mirror of
https://github.com/truenas/charts.git
synced 2026-04-13 15:49:50 +08:00
929e60d801
* Adapt charts CI and improve/fix common * add check on permissions contaienr * add postgres template * update comments * Update create_app.sh * add check * update script * auto gen item.yaml from Chart,yaml * rename readme on dest * duplicate readme from the same source * correct comment * reoder * remove extra space * keep both README and app-readme * update regex, to also allow 2 letter names, which is also valid * No need to check host network if there aren't any pod values * use same pattern as the pod.name label (not prepending release-name * update deps * add chart dirs to ci * Add a validation to check if there is any yaml errors after merging files * update charts path on ci * common/1.0.0/ -> common/ * update common-test dep path * temp update create_app script * make permissions container name configurable, incase we want to change order of execution * update naming convention * fix typo and a missed name change * do not allow `--` in names
715 lines
20 KiB
YAML
715 lines
20 KiB
YAML
suite: container volumeMounts test
|
|
templates:
|
|
- common.yaml
|
|
tests:
|
|
- it: should pass with shared volume on multiple workloads and containers with targetSelectAll
|
|
set:
|
|
some_path: /some/path
|
|
image: &image
|
|
repository: nginx
|
|
tag: 1.19.0
|
|
pullPolicy: IfNotPresent
|
|
workload:
|
|
workload-name:
|
|
enabled: true
|
|
primary: true
|
|
type: Deployment
|
|
podSpec:
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
probes: &probes
|
|
liveness:
|
|
enabled: false
|
|
readiness:
|
|
enabled: false
|
|
startup:
|
|
enabled: false
|
|
container-name2:
|
|
enabled: true
|
|
primary: false
|
|
imageSelector: image
|
|
probes: *probes
|
|
workload-name2:
|
|
enabled: true
|
|
primary: false
|
|
type: Job
|
|
podSpec:
|
|
restartPolicy: Never
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
probes: *probes
|
|
container-name2:
|
|
enabled: true
|
|
primary: false
|
|
imageSelector: image
|
|
probes: *probes
|
|
persistence:
|
|
shared-vol:
|
|
enabled: true
|
|
type: emptyDir
|
|
mountPath: "{{ .Values.some_path }}"
|
|
targetSelectAll: true
|
|
asserts:
|
|
- documentIndex: &deploymentDoc 0
|
|
isKind:
|
|
of: Deployment
|
|
- documentIndex: *deploymentDoc
|
|
isAPIVersion:
|
|
of: apps/v1
|
|
- documentIndex: *deploymentDoc
|
|
contains:
|
|
path: spec.template.spec.containers[0].volumeMounts
|
|
content:
|
|
name: shared-vol
|
|
mountPath: /some/path
|
|
readOnly: false
|
|
- documentIndex: *deploymentDoc
|
|
contains:
|
|
path: spec.template.spec.containers[1].volumeMounts
|
|
content:
|
|
name: shared-vol
|
|
mountPath: /some/path
|
|
readOnly: false
|
|
- documentIndex: &jobDoc 1
|
|
isKind:
|
|
of: Job
|
|
- documentIndex: *jobDoc
|
|
isAPIVersion:
|
|
of: batch/v1
|
|
- documentIndex: *jobDoc
|
|
contains:
|
|
path: spec.template.spec.containers[0].volumeMounts
|
|
content:
|
|
name: shared-vol
|
|
mountPath: /some/path
|
|
readOnly: false
|
|
- documentIndex: *jobDoc
|
|
contains:
|
|
path: spec.template.spec.containers[1].volumeMounts
|
|
content:
|
|
name: shared-vol
|
|
mountPath: /some/path
|
|
readOnly: false
|
|
|
|
- it: should pass with volume on primary workload and container
|
|
set:
|
|
image: *image
|
|
workload:
|
|
workload-name:
|
|
enabled: true
|
|
primary: true
|
|
type: Deployment
|
|
podSpec:
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
probes: *probes
|
|
container-name2:
|
|
enabled: true
|
|
primary: false
|
|
imageSelector: image
|
|
probes: *probes
|
|
workload-name2:
|
|
enabled: true
|
|
primary: false
|
|
type: Job
|
|
podSpec:
|
|
restartPolicy: Never
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
probes: *probes
|
|
container-name2:
|
|
enabled: true
|
|
primary: false
|
|
imageSelector: image
|
|
probes: *probes
|
|
persistence:
|
|
some-vol:
|
|
enabled: true
|
|
type: emptyDir
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
asserts:
|
|
- documentIndex: &deploymentDoc 0
|
|
isKind:
|
|
of: Deployment
|
|
- documentIndex: *deploymentDoc
|
|
isAPIVersion:
|
|
of: apps/v1
|
|
- documentIndex: *deploymentDoc
|
|
contains:
|
|
path: spec.template.spec.containers[0].volumeMounts
|
|
content:
|
|
name: some-vol
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
- documentIndex: *deploymentDoc
|
|
isNull:
|
|
path: spec.template.spec.containers[1].volumeMounts
|
|
- documentIndex: &jobDoc 1
|
|
isKind:
|
|
of: Job
|
|
- documentIndex: *jobDoc
|
|
isAPIVersion:
|
|
of: batch/v1
|
|
- documentIndex: *jobDoc
|
|
isNull:
|
|
path: spec.template.spec.containers[0].volumeMounts
|
|
- documentIndex: *jobDoc
|
|
isNull:
|
|
path: spec.template.spec.containers[1].volumeMounts
|
|
|
|
- it: should pass with volume with selected pod and container
|
|
set:
|
|
image: *image
|
|
workload:
|
|
workload-name:
|
|
enabled: true
|
|
primary: true
|
|
type: Deployment
|
|
podSpec:
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
probes: *probes
|
|
container-name2:
|
|
enabled: true
|
|
primary: false
|
|
imageSelector: image
|
|
probes: *probes
|
|
workload-name2:
|
|
enabled: true
|
|
primary: false
|
|
type: Job
|
|
podSpec:
|
|
restartPolicy: Never
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
probes: *probes
|
|
container-name2:
|
|
enabled: true
|
|
primary: false
|
|
imageSelector: image
|
|
probes: *probes
|
|
persistence:
|
|
some-vol:
|
|
enabled: true
|
|
type: emptyDir
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
targetSelector:
|
|
workload-name:
|
|
container-name2: {}
|
|
workload-name2:
|
|
container-name1: {}
|
|
asserts:
|
|
- documentIndex: &deploymentDoc 0
|
|
isKind:
|
|
of: Deployment
|
|
- documentIndex: *deploymentDoc
|
|
isAPIVersion:
|
|
of: apps/v1
|
|
- documentIndex: *deploymentDoc
|
|
isNull:
|
|
path: spec.template.spec.containers[0].volumeMounts
|
|
- documentIndex: *deploymentDoc
|
|
contains:
|
|
path: spec.template.spec.containers[1].volumeMounts
|
|
content:
|
|
name: some-vol
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
- documentIndex: &jobDoc 1
|
|
isKind:
|
|
of: Job
|
|
- documentIndex: *jobDoc
|
|
isAPIVersion:
|
|
of: batch/v1
|
|
- documentIndex: *jobDoc
|
|
contains:
|
|
path: spec.template.spec.containers[0].volumeMounts
|
|
content:
|
|
name: some-vol
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
- documentIndex: *jobDoc
|
|
isNull:
|
|
path: spec.template.spec.containers[1].volumeMounts
|
|
|
|
- it: should pass with volume with selected pod and multiple containers
|
|
set:
|
|
image: *image
|
|
workload:
|
|
workload-name:
|
|
enabled: true
|
|
primary: true
|
|
type: Deployment
|
|
podSpec:
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
probes: *probes
|
|
container-name2:
|
|
enabled: true
|
|
primary: false
|
|
imageSelector: image
|
|
probes: *probes
|
|
workload-name2:
|
|
enabled: true
|
|
primary: false
|
|
type: Job
|
|
podSpec:
|
|
restartPolicy: Never
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
probes: *probes
|
|
container-name2:
|
|
enabled: true
|
|
primary: false
|
|
imageSelector: image
|
|
probes: *probes
|
|
persistence:
|
|
some-vol:
|
|
enabled: true
|
|
type: emptyDir
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
targetSelector:
|
|
workload-name:
|
|
container-name1: {}
|
|
container-name2: {}
|
|
asserts:
|
|
- documentIndex: &deploymentDoc 0
|
|
isKind:
|
|
of: Deployment
|
|
- documentIndex: *deploymentDoc
|
|
isAPIVersion:
|
|
of: apps/v1
|
|
- documentIndex: *deploymentDoc
|
|
contains:
|
|
path: spec.template.spec.containers[0].volumeMounts
|
|
content:
|
|
name: some-vol
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
- documentIndex: *deploymentDoc
|
|
contains:
|
|
path: spec.template.spec.containers[1].volumeMounts
|
|
content:
|
|
name: some-vol
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
- documentIndex: &jobDoc 1
|
|
isKind:
|
|
of: Job
|
|
- documentIndex: *jobDoc
|
|
isAPIVersion:
|
|
of: batch/v1
|
|
- documentIndex: *jobDoc
|
|
isNull:
|
|
path: spec.template.spec.containers[0].volumeMounts
|
|
- documentIndex: *jobDoc
|
|
isNull:
|
|
path: spec.template.spec.containers[1].volumeMounts
|
|
|
|
- it: should pass with volume with selected pod and containers and specific values
|
|
set:
|
|
image: *image
|
|
workload:
|
|
workload-name:
|
|
enabled: true
|
|
primary: true
|
|
type: Deployment
|
|
podSpec:
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
probes: *probes
|
|
container-name2:
|
|
enabled: true
|
|
primary: false
|
|
imageSelector: image
|
|
probes: *probes
|
|
workload-name2:
|
|
enabled: true
|
|
primary: false
|
|
type: Job
|
|
podSpec:
|
|
restartPolicy: Never
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
probes: *probes
|
|
container-name2:
|
|
enabled: true
|
|
primary: false
|
|
imageSelector: image
|
|
probes: *probes
|
|
persistence:
|
|
some-vol:
|
|
enabled: true
|
|
type: emptyDir
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
targetSelector:
|
|
workload-name:
|
|
container-name1:
|
|
mountPath: /some/other/path
|
|
readOnly: false
|
|
mountPropagation: None
|
|
subPath: /some/sub/path
|
|
container-name2: {}
|
|
asserts:
|
|
- documentIndex: &deploymentDoc 0
|
|
isKind:
|
|
of: Deployment
|
|
- documentIndex: *deploymentDoc
|
|
isAPIVersion:
|
|
of: apps/v1
|
|
- documentIndex: *deploymentDoc
|
|
contains:
|
|
path: spec.template.spec.containers[0].volumeMounts
|
|
content:
|
|
name: some-vol
|
|
mountPath: /some/other/path
|
|
readOnly: false
|
|
mountPropagation: None
|
|
subPath: /some/sub/path
|
|
- documentIndex: *deploymentDoc
|
|
contains:
|
|
path: spec.template.spec.containers[1].volumeMounts
|
|
content:
|
|
name: some-vol
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
- documentIndex: &jobDoc 1
|
|
isKind:
|
|
of: Job
|
|
- documentIndex: *jobDoc
|
|
isAPIVersion:
|
|
of: batch/v1
|
|
- documentIndex: *jobDoc
|
|
isNull:
|
|
path: spec.template.spec.containers[0].volumeMounts
|
|
- documentIndex: *jobDoc
|
|
isNull:
|
|
path: spec.template.spec.containers[1].volumeMounts
|
|
|
|
- it: should pass with volume with selected pod and containers and specific values from tpl
|
|
set:
|
|
some_path: /some/other/path
|
|
some_propagation: None
|
|
some_sub_path: /some/sub/path
|
|
image: *image
|
|
workload:
|
|
workload-name:
|
|
enabled: true
|
|
primary: true
|
|
type: Deployment
|
|
podSpec:
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
probes: *probes
|
|
container-name2:
|
|
enabled: true
|
|
primary: false
|
|
imageSelector: image
|
|
probes: *probes
|
|
persistence:
|
|
some-vol:
|
|
enabled: true
|
|
type: emptyDir
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
targetSelector:
|
|
workload-name:
|
|
container-name1:
|
|
mountPath: "{{ .Values.some_path }}"
|
|
readOnly: false
|
|
mountPropagation: "{{ .Values.some_propagation }}"
|
|
subPath: "{{ .Values.some_sub_path }}"
|
|
container-name2: {}
|
|
asserts:
|
|
- documentIndex: &deploymentDoc 0
|
|
isKind:
|
|
of: Deployment
|
|
- documentIndex: *deploymentDoc
|
|
isAPIVersion:
|
|
of: apps/v1
|
|
- documentIndex: *deploymentDoc
|
|
contains:
|
|
path: spec.template.spec.containers[0].volumeMounts
|
|
content:
|
|
name: some-vol
|
|
mountPath: /some/other/path
|
|
readOnly: false
|
|
mountPropagation: None
|
|
subPath: /some/sub/path
|
|
- documentIndex: *deploymentDoc
|
|
contains:
|
|
path: spec.template.spec.containers[1].volumeMounts
|
|
content:
|
|
name: some-vol
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
|
|
- it: should pass with cert mounted as volume with subPath
|
|
set:
|
|
image: *image
|
|
ixCertificates:
|
|
"1":
|
|
certificate: some_cert
|
|
key: some_key
|
|
scaleCertificate:
|
|
cert-name:
|
|
enabled: false
|
|
id: 1
|
|
workload:
|
|
workload-name:
|
|
enabled: true
|
|
primary: true
|
|
type: Deployment
|
|
podSpec:
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
probes: *probes
|
|
persistence:
|
|
cert-vol:
|
|
enabled: true
|
|
type: secret
|
|
objectName: cert-name
|
|
readOnly: true
|
|
targetSelector:
|
|
workload-name:
|
|
container-name1:
|
|
mountPath: /some/path/cert.crt
|
|
readOnly: true
|
|
subPath: cert.crt
|
|
asserts:
|
|
- documentIndex: &deploymentDoc 0
|
|
isKind:
|
|
of: Deployment
|
|
- documentIndex: *deploymentDoc
|
|
isAPIVersion:
|
|
of: apps/v1
|
|
- documentIndex: *deploymentDoc
|
|
contains:
|
|
path: spec.template.spec.containers[0].volumeMounts
|
|
content:
|
|
name: cert-vol
|
|
mountPath: /some/path/cert.crt
|
|
readOnly: true
|
|
subPath: cert.crt
|
|
|
|
- it: should pass with cert mounted as volume with subPath
|
|
set:
|
|
image: *image
|
|
ixCertificates:
|
|
"1":
|
|
certificate: some_cert
|
|
key: some_key
|
|
scaleCertificate:
|
|
cert-name:
|
|
enabled: false
|
|
id: 1
|
|
workload:
|
|
workload-name:
|
|
enabled: true
|
|
primary: true
|
|
type: Deployment
|
|
podSpec:
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
probes: *probes
|
|
persistence:
|
|
cert-vol:
|
|
enabled: true
|
|
type: secret
|
|
objectName: cert-name
|
|
readOnly: true
|
|
items:
|
|
- key: tls.crt
|
|
path: cert.crt
|
|
targetSelector:
|
|
workload-name:
|
|
container-name1:
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
asserts:
|
|
- documentIndex: &deploymentDoc 0
|
|
isKind:
|
|
of: Deployment
|
|
- documentIndex: *deploymentDoc
|
|
isAPIVersion:
|
|
of: apps/v1
|
|
- documentIndex: *deploymentDoc
|
|
contains:
|
|
path: spec.template.spec.containers[0].volumeMounts
|
|
content:
|
|
name: cert-vol
|
|
mountPath: /some/path
|
|
readOnly: true
|
|
|
|
# Failures
|
|
- it: should fail with invalid mountPropagation
|
|
set:
|
|
image: *image
|
|
workload:
|
|
workload-name: &workload
|
|
enabled: true
|
|
primary: true
|
|
type: Deployment
|
|
podSpec:
|
|
containers:
|
|
container-name1:
|
|
enabled: true
|
|
primary: true
|
|
imageSelector: image
|
|
persistence:
|
|
vol-name:
|
|
enabled: true
|
|
type: emptyDir
|
|
mountPath: /some/path
|
|
mountPropagation: HostToContainer
|
|
targetSelector:
|
|
workload-name:
|
|
container-name1:
|
|
mountPropagation: invalid
|
|
asserts:
|
|
- failedTemplate:
|
|
errorMessage: Persistence - Expected <mountPropagation> to be one of [None, HostToContainer, Bidirectional], but got [invalid]
|
|
|
|
- it: should fail with non-boolean readOnly
|
|
set:
|
|
image: *image
|
|
workload:
|
|
workload-name: *workload
|
|
persistence:
|
|
vol-name:
|
|
enabled: true
|
|
type: emptyDir
|
|
mountPath: /some/path
|
|
targetSelector:
|
|
workload-name:
|
|
container-name1:
|
|
readOnly: invalid
|
|
asserts:
|
|
- failedTemplate:
|
|
errorMessage: Persistence - Expected <readOnly> to be [boolean], but got [string]
|
|
|
|
- it: should fail with empty readOnly
|
|
set:
|
|
image: *image
|
|
workload:
|
|
workload-name: *workload
|
|
persistence:
|
|
vol-name:
|
|
enabled: true
|
|
type: emptyDir
|
|
mountPath: /some/path
|
|
targetSelector:
|
|
workload-name:
|
|
container-name1:
|
|
readOnly:
|
|
asserts:
|
|
- failedTemplate:
|
|
errorMessage: Persistence - Expected <readOnly> to be [boolean], but got [invalid]
|
|
|
|
- it: should fail with empty mountPath
|
|
set:
|
|
image: *image
|
|
workload:
|
|
workload-name: *workload
|
|
persistence:
|
|
vol-name:
|
|
enabled: true
|
|
type: emptyDir
|
|
mountPath: ""
|
|
targetSelector:
|
|
workload-name:
|
|
container-name1: {}
|
|
asserts:
|
|
- failedTemplate:
|
|
errorMessage: Persistence - Expected non-empty <mountPath>
|
|
|
|
- it: should fail with mountPath not starting with /
|
|
set:
|
|
image: *image
|
|
workload:
|
|
workload-name: *workload
|
|
persistence:
|
|
vol-name:
|
|
enabled: true
|
|
type: emptyDir
|
|
targetSelector:
|
|
workload-name:
|
|
container-name1:
|
|
mountPath: some/path
|
|
asserts:
|
|
- failedTemplate:
|
|
errorMessage: Persistence - Expected <mountPath> to start with a forward slash [/]
|
|
|
|
- it: should fail with non-dict targetSelect.workloadName
|
|
set:
|
|
image: *image
|
|
workload:
|
|
workload-name: *workload
|
|
persistence:
|
|
vol-name:
|
|
enabled: true
|
|
type: emptyDir
|
|
targetSelector:
|
|
workload-name: string
|
|
asserts:
|
|
- failedTemplate:
|
|
errorMessage: Persistence - Expected <targetSelector.workload-name> to be a [dict], but got [string]
|
|
|
|
- it: should fail with empty targetSelect.workloadName
|
|
set:
|
|
image: *image
|
|
workload:
|
|
workload-name: *workload
|
|
persistence:
|
|
vol-name:
|
|
enabled: true
|
|
type: emptyDir
|
|
targetSelector:
|
|
workload-name: {}
|
|
asserts:
|
|
- failedTemplate:
|
|
errorMessage: Persistence - Expected non-empty <targetSelector.workload-name>
|