Skip to content
This repository was archived by the owner on Dec 6, 2024. It is now read-only.

Commit 4cf10fb

Browse files
shanduurshanduur-akamai
shanduur
authored and
shanduur-akamai
committed
refactor: values bindings and functions instead of templating
Signed-off-by: Mateusz Urbanek <[email protected]>
1 parent 264751b commit 4cf10fb

File tree

2 files changed

+276
-0
lines changed

2 files changed

+276
-0
lines changed

test/e2e/chainsaw-test.yaml

+265
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,265 @@
1+
---
2+
# yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/test-chainsaw-v1alpha1.json
3+
apiVersion: chainsaw.kyverno.io/v1alpha1
4+
kind: Test
5+
metadata:
6+
name: generic-test
7+
spec:
8+
template: true
9+
bindings:
10+
- name: driverName
11+
value: ($values.driverName)
12+
- name: deletionPolicy
13+
value: ($values.deletionPolicy)
14+
- name: bucketClassParams
15+
value: ($values.bucketClassParams)
16+
- name: bucketAccessClassParams
17+
value: ($values.bucketAccessClassParams)
18+
- name: authenticationType
19+
value: ($values.authenticationType)
20+
- name: bucketClaimProtocols
21+
value: ($values.bucketClaimProtocols)
22+
- name: bucketAccessProtocol
23+
value: ($values.bucketAccessProtocol)
24+
steps:
25+
- name: Check if COSI Controller exist
26+
try:
27+
- assert:
28+
resource:
29+
apiVersion: apps/v1
30+
kind: Deployment
31+
metadata:
32+
name: objectstorage-controller
33+
namespace: default
34+
status:
35+
availableReplicas: 1
36+
- name: Create test BucketClass and BucketAccessClass
37+
try:
38+
- apply:
39+
resource:
40+
apiVersion: objectstorage.k8s.io/v1alpha1
41+
kind: BucketClass
42+
metadata:
43+
name: ($namespace)
44+
driverName: ($driverName)
45+
deletionPolicy: ($deletionPolicy)
46+
parameters: ($bucketClassParams)
47+
- apply:
48+
resource:
49+
apiVersion: objectstorage.k8s.io/v1alpha1
50+
kind: BucketAccessClass
51+
metadata:
52+
name: ($namespace)
53+
driverName: ($driverName)
54+
authenticationType: ($authenticationType)
55+
parameters: ($bucketAccessClassParams)
56+
- name: Create BucketClaim
57+
try:
58+
- apply:
59+
resource:
60+
apiVersion: objectstorage.k8s.io/v1alpha1
61+
kind: BucketClaim
62+
metadata:
63+
name: ($namespace)
64+
spec:
65+
bucketClassName: ($namespace)
66+
protocols: ($bucketClaimProtocols)
67+
- name: Check if BucketClaim is ready
68+
try:
69+
- assert:
70+
resource:
71+
apiVersion: objectstorage.k8s.io/v1alpha1
72+
kind: BucketClaim
73+
metadata:
74+
name: ($namespace)
75+
status:
76+
bucketReady: true
77+
- name: Create BucketAccess
78+
try:
79+
- apply:
80+
resource:
81+
apiVersion: objectstorage.k8s.io/v1alpha1
82+
kind: BucketAccess
83+
metadata:
84+
name: ($namespace)
85+
spec:
86+
bucketClaimName: ($namespace)
87+
protocol: ($bucketAccessProtocol)
88+
bucketAccessClassName: ($namespace)
89+
credentialsSecretName: ($namespace)
90+
serviceAccountName: ($namespace)
91+
- name: Check if BucketAccess is granted
92+
try:
93+
- assert:
94+
resource:
95+
apiVersion: objectstorage.k8s.io/v1alpha1
96+
kind: BucketAccess
97+
metadata:
98+
name: ($namespace)
99+
status:
100+
accessGranted: true
101+
- name: Check if Secret exists
102+
try:
103+
- assert:
104+
resource:
105+
apiVersion: v1
106+
kind: Secret
107+
metadata:
108+
name: ($namespace)
109+
- name: Run ObjectStorage validation tool
110+
# TODO: This should be either a standalone test tool developed by us, to run test suite:
111+
# - validate Secret format;
112+
# - validate connectivity to the Object Storage server;
113+
# Right now it is using busybox to check if the secret has correct format.
114+
try:
115+
- apply:
116+
resource:
117+
apiVersion: v1
118+
kind: ConfigMap
119+
metadata:
120+
name: validation
121+
data:
122+
schema.json: |
123+
{
124+
"$schema": "http://json-schema.org/draft-07/schema#",
125+
"type": "object",
126+
"properties": {
127+
"spec": {
128+
"type": "object",
129+
"properties": {
130+
"bucketName": {
131+
"type": "string"
132+
},
133+
"authenticationType": {
134+
"type": "string",
135+
"enum": [
136+
"IAM",
137+
"Key"
138+
]
139+
},
140+
"protocols": {
141+
"type": "array",
142+
"items": {
143+
"type": "string",
144+
"enum": [
145+
"S3",
146+
"Azure",
147+
"GCP"
148+
]
149+
},
150+
"minItems": 1
151+
},
152+
"secretS3": {
153+
"oneOf": [
154+
{
155+
"type": "null"
156+
},
157+
{
158+
"type": "object"
159+
}
160+
],
161+
"properties": {
162+
"endpoint": {
163+
"type": "string"
164+
},
165+
"region": {
166+
"type": "string"
167+
},
168+
"accessKeyID": {
169+
"type": "string"
170+
},
171+
"accessSecretKey": {
172+
"type": "string"
173+
}
174+
},
175+
"required": [
176+
"endpoint",
177+
"region",
178+
"accessKeyID",
179+
"accessSecretKey"
180+
]
181+
},
182+
"secretAzure": {
183+
"oneOf": [
184+
{
185+
"type": "null"
186+
},
187+
{
188+
"type": "object"
189+
}
190+
],
191+
"properties": {
192+
"accessToken": {
193+
"type": "string"
194+
},
195+
"expiryTimeStamp": {
196+
"type": "string"
197+
}
198+
},
199+
"required": [
200+
"accessToken",
201+
"expiryTimeStamp"
202+
]
203+
}
204+
},
205+
"required": [
206+
"bucketName",
207+
"authenticationType",
208+
"protocols",
209+
"secretAzure",
210+
"secretS3"
211+
]
212+
}
213+
},
214+
"required": [
215+
"spec"
216+
]
217+
}
218+
validator.sh: |
219+
#!/usr/bin/env sh
220+
set -e
221+
pip install check-jsonschema
222+
check-jsonschema --schemafile /validation/schema.json /conf/BucketInfo.json
223+
- create:
224+
resource:
225+
apiVersion: batch/v1
226+
kind: Job
227+
metadata:
228+
name: ($namespace)
229+
spec:
230+
ttlSecondsAfterFinished: 100
231+
template:
232+
spec:
233+
restartPolicy: Never
234+
containers:
235+
- name: secret-test
236+
image: docker.io/library/python:3.12
237+
command: [ "sh", "/validation/validator.sh" ]
238+
env:
239+
- name: PIP_ROOT_USER_ACTION
240+
value: ignore
241+
volumeMounts:
242+
- mountPath: /validation
243+
name: validation
244+
- mountPath: /conf
245+
name: secret-vol
246+
volumes:
247+
- name: validation
248+
configMap:
249+
name: validation
250+
- name: secret-vol
251+
secret:
252+
secretName: ($namespace)
253+
items:
254+
- key: BucketInfo
255+
path: BucketInfo.json
256+
- name: Check if ObjectStorage validation tool completed succesfully
257+
try:
258+
- assert:
259+
resource:
260+
apiVersion: batch/v1
261+
kind: Job
262+
metadata:
263+
name: ($namespace)
264+
status:
265+
succeeded: 1

test/e2e/values.yaml

+11
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
driverName: sample-driver.objectstorage.k8s.io
2+
deletionPolicy: "Delete" # "Retain"
3+
bucketClassParams:
4+
foo: bar
5+
baz: cux
6+
bucketAccessClassParams:
7+
foo: bar
8+
baz: cux
9+
authenticationType: "Key" # "IAM"
10+
bucketClaimProtocols: ["S3", "Azure"]
11+
bucketAccessProtocol: "S3"

0 commit comments

Comments
 (0)