mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-07-31 19:18:40 -04:00
Add helm unittests (#380)
This commit is contained in:
parent
3933a97567
commit
30bdbd9b85
68 changed files with 1217 additions and 105 deletions
|
@ -0,0 +1,12 @@
|
|||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: system:cloud-controller-manager
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: cluster-admin
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: cloud-controller-manager
|
||||
namespace: testNamespace
|
|
@ -0,0 +1,5 @@
|
|||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: cloud-controller-manager
|
||||
namespace: testNamespace
|
|
@ -0,0 +1,24 @@
|
|||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: join-service
|
||||
name: join-service
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- secrets
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- create
|
||||
- update
|
||||
- apiGroups:
|
||||
- rbac.authorization.k8s.io
|
||||
resources:
|
||||
- roles
|
||||
- rolebindings
|
||||
verbs:
|
||||
- create
|
||||
- update
|
|
@ -0,0 +1,12 @@
|
|||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: join-service
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: join-service
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: join-service
|
||||
namespace: testNamespace
|
|
@ -0,0 +1,10 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: join-config
|
||||
namespace: kube-system
|
||||
data:
|
||||
enforcedPCRs: "[1,11]"
|
||||
measurements: "{'1':'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA','15':'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA='}"
|
||||
binaryData:
|
||||
measurementSalt: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
|
|
@ -0,0 +1,69 @@
|
|||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: join-service
|
||||
namespace: testNamespace
|
||||
labels:
|
||||
component: join-service
|
||||
k8s-app: join-service
|
||||
kubernetes.io/cluster-service: "true"
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
k8s-app: join-service
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: join-service
|
||||
spec:
|
||||
priorityClassName: system-cluster-critical
|
||||
serviceAccountName: join-service
|
||||
tolerations:
|
||||
- key: CriticalAddonsOnly
|
||||
operator: Exists
|
||||
- effect: NoSchedule
|
||||
key: node-role.kubernetes.io/master
|
||||
operator: Equal
|
||||
value: "true"
|
||||
- effect: NoSchedule
|
||||
key: node-role.kubernetes.io/control-plane
|
||||
operator: Exists
|
||||
- effect: NoExecute
|
||||
operator: Exists
|
||||
- effect: NoSchedule
|
||||
operator: Exists
|
||||
nodeSelector:
|
||||
node-role.kubernetes.io/control-plane: ""
|
||||
containers:
|
||||
- name: join-service
|
||||
image: joinServiceImage
|
||||
args:
|
||||
- --cloud-provider=QEMU
|
||||
- --kms-endpoint=kms.kube-system:9000
|
||||
volumeMounts:
|
||||
- mountPath: /var/config
|
||||
name: config
|
||||
readOnly: true
|
||||
- mountPath: /etc/kubernetes
|
||||
name: kubeadm
|
||||
readOnly: true
|
||||
ports:
|
||||
- containerPort: 9090
|
||||
name: tcp
|
||||
resources: {}
|
||||
securityContext:
|
||||
privileged: true
|
||||
volumes:
|
||||
- name: config
|
||||
projected:
|
||||
sources:
|
||||
- configMap:
|
||||
name: join-config
|
||||
- configMap:
|
||||
name: k8s-version
|
||||
- configMap:
|
||||
name: internal-config
|
||||
- name: kubeadm
|
||||
hostPath:
|
||||
path: /etc/kubernetes
|
||||
updateStrategy: {}
|
|
@ -0,0 +1,17 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: join-service
|
||||
namespace: testNamespace
|
||||
spec:
|
||||
type: NodePort
|
||||
selector:
|
||||
k8s-app: join-service
|
||||
ports:
|
||||
- name: grpc
|
||||
protocol: TCP
|
||||
port: 9090
|
||||
targetPort: 9090
|
||||
nodePort: 30090
|
||||
status:
|
||||
loadBalancer: {}
|
|
@ -0,0 +1,5 @@
|
|||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: join-service
|
||||
namespace: testNamespace
|
13
cli/internal/helm/testdata/QEMU/constellation-services/charts/kms/templates/clusterrole.yaml
vendored
Normal file
13
cli/internal/helm/testdata/QEMU/constellation-services/charts/kms/templates/clusterrole.yaml
vendored
Normal file
|
@ -0,0 +1,13 @@
|
|||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: kms
|
||||
name: kms
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- secrets
|
||||
verbs:
|
||||
- get
|
|
@ -0,0 +1,12 @@
|
|||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: kms
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: kms
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: kms
|
||||
namespace: testNamespace
|
63
cli/internal/helm/testdata/QEMU/constellation-services/charts/kms/templates/daemonset.yaml
vendored
Normal file
63
cli/internal/helm/testdata/QEMU/constellation-services/charts/kms/templates/daemonset.yaml
vendored
Normal file
|
@ -0,0 +1,63 @@
|
|||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
labels:
|
||||
component: kms
|
||||
k8s-app: kms
|
||||
kubernetes.io/cluster-service: "true"
|
||||
name: kms
|
||||
namespace: testNamespace
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
k8s-app: kms
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: kms
|
||||
spec:
|
||||
containers:
|
||||
- name: kms
|
||||
image: kmsImage
|
||||
args:
|
||||
- --port=9000
|
||||
volumeMounts:
|
||||
- mountPath: /var/config
|
||||
name: config
|
||||
readOnly: true
|
||||
resources: {}
|
||||
nodeSelector:
|
||||
node-role.kubernetes.io/control-plane: ""
|
||||
priorityClassName: system-cluster-critical
|
||||
serviceAccountName: kms
|
||||
tolerations:
|
||||
- key: CriticalAddonsOnly
|
||||
operator: Exists
|
||||
- effect: NoSchedule
|
||||
key: node-role.kubernetes.io/master
|
||||
operator: Equal
|
||||
value: "true"
|
||||
- effect: NoSchedule
|
||||
key: node-role.kubernetes.io/control-plane
|
||||
operator: Exists
|
||||
- effect: NoExecute
|
||||
operator: Exists
|
||||
- effect: NoSchedule
|
||||
operator: Exists
|
||||
volumes:
|
||||
- name: config
|
||||
projected:
|
||||
sources:
|
||||
- configMap:
|
||||
items:
|
||||
- key: measurements
|
||||
path: measurements
|
||||
name: join-config
|
||||
- secret:
|
||||
items:
|
||||
- key: mastersecret
|
||||
path: mastersecret
|
||||
- key: salt
|
||||
path: salt
|
||||
name: constellation-mastersecret
|
||||
updateStrategy: {}
|
|
@ -0,0 +1,9 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
type: Opaque
|
||||
metadata:
|
||||
name: constellation-mastersecret
|
||||
namespace: testNamespace
|
||||
data:
|
||||
mastersecret: YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWE=
|
||||
salt: YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWE=
|
16
cli/internal/helm/testdata/QEMU/constellation-services/charts/kms/templates/service.yaml
vendored
Normal file
16
cli/internal/helm/testdata/QEMU/constellation-services/charts/kms/templates/service.yaml
vendored
Normal file
|
@ -0,0 +1,16 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: kms
|
||||
namespace: testNamespace
|
||||
spec:
|
||||
ports:
|
||||
- name: grpc
|
||||
port: 9000
|
||||
protocol: TCP
|
||||
targetPort: 9000
|
||||
selector:
|
||||
k8s-app: kms
|
||||
type: ClusterIP
|
||||
status:
|
||||
loadBalancer: {}
|
|
@ -0,0 +1,5 @@
|
|||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: kms
|
||||
namespace: testNamespace
|
0
cli/internal/helm/testdata/QEMU/constellation-services/templates/.gitkeep
vendored
Normal file
0
cli/internal/helm/testdata/QEMU/constellation-services/templates/.gitkeep
vendored
Normal file
Loading…
Add table
Add a link
Reference in a new issue