-
Notifications
You must be signed in to change notification settings - Fork 888
/
Copy pathserver-network-policy.bats
executable file
·46 lines (41 loc) · 1.67 KB
/
server-network-policy.bats
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
#!/usr/bin/env bats
load _helpers
@test "server/network-policy: disabled by default" {
cd `chart_dir`
local actual=$( (helm template \
--show-only templates/server-network-policy.yaml \
. || echo "---") | tee /dev/stderr |
yq 'length > 0' | tee /dev/stderr)
[ "${actual}" = "false" ]
}
@test "server/network-policy: enabled by server.networkPolicy.enabled" {
cd `chart_dir`
local actual=$( (helm template \
--set 'server.networkPolicy.enabled=true' \
--show-only templates/server-network-policy.yaml \
. || echo "---") | tee /dev/stderr |
yq 'length > 0' | tee /dev/stderr)
[ "${actual}" = "true" ]
}
@test "server/network-policy: ingress changed by server.networkPolicy.ingress" {
cd `chart_dir`
local actual=$(helm template \
--set 'server.networkPolicy.enabled=true' \
--set 'server.networkPolicy.ingress[0].from[0].podSelector.matchLabels.foo=bar' \
--show-only templates/server-network-policy.yaml \
. | tee /dev/stderr |
yq -r '.spec.ingress[0].from[0].podSelector.matchLabels.foo' | tee /dev/stderr)
[ "${actual}" = "bar" ]
}
@test "server/network-policy: egress enabled by server.networkPolicy.egress" {
cd `chart_dir`
local actual=$(helm template \
--set 'server.networkPolicy.enabled=true' \
--set 'server.networkPolicy.egress[0].to[0].ipBlock.cidr=10.0.0.0/24' \
--set 'server.networkPolicy.egress[0].ports[0].protocol=TCP' \
--set 'server.networkPolicy.egress[0].ports[0].port=443' \
--show-only templates/server-network-policy.yaml \
. | tee /dev/stderr |
yq -r '.spec.egress[0].to[0].ipBlock.cidr' | tee /dev/stderr)
[ "${actual}" = "10.0.0.0/24" ]
}