init
This commit is contained in:
behrooz razzaghi
114
vcluster-0.21.1/tests/platform-secret-role_test.yaml
Normal file
114
vcluster-0.21.1/tests/platform-secret-role_test.yaml
Normal file
@@ -0,0 +1,114 @@
|
||||
suite: Platform Secret Role
|
||||
templates:
|
||||
- platform-rbac.yaml
|
||||
|
||||
tests:
|
||||
- it: check explicitly disabled
|
||||
set:
|
||||
external:
|
||||
platform:
|
||||
apiKey:
|
||||
namespace: "some-other-namespace"
|
||||
createRBAC: false
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
|
||||
- it: check disabled on empty namespace
|
||||
set:
|
||||
external:
|
||||
platform:
|
||||
apiKey:
|
||||
namespace: ""
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
|
||||
- it: check disabled on implicit same namespace
|
||||
set:
|
||||
external:
|
||||
platform:
|
||||
apiKey:
|
||||
secretName: "some-other-secret"
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
|
||||
- it: automatically create role for specific secret for reading & patching
|
||||
set:
|
||||
external:
|
||||
platform:
|
||||
apiKey:
|
||||
secretName: "my-secret-name"
|
||||
namespace: "some-other-namespace"
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 2
|
||||
- documentIndex: 0
|
||||
lengthEqual:
|
||||
path: rules
|
||||
count: 1
|
||||
- documentIndex: 0
|
||||
equal:
|
||||
path: metadata.name
|
||||
value: "vc-RELEASE-NAME-v-NAMESPACE-platform-role"
|
||||
- documentIndex: 1
|
||||
equal:
|
||||
path: metadata.name
|
||||
value: "vc-RELEASE-NAME-v-NAMESPACE-platform-role-binding"
|
||||
- documentIndex: 0
|
||||
contains:
|
||||
path: rules
|
||||
count: 1
|
||||
content:
|
||||
apiGroups: [""]
|
||||
resources: ["secrets"]
|
||||
verbs: ["get"]
|
||||
resourceNames: ["my-secret-name"]
|
||||
- documentIndex: 1
|
||||
contains:
|
||||
path: subjects
|
||||
count: 1
|
||||
content:
|
||||
kind: ServiceAccount
|
||||
name: vc-RELEASE-NAME
|
||||
namespace: some-other-namespace
|
||||
|
||||
- it: automatically create role for default secret for reading & patching
|
||||
set:
|
||||
external:
|
||||
platform:
|
||||
apiKey:
|
||||
namespace: "some-other-namespace"
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 2
|
||||
- documentIndex: 0
|
||||
lengthEqual:
|
||||
path: rules
|
||||
count: 1
|
||||
- documentIndex: 0
|
||||
equal:
|
||||
path: metadata.name
|
||||
value: "vc-RELEASE-NAME-v-NAMESPACE-platform-role"
|
||||
- documentIndex: 1
|
||||
equal:
|
||||
path: metadata.name
|
||||
value: "vc-RELEASE-NAME-v-NAMESPACE-platform-role-binding"
|
||||
- documentIndex: 0
|
||||
contains:
|
||||
path: rules
|
||||
count: 1
|
||||
content:
|
||||
apiGroups: [""]
|
||||
resources: ["secrets"]
|
||||
verbs: ["get"]
|
||||
resourceNames: ["vcluster-platform-api-key"]
|
||||
- documentIndex: 1
|
||||
contains:
|
||||
path: subjects
|
||||
count: 1
|
||||
content:
|
||||
kind: ServiceAccount
|
||||
name: vc-RELEASE-NAME
|
||||
namespace: some-other-namespace
|
||||
Reference in New Issue
Block a user