openbao-helm/test/acceptance/injector.bats

#!/usr/bin/env bats

load _helpers

@test "injector: testing deployment" {
  cd `chart_dir`
  
  kubectl delete namespace acceptance --ignore-not-found=true
  kubectl create namespace acceptance
  kubectl config set-context --current --namespace=acceptance

  kubectl create -f ./test/acceptance/injector-test/pg-deployment.yaml
  sleep 5
  wait_for_ready $(kubectl get pod -l app=postgres -o jsonpath="{.items[0].metadata.name}")

  kubectl create secret generic test \
    --from-file ./test/acceptance/injector-test/pgdump-policy.hcl \
    --from-file ./test/acceptance/injector-test/bootstrap.sh 

  kubectl label secret test app=vault-agent-demo

  helm install "$(name_prefix)" \
    --set="server.extraVolumes[0].type=secret" \
    --set="server.extraVolumes[0].name=test" .
  wait_for_running $(name_prefix)-0

  wait_for_ready $(kubectl get pod -l component=webhook -o jsonpath="{.items[0].metadata.name}")

  kubectl exec -ti "$(name_prefix)-0" -- /bin/sh -c "cp /vault/userconfig/test/bootstrap.sh /tmp/bootstrap.sh && chmod +x /tmp/bootstrap.sh && /tmp/bootstrap.sh"
  sleep 5

    # Sealed, not initialized
  local sealed_status=$(kubectl exec "$(name_prefix)-0" -- vault status -format=json |
    jq -r '.sealed' )
  [ "${sealed_status}" == "false" ]

  local init_status=$(kubectl exec "$(name_prefix)-0" -- vault status -format=json |
    jq -r '.initialized')
  [ "${init_status}" == "true" ] 


  kubectl create -f ./test/acceptance/injector-test/job.yaml
  wait_for_complete_job "pgdump"
}

# Clean up
teardown() {
  if [[ ${CLEANUP:-true} == "true" ]]
  then
      echo "helm/pvc teardown"
      helm delete vault
      kubectl delete --all pvc
      kubectl delete secret test 
      kubectl delete job pgdump
      kubectl delete deployment postgres
      kubectl delete namespace acceptance
  fi
}
Add vault agent injector (#150) * Add vault agent injector * Fix bug with agent image env * Fix terraform GKE code * Cleanup label * Improve test reliablity * Lower sleep times in tests * Standardize image values * Update values * Update vault tag 2019-12-19 15:57:51 +00:00			`#!/usr/bin/env bats`

			`load _helpers`

			`@test "injector: testing deployment" {`
			cd `chart_dir`

			`kubectl delete namespace acceptance --ignore-not-found=true`
			`kubectl create namespace acceptance`
			`kubectl config set-context --current --namespace=acceptance`

			`kubectl create -f ./test/acceptance/injector-test/pg-deployment.yaml`
			`sleep 5`
			`wait_for_ready $(kubectl get pod -l app=postgres -o jsonpath="{.items[0].metadata.name}")`

			`kubectl create secret generic test \`
			`--from-file ./test/acceptance/injector-test/pgdump-policy.hcl \`
			`--from-file ./test/acceptance/injector-test/bootstrap.sh`

			`kubectl label secret test app=vault-agent-demo`

Helm 3 support (#195) Update chart and tests to Helm 3 Co-authored-by: Matt Piekunka <mpiekunk@users.noreply.github.com> Co-authored-by: Mike Brancato <mbrancato@users.noreply.github.com> 2020-02-06 16:44:38 +00:00			`helm install "$(name_prefix)" \`
Add vault agent injector (#150) * Add vault agent injector * Fix bug with agent image env * Fix terraform GKE code * Cleanup label * Improve test reliablity * Lower sleep times in tests * Standardize image values * Update values * Update vault tag 2019-12-19 15:57:51 +00:00			`--set="server.extraVolumes[0].type=secret" \`
			`--set="server.extraVolumes[0].name=test" .`
			`wait_for_running $(name_prefix)-0`

			`wait_for_ready $(kubectl get pod -l component=webhook -o jsonpath="{.items[0].metadata.name}")`

			`kubectl exec -ti "$(name_prefix)-0" -- /bin/sh -c "cp /vault/userconfig/test/bootstrap.sh /tmp/bootstrap.sh && chmod +x /tmp/bootstrap.sh && /tmp/bootstrap.sh"`
			`sleep 5`

			`# Sealed, not initialized`
			`local sealed_status=$(kubectl exec "$(name_prefix)-0" -- vault status -format=json \|`
			`jq -r '.sealed' )`
			`[ "${sealed_status}" == "false" ]`

			`local init_status=$(kubectl exec "$(name_prefix)-0" -- vault status -format=json \|`
			`jq -r '.initialized')`
			`[ "${init_status}" == "true" ]`


			`kubectl create -f ./test/acceptance/injector-test/job.yaml`
			`wait_for_complete_job "pgdump"`
			`}`

			`# Clean up`
			`teardown() {`
Add Vault Helm ent support, service discovery (#250) * Add Vault Helm ent support, service discovery * Fix unit test * Update test/acceptance/server-ha-enterprise-dr.bats Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com> * Update test/acceptance/server-ha-enterprise-dr.bats Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com> * Update test/acceptance/server-ha-enterprise-perf.bats Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com> * Update test/acceptance/server-ha-enterprise-perf.bats Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com> * Update values.yaml Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com> Co-authored-by: Theron Voran <tvoran@users.noreply.github.com> 2020-04-09 13:26:58 +00:00			`if [[ ${CLEANUP:-true} == "true" ]]`
			`then`
			`echo "helm/pvc teardown"`
			`helm delete vault`
			`kubectl delete --all pvc`
			`kubectl delete secret test`
			`kubectl delete job pgdump`
			`kubectl delete deployment postgres`
			`kubectl delete namespace acceptance`
			`fi`
Add vault agent injector (#150) * Add vault agent injector * Fix bug with agent image env * Fix terraform GKE code * Cleanup label * Improve test reliablity * Lower sleep times in tests * Standardize image values * Update values * Update vault tag 2019-12-19 15:57:51 +00:00			`}`