From c0bd893713173192844a199c1d31945d8213c7d9 Mon Sep 17 00:00:00 2001 From: Antoine Arlaud Date: Wed, 27 Sep 2023 10:40:10 +0200 Subject: [PATCH] fix: ingress name updating avoiding single ns collision --- charts/snyk-broker/Chart.yaml | 2 +- .../snyk-broker/templates/broker_ingress.yaml | 5 +- ...broker_deployment_configmap_test.yaml.snap | 16 +- .../broker_deployment_ingress_test.yaml.snap | 155 ++++++++++++++++++ .../broker_deployment_test.yaml.snap | 24 +-- .../tests/broker_deployment_ingress_test.yaml | 16 ++ .../fixtures/default_values_with_ingress.yaml | 25 +++ 7 files changed, 220 insertions(+), 23 deletions(-) create mode 100644 charts/snyk-broker/tests/__snapshot__/broker_deployment_ingress_test.yaml.snap create mode 100644 charts/snyk-broker/tests/broker_deployment_ingress_test.yaml create mode 100644 charts/snyk-broker/tests/fixtures/default_values_with_ingress.yaml diff --git a/charts/snyk-broker/Chart.yaml b/charts/snyk-broker/Chart.yaml index 5dca41a..27926ac 100644 --- a/charts/snyk-broker/Chart.yaml +++ b/charts/snyk-broker/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 name: snyk-broker -version: 2.0.0 +version: 2.0.1 description: A Helm chart for Kubernetes type: application diff --git a/charts/snyk-broker/templates/broker_ingress.yaml b/charts/snyk-broker/templates/broker_ingress.yaml index ca5a267..35fdbc7 100644 --- a/charts/snyk-broker/templates/broker_ingress.yaml +++ b/charts/snyk-broker/templates/broker_ingress.yaml @@ -8,6 +8,7 @@ {{- $ingressPath := .Values.brokerIngress.path -}} {{- $ingressPathType := .Values.brokerIngress.pathType -}} {{- $extraPaths := .Values.brokerIngress.extraPaths -}} +{{- $releaseName := .Release.Name -}} apiVersion: {{ include "snyk-broker.ingress.apiVersion" . }} kind: Ingress metadata: @@ -48,11 +49,11 @@ spec: backend: {{- if $ingressApiIsStable }} service: - name: {{ $scmType }}-broker-service-{{ .Release.Name }} + name: {{ $scmType }}-broker-service-{{ $releaseName }} port: number: {{ $servicePort }} {{- else }} - serviceName: {{ $scmType }}-broker-service-{{ .Release.Name }} + serviceName: {{ $scmType }}-broker-service-{{ $releaseName }} servicePort: {{ $servicePort }} {{- end }} {{- end }} diff --git a/charts/snyk-broker/tests/__snapshot__/broker_deployment_configmap_test.yaml.snap b/charts/snyk-broker/tests/__snapshot__/broker_deployment_configmap_test.yaml.snap index f956339..9e11312 100644 --- a/charts/snyk-broker/tests/__snapshot__/broker_deployment_configmap_test.yaml.snap +++ b/charts/snyk-broker/tests/__snapshot__/broker_deployment_configmap_test.yaml.snap @@ -7,7 +7,7 @@ cacert: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: github-com-broker-RELEASE-NAME namespace: NAMESPACE spec: @@ -111,7 +111,7 @@ cacert: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: github-com-broker-service-RELEASE-NAME namespace: NAMESPACE spec: @@ -153,7 +153,7 @@ cacert: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: RELEASE-NAME-snyk-broker-cacert-configmap-RELEASE-NAME namespace: NAMESPACE 4: | @@ -172,7 +172,7 @@ cacert: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: snyk-broker-RELEASE-NAME namespace: NAMESPACE cacertfile: @@ -184,7 +184,7 @@ cacertfile: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: github-com-broker-RELEASE-NAME namespace: NAMESPACE spec: @@ -280,7 +280,7 @@ cacertfile: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: github-com-broker-service-RELEASE-NAME namespace: NAMESPACE spec: @@ -301,7 +301,7 @@ cacertfile: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: RELEASE-NAME-snyk-broker-cacert-configmap-RELEASE-NAME namespace: NAMESPACE 4: | @@ -320,6 +320,6 @@ cacertfile: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: snyk-broker-RELEASE-NAME namespace: NAMESPACE diff --git a/charts/snyk-broker/tests/__snapshot__/broker_deployment_ingress_test.yaml.snap b/charts/snyk-broker/tests/__snapshot__/broker_deployment_ingress_test.yaml.snap new file mode 100644 index 0000000..2830a42 --- /dev/null +++ b/charts/snyk-broker/tests/__snapshot__/broker_deployment_ingress_test.yaml.snap @@ -0,0 +1,155 @@ +ingress: + 1: | + apiVersion: apps/v1 + kind: Deployment + metadata: + labels: + app.kubernetes.io/instance: RELEASE-NAME + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: snyk-broker-RELEASE-NAME + helm.sh/chart: snyk-broker-2.0.1 + name: github-com-broker-RELEASE-NAME + namespace: NAMESPACE + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: RELEASE-NAME + app.kubernetes.io/name: snyk-broker-RELEASE-NAME + template: + metadata: + labels: + app.kubernetes.io/instance: RELEASE-NAME + app.kubernetes.io/name: snyk-broker-RELEASE-NAME + spec: + containers: + - env: + - name: BROKER_SERVER_URL + value: https://broker.test.snyk.io + - name: BROKER_HEALTHCHECK_PATH + value: /healthcheck + - name: BROKER_SYSTEMCHECK_PATH + value: /systemcheck + - name: BROKER_TOKEN + valueFrom: + secretKeyRef: + key: github-com-broker-token-key + name: github-com-broker-token-RELEASE-NAME + - name: GITHUB_TOKEN + valueFrom: + secretKeyRef: + key: github-com-token-key + name: github-com-token-RELEASE-NAME + - name: PORT + value: "8000" + - name: BROKER_CLIENT_URL + value: http://brokerclient + - name: LOG_LEVEL + value: info + - name: LOG_ENABLE_BODY + value: "false" + - name: ACCEPT_CODE + value: "true" + - name: ACCEPT_IAC + value: tf,yaml,yml,json,tpl + - name: BROKER_DISPATCHER_BASE_URL + value: https://api.test.snyk.io + image: snyk/broker:github-com + imagePullPolicy: Always + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthcheck + port: 8000 + initialDelaySeconds: 3 + periodSeconds: 10 + timeoutSeconds: 1 + name: github-com-broker-RELEASE-NAME + ports: + - containerPort: 8000 + name: http + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthcheck + port: 8000 + initialDelaySeconds: 3 + periodSeconds: 10 + timeoutSeconds: 1 + resources: + limits: + cpu: 1 + memory: 256Mi + requests: + cpu: 1 + memory: 256Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + volumeMounts: null + securityContext: {} + serviceAccountName: snyk-broker-RELEASE-NAME + volumes: null + 2: | + apiVersion: extensions/v1beta1 + kind: Ingress + metadata: + labels: + app.kubernetes.io/instance: RELEASE-NAME + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: snyk-broker-RELEASE-NAME + helm.sh/chart: snyk-broker-2.0.1 + name: RELEASE-NAME-snyk-broker-RELEASE-NAME + namespace: NAMESPACE + spec: + rules: + - host: + http: + paths: + - backend: + serviceName: github-com-broker-service-RELEASE-NAME + servicePort: 8000 + path: / + 3: | + apiVersion: v1 + kind: Service + metadata: + labels: + app.kubernetes.io/instance: RELEASE-NAME + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: snyk-broker-RELEASE-NAME + helm.sh/chart: snyk-broker-2.0.1 + name: github-com-broker-service-RELEASE-NAME + namespace: NAMESPACE + spec: + ports: + - port: 8000 + targetPort: 8000 + selector: + app.kubernetes.io/instance: RELEASE-NAME + app.kubernetes.io/name: snyk-broker-RELEASE-NAME + type: ClusterIP + 4: | + apiVersion: v1 + data: + github-com-broker-token-key: MTIz + kind: Secret + metadata: + name: github-com-broker-token-RELEASE-NAME + type: Opaque + 5: | + apiVersion: v1 + kind: ServiceAccount + metadata: + labels: + app.kubernetes.io/instance: RELEASE-NAME + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: snyk-broker-RELEASE-NAME + helm.sh/chart: snyk-broker-2.0.1 + name: snyk-broker-RELEASE-NAME + namespace: NAMESPACE diff --git a/charts/snyk-broker/tests/__snapshot__/broker_deployment_test.yaml.snap b/charts/snyk-broker/tests/__snapshot__/broker_deployment_test.yaml.snap index 8715034..37c52cc 100644 --- a/charts/snyk-broker/tests/__snapshot__/broker_deployment_test.yaml.snap +++ b/charts/snyk-broker/tests/__snapshot__/broker_deployment_test.yaml.snap @@ -7,7 +7,7 @@ HA mode on: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: github-com-broker-RELEASE-NAME namespace: NAMESPACE spec: @@ -105,7 +105,7 @@ HA mode on: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: github-com-broker-service-RELEASE-NAME namespace: NAMESPACE spec: @@ -132,7 +132,7 @@ HA mode on: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: snyk-broker-RELEASE-NAME namespace: NAMESPACE HA mode on with 4 replicas: @@ -144,7 +144,7 @@ HA mode on with 4 replicas: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: github-com-broker-RELEASE-NAME namespace: NAMESPACE spec: @@ -242,7 +242,7 @@ HA mode on with 4 replicas: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: github-com-broker-service-RELEASE-NAME namespace: NAMESPACE spec: @@ -269,7 +269,7 @@ HA mode on with 4 replicas: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: snyk-broker-RELEASE-NAME namespace: NAMESPACE default values: @@ -281,7 +281,7 @@ default values: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: github-com-broker-RELEASE-NAME namespace: NAMESPACE spec: @@ -377,7 +377,7 @@ default values: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: github-com-broker-service-RELEASE-NAME namespace: NAMESPACE spec: @@ -404,7 +404,7 @@ default values: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: snyk-broker-RELEASE-NAME namespace: NAMESPACE preflight checks off: @@ -416,7 +416,7 @@ preflight checks off: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: github-com-broker-RELEASE-NAME namespace: NAMESPACE spec: @@ -514,7 +514,7 @@ preflight checks off: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: github-com-broker-service-RELEASE-NAME namespace: NAMESPACE spec: @@ -541,6 +541,6 @@ preflight checks off: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: snyk-broker-RELEASE-NAME - helm.sh/chart: snyk-broker-2.0.0 + helm.sh/chart: snyk-broker-2.0.1 name: snyk-broker-RELEASE-NAME namespace: NAMESPACE diff --git a/charts/snyk-broker/tests/broker_deployment_ingress_test.yaml b/charts/snyk-broker/tests/broker_deployment_ingress_test.yaml new file mode 100644 index 0000000..ebcce8e --- /dev/null +++ b/charts/snyk-broker/tests/broker_deployment_ingress_test.yaml @@ -0,0 +1,16 @@ +suite: test broker deployment with ingress +templates: + - broker_deployment.yaml + - broker_service.yaml + - secrets.yaml + - serviceaccount.yaml + - broker_ingress.yaml + +tests: + - it: ingress + values: + - ./fixtures/default_values_with_ingress.yaml + asserts: + - matchSnapshot: {} + + diff --git a/charts/snyk-broker/tests/fixtures/default_values_with_ingress.yaml b/charts/snyk-broker/tests/fixtures/default_values_with_ingress.yaml new file mode 100644 index 0000000..289f056 --- /dev/null +++ b/charts/snyk-broker/tests/fixtures/default_values_with_ingress.yaml @@ -0,0 +1,25 @@ +# Default values for snyk-broker. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +##### Snyk Specific Values ##### + +# Broker Token is a value from Snyk. Get this from the integration settings page or your Snyk Representative +brokerToken: "123" + +# brokerClientUrl is the address of the broker. This needs to be the address of itself. In the case of Kubernetes, you need to ensure that you are pointing to the cluster ingress you have setup. +# Ex: http://kubernetes-ingress.domain.com:8000/broker +brokerClientUrl: "http://brokerclient" + +# Do not touch unless directed by a Snyk Representative +brokerServerUrl: "https://broker.test.snyk.io" + +preflightChecks: + enabled: true + +highAvailabilityMode: + enabled: false +brokerDispatcherUrl: "https://api.test.snyk.io" + +brokerIngress: + enabled: true \ No newline at end of file