risingwavelabs · arkbriar · Mar 4, 2024 · Mar 4, 2024 · wjf3121 · Mar 4, 2024
@@ -0,0 +1,34 @@
+name: Test Charts
+
+on:
+  pull_request:
+    branches:
+    - main
+    paths:
+    - 'charts/**'
+  push:
+    branches:
+    - main
+    paths:
+    - 'charts/**'
+  workflow_dispatch:
+
+jobs:
+  unit-tests:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - name: Install Helm
+      uses: azure/setup-helm@v3
+
+    - name: Install helm-unittests
+      run: |
+        helm plugin install https://github.com/helm-unittest/helm-unittest.git
+
+    - name: Run Unit Tests
+      run: |
+        make test
@@ -132,4 +132,6 @@ Network Trash Folder
 Temporary Items
 .apdisk
 
-.idea
+.idea
+**/.debug
+**/__snapshot__
@@ -6,5 +6,8 @@ lint:
 	$(foreach chart,$(HELM_CHARTS),helm lint charts/$(chart);)
 	#$(foreach chart,$(INCUBATING_HELM_CHARTS),helm lint incubating/charts/$(chart);)
 
+test:
+	$(foreach chart,$(HELM_CHARTS),helm unittest charts/$(chart);)
+
 sync-crds:
 	./scripts/sync-crds.sh charts/risingwave-operator/crds
@@ -21,3 +21,4 @@
 .idea/
 *.tmproj
 .vscode/
+tests
@@ -21,3 +21,4 @@
 .idea/
 *.tmproj
 .vscode/
+tests
@@ -29,12 +29,12 @@ appVersion: v1.6.1
 
 dependencies:
 - name: etcd
-  version: "9.1.*"
+  version: "~9.14.3"
   repository: https://charts.bitnami.com/bitnami
   tags:
   - etcd
 - name: minio
-  version: "12.6.*"
+  version: "~13.7.0"
   repository: https://charts.bitnami.com/bitnami
   condition: stateStore.minio.enabled
   tags:

@@ -0,0 +1,97 @@
+suite: Test azblob secret
+templates:
+- templates/azblob-secret.yaml
+chart:
+  appVersion: 1.0.0
+  version: 0.0.1
+tests:
+- it: disabled azblob should not render secret
+  set:
+    stateStore:
+      azblob:
+        enabled: false
+  asserts:
+  - hasDocuments:
+      count: 0
+- it: azblob authenticating with service account should not render secret
+  set:
+    stateStore:
+      minio:
+        enabled: false
+      azblob:
+        enabled: true
+        authentication:
+          useServiceAccount: true
+  asserts:
+  - hasDocuments:
+      count: 0
+- it: azblob authenticating with existing secret should not render secret
+  set:
+    stateStore:
+      minio:
+        enabled: false
+      azblob:
+        enabled: true
+        authentication:
+          useServiceAccount: false
+          existingSecretName: AZBLOB_SECRET
+  asserts:
+  - hasDocuments:
+      count: 0
+- it: azblob authenticating with credentials should pass
+  set:
+    stateStore:
+      minio:
+        enabled: false
+      azblob:
+        enabled: true
+        authentication:
+          useServiceAccount: false
+          accountName: ACCOUNT_NAME
+          accountKey: ACCOUNT_KEY
+  asserts:
+  - hasDocuments:
+      count: 1
+  - containsDocument:
+      apiVersion: v1
+      kind: Secret
+  - equal:
+      path: metadata.name
+      value: RELEASE-NAME-risingwave-azblob
+  - isSubset:
+      path: metadata.labels
+      content:
+        helm.sh/chart: risingwave-0.0.1
+        app.kubernetes.io/name: risingwave
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/version: 1.0.0
+        app.kubernetes.io/instance: RELEASE-NAME
+  - notExists:
+      path: metadata.annotations
+  - equal:
+      path: stringData
+      value:
+        AZBLOB_ACCOUNT_NAME: "ACCOUNT_NAME"
+        AZBLOB_ACCOUNT_KEY: "ACCOUNT_KEY"
+- it: common labels and annotations should work
+  set:
+    commonLabels:
+      LABEL: LABEL_V
+    commonAnnotations:
+      ANNOTATION: ANNOTATION_V
+    stateStore:
+      minio:
+        enabled: false
+      azblob:
+        enabled: true
+  asserts:
+  - isSubset:
+      path: metadata.labels
+      content:
+        LABEL: LABEL_V
+  - exists:
+      path: metadata.annotations
+  - isSubset:
+      path: metadata.annotations
+      content:
+        ANNOTATION: ANNOTATION_V
@@ -0,0 +1,83 @@
+suite: Test etcd secret
+templates:
+- templates/etcd-secret.yaml
+chart:
+  appVersion: 1.0.0
+  version: 0.0.1
+tests:
+- it: bundled etcd should not render secret
+  set:
+    tags.etcd: true
+    metaStore.etcd.authentication.enabled: true
+  asserts:
+  - hasDocuments:
+      count: 0
+- it: external etcd without authentication should not render secret
+  set:
+    tags.etcd: false
+    metaStore.etcd.authentication.enabled: false
+  template: etcd-secret.yaml
+  asserts:
+  - hasDocuments:
+      count: 0
+- it: external etcd with authentication should pass
+  set:
+    tags.etcd: false
+    metaStore:
+      etcd:
+        endpoints:
+        - external-etcd:1234
+        authentication:
+          enabled: true
+          username: USERNAME
+          password: PASSWORD
+  asserts:
+  - hasDocuments:
+      count: 1
+  - containsDocument:
+      apiVersion: v1
+      kind: Secret
+  - equal:
+      path: metadata.name
+      value: RELEASE-NAME-risingwave-etcd
+  - isSubset:
+      path: metadata.labels
+      content:
+        helm.sh/chart: risingwave-0.0.1
+        app.kubernetes.io/name: risingwave
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/version: 1.0.0
+        app.kubernetes.io/instance: RELEASE-NAME
+  - notExists:
+      path: metadata.annotations
+  - equal:
+      path: stringData
+      value:
+        RW_ETCD_USERNAME: "USERNAME"
+        RW_ETCD_PASSWORD: "PASSWORD"
+- it: external etcd with authentication contains common labels and annotations
+  set:
+    tags.etcd: false
+    commonLabels:
+      LABEL: LABEL_V
+    commonAnnotations:
+      ANNOTATION: ANNOTATION_V
+    metaStore:
+      etcd:
+        endpoints:
+        - external-etcd:1234
+        authentication:
+          enabled: true
+          username: USERNAME
+          password: PASSWORD
+  asserts:
+  - isSubset:
+      path: metadata.labels
+      content:
+        LABEL: LABEL_V
+  - exists:
+      path: metadata.annotations
+  - isSubset:
+      path: metadata.annotations
+      content:
+        ANNOTATION: ANNOTATION_V
@@ -0,0 +1,95 @@
+suite: Test gcs secret
+templates:
+- templates/gcs-secret.yaml
+chart:
+  appVersion: 1.0.0
+  version: 0.0.1
+tests:
+- it: disabled gcs should not render secret
+  set:
+    stateStore:
+      gcs:
+        enabled: false
+  asserts:
+  - hasDocuments:
+      count: 0
+- it: gcs authenticating with service account should not render secret
+  set:
+    stateStore:
+      minio:
+        enabled: false
+      gcs:
+        enabled: true
+        authentication:
+          useServiceAccount: true
+  asserts:
+  - hasDocuments:
+      count: 0
+- it: gcs authenticating with existing secret should not render secret
+  set:
+    stateStore:
+      minio:
+        enabled: false
+      gcs:
+        enabled: true
+        authentication:
+          useServiceAccount: false
+          existingSecretName: GCS_SECRET
+  asserts:
+  - hasDocuments:
+      count: 0
+- it: gcs authenticating with credentials should pass
+  set:
+    stateStore:
+      minio:
+        enabled: false
+      gcs:
+        enabled: true
+        authentication:
+          useServiceAccount: false
+          credentials: CREDENTIALS
+  asserts:
+  - hasDocuments:
+      count: 1
+  - containsDocument:
+      apiVersion: v1
+      kind: Secret
+  - equal:
+      path: metadata.name
+      value: RELEASE-NAME-risingwave-gcs
+  - isSubset:
+      path: metadata.labels
+      content:
+        helm.sh/chart: risingwave-0.0.1
+        app.kubernetes.io/name: risingwave
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/version: 1.0.0
+        app.kubernetes.io/instance: RELEASE-NAME
+  - notExists:
+      path: metadata.annotations
+  - equal:
+      path: stringData
+      value:
+        GOOGLE_APPLICATION_CREDENTIALS: "CREDENTIALS"
+- it: common labels and annotations should work
+  set:
+    commonLabels:
+      LABEL: LABEL_V
+    commonAnnotations:
+      ANNOTATION: ANNOTATION_V
+    stateStore:
+      minio:
+        enabled: false
+      gcs:
+        enabled: true
+  asserts:
+  - isSubset:
+      path: metadata.labels
+      content:
+        LABEL: LABEL_V
+  - exists:
+      path: metadata.annotations
+  - isSubset:
+      path: metadata.annotations
+      content:
+        ANNOTATION: ANNOTATION_V