suite: pod secret volume test templates: - common.yaml tests: - it: should pass with secret volume set: some_object: some-object-name some_mode: "0777" workload: workload-name1: enabled: true primary: true type: Deployment podSpec: {} persistence: secret-vol: enabled: true type: secret objectName: "{{ .Values.some_object }}" defaultMode: "{{ .Values.some_mode }}" asserts: - documentIndex: &deploymentDoc 0 isKind: of: Deployment - documentIndex: *deploymentDoc contains: path: spec.template.spec.volumes content: name: secret-vol secret: secretName: release-name-common-test-some-object-name defaultMode: 0777 - it: should pass with secret volume with items set: some_object: some-object-name some_mode: "0777" some_key: some-key some_path: some-path workload: workload-name1: enabled: true primary: true type: Deployment podSpec: {} persistence: secret-vol: enabled: true type: secret objectName: "{{ .Values.some_object }}" defaultMode: "{{ .Values.some_mode }}" items: - key: "{{ .Values.some_key }}" path: "{{ .Values.some_path }}" - key: some-other-key path: some-other-path asserts: - documentIndex: *deploymentDoc isKind: of: Deployment - documentIndex: *deploymentDoc contains: path: spec.template.spec.volumes content: name: secret-vol secret: secretName: release-name-common-test-some-object-name defaultMode: 0777 items: - key: some-key path: some-path - key: some-other-key path: some-other-path - it: should pass with secret volume without expanding object name set: some_object: some-object-name workload: workload-name1: enabled: true primary: true type: Deployment podSpec: {} persistence: secret-vol: enabled: true type: secret objectName: "{{ .Values.some_object }}" expandObjectName: false asserts: - documentIndex: *deploymentDoc isKind: of: Deployment - documentIndex: *deploymentDoc contains: path: spec.template.spec.volumes content: name: secret-vol secret: secretName: some-object-name # Failures - it: should fail without objectName in secret set: workload: some-workload: enabled: true primary: true type: Deployment podSpec: {} persistence: volume1: enabled: true type: secret objectName: "" asserts: - failedTemplate: errorMessage: Persistence - Expected non-empty on type - it: should fail with empty objectName in secret set: workload: some-workload: enabled: true primary: true type: Deployment podSpec: {} persistence: volume1: enabled: true type: secret objectName: "" asserts: - failedTemplate: errorMessage: Persistence - Expected non-empty on type - it: should fail with defaultMode not a string in secret set: workload: some-workload: enabled: true primary: true type: Deployment podSpec: {} persistence: volume1: enabled: true type: secret objectName: some-object-name defaultMode: 1234 asserts: - failedTemplate: errorMessage: Persistence - Expected to be [string], but got [float64] - it: should fail with defaultMode not in format of "0000"-"0777" in secret set: workload: some-workload: enabled: true primary: true type: Deployment podSpec: {} persistence: volume1: enabled: true type: secret objectName: some-object-name defaultMode: "123" asserts: - failedTemplate: errorMessage: Persistence - Expected to have be in format of ["0777"], but got ["123"] - it: should fail without key in items in secret set: workload: some-workload: enabled: true primary: true type: Deployment podSpec: {} persistence: volume1: enabled: true type: secret objectName: some-object-name items: - key: "" path: some-path asserts: - failedTemplate: errorMessage: Persistence - Expected non-empty - it: should fail without path in items in secret set: workload: some-workload: enabled: true primary: true type: Deployment podSpec: {} persistence: volume1: enabled: true type: secret objectName: some-object-name items: - key: some-key path: "" asserts: - failedTemplate: errorMessage: Persistence - Expected non-empty