Update consul-helm-test with go 1.17 (#1177)

* Update consul-helm-test with go 1.17 - Update the bats version in the Dockerfile. - Update the go.sum as they were missing dependencies. * update bats tests for latest bats
hashicorp · Apr 19, 2022 · 68bcc72 · 68bcc72 · eb4x · Jun 29, 2022
1 parent 0e4285a
commit 68bcc72
Show file tree

Hide file tree

Showing 37 changed files with 127 additions and 122 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -483,7 +483,7 @@ jobs:
 
   unit-test-helm-templates:
     docker:
-      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.10.0
+      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.11.0
 
     steps:
       - checkout
@@ -562,7 +562,7 @@ jobs:
   ##########################
   cleanup-gcp-resources:
     docker:
-      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.10.0
+      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.11.0
     steps:
       - run:
           name: cleanup leftover resources
@@ -579,7 +579,7 @@ jobs:
 
   cleanup-azure-resources:
     docker:
-      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.10.0
+      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.11.0
     steps:
       - run:
           name: cleanup leftover resources
@@ -596,7 +596,7 @@ jobs:
 
   cleanup-eks-resources:
     docker:
-      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.10.0
+      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.11.0
     steps:
       - checkout
       - run:
@@ -621,7 +621,7 @@ jobs:
       - TEST_RESULTS: /tmp/test-results
     docker:
       # This image is built from test/docker/Test.dockerfile
-      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.10.0
+      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.11.0
 
     steps:
       - run:
@@ -687,7 +687,7 @@ jobs:
       - TEST_RESULTS: /tmp/test-results
     docker:
       # This image is built from test/docker/Test.dockerfile
-      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.10.0
+      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.11.0
 
     steps:
       - checkout
@@ -742,7 +742,7 @@ jobs:
       - TEST_RESULTS: /tmp/test-results
     docker:
       # This image is built from test/docker/Test.dockerfile
-      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.10.0
+      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.11.0
 
     steps:
       - checkout
@@ -804,7 +804,7 @@ jobs:
     parallelism: 1
     docker:
       # This image is built from test/docker/Test.dockerfile
-      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.10.0
+      - image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.11.0
 
     steps:
       - checkout

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -74,7 +74,7 @@ jobs:
       - unit-helm-gen
     runs-on: ubuntu-latest
     container: 
-      image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.10.0
+      image: docker.mirror.hashicorp.services/hashicorpdev/consul-helm-test:0.11.0
       options: --user 1001
     steps:
       - name: Checkout code

diff --git a/charts/consul/test/docker/Test.dockerfile b/charts/consul/test/docker/Test.dockerfile
@@ -6,14 +6,16 @@
 # a script to configure kubectl, potentially install Helm, and run the tests
 # manually. This image only has the dependencies pre-installed.
 
-FROM circleci/golang:1.16
+FROM circleci/golang:1.17
 
 # change the user to root so we can install stuff
 USER root
 
-ENV BATS_VERSION "1.2.1"
+ENV BATS_VERSION "1.6.0"
 ENV TERRAFORM_VERSION "0.13.5"
 
+RUN apt-get update
+
 # base packages
 RUN apt-get install -y \
     openssl \

diff --git a/charts/consul/test/unit/api-gateway-controller-deployment.bats b/charts/consul/test/unit/api-gateway-controller-deployment.bats
@@ -93,7 +93,7 @@ load _helpers
       --set 'apiGateway.enabled=true' \
       --set 'apiGateway.image=bar' \
       . | tee /dev/stderr |
-      yq '.spec.template.spec.containers[0].command | join(" ") | contains("-sds-server-host RELEASE-NAME-consul-api-gateway-controller.default.svc")' | tee /dev/stderr)
+      yq '.spec.template.spec.containers[0].command | join(" ") | contains("-sds-server-host release-name-consul-api-gateway-controller.default.svc")' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 }
 
@@ -365,7 +365,7 @@ load _helpers
   [ "${actual}" = "true" ]
 
   local actual=$(echo $object |
-      yq -r '.command | any(contains("-acl-auth-method=RELEASE-NAME-consul-k8s-component-auth-method"))' | tee /dev/stderr)
+      yq -r '.command | any(contains("-acl-auth-method=release-name-consul-k8s-component-auth-method"))' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 
   local actual=$(echo $object |

diff --git a/charts/consul/test/unit/client-daemonset.bats b/charts/consul/test/unit/client-daemonset.bats
@@ -551,7 +551,7 @@ load _helpers
       -s templates/client-daemonset.yaml  \
       . | tee /dev/stderr |
       yq -r '.spec.template.metadata.annotations."consul.hashicorp.com/config-checksum"' | tee /dev/stderr)
-  [ "${actual}" = aa432a6e22a4c6c7c07f39896f893df1d638575222eea0245d33a5094914ab61 ]
+  [ "${actual}" = 3bd6198418457f5acc746c0d21fbb4afdf2b38e5bbcfef23fb3f97e2600fe964 ]
 }
 
 @test "client/DaemonSet: config-checksum annotation changes when extraConfig is provided" {
@@ -561,7 +561,7 @@ load _helpers
       --set 'client.extraConfig="{\"hello\": \"world\"}"' \
       . | tee /dev/stderr |
       yq -r '.spec.template.metadata.annotations."consul.hashicorp.com/config-checksum"' | tee /dev/stderr)
-  [ "${actual}" = 50357c9dd53f1cb8e5b4c953f832269df82f4fea12cb63f1581890ac55d9ce58 ]
+  [ "${actual}" = 41535aa4cb7cffc4c70641efc882f5d6e3e87fce6e76d409409ff287cb4b23e8 ]
 }
 
 @test "client/DaemonSet: config-checksum annotation changes when connectInject.enabled=true" {
@@ -571,7 +571,7 @@ load _helpers
       --set 'connectInject.enabled=true' \
       . | tee /dev/stderr |
       yq -r '.spec.template.metadata.annotations."consul.hashicorp.com/config-checksum"' | tee /dev/stderr)
-  [ "${actual}" = 60a99c69e2b0fc842723ef1c5e34b60fbdf15460b70deb1831b692f14f74e972 ]
+  [ "${actual}" = bad77069ea6e4915272cf520faecb96333f6adef97c992e0aecc324381754eb2 ]
 }
 
 #--------------------------------------------------------------------
@@ -614,7 +614,7 @@ load _helpers
     -s templates/client-daemonset.yaml  \
     --set 'global.gossipEncryption.autoGenerate=true' \
     . | tee /dev/stderr |
-    yq '.spec.template.spec.containers[] | select(.name=="consul") | .env[] | select(.name == "GOSSIP_KEY") | .valueFrom.secretKeyRef | [.name=="RELEASE-NAME-consul-gossip-encryption-key", .key="key"] | all' | tee /dev/stderr)
+    yq '.spec.template.spec.containers[] | select(.name=="consul") | .env[] | select(.name == "GOSSIP_KEY") | .valueFrom.secretKeyRef | [.name=="release-name-consul-gossip-encryption-key", .key="key"] | all' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 }
 
@@ -817,7 +817,7 @@ load _helpers
 
   local actual
   actual=$(echo $env | jq -r '. | select(.name == "CONSUL_HTTP_ADDR") | .value' | tee /dev/stderr)
-  [ "${actual}" = "https://RELEASE-NAME-consul-server.default.svc:8501" ]
+  [ "${actual}" = "https://release-name-consul-server.default.svc:8501" ]
 }
 
 @test "client/DaemonSet: Adds consul envvars CONSUL_HTTP_ADDR on acl-init init container when ACLs are enabled and tls is not enabled" {
@@ -830,7 +830,7 @@ load _helpers
 
   local actual
   actual=$(echo $env | jq -r '. | select(.name == "CONSUL_HTTP_ADDR") | .value' | tee /dev/stderr)
-  [ "${actual}" = "http://RELEASE-NAME-consul-server.default.svc:8500" ]
+  [ "${actual}" = "http://release-name-consul-server.default.svc:8500" ]
 }
 
 @test "client/DaemonSet: Does not add consul envvars CONSUL_CACERT on acl-init init container when ACLs are enabled and tls is not enabled" {
@@ -1136,7 +1136,7 @@ local actual=$(echo $object |
   [ "${actual}" = "true" ]  
 
   local actual=$(echo $object |
-      yq -r '.command | any(contains("acl-auth-method=\"RELEASE-NAME-consul-k8s-component-auth-method\""))' | tee /dev/stderr)
+      yq -r '.command | any(contains("acl-auth-method=\"release-name-consul-k8s-component-auth-method\""))' | tee /dev/stderr)
   [ "${actual}" = "true" ]  
 
   local actual=$(echo $object |
@@ -1180,7 +1180,7 @@ local actual=$(echo $object |
   [ "${actual}" = "true" ]  
 
   local actual=$(echo $object |
-      yq -r '.command | any(contains("acl-auth-method=\"RELEASE-NAME-consul-k8s-component-auth-method\""))' | tee /dev/stderr)
+      yq -r '.command | any(contains("acl-auth-method=\"release-name-consul-k8s-component-auth-method\""))' | tee /dev/stderr)
   [ "${actual}" = "true" ]  
 
   local actual=$(echo $object |

diff --git a/charts/consul/test/unit/client-role.bats b/charts/consul/test/unit/client-role.bats
@@ -110,7 +110,7 @@ load _helpers
       --set 'global.openshift.enabled=true' \
       . | tee /dev/stderr |
       yq -r '.rules[] | select(.resources==["securitycontextconstraints"]) | .resourceNames[0]' | tee /dev/stderr)
-  [ "${actual}" = "RELEASE-NAME-consul-client" ]
+  [ "${actual}" = "release-name-consul-client" ]
 }
 
 @test "client/Role: allows securitycontextconstraints and acl secret access with global.openshift.enabled=true and global.acls.manageSystemACLs=true" {
@@ -124,10 +124,10 @@ load _helpers
       yq -r '.rules[]' | tee /dev/stderr)
 
   local scc_resource=$(echo $rules | jq -r '. | select(.resources==["securitycontextconstraints"]) | .resourceNames[0]')
-  [ "${scc_resource}" = "RELEASE-NAME-consul-client" ]
+  [ "${scc_resource}" = "release-name-consul-client" ]
 
   local secrets_resource=$(echo $rules | jq -r '. | select(.resources==["secrets"]) | .resourceNames[0]')
-  [ "${secrets_resource}" = "RELEASE-NAME-consul-client-acl-token" ]
+  [ "${secrets_resource}" = "release-name-consul-client-acl-token" ]
 }
 
 @test "client/Role: allows securitycontextconstraints and psp access with global.openshift.enabled=true and global.enablePodSecurityPolices=true" {
@@ -141,10 +141,10 @@ load _helpers
       yq -r '.rules[]' | tee /dev/stderr)
 
   local scc_resource=$(echo $rules | jq -r '. | select(.resources==["securitycontextconstraints"]) | .resourceNames[0]')
-  [ "${scc_resource}" = "RELEASE-NAME-consul-client" ]
+  [ "${scc_resource}" = "release-name-consul-client" ]
 
   local psp_resource=$(echo $rules | jq -r '. | select(.resources==["podsecuritypolicies"]) | .resourceNames[0]')
-  [ "${psp_resource}" = "RELEASE-NAME-consul-client" ]
+  [ "${psp_resource}" = "release-name-consul-client" ]
 }
 
 @test "client/Role: allows securitycontextconstraints, acl secret, and psp access when all global.openshift.enabled, global.enablePodSecurityPolices, and global.acls.manageSystemACLs are true " {
@@ -159,11 +159,11 @@ load _helpers
       yq -r '.rules[]' | tee /dev/stderr)
 
   local scc_resource=$(echo $rules | jq -r '. | select(.resources==["securitycontextconstraints"]) | .resourceNames[0]')
-  [ "${scc_resource}" = "RELEASE-NAME-consul-client" ]
+  [ "${scc_resource}" = "release-name-consul-client" ]
 
   local secrets_resource=$(echo $rules | jq -r '. | select(.resources==["secrets"]) | .resourceNames[0]')
-  [ "${secrets_resource}" = "RELEASE-NAME-consul-client-acl-token" ]
+  [ "${secrets_resource}" = "release-name-consul-client-acl-token" ]
 
   local psp_resource=$(echo $rules | jq -r '. | select(.resources==["podsecuritypolicies"]) | .resourceNames[0]')
-  [ "${psp_resource}" = "RELEASE-NAME-consul-client" ]
+  [ "${psp_resource}" = "release-name-consul-client" ]
 }
diff --git a/charts/consul/test/unit/client-snapshot-agent-deployment.bats b/charts/consul/test/unit/client-snapshot-agent-deployment.bats
@@ -278,7 +278,7 @@ load _helpers
   [ "${actual}" = "true" ]
 
   local actual=$(echo $object |
-      yq -r '.command | any(contains("-acl-auth-method=RELEASE-NAME-consul-k8s-component-auth-method"))' | tee /dev/stderr)
+      yq -r '.command | any(contains("-acl-auth-method=release-name-consul-k8s-component-auth-method"))' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 
   local actual=$(echo $object |

diff --git a/charts/consul/test/unit/connect-inject-deployment.bats b/charts/consul/test/unit/connect-inject-deployment.bats
@@ -492,7 +492,7 @@ EOF
       --set 'connectInject.enabled=true' \
       --set 'global.acls.manageSystemACLs=true' \
       . | tee /dev/stderr |
-      yq '.spec.template.spec.containers[0].command | any(contains("-acl-auth-method=\"RELEASE-NAME-consul-k8s-auth-method\""))' | tee /dev/stderr)
+      yq '.spec.template.spec.containers[0].command | any(contains("-acl-auth-method=\"release-name-consul-k8s-auth-method\""))' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 }
 
@@ -549,7 +549,7 @@ EOF
       -s templates/connect-inject-deployment.yaml \
       --set 'connectInject.enabled=true' \
       . | tee /dev/stderr |
-      yq -c -r '.spec.template.spec.containers[0].command | join(" ") | contains("-resource-prefix=RELEASE-NAME-consul")' | tee /dev/stderr)
+      yq -c -r '.spec.template.spec.containers[0].command | join(" ") | contains("-resource-prefix=release-name-consul")' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 }
 
@@ -1036,7 +1036,7 @@ EOF
   [ "${actual}" = "true" ]
 
   local actual=$(echo $object |
-      yq -r '.command | any(contains("-acl-auth-method=RELEASE-NAME-consul-k8s-component-auth-method"))' | tee /dev/stderr)
+      yq -r '.command | any(contains("-acl-auth-method=release-name-consul-k8s-component-auth-method"))' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 
   local actual=$(echo $object |
@@ -1154,7 +1154,7 @@ EOF
   [ "${actual}" = "true" ]
 
   local actual=$(echo $object |
-      yq -r '.command | any(contains("-acl-auth-method=RELEASE-NAME-consul-k8s-component-auth-method"))' | tee /dev/stderr)
+      yq -r '.command | any(contains("-acl-auth-method=release-name-consul-k8s-component-auth-method"))' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 }
 
@@ -1180,7 +1180,7 @@ EOF
   [ "${actual}" = "true" ]
 
   local actual=$(echo $object |
-      yq -r '.command | any(contains("-acl-auth-method=RELEASE-NAME-consul-k8s-component-auth-method-dc2"))' | tee /dev/stderr)
+      yq -r '.command | any(contains("-acl-auth-method=release-name-consul-k8s-component-auth-method-dc2"))' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 
   local actual=$(echo $object |

diff --git a/charts/consul/test/unit/controller-deployment.bats b/charts/consul/test/unit/controller-deployment.bats
@@ -155,7 +155,7 @@ load _helpers
   [ "${actual}" = "true" ]
 
   local actual=$(echo $object |
-      yq -r '.command | any(contains("-acl-auth-method=RELEASE-NAME-consul-k8s-component-auth-method"))' | tee /dev/stderr)
+      yq -r '.command | any(contains("-acl-auth-method=release-name-consul-k8s-component-auth-method"))' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 
   local actual=$(echo $object |
@@ -250,7 +250,7 @@ load _helpers
   [ "${actual}" = "true" ]
 
   local actual=$(echo $object |
-      yq -r '.command | any(contains("-acl-auth-method=RELEASE-NAME-consul-k8s-component-auth-method-dc2"))' | tee /dev/stderr)
+      yq -r '.command | any(contains("-acl-auth-method=release-name-consul-k8s-component-auth-method-dc2"))' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 
   local actual=$(echo $object |

diff --git a/charts/consul/test/unit/create-federation-secret-job.bats b/charts/consul/test/unit/create-federation-secret-job.bats
@@ -76,15 +76,15 @@ load _helpers
   local actual
 
   # test it uses the auto-generated ca secret
-  actual=$(echo $volumes | yq 'map(select(.name=="consul-ca-cert" and .secret.secretName=="RELEASE-NAME-consul-ca-cert")) | length > 0' | tee /dev/stderr)
+  actual=$(echo $volumes | yq 'map(select(.name=="consul-ca-cert" and .secret.secretName=="release-name-consul-ca-cert")) | length > 0' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 
   # test it uses the correct secret key for the auto-generated ca secret
   actual=$(echo $volumes | yq 'map(select(.name=="consul-ca-cert" and .secret.items[0].key =="tls.crt")) | length > 0' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 
   # test it uses the auto-generated ca key secret
-  actual=$(echo $volumes | yq 'map(select(.name=="consul-ca-key" and .secret.secretName=="RELEASE-NAME-consul-ca-key")) | length > 0' | tee /dev/stderr)
+  actual=$(echo $volumes | yq 'map(select(.name=="consul-ca-key" and .secret.secretName=="release-name-consul-ca-key")) | length > 0' | tee /dev/stderr)
   [ "${actual}" = "true" ]
 
   # test it uses the correct secret key for the auto-generated ca key secret

diff --git a/charts/consul/test/unit/create-federation-secret-role.bats b/charts/consul/test/unit/create-federation-secret-role.bats
@@ -38,7 +38,7 @@ load _helpers
       --set 'global.acls.manageSystemACLs=true' \
       --set 'global.acls.createReplicationToken=true' \
       . | tee /dev/stderr |
-      yq -r '.rules | map(select(.resourceNames[0] == "RELEASE-NAME-consul-acl-replication-acl-token")) | length' | tee /dev/stderr)
+      yq -r '.rules | map(select(.resourceNames[0] == "release-name-consul-acl-replication-acl-token")) | length' | tee /dev/stderr)
   [ "${actual}" = "1" ]
 }
 

diff --git a/charts/consul/test/unit/enterprise-license-job.bats b/charts/consul/test/unit/enterprise-license-job.bats
@@ -155,7 +155,7 @@ load _helpers
       --set 'global.tls.enabled=false' \
       . | tee /dev/stderr |
       yq -r '.spec.template.spec.containers[0].env[] | select(.name == "CONSUL_HTTP_ADDR") | .value' | tee /dev/stderr)
-  [ "${actual}" = "http://RELEASE-NAME-consul-server:8500" ]
+  [ "${actual}" = "http://release-name-consul-server:8500" ]
 }
 
 @test "enterpriseLicense/Job: URL is https when TLS is enabled" {
@@ -168,7 +168,7 @@ load _helpers
       --set 'global.tls.enabled=true' \
       . | tee /dev/stderr |
       yq -r '.spec.template.spec.containers[0].env[] | select(.name == "CONSUL_HTTP_ADDR") | .value' | tee /dev/stderr)
-  [ "${actual}" = "https://RELEASE-NAME-consul-server:8501" ]
+  [ "${actual}" = "https://release-name-consul-server:8501" ]
 }
 
 @test "enterpriseLicense/Job: CA certificate is specified when TLS is enabled" {

diff --git a/charts/consul/test/unit/enterprise-license-role.bats b/charts/consul/test/unit/enterprise-license-role.bats
@@ -65,7 +65,7 @@ load _helpers
       --set 'global.enterpriseLicense.enableLicenseAutoload=false' \
       --set 'global.acls.manageSystemACLs=true' \
       . | tee /dev/stderr |
-      yq -r '.rules | map(select(.resourceNames[0] == "RELEASE-NAME-consul-enterprise-license-acl-token")) | length' | tee /dev/stderr)
+      yq -r '.rules | map(select(.resourceNames[0] == "release-name-consul-enterprise-license-acl-token")) | length' | tee /dev/stderr)
   [ "${actual}" = "1" ]
 }
 

diff --git a/charts/consul/test/unit/helpers.bats b/charts/consul/test/unit/helpers.bats
@@ -8,13 +8,13 @@ load _helpers
 # These tests use test-runner.yaml to test the consul.fullname helper
 # since we need an existing template that calls the consul.fullname helper.
 
-@test "helper/consul.fullname: defaults to RELEASE-NAME-consul" {
+@test "helper/consul.fullname: defaults to release-name-consul" {
   cd `chart_dir`
   local actual=$(helm template \
       -s templates/tests/test-runner.yaml \
       . | tee /dev/stderr |
       yq -r '.metadata.name' | tee /dev/stderr)
-  [ "${actual}" = "RELEASE-NAME-consul-test" ]
+  [ "${actual}" = "release-name-consul-test" ]
 }
 
 @test "helper/consul.fullname: fullnameOverride overrides the name" {
@@ -84,7 +84,7 @@ load _helpers
       --set nameOverride=override \
       . | tee /dev/stderr |
       yq -r '.metadata.name' | tee /dev/stderr)
-  [ "${actual}" = "RELEASE-NAME-override-test" ]
+  [ "${actual}" = "release-name-override-test" ]
 }
 
 #--------------------------------------------------------------------
@@ -149,7 +149,7 @@ load _helpers
       yq '.spec.initContainers[] | select(.name == "get-auto-encrypt-client-ca").command | join(" ")' | tee /dev/stderr)
 
   # check server address
-  actual=$(echo $command | jq ' . | contains("-server-addr=RELEASE-NAME-consul-server")')
+  actual=$(echo $command | jq ' . | contains("-server-addr=release-name-consul-server")')
   [ "${actual}" = "true" ]
 
   # check server port