service.internal.enabled: true
controller.service.internal.annotations:
test.annotation: "true"
controller.service.internal.trafficDistribution: PreferClose
asserts:
- equal:
path: spec.trafficDistribution
value: PreferClose
- it: should create a Service with labels if `controller.service.internal.labels` is set
set:
controller.service.internal.enabled: true
controller.service.internal.annotations:
test.annotation: "true"
controller.service.internal.labels:
external-dns.alpha.kubernetes.io/hostname: internal.example.com
asserts:
- equal:
path: metadata.labels["external-dns.alpha.kubernetes.io/hostname"]
value: internal.example.com

41
manifest/sonarqube/charts/ingress-nginx/tests/controller-service-metrics_test.yaml Normal file
View File

@@ -0,0 +1,41 @@
suite: Controller > Service > Metrics
templates:
- controller-service-metrics.yaml
tests:
- it: should not create a metrics Service if `controller.metrics.enabled` is false and `controller.metrics.service.enabled` is false
set:
controller.metrics.enabled: false
controller.metrics.service.enabled: false
asserts:
- hasDocuments:
count: 0
- it: should not create a metrics Service if `controller.metrics.enabled` is false and `controller.metrics.service.enabled` is true
set:
controller.metrics.enabled: false
controller.metrics.service.enabled: true
asserts:
- hasDocuments:
count: 0
- it: should not create a metrics Service if `controller.metrics.enabled` is true and `controller.metrics.service.enabled` is false
set:
controller.metrics.enabled: true
controller.metrics.service.enabled: false
asserts:
- hasDocuments:
count: 0
- it: should create a metrics Service if `controller.metrics.enabled` is true and `controller.metrics.service.enabled` is true
set:
controller.metrics.enabled: true
controller.metrics.service.enabled: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller-metrics

32
manifest/sonarqube/charts/ingress-nginx/tests/controller-service-webhook_test.yaml Normal file
View File

@@ -0,0 +1,32 @@
suite: Controller > Service > Webhook
templates:
- controller-service-webhook.yaml
tests:
- it: should not create a webhook Service if `controller.admissionWebhooks.enabled` is false
set:
controller.admissionWebhooks.enabled: false
asserts:
- hasDocuments:
count: 0
- it: should create a webhook Service if `controller.admissionWebhooks.enabled` is true
set:
controller.admissionWebhooks.enabled: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller-admission
- it: should create a webhook Service with a custom port if `controller.admissionWebhooks.service.servicePort` is set
set:
controller.admissionWebhooks.enabled: true
controller.admissionWebhooks.service.servicePort: 9443
asserts:
- equal:
path: spec.ports[0].port
value: 9443

74
manifest/sonarqube/charts/ingress-nginx/tests/controller-service_test.yaml Normal file
View File

@@ -0,0 +1,74 @@
suite: Controller > Service
templates:
- controller-service.yaml
tests:
- it: should not create a Service if `controller.service.external.enabled` is false
set:
controller.service.external.enabled: false
asserts:
- hasDocuments:
count: 0
- it: should create a Service if `controller.service.external.enabled` is true
set:
controller.service.external.enabled: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller
- it: should create a Service of type "NodePort" if `controller.service.external.enabled` is true and `controller.service.type` is "NodePort"
set:
controller.service.external.enabled: true
controller.service.type: NodePort
asserts:
- equal:
path: spec.type
value: NodePort
- it: should create a Service without `clusterIPs` if `controller.service.clusterIPs` is not set
set:
controller.service.external.enabled: true
asserts:
- notExists:
path: spec.clusterIPs
- it: should create a Service with `clusterIPs` if `controller.service.clusterIPs` is set
set:
controller.service.external.enabled: true
controller.service.clusterIPs:
- 10.0.0.1
- fd00::1
asserts:
- equal:
path: spec.clusterIPs
value:
- 10.0.0.1
- fd00::1
- it: should create a Service with `trafficDistribution` if `controller.service.trafficDistribution` is set
capabilities:
majorVersion: 1
minorVersion: 31
set:
controller.service.external.enabled: true
controller.service.trafficDistribution: PreferClose
asserts:
- equal:
path: spec.trafficDistribution
value: PreferClose
- it: should create a Service with labels if `controller.service.external.labels` is set
set:
controller.service.external.enabled: true
controller.service.external.labels:
external-dns.alpha.kubernetes.io/hostname: external.example.com
asserts:
- equal:
path: metadata.labels["external-dns.alpha.kubernetes.io/hostname"]
value: external.example.com

47
manifest/sonarqube/charts/ingress-nginx/tests/controller-serviceaccount_test.yaml Normal file
View File

@@ -0,0 +1,47 @@
suite: Controller > ServiceAccount
templates:
- controller-serviceaccount.yaml
tests:
- it: should not create a ServiceAccount if `serviceAccount.create` is false
set:
serviceAccount.create: false
asserts:
- hasDocuments:
count: 0
- it: should create a ServiceAccount if `serviceAccount.create` is true
set:
serviceAccount.create: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: ServiceAccount
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx
- it: should create a ServiceAccount with specified name if `serviceAccount.name` is set
set:
serviceAccount.name: ingress-nginx-admission-test-sa
asserts:
- hasDocuments:
count: 1
- isKind:
of: ServiceAccount
- equal:
path: metadata.name
value: ingress-nginx-admission-test-sa
- it: should create a ServiceAccount with token auto-mounting disabled if `serviceAccount.automountServiceAccountToken` is false
set:
serviceAccount.automountServiceAccountToken: false
asserts:
- hasDocuments:
count: 1
- isKind:
of: ServiceAccount
- equal:
path: automountServiceAccountToken
value: false

98
manifest/sonarqube/charts/ingress-nginx/tests/controller-servicemonitor_test.yaml Normal file
View File

@@ -0,0 +1,98 @@
suite: Controller > ServiceMonitor
templates:
- controller-servicemonitor.yaml
tests:
- it: should create a ServiceMonitor if `controller.metrics.serviceMonitor.enabled` is true
set:
controller.metrics.enabled: true
controller.metrics.serviceMonitor.enabled: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: ServiceMonitor
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-controller
- it: should create a ServiceMonitor with annotations if `controller.metrics.serviceMonitor.annotations` is set
set:
controller.metrics.enabled: true
controller.metrics.serviceMonitor.enabled: true
controller.metrics.serviceMonitor.annotations:
my-little-annotation: test-value
asserts:
- equal:
path: metadata.annotations
value:
my-little-annotation: test-value
- it: should create a ServiceMonitor with `labelLimit` if `controller.metrics.serviceMonitor.labelLimit` is set
set:
controller.metrics.enabled: true
controller.metrics.serviceMonitor.enabled: true
controller.metrics.serviceMonitor.labelLimit: 20
asserts:
- equal:
path: spec.labelLimit
value: 20
- it: should create a ServiceMonitor with `labelNameLengthLimit` if `controller.metrics.serviceMonitor.labelNameLengthLimit` is set
set:
controller.metrics.enabled: true
controller.metrics.serviceMonitor.enabled: true
controller.metrics.serviceMonitor.labelNameLengthLimit: 50
asserts:
- equal:
path: spec.labelNameLengthLimit
value: 50
- it: should create a ServiceMonitor with `labelValueLengthLimit` if `controller.metrics.serviceMonitor.labelValueLengthLimit` is set
set:
controller.metrics.enabled: true
controller.metrics.serviceMonitor.enabled: true
controller.metrics.serviceMonitor.labelValueLengthLimit: 50
asserts:
- equal:
path: spec.labelValueLengthLimit
value: 50
- it: should create a ServiceMonitor with `sampleLimit` if `controller.metrics.serviceMonitor.sampleLimit` is set
set:
controller.metrics.enabled: true
controller.metrics.serviceMonitor.enabled: true
controller.metrics.serviceMonitor.sampleLimit: 5000
asserts:
- equal:
path: spec.sampleLimit
value: 5000
- it: should create a ServiceMonitor with `targetLimit` if `controller.metrics.serviceMonitor.targetLimit` is set
set:
controller.metrics.enabled: true
controller.metrics.serviceMonitor.enabled: true
controller.metrics.serviceMonitor.targetLimit: 100
asserts:
- equal:
path: spec.targetLimit
value: 100
- it: should create a ServiceMonitor with `scrapeTimeout` if `controller.metrics.serviceMonitor.scrapeTimeout` is set
set:
controller.metrics.enabled: true
controller.metrics.serviceMonitor.enabled: true
controller.metrics.serviceMonitor.scrapeTimeout: 60s
asserts:
- equal:
path: spec.endpoints[0].scrapeTimeout
value: 60s
- it: should create a ServiceMonitor without `scrapeTimeout` if `controller.metrics.serviceMonitor.scrapeTimeout` is unset
set:
controller.metrics.enabled: true
controller.metrics.serviceMonitor.enabled: true
controller.metrics.serviceMonitor.scrapeTimeout: ""
asserts:
- notExists:
path: spec.endpoints[0].scrapeTimeout

221
manifest/sonarqube/charts/ingress-nginx/tests/default-backend-deployment_test.yaml Normal file
View File

@@ -0,0 +1,221 @@
suite: Default Backend > Deployment
templates:
- default-backend-deployment.yaml
tests:
- it: should not create a Deployment if `defaultBackend.enabled` is false
set:
defaultBackend.enabled: false
asserts:
- hasDocuments:
count: 0
- it: should create a Deployment if `defaultBackend.enabled` is true
set:
defaultBackend.enabled: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: Deployment
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-defaultbackend
- it: should create a Deployment with 3 replicas if `defaultBackend.replicaCount` is 3
set:
defaultBackend.enabled: true
defaultBackend.replicaCount: 3
asserts:
- equal:
path: spec.replicas
value: 3
- it: should create a Deployment without replicas if `defaultBackend.autoscaling.enabled` is true
set:
defaultBackend.enabled: true
defaultBackend.autoscaling.enabled: true
asserts:
- notExists:
path: spec.replicas
- it: should create a Deployment with resource limits if `defaultBackend.resources.limits` is set
set:
defaultBackend.enabled: true
defaultBackend.resources.limits.cpu: 500m
defaultBackend.resources.limits.memory: 512Mi
asserts:
- equal:
path: spec.template.spec.containers[0].resources.limits.cpu
value: 500m
- equal:
path: spec.template.spec.containers[0].resources.limits.memory
value: 512Mi
- it: should create a Deployment with topology spread constraints if `defaultBackend.topologySpreadConstraints` is set
set:
defaultBackend.enabled: true
defaultBackend.topologySpreadConstraints:
- labelSelector:
matchLabels:
app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}'
app.kubernetes.io/instance: '{{ .Release.Name }}'
app.kubernetes.io/component: default-backend
topologyKey: topology.kubernetes.io/zone
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
- labelSelector:
matchLabels:
app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}'
app.kubernetes.io/instance: '{{ .Release.Name }}'
app.kubernetes.io/component: default-backend
topologyKey: kubernetes.io/hostname
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
asserts:
- equal:
path: spec.template.spec.topologySpreadConstraints
value:
- labelSelector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/component: default-backend
topologyKey: topology.kubernetes.io/zone
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
- labelSelector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/component: default-backend
topologyKey: kubernetes.io/hostname
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
- it: should create a Deployment with affinity if `defaultBackend.affinity` is set
set:
defaultBackend.enabled: true
defaultBackend.affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- '{{ include "ingress-nginx.name" . }}'
- key: app.kubernetes.io/instance
operator: In
values:
- '{{ .Release.Name }}'
- key: app.kubernetes.io/component
operator: In
values:
- default-backend
topologyKey: kubernetes.io/hostname
asserts:
- equal:
path: spec.template.spec.affinity
value:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- ingress-nginx
- key: app.kubernetes.io/instance
operator: In
values:
- RELEASE-NAME
- key: app.kubernetes.io/component
operator: In
values:
- default-backend
topologyKey: kubernetes.io/hostname
- it: should create a Deployment with `runAsGroup` if `defaultBackend.image.runAsGroup` is set
set:
defaultBackend.enabled: true
defaultBackend.image.runAsGroup: 1000
asserts:
- equal:
path: spec.template.spec.containers[0].securityContext.runAsGroup
value: 1000
- it: should create a Deployment with a custom registry if `global.image.registry` is set
set:
global.image.registry: custom.registry.io
defaultBackend.enabled: true
defaultBackend.image.tag: v1.0.0-dev
defaultBackend.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: custom.registry.io/defaultbackend-amd64:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
- it: should create a Deployment with a custom registry if `defaultBackend.image.registry` is set
set:
defaultBackend.enabled: true
defaultBackend.image.registry: custom.registry.io
defaultBackend.image.tag: v1.0.0-dev
defaultBackend.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: custom.registry.io/defaultbackend-amd64:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
- it: should create a Deployment with a custom image if `defaultBackend.image.image` is set
set:
defaultBackend.enabled: true
defaultBackend.image.image: custom-repo/custom-image
defaultBackend.image.tag: v1.0.0-dev
defaultBackend.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: registry.k8s.io/custom-repo/custom-image:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
- it: should create a Deployment with a custom tag if `defaultBackend.image.tag` is set
set:
defaultBackend.enabled: true
defaultBackend.image.tag: custom-tag
defaultBackend.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: registry.k8s.io/defaultbackend-amd64:custom-tag@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
- it: should create a Deployment with token auto-mounting disabled if `defaultBackend.serviceAccount.automountServiceAccountToken` is false
set:
defaultBackend.enabled: true
defaultBackend.serviceAccount.automountServiceAccountToken: false
asserts:
- equal:
path: spec.template.spec.automountServiceAccountToken
value: false
- it: should create a Deployment with extra volumes if `defaultBackend.extraVolumes` is set
set:
defaultBackend.enabled: true
defaultBackend.extraVolumes:
- name: extra-volume
configMap:
name: '{{ .Release.Name }}'
defaultBackend.extraVolumeMounts:
- name: extra-volume
mountPath: /extra
asserts:
- equal:
path: spec.template.spec.volumes
value:
- name: extra-volume
configMap:
name: RELEASE-NAME
- equal:
path: spec.template.spec.containers[0].volumeMounts
value:
- name: extra-volume
mountPath: /extra

50
manifest/sonarqube/charts/ingress-nginx/tests/default-backend-extra-configmaps_test.yaml Normal file
View File

@@ -0,0 +1,50 @@
suite: Default Backend > Extra ConfigMaps
templates:
- default-backend-extra-configmaps.yaml
tests:
- it: should not create a ConfigMap if `defaultBackend.extraConfigMaps` is empty
set:
defaultBackend.enabled: true
defaultBackend.extraConfigMaps: []
asserts:
- hasDocuments:
count: 0
- it: should create one ConfigMap if `defaultBackend.extraConfigMaps` has one element
set:
defaultBackend.enabled: true
defaultBackend.extraConfigMaps:
- name: my-configmap-1
data:
key1: value1
asserts:
- hasDocuments:
count: 1
- isKind:
of: ConfigMap
- equal:
path: metadata.name
value: my-configmap-1
- equal:
path: data.key1
value: value1
- it: should create two ConfigMaps if `defaultBackend.extraConfigMaps` has two elements
set:
defaultBackend.enabled: true
defaultBackend.extraConfigMaps:
- name: my-configmap-1
data:
key1: value1
- name: my-configmap-2
data:
key2: value2
asserts:
- hasDocuments:
count: 2
- isKind:
of: ConfigMap
- matchRegex:
path: metadata.name
pattern: my-configmap-(1|2)

79
manifest/sonarqube/charts/ingress-nginx/tests/default-backend-poddisruptionbudget_test.yaml Normal file
View File

@@ -0,0 +1,79 @@
suite: Default Backend > PodDisruptionBudget
templates:
- default-backend-poddisruptionbudget.yaml
tests:
- it: should create a PodDisruptionBudget if `defaultBackend.replicaCount` is greater than 1
set:
defaultBackend.enabled: true
defaultBackend.replicaCount: 2
asserts:
- hasDocuments:
count: 1
- isKind:
of: PodDisruptionBudget
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-defaultbackend
- it: should not create a PodDisruptionBudget if `defaultBackend.replicaCount` is less than or equal 1
set:
defaultBackend.enabled: true
defaultBackend.replicaCount: 1
asserts:
- hasDocuments:
count: 0
- it: should create a PodDisruptionBudget if `defaultBackend.autoscaling.enabled` is true and `defaultBackend.autoscaling.minReplicas` is greater than 1
set:
defaultBackend.enabled: true
defaultBackend.autoscaling.enabled: true
defaultBackend.autoscaling.minReplicas: 2
asserts:
- hasDocuments:
count: 1
- isKind:
of: PodDisruptionBudget
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-defaultbackend
- it: should not create a PodDisruptionBudget if `defaultBackend.autoscaling.enabled` is true and `defaultBackend.autoscaling.minReplicas` is less than or equal 1
set:
defaultBackend.enabled: true
defaultBackend.autoscaling.enabled: true
defaultBackend.autoscaling.minReplicas: 1
asserts:
- hasDocuments:
count: 0
- it: should create a PodDisruptionBudget without `minAvailable` and with `maxUnavailable` if `defaultBackend.minAvailable` and `defaultBackend.maxUnavailable` are set
set:
defaultBackend.enabled: true
defaultBackend.replicaCount: 2
defaultBackend.minAvailable: 1
defaultBackend.maxUnavailable: 1
asserts:
- hasDocuments:
count: 1
- isKind:
of: PodDisruptionBudget
- notExists:
path: spec.minAvailable
- equal:
path: spec.maxUnavailable
value: 1
- it: should create a PodDisruptionBudget with `unhealthyPodEvictionPolicy` if `defaultBackend.unhealthyPodEvictionPolicy` is set
set:
defaultBackend.enabled: true
defaultBackend.replicaCount: 2
defaultBackend.unhealthyPodEvictionPolicy: IfHealthyBudget
asserts:
- hasDocuments:
count: 1
- isKind:
of: PodDisruptionBudget
- equal:
path: spec.unhealthyPodEvictionPolicy
value: IfHealthyBudget

52
manifest/sonarqube/charts/ingress-nginx/tests/default-backend-service_test.yaml Normal file
View File

@@ -0,0 +1,52 @@
suite: Default Backend > Service
templates:
- default-backend-service.yaml
tests:
- it: should not create a Service if `defaultBackend.enabled` is false
set:
defaultBackend.enabled: false
asserts:
- hasDocuments:
count: 0
- it: should create a Service if `defaultBackend.enabled` is true
set:
defaultBackend.enabled: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: Service
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-defaultbackend
- it: should create a Service with port 80 if `defaultBackend.service.port` is 80
set:
defaultBackend.enabled: true
defaultBackend.service.port: 80
asserts:
- equal:
path: spec.ports[0].port
value: 80
- it: should create a Service without `clusterIPs` if `defaultBackend.service.clusterIPs` is not set
set:
defaultBackend.enabled: true
asserts:
- notExists:
path: spec.clusterIPs
- it: should create a Service with `clusterIPs` if `defaultBackend.service.clusterIPs` is set
set:
defaultBackend.enabled: true
defaultBackend.service.clusterIPs:
- 10.0.0.1
- fd00::1
asserts:
- equal:
path: spec.clusterIPs
value:
- 10.0.0.1
- fd00::1

51
manifest/sonarqube/charts/ingress-nginx/tests/default-backend-serviceaccount_test.yaml Normal file
View File

@@ -0,0 +1,51 @@
suite: Default Backend > ServiceAccount
templates:
- default-backend-serviceaccount.yaml
tests:
- it: should not create a ServiceAccount if `defaultBackend.serviceAccount.create` is false
set:
defaultBackend.enabled: true
defaultBackend.serviceAccount.create: false
asserts:
- hasDocuments:
count: 0
- it: should create a ServiceAccount if `defaultBackend.serviceAccount.create` is true
set:
defaultBackend.enabled: true
defaultBackend.serviceAccount.create: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: ServiceAccount
- equal:
path: metadata.name
value: RELEASE-NAME-ingress-nginx-backend
- it: should create a ServiceAccount with specified name if `defaultBackend.serviceAccount.name` is set
set:
defaultBackend.enabled: true
defaultBackend.serviceAccount.name: ingress-nginx-admission-test-sa
asserts:
- hasDocuments:
count: 1
- isKind:
of: ServiceAccount
- equal:
path: metadata.name
value: ingress-nginx-admission-test-sa
- it: should create a ServiceAccount with token auto-mounting disabled if `defaultBackend.serviceAccount.automountServiceAccountToken` is false
set:
defaultBackend.enabled: true
defaultBackend.serviceAccount.automountServiceAccountToken: false
asserts:
- hasDocuments:
count: 1
- isKind:
of: ServiceAccount
- equal:
path: automountServiceAccountToken
value: false