chart/library/common-test/tests/container/envFixed_test.yaml

suite: container envFixed test
templates:
  - common.yaml
tests:
  - it: should create the correct fixed envs
    set:
      image: &image
        repository: nginx
        tag: 1.19.0
        pullPolicy: IfNotPresent
      TZ: Europe/London
      workload:
        workload-name:
          enabled: true
          primary: true
          type: Deployment
          podSpec:
            containers:
              container-name1:
                enabled: true
                primary: true
                imageSelector: image
                probes: &probes
                  liveness:
                    enabled: false
                  readiness:
                    enabled: false
                  startup:
                    enabled: false
    asserts:
      - documentIndex: &deploymentDoc 0
        isKind:
          of: Deployment
      - documentIndex: *deploymentDoc
        isAPIVersion:
          of: apps/v1
      - documentIndex: *deploymentDoc
        isSubset:
          path: spec.template.spec.containers[0]
          content:
            env:
              - name: TZ
                value: Europe/London
              - name: UMASK
                value: "002"
              - name: UMASK_SET
                value: "002"
              - name: S6_READ_ONLY_ROOT
                value: "1"

  - it: should create the correct fixed envs when running as root
    set:
      image: *image
      TZ: Europe/London
      securityContext:
        container:
          runAsUser: 0
          runAsGroup: 0
          runAsNonRoot: false
      workload:
        workload-name:
          enabled: true
          primary: true
          type: Deployment
          podSpec:
            containers:
              container-name1:
                enabled: true
                primary: true
                imageSelector: image
                probes: *probes
    asserts:
      - documentIndex: &deploymentDoc 0
        isKind:
          of: Deployment
      - documentIndex: *deploymentDoc
        isAPIVersion:
          of: apps/v1
      - documentIndex: *deploymentDoc
        isSubset:
          path: spec.template.spec.containers[0]
          content:
            env:
              - name: TZ
                value: Europe/London
              - name: UMASK
                value: "002"
              - name: UMASK_SET
                value: "002"
              - name: PUID
                value: "568"
              - name: USER_ID
                value: "568"
              - name: UID
                value: "568"
              - name: PGID
                value: "568"
              - name: GROUP_ID
                value: "568"
              - name: GID
                value: "568"
              - name: S6_READ_ONLY_ROOT
                value: "1"

  - it: should create the correct fixed envs when running as root and changed fsGroup
    set:
      image: *image
      TZ: Europe/London
      securityContext:
        container:
          runAsUser: 0
          runAsGroup: 0
          runAsNonRoot: false
      workload:
        workload-name:
          enabled: true
          primary: true
          type: Deployment
          podSpec:
            securityContext:
              fsGroup: 1000
            containers:
              container-name1:
                enabled: true
                primary: true
                imageSelector: image
                probes: *probes
    asserts:
      - documentIndex: &deploymentDoc 0
        isKind:
          of: Deployment
      - documentIndex: *deploymentDoc
        isAPIVersion:
          of: apps/v1
      - documentIndex: *deploymentDoc
        isSubset:
          path: spec.template.spec.containers[0]
          content:
            env:
              - name: TZ
                value: Europe/London
              - name: UMASK
                value: "002"
              - name: UMASK_SET
                value: "002"
              - name: PUID
                value: "568"
              - name: USER_ID
                value: "568"
              - name: UID
                value: "568"
              - name: PGID
                value: "1000"
              - name: GROUP_ID
                value: "1000"
              - name: GID
                value: "1000"
              - name: S6_READ_ONLY_ROOT
                value: "1"

  - it: should create the correct fixed envs when running as root and not readonly
    set:
      image: *image
      TZ: Europe/London
      securityContext:
        container:
          runAsUser: 0
          runAsGroup: 0
          runAsNonRoot: false
          readOnlyRootFilesystem: false
      workload:
        workload-name:
          enabled: true
          primary: true
          type: Deployment
          podSpec:
            containers:
              container-name1:
                enabled: true
                primary: true
                imageSelector: image
                probes: *probes
    asserts:
      - documentIndex: &deploymentDoc 0
        isKind:
          of: Deployment
      - documentIndex: *deploymentDoc
        isAPIVersion:
          of: apps/v1
      - documentIndex: *deploymentDoc
        isSubset:
          path: spec.template.spec.containers[0]
          content:
            env:
              - name: TZ
                value: Europe/London
              - name: UMASK
                value: "002"
              - name: UMASK_SET
                value: "002"
              - name: PUID
                value: "568"
              - name: USER_ID
                value: "568"
              - name: UID
                value: "568"
              - name: PGID
                value: "568"
              - name: GROUP_ID
                value: "568"
              - name: GID
                value: "568"

  - it: should create the correct fixed envs with GPU
    set:
      scaleGPU:
        - gpu:
            nvidia.com/gpu: 1
          targetSelector:
            workload-name:
              - container-name1
      image: *image
      TZ: Europe/London
      resources:
        NVIDIA_CAPS:
          - compute
          - video
      workload:
        workload-name:
          enabled: true
          primary: true
          type: Deployment
          podSpec:
            containers:
              container-name1:
                enabled: true
                primary: true
                imageSelector: image
                probes: *probes
    asserts:
      - documentIndex: &deploymentDoc 0
        isKind:
          of: Deployment
      - documentIndex: *deploymentDoc
        isAPIVersion:
          of: apps/v1
      - documentIndex: *deploymentDoc
        isSubset:
          path: spec.template.spec.containers[0]
          content:
            env:
              - name: TZ
                value: Europe/London
              - name: UMASK
                value: "002"
              - name: UMASK_SET
                value: "002"
              - name: NVIDIA_DRIVER_CAPABILITIES
                value: "compute,video"
              - name: S6_READ_ONLY_ROOT
                value: "1"

  - it: should create the correct fixed envs with GPU and overridden on container level
    set:
      scaleGPU:
        - gpu:
            nvidia.com/gpu: 1
          targetSelector:
            workload-name:
              - container-name1
      image: *image
      TZ: Europe/London
      resources:
        NVIDIA_CAPS:
          - compute
          - video
      workload:
        workload-name:
          enabled: true
          primary: true
          type: Deployment
          podSpec:
            containers:
              container-name1:
                enabled: true
                primary: true
                imageSelector: image
                probes: *probes
                fixedEnv:
                  NVIDIA_CAPS:
                    - all
    asserts:
      - documentIndex: &deploymentDoc 0
        isKind:
          of: Deployment
      - documentIndex: *deploymentDoc
        isAPIVersion:
          of: apps/v1
      - documentIndex: *deploymentDoc
        isSubset:
          path: spec.template.spec.containers[0]
          content:
            env:
              - name: TZ
                value: Europe/London
              - name: UMASK
                value: "002"
              - name: UMASK_SET
                value: "002"
              - name: NVIDIA_DRIVER_CAPABILITIES
                value: "all"
              - name: S6_READ_ONLY_ROOT
                value: "1"

  - it: should create the correct fixed envs with PUID set to 0 on container level
    set:
      image: *image
      workload:
        workload-name:
          enabled: true
          primary: true
          type: Deployment
          podSpec:
            containers:
              container-name1:
                enabled: true
                primary: true
                imageSelector: image
                probes: *probes
                fixedEnv:
                  PUID: 0
                securityContext:
                  runAsUser: 0
                  runAsGroup: 0
                  runAsNonRoot: false
    asserts:
      - documentIndex: &deploymentDoc 0
        isKind:
          of: Deployment
      - documentIndex: *deploymentDoc
        isAPIVersion:
          of: apps/v1
      - documentIndex: *deploymentDoc
        isSubset:
          path: spec.template.spec.containers[0]
          content:
            env:
              - name: TZ
                value: UTC
              - name: UMASK
                value: "002"
              - name: UMASK_SET
                value: "002"
              - name: PUID
                value: "0"
              - name: USER_ID
                value: "0"
              - name: UID
                value: "0"
              - name: PGID
                value: "568"
              - name: GROUP_ID
                value: "568"
              - name: GID
                value: "568"
              - name: S6_READ_ONLY_ROOT
                value: "1"

  # Failures
  - it: it should fail with NVIDIA_CAPS having invalid values
    set:
      image: *image
      workload:
        workload-name:
          enabled: true
          primary: true
          type: Deployment
          podSpec:
            containers:
              container-name1:
                enabled: true
                primary: true
                imageSelector: image
                probes: *probes
                fixedEnv:
                  NVIDIA_CAPS:
                    - invalid
                    - compute
    asserts:
      - failedTemplate:
          errorMessage: Container - Expected <fixedEnv.NVIDIA_CAPS> entry to be one of [all, compute, utility, graphics, video], but got [invalid]

  - it: it should fail with NVIDIA_CAPS not having unique values
    set:
      image: *image
      workload:
        workload-name:
          enabled: true
          primary: true
          type: Deployment
          podSpec:
            containers:
              container-name1:
                enabled: true
                primary: true
                imageSelector: image
                probes: *probes
                fixedEnv:
                  NVIDIA_CAPS:
                    - compute
                    - compute
    asserts:
      - failedTemplate:
          errorMessage: Container - Expected <fixedEnv.NVIDIA_CAPS> to have only unique values, but got [compute, compute]