Skip to content

Commit

Permalink
Test update
Browse files Browse the repository at this point in the history
  • Loading branch information
@sheidkamp
sheidkamp committed Aug 8, 2024
1 parent e6db081 commit bb0ecd6
Showing 1 changed file with 100 additions and 0 deletions.
100 changes: 100 additions & 0 deletions codegen/cmd_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2341,6 +2341,105 @@ roleRef:
}),
)

DescribeTable("rendering with GlobalFloatingUserId",
func(floatingUserId bool) {
cmd := &Command{
Chart: &Chart{
Operators: []Operator{
{
Name: "painter",
Deployment: Deployment{
Container: Container{
Image: Image{
Tag: "v0.0.0",
Repository: "painter",
Registry: "quay.io/solo-io",
PullPolicy: "IfNotPresent",
},
},
},
GlobalFloatingUserIdPath: ".Values.global.securitySettings.floatingUserId",
},
},
// Because the global override comes from .Values it has to be set here, not on the painter
Values: map[string]interface{}{
"global": map[string]interface{}{
"securitySettings": map[string]interface{}{
"floatingUserId": floatingUserId,
},
},
},
Data: Data{
ApiVersion: "v1",
Description: "",
Name: "Painting Operator",
Version: "v0.0.1",
Home: "https://docs.solo.io/skv2/latest",
Sources: []string{
"https://github.com/solo-io/skv2",
},
},
},

ManifestRoot: "codegen/test/chart",
}

err := cmd.Execute()
Expect(err).NotTo(HaveOccurred())

runAsUser := 202020
runAsGroup := 999
painterValues := map[string]interface{}{
"enabled": true,
"runAsUser": runAsUser,
"podSecurityContext": map[string]interface{}{
"runAsUser": runAsUser,
"fsGroup": runAsGroup,
},
}

helmValues := map[string]interface{}{"painter": painterValues}

renderedManifests := helmTemplate("./codegen/test/chart", helmValues)

var renderedDeployment *appsv1.Deployment
decoder := kubeyaml.NewYAMLOrJSONDecoder(bytes.NewBuffer(renderedManifests), 4096)
for {
obj := &unstructured.Unstructured{}
err := decoder.Decode(obj)
if err != nil {
break
}
if obj.GetName() != "painter" || obj.GetKind() != "Deployment" {
continue
}

bytes, err := obj.MarshalJSON()
Expect(err).NotTo(HaveOccurred())
renderedDeployment = &appsv1.Deployment{}
err = json.Unmarshal(bytes, renderedDeployment)
Expect(err).NotTo(HaveOccurred())
}

Expect(renderedDeployment).NotTo(BeNil())
renderedRunAsUser := renderedDeployment.Spec.Template.Spec.Containers[0].SecurityContext.RunAsUser
renderedPodSecurityContext := renderedDeployment.Spec.Template.Spec.SecurityContext

// When using the global floatingUserId, the container runAsUser and RunAsUser should not be set
if floatingUserId {
Expect(renderedRunAsUser).To(BeNil())
Expect(renderedPodSecurityContext).To(BeNil())
} else {
Expect(*renderedRunAsUser).To(Equal(int64(runAsUser)))
Expect(*renderedPodSecurityContext.RunAsUser).To(Equal(int64(runAsUser)))
Expect(*renderedPodSecurityContext.FSGroup).To(Equal(int64(runAsGroup)))
}

},
Entry("Global floatingUserId is true", true),
Entry("Global floatingUserId is false", false),
)

Describe("rendering template env vars", func() {
var tmpDir string

Expand Down Expand Up @@ -3291,6 +3390,7 @@ func helmTemplate(path string, values interface{}) []byte {

out, err := cc.CombinedOutput()
ExpectWithOffset(0, err).NotTo(HaveOccurred(), string(out))
fmt.Println("OUT", string(out))
return out
}

Expand Down

0 comments on commit bb0ecd6

Please sign in to comment.