suite: secret checksum in deployment
# Can't use global templates in this test suite as it will break the checksum calculation
# causing false negative test outcome.
# templates:
#   - deployment.yaml
tests:
  - it: has no checksum/secret if no config
    template: deployment.yaml
    asserts:
      - isNull:
          path: spec.template.metadata.annotations.checksum/secret
  - it: generate checksum/secret if config is present
    template: deployment.yaml
    set:
      mountSecret: true
      secretFiles:
        htpasswd: |-
          admin:$2y$05$vmiurPmJvHylk78HHFWuruFFVePlit9rZWGA/FbZfTEmNRneGJtha
          user:$2y$05$L86zqQDfH5y445dcMlwu6uHv.oXFgT6AiJCwpv3ehr7idc0rI3S2G
    asserts:
      - isNotNull:
          path: spec.template.metadata.annotations.checksum/secret
      - matchRegex:
          path: spec.template.metadata.annotations.checksum/secret
          pattern: "^[a-f0-9]{64}$" # SHA256 hex output