mirror of
https://github.com/bvanroll/cicdTest.git
synced 2025-08-30 12:32:45 +00:00
77 lines
2.4 KiB
Bash
77 lines
2.4 KiB
Bash
#!/usr/bin/env bats
|
|
|
|
load _helpers
|
|
|
|
@test "meshGateway/ClusterRole: disabled by default" {
|
|
cd `chart_dir`
|
|
local actual=$(helm template \
|
|
-x templates/mesh-gateway-clusterrole.yaml \
|
|
. | tee /dev/stderr |
|
|
yq 'length > 0' | tee /dev/stderr)
|
|
[ "${actual}" = "false" ]
|
|
}
|
|
|
|
@test "meshGateway/ClusterRole: enabled with meshGateway, connectInject and client.grpc enabled" {
|
|
cd `chart_dir`
|
|
local actual=$(helm template \
|
|
-x templates/mesh-gateway-clusterrole.yaml \
|
|
--set 'meshGateway.enabled=true' \
|
|
--set 'connectInject.enabled=true' \
|
|
--set 'client.grpc=true' \
|
|
. | tee /dev/stderr |
|
|
yq 'length > 0' | tee /dev/stderr)
|
|
[ "${actual}" = "true" ]
|
|
}
|
|
|
|
@test "meshGateway/ClusterRole: rules for PodSecurityPolicy" {
|
|
cd `chart_dir`
|
|
local actual=$(helm template \
|
|
-x templates/mesh-gateway-clusterrole.yaml \
|
|
--set 'meshGateway.enabled=true' \
|
|
--set 'connectInject.enabled=true' \
|
|
--set 'client.grpc=true' \
|
|
--set 'global.enablePodSecurityPolicies=true' \
|
|
. | tee /dev/stderr |
|
|
yq -r '.rules[0].resources[0]' | tee /dev/stderr)
|
|
[ "${actual}" = "podsecuritypolicies" ]
|
|
}
|
|
|
|
@test "meshGateway/ClusterRole: rules for global.bootstrapACLs=true" {
|
|
cd `chart_dir`
|
|
local actual=$(helm template \
|
|
-x templates/mesh-gateway-clusterrole.yaml \
|
|
--set 'meshGateway.enabled=true' \
|
|
--set 'connectInject.enabled=true' \
|
|
--set 'client.grpc=true' \
|
|
--set 'global.bootstrapACLs=true' \
|
|
. | tee /dev/stderr |
|
|
yq -r '.rules[0].resources[0]' | tee /dev/stderr)
|
|
[ "${actual}" = "secrets" ]
|
|
}
|
|
|
|
@test "meshGateway/ClusterRole: rules is empty if no ACLs or PSPs" {
|
|
cd `chart_dir`
|
|
local actual=$(helm template \
|
|
-x templates/mesh-gateway-clusterrole.yaml \
|
|
--set 'meshGateway.enabled=true' \
|
|
--set 'connectInject.enabled=true' \
|
|
--set 'client.grpc=true' \
|
|
. | tee /dev/stderr |
|
|
yq -r '.rules' | tee /dev/stderr)
|
|
[ "${actual}" = "[]" ]
|
|
}
|
|
|
|
@test "meshGateway/ClusterRole: rules for both ACLs and PSPs" {
|
|
cd `chart_dir`
|
|
local actual=$(helm template \
|
|
-x templates/mesh-gateway-clusterrole.yaml \
|
|
--set 'meshGateway.enabled=true' \
|
|
--set 'connectInject.enabled=true' \
|
|
--set 'client.grpc=true' \
|
|
--set 'global.bootstrapACLs=true' \
|
|
--set 'global.enablePodSecurityPolicies=true' \
|
|
. | tee /dev/stderr |
|
|
yq -r '.rules | length' | tee /dev/stderr)
|
|
[ "${actual}" = "2" ]
|
|
}
|