Keep adding tests

db-operator · Oct 4, 2023 · 1f10685 · 1f10685
1 parent 9aa307f
commit 1f10685
Show file tree

Hide file tree

Showing 13 changed files with 274 additions and 89 deletions.
diff --git a/charts/db-operator/ci/0-crds-test-values.yaml b/charts/db-operator/ci/0-crds-test-values.yaml
@@ -0,0 +1,7 @@
+reconcileInterval: "10"
+crds:
+  keep: false
+tests:
+  crds:
+    enabled: true
+    installed: true
diff --git a/charts/db-operator/ci/0-nocrds-test-values.yaml b/charts/db-operator/ci/0-nocrds-test-values.yaml
@@ -0,0 +1,8 @@
+reconcileInterval: "10"
+crds:
+  keep: false
+  install: false
+tests:
+  crds:
+    enabled: true
+    installed: false
diff --git a/charts/db-operator/ci/gsql-test-values.yaml → ...ts/db-operator/ci/2-gsql-test-values.yaml b/charts/db-operator/ci/gsql-test-values.yaml → ...ts/db-operator/ci/2-gsql-test-values.yaml
@@ -1,6 +1,7 @@
 reconcileInterval: "10"
 crds:
   keep: false
+
 secrets:
   gsql:
     admin: |
@@ -32,14 +33,10 @@ secrets:
 tests:
   gsql:
     enabled: true
-    cleanup: true
     cloudishSQL:
       image:
         repository: ghcr.io/db-operator/cloudish-sql
         tag: v1.0.1
-    attempts:
-      amount: 10
-      timeout: 30
     dbin:
       adminUser: postgres
       adminPassword: Passw0rd

diff --git a/charts/db-operator/ci/ci-1-values.yaml → charts/db-operator/ci/ci-1.yaml b/charts/db-operator/ci/ci-1-values.yaml → charts/db-operator/ci/ci-1.yaml
diff --git a/charts/db-operator/ci/ci-2-values.yaml → charts/db-operator/ci/ci-2.yaml b/charts/db-operator/ci/ci-2-values.yaml → charts/db-operator/ci/ci-2.yaml
diff --git a/charts/db-operator/ci/ci-3-values.yaml → charts/db-operator/ci/ci-3.yaml b/charts/db-operator/ci/ci-3-values.yaml → charts/db-operator/ci/ci-3.yaml
@@ -1,3 +1,6 @@
+crds:
+  keep: false
+
 image:
   repository: ghcr.io/db-operator/db-operator
   pullPolicy: Always
@@ -25,23 +28,6 @@ podLabels:
   key1: value-one
   key2: value-two
 
-affinity:
-  nodeAffinity:
-    requiredDuringSchedulingIgnoredDuringExecution:
-      nodeSelectorTerms:
-        - matchExpressions:
-            - key: kubernetes.io/e2e-az-name
-              operator: In
-              values:
-                - e2e-eu1
-                - e2e-us2
-
-tolerations:
-  - key: "key1"
-    operator: "Equal"
-    value: "value1"
-    effect: "NoSchedule"
-
 config:
   instance:
     google:

diff --git a/charts/db-operator/ci/ci-4-values.yaml → charts/db-operator/ci/ci-4.yaml b/charts/db-operator/ci/ci-4-values.yaml → charts/db-operator/ci/ci-4.yaml
diff --git a/charts/db-operator/ci/ci-5-values.yaml → charts/db-operator/ci/ci-5.yaml b/charts/db-operator/ci/ci-5-values.yaml → charts/db-operator/ci/ci-5.yaml
diff --git a/charts/db-operator/notes.md b/charts/db-operator/notes.md
diff --git a/charts/db-operator/templates/NOTES.txt b/charts/db-operator/templates/NOTES.txt
@@ -87,4 +87,16 @@ Also, if you want to test your mysql installation, you need to
 provide a mysql server yourself. Test itself doesn't deploy a server
 {{- end }}
 
+{{- if .Values.tests.crds.enabled }}
+-----------------------------------------------------------------------
+You seem to have the crds test set to true, usually, 
+it shouldn't be done.
+
+!! This test uses a ClusterRole that has an access to all the resoucres
+in the cluster, so make sure that you want to run tests, 
+and not using this installation.
+
+Or set '.Values.tests.crds.enabled' to 'false'
+{{- end }}
+
 
diff --git a/charts/db-operator/templates/test/crds-test.yaml b/charts/db-operator/templates/test/crds-test.yaml
@@ -0,0 +1,149 @@
+{{- $version := semver .Capabilities.KubeVersion.Version }}
+{{- if .Values.tests.crds.enabled }}
+# ---------------------------------------------------------------------
+# -- Test that CRDs are installed
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "db-operator.name" . }}-test-script
+  labels:
+    {{- include "labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+    {{- if .Values.tests.cleanup }}
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+    {{- end }}
+    "helm.sh/hook-weight": "6"
+data:
+  test_crds.sh: |-
+    #!/bin/bash
+    ATTEMPTS_AMOUNT="{{ .Values.tests.attempts.amount }}"
+    ATTEMPTS_TIMEOUT="{{ .Values.tests.attempts.timeout }}"
+    CRDS=("databases.kinda.rocks" "dbinstances.kinda.rocks" "dbusers.kinda.rocks")
+    EXPECTED_STATUS=1
+    TEST_PASSED=false
+    x=1
+    while [ $x -le "${ATTEMPTS_AMOUNT}" ]; do
+      for CRD in "${CRDS[@]}"; do
+        SUCCESS=true
+        INSTALLED="{{ .Values.tests.crds.installed }}"
+        if ! kubectl get crd $CRD; then
+          SUCCESS=false
+          INSTALLED="false"
+          echo "[ERROR]: CRS ${CRS} is not in the wished state"
+          break;
+        fi;
+      
+      done
+      
+      if [ "${INSTALLED}" == "{{ .Values.tests.crds.installed }}" ]; then  
+        echo "[INFO]: Test is passed, CRDs installed -> {{ .Values.tests.crds.installed }}"
+        TEST_PASSED=true;
+        break;
+      fi
+      
+      echo "[INFO]: Sleeping ${ATTEMPTS_TIMEOUT} seconds"
+      sleep $ATTEMPTS_TIMEOUT
+      x=$(( $x + 1 ));
+    done
+    
+    if [ "${TEST_PASSED}" != "true" ]; then
+      echo "[ERROR]: Test is failed, check the kubectl get crds output"
+      echo $(kubectl get crds)
+      exit 1;
+    fi
+
+--- 
+# ---------------------------------------------------------------------
+# -- Prepare roles and bindings to access k8s resources from the test
+# ---------------------------------------------------------------------
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ template "db-operator.name" . }}-gsql-dbin-role
+  labels:
+    {{- include "labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+    {{- if .Values.tests.cleanup }}
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+    {{- end }}
+    "helm.sh/hook-weight": "1"
+rules:
+- apiGroups: ["*"]
+  resources: ["*"]
+  verbs: ["get", "list",]
+
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "db-operator.name" . }}-gsql-dbin-sa
+  labels:
+    {{- include "labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+    {{- if .Values.tests.cleanup }}
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+    {{- end }}
+    "helm.sh/hook-weight": "1"
+automountServiceAccountToken: true
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "db-operator.name" . }}-gsql-dbin-rb
+  labels:
+    {{- include "labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+    {{- if .Values.tests.cleanup }}
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+    {{- end }}
+    "helm.sh/hook-weight": "1"
+subjects:
+- kind: ServiceAccount
+  name: {{ template "db-operator.name" . }}-gsql-dbin-sa
+  namespace: {{ .Release.Namespace }}
+roleRef:
+  kind: ClusterRole
+  name: {{ template "db-operator.name" . }}-gsql-dbin-role
+  apiGroup: rbac.authorization.k8s.io
+
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: {{ template "db-operator.name" . }}-test
+  labels:
+    {{- include "labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+    {{- if .Values.tests.cleanup }}
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+    {{- end }}
+    "helm.sh/hook-weight": "7"
+spec:
+  serviceAccountName: {{ template "db-operator.name" . }}-gsql-dbin-sa
+  automountServiceAccountToken: true
+  volumes:
+    - name: test-script
+      configMap:
+        name: {{ template "db-operator.name" . }}-test-script
+  containers:
+    - name: tester
+      image: alpine/k8s:{{ $version.Major }}.{{ $version.Minor }}.{{ $version.Patch }}
+      volumeMounts:
+        - name: test-script
+          readOnly: true
+          mountPath: /test_crds.sh
+          subPath: test_crds.sh
+      command: 
+        - bash
+      args:
+        - -e
+        - /test_crds.sh
+  restartPolicy: Never
+{{- end }}