gitea_admin/application
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add helm charts

Browse Source
This commit is contained in:
Ybehrooz
2025-11-09 13:22:40 +03:30
parent 282c3e52d0
commit 38e4d749ad
1352 changed files with 190457 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

349
backing-services/vcluster/tests/role_test.yaml Normal file
View File

@@ -0,0 +1,349 @@
suite: Role
templates:
- role.yaml
tests:
- it: check disabled
set:
rbac:
role:
enabled: false
asserts:
- hasDocuments:
count: 0
- it: check overwrite rules
set:
rbac:
role:
overwriteRules:
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["create"]
asserts:
- hasDocuments:
count: 1
- lengthEqual:
path: rules
count: 1
- contains:
path: rules
count: 1
content:
apiGroups: [""]
resources: ["configmaps"]
verbs: ["create"]
- it: check plugin extra rules
set:
plugin:
test123:
rbac:
role:
extraRules:
- apiGroups: [""]
resources: ["test123"]
verbs: ["test123"]
plugins:
test:
rbac:
role:
extraRules:
- apiGroups: [""]
resources: ["test"]
verbs: ["test"]
asserts:
- hasDocuments:
count: 1
- lengthEqual:
path: rules
count: 7
- contains:
path: rules
count: 1
content:
apiGroups: [""]
resources: ["test123"]
verbs: ["test123"]
- contains:
path: rules
count: 1
content:
apiGroups: [""]
resources: ["test"]
verbs: ["test"]
- it: check generic sync
set:
experimental:
genericSync:
role:
extraRules:
- apiGroups: [""]
resources: ["test"]
verbs: ["test"]
asserts:
- hasDocuments:
count: 1
- lengthEqual:
path: rules
count: 6
- contains:
path: rules
count: 1
content:
apiGroups: [""]
resources: ["test"]
verbs: ["test"]
- it: check extra rules
set:
rbac:
role:
extraRules:
- apiGroups: [""]
resources: ["test"]
verbs: ["test"]
asserts:
- hasDocuments:
count: 1
- lengthEqual:
path: rules
count: 6
- contains:
path: rules
count: 1
content:
apiGroups: [""]
resources: ["test"]
verbs: ["test"]
- it: check defaults
release:
name: my-release
namespace: my-namespace
asserts:
- hasDocuments:
count: 1
- equal:
path: kind
value: Role
- equal:
path: metadata.name
value: vc-my-release
- equal:
path: metadata.namespace
value: my-namespace
- it: multi-namespace mode
set:
experimental:
multiNamespaceMode:
enabled: true
release:
name: my-release
namespace: my-namespace
asserts:
- hasDocuments:
count: 1
- equal:
path: kind
value: ClusterRole
- equal:
path: metadata.name
value: vc-mn-my-release-v-my-namespace
- it: metrics proxy
set:
integrations:
metricsServer:
enabled: true
pods: true
release:
name: my-release
namespace: my-namespace
asserts:
- hasDocuments:
count: 1
- equal:
path: kind
value: Role
- contains:
path: rules
content:
apiGroups: ["metrics.k8s.io"]
resources: ["pods"]
verbs: ["get", "list"]
- it: external secret test
set:
integrations:
externalSecrets:
enabled: true
sync:
externalSecrets:
enabled: true
release:
name: my-release
namespace: my-namespace
asserts:
- hasDocuments:
count: 1
- equal:
path: kind
value: Role
- contains:
path: rules
content:
apiGroups: ["external-secrets.io"]
resources: ["externalsecrets"]
verbs:
["create", "delete", "patch", "update", "get", "list", "watch"]
- it: external secret test store sync
set:
integrations:
externalSecrets:
enabled: true
sync:
externalSecrets:
enabled: true
stores:
enabled: true
release:
name: my-release
namespace: my-namespace
asserts:
- hasDocuments:
count: 1
- equal:
path: kind
value: Role
- contains:
path: rules
content:
apiGroups: ["external-secrets.io"]
resources: ["secretstores"]
verbs:
["create", "delete", "patch", "update", "get", "list", "watch"]
- it: kubeVirt test
set:
integrations:
kubeVirt:
enabled: true
release:
name: my-release
namespace: my-namespace
asserts:
- hasDocuments:
count: 1
- equal:
path: kind
value: Role
- contains:
path: rules
content:
apiGroups: ["kubevirt.io"]
resources:
[
"virtualmachines",
"virtualmachines/status",
"virtualmachineinstances",
"virtualmachineinstances/status",
"virtualmachineinstancemigrations",
"virtualmachineinstancemigrations/status",
]
verbs:
["create", "delete", "patch", "update", "get", "list", "watch"]
- contains:
path: rules
content:
apiGroups: ["cdi.kubevirt.io"]
resources: ["datavolumes", "datavolumes/status"]
verbs:
["create", "delete", "patch", "update", "get", "list", "watch"]
- contains:
path: rules
content:
apiGroups: ["clone.kubevirt.io"]
resources: ["virtualmachineclones", "virtualmachineclones/status"]
verbs:
["create", "delete", "patch", "update", "get", "list", "watch"]
- contains:
path: rules
content:
apiGroups: ["pool.kubevirt.io"]
resources: ["virtualmachinepools", "virtualmachinepools/status"]
verbs:
["create", "delete", "patch", "update", "get", "list", "watch"]
- it: crd sync
set:
sync:
toHost:
customResources:
test.my-group:
enabled: false
test.my-group-2:
enabled: true
tests.my-group-3.com:
enabled: true
release:
name: my-release
namespace: my-namespace
asserts:
- hasDocuments:
count: 1
- equal:
path: kind
value: Role
- lengthEqual:
path: rules
count: 7
- contains:
path: rules
content:
apiGroups: ["my-group-2"]
resources: ["test"]
verbs:
["create", "delete", "patch", "update", "get", "list", "watch"]
- contains:
path: rules
content:
apiGroups: ["my-group-3.com"]
resources: ["tests"]
verbs:
["create", "delete", "patch", "update", "get", "list", "watch"]
- it: patches
set:
sync:
toHost:
customResources:
test.my-group-2:
enabled: true
patches:
- path: "test"
expression: "test"
release:
name: my-release
namespace: my-namespace
asserts:
- notFailedTemplate: {}
- it: patches 2
set:
sync:
toHost:
customResources:
test.my-group-2:
enabled: true
patches:
- path: "test"
reference:
apiVersion: "v1"
kind: "Secret"
release:
name: my-release
namespace: my-namespace
asserts:
- notFailedTemplate: {}