Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit6efc65f

Browse files
committed
Fix helm test generation
1 parent5523485 commit6efc65f

File tree

7 files changed

+266
-14
lines changed

7 files changed

+266
-14
lines changed

‎helm/coder/.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
charts/

‎helm/coder/charts/libcoder-0.1.0.tgz

-2.93 KB
Binary file not shown.

‎helm/coder/tests/chart_test.go

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,10 @@ var testCases = []testCase{
8484
name:"prometheus",
8585
expectedError:"",
8686
},
87+
{
88+
name:"sa_extra_rules",
89+
expectedError:"",
90+
},
8791
}
8892

8993
typetestCasestruct {
@@ -113,6 +117,9 @@ func TestRenderChart(t *testing.T) {
113117

114118
// Ensure that Helm is available in $PATH
115119
helmPath:=lookupHelm(t)
120+
err:=updateHelmDependencies(t,helmPath,"..")
121+
require.NoError(t,err,"failed to build Helm dependencies")
122+
116123
for_,tc:=rangetestCases {
117124
tc:=tc
118125
t.Run(tc.name,func(t*testing.T) {
@@ -154,6 +161,9 @@ func TestUpdateGoldenFiles(t *testing.T) {
154161
}
155162

156163
helmPath:=lookupHelm(t)
164+
err:=updateHelmDependencies(t,helmPath,"..")
165+
require.NoError(t,err,"failed to build Helm dependencies")
166+
157167
for_,tc:=rangetestCases {
158168
iftc.expectedError!="" {
159169
t.Logf("skipping test case %q with render error",tc.name)
@@ -175,6 +185,26 @@ func TestUpdateGoldenFiles(t *testing.T) {
175185
t.Log("Golden files updated. Please review the changes and commit them.")
176186
}
177187

188+
// updateHelmDependencies runs `helm dependency update .` on the given chartDir.
189+
funcupdateHelmDependencies(t testing.TB,helmPath,chartDirstring)error {
190+
// Remove charts/ from chartDir if it exists.
191+
err:=os.RemoveAll(filepath.Join(chartDir,"charts"))
192+
iferr!=nil {
193+
returnxerrors.Errorf("failed to remove charts/ directory: %w",err)
194+
}
195+
196+
// Regenerate the chart dependencies.
197+
cmd:=exec.Command(helmPath,"dependency","update",".")
198+
cmd.Dir=chartDir
199+
t.Logf("exec command: %v",cmd.Args)
200+
out,err:=cmd.CombinedOutput()
201+
iferr!=nil {
202+
returnxerrors.Errorf("failed to run `helm dependency build`: %w\noutput: %s",err,out)
203+
}
204+
205+
returnnil
206+
}
207+
178208
// runHelmTemplate runs helm template on the given chart with the given values and
179209
// returns the raw output.
180210
funcrunHelmTemplate(t testing.TB,helmPath,chartDir,valuesFilePathstring) (string,error) {
Lines changed: 204 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,204 @@
1+
---
2+
# Source: coder/templates/coder.yaml
3+
apiVersion: v1
4+
kind: ServiceAccount
5+
metadata:
6+
annotations: {}
7+
labels:
8+
app.kubernetes.io/instance: release-name
9+
app.kubernetes.io/managed-by: Helm
10+
app.kubernetes.io/name: coder
11+
app.kubernetes.io/part-of: coder
12+
app.kubernetes.io/version: 0.1.0
13+
helm.sh/chart: coder-0.1.0
14+
name: coder
15+
---
16+
# Source: coder/templates/rbac.yaml
17+
apiVersion: rbac.authorization.k8s.io/v1
18+
kind: Role
19+
metadata:
20+
name: coder-workspace-perms
21+
rules:
22+
- apiGroups: [""]
23+
resources: ["pods"]
24+
verbs:
25+
- create
26+
- delete
27+
- deletecollection
28+
- get
29+
- list
30+
- patch
31+
- update
32+
- watch
33+
- apiGroups: [""]
34+
resources: ["persistentvolumeclaims"]
35+
verbs:
36+
- create
37+
- delete
38+
- deletecollection
39+
- get
40+
- list
41+
- patch
42+
- update
43+
- watch
44+
- apiGroups:
45+
- apps
46+
resources:
47+
- deployments
48+
verbs:
49+
- create
50+
- delete
51+
- deletecollection
52+
- get
53+
- list
54+
- patch
55+
- update
56+
- watch
57+
58+
- apiGroups:
59+
- ""
60+
resources:
61+
- services
62+
verbs:
63+
- create
64+
- delete
65+
- deletecollection
66+
- get
67+
- list
68+
- patch
69+
- update
70+
- watch
71+
---
72+
# Source: coder/templates/rbac.yaml
73+
apiVersion: rbac.authorization.k8s.io/v1
74+
kind: RoleBinding
75+
metadata:
76+
name: "coder"
77+
subjects:
78+
- kind: ServiceAccount
79+
name: "coder"
80+
roleRef:
81+
apiGroup: rbac.authorization.k8s.io
82+
kind: Role
83+
name: coder-workspace-perms
84+
---
85+
# Source: coder/templates/service.yaml
86+
apiVersion: v1
87+
kind: Service
88+
metadata:
89+
name: coder
90+
labels:
91+
helm.sh/chart: coder-0.1.0
92+
app.kubernetes.io/name: coder
93+
app.kubernetes.io/instance: release-name
94+
app.kubernetes.io/part-of: coder
95+
app.kubernetes.io/version: "0.1.0"
96+
app.kubernetes.io/managed-by: Helm
97+
annotations:
98+
{}
99+
spec:
100+
type: LoadBalancer
101+
sessionAffinity: None
102+
ports:
103+
- name: "http"
104+
port: 80
105+
targetPort: "http"
106+
protocol: TCP
107+
108+
externalTrafficPolicy: "Cluster"
109+
selector:
110+
app.kubernetes.io/name: coder
111+
app.kubernetes.io/instance: release-name
112+
---
113+
# Source: coder/templates/coder.yaml
114+
apiVersion: apps/v1
115+
kind: Deployment
116+
metadata:
117+
annotations: {}
118+
labels:
119+
app.kubernetes.io/instance: release-name
120+
app.kubernetes.io/managed-by: Helm
121+
app.kubernetes.io/name: coder
122+
app.kubernetes.io/part-of: coder
123+
app.kubernetes.io/version: 0.1.0
124+
helm.sh/chart: coder-0.1.0
125+
name: coder
126+
spec:
127+
replicas: 1
128+
selector:
129+
matchLabels:
130+
app.kubernetes.io/instance: release-name
131+
app.kubernetes.io/name: coder
132+
template:
133+
metadata:
134+
annotations: {}
135+
labels:
136+
app.kubernetes.io/instance: release-name
137+
app.kubernetes.io/managed-by: Helm
138+
app.kubernetes.io/name: coder
139+
app.kubernetes.io/part-of: coder
140+
app.kubernetes.io/version: 0.1.0
141+
helm.sh/chart: coder-0.1.0
142+
spec:
143+
affinity:
144+
podAntiAffinity:
145+
preferredDuringSchedulingIgnoredDuringExecution:
146+
- podAffinityTerm:
147+
labelSelector:
148+
matchExpressions:
149+
- key: app.kubernetes.io/instance
150+
operator: In
151+
values:
152+
- coder
153+
topologyKey: kubernetes.io/hostname
154+
weight: 1
155+
containers:
156+
- args:
157+
- server
158+
command:
159+
- /opt/coder
160+
env:
161+
- name: CODER_HTTP_ADDRESS
162+
value: 0.0.0.0:8080
163+
- name: CODER_PROMETHEUS_ADDRESS
164+
value: 0.0.0.0:2112
165+
- name: CODER_ACCESS_URL
166+
value: http://coder.default.svc.cluster.local
167+
- name: KUBE_POD_IP
168+
valueFrom:
169+
fieldRef:
170+
fieldPath: status.podIP
171+
- name: CODER_DERP_SERVER_RELAY_URL
172+
value: http://$(KUBE_POD_IP):8080
173+
image: ghcr.io/coder/coder:latest
174+
imagePullPolicy: IfNotPresent
175+
lifecycle: {}
176+
livenessProbe:
177+
httpGet:
178+
path: /healthz
179+
port: http
180+
scheme: HTTP
181+
name: coder
182+
ports:
183+
- containerPort: 8080
184+
name: http
185+
protocol: TCP
186+
readinessProbe:
187+
httpGet:
188+
path: /healthz
189+
port: http
190+
scheme: HTTP
191+
resources: {}
192+
securityContext:
193+
allowPrivilegeEscalation: false
194+
readOnlyRootFilesystem: null
195+
runAsGroup: 1000
196+
runAsNonRoot: true
197+
runAsUser: 1000
198+
seccompProfile:
199+
type: RuntimeDefault
200+
volumeMounts: []
201+
restartPolicy: Always
202+
serviceAccountName: coder
203+
terminationGracePeriodSeconds: 60
204+
volumes: []
Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
coder:
2+
image:
3+
tag:latest
4+
5+
serviceAccount:
6+
extraRules:
7+
-apiGroups:[""]
8+
resources:["services"]
9+
verbs:
10+
-create
11+
-delete
12+
-deletecollection
13+
-get
14+
-list
15+
-patch
16+
-update
17+
-watch

‎helm/coder/values.yaml

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -91,23 +91,23 @@ coder:
9191
# It is recommended to keep this on if you are using Kubernetes templates
9292
# within Coder.
9393
workspacePerms:true
94-
# coder.serviceAccount.enableDeployments -- Provides the service account permission
95-
# to manage Kubernetes deployments.
94+
# coder.serviceAccount.enableDeployments -- Provides the service account
95+
#permissionto manage Kubernetes deployments. Depends on workspacePerms.
9696
enableDeployments:true
97-
# coder.serviceAccount.extraResources --A list of service account permission
98-
#to be menaged inside the workspace.
99-
extraResources:[]
97+
# coder.serviceAccount.extraRules --Additional permissions added to the SA
98+
#role. Depends on workspacePerms.
99+
extraRules:[]
100100
# - apiGroups: [""]
101101
# resources: ["services"]
102102
# verbs:
103-
# - create
104-
# - delete
105-
# - deletecollection
106-
# - get
107-
# - list
108-
# - patch
109-
# - update
110-
# - watch
103+
#- create
104+
#- delete
105+
#- deletecollection
106+
#- get
107+
#- list
108+
#- patch
109+
#- update
110+
#- watch
111111

112112
# coder.serviceAccount.annotations -- The Coder service account annotations.
113113
annotations:{}

‎helm/libcoder/templates/_rbac.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,7 @@ rules:
4343
-update
4444
-watch
4545
{{- end }}
46-
{{- with .Values.coder.serviceAccount.extraResources }}
46+
{{- with .Values.coder.serviceAccount.extraRules }}
4747
{{ toYaml . | nindent 2 }}
4848
{{- end }}
4949
---

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp