diff --git a/postgresql/templates/bin/_db_test.sh.tpl b/postgresql/templates/bin/_db_test.sh.tpl new file mode 100644 index 000000000..8accacec1 --- /dev/null +++ b/postgresql/templates/bin/_db_test.sh.tpl @@ -0,0 +1,85 @@ +#!/bin/bash +{{/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +set -ex + +trap cleanup EXIT SIGTERM SIGINT SIGKILL + +TEST_DATABASE_NAME="pg_helmtest_db" +TEST_DATABASE_USER="pg_helmtest_user" +TEST_DATABASE_PASSWORD=$RANDOM +TEST_TABLE_NAME="pg_helmtest" + +function psql_cmd { + DATABASE=$1 + DB_USER=$2 + export PGPASSWORD=$3 + DB_COMMAND=$4 + EXIT_ON_FAIL=${5:-1} + + psql \ + -h $DB_FQDN \ + -p $DB_PORT \ + -U $DB_USER \ + -d $DATABASE \ + -v "ON_ERROR_STOP=1" \ + --command="${DB_COMMAND}" + + RC=$? + + if [[ $RC -ne 0 ]] + then + echo 'FAIL!' + if [[ $EXIT_ON_FAIL -eq 1 ]] + then + exit $RC + fi + fi + + return 0 +} + +function cleanup { + echo 'Cleaning up the database...' + psql_cmd "postgres" ${DB_ADMIN_USER} ${ADMIN_PASSWORD} "DROP DATABASE IF EXISTS ${TEST_DATABASE_NAME};" 0 + psql_cmd "postgres" ${DB_ADMIN_USER} ${ADMIN_PASSWORD} "DROP ROLE IF EXISTS ${TEST_DATABASE_USER};" 0 + echo 'Cleanup Finished.' +} + +# Create db +echo 'Testing database connectivity as admin user...' +psql_cmd "postgres" ${DB_ADMIN_USER} ${ADMIN_PASSWORD} "SELECT 1 FROM pg_database;" +echo 'Connectivity Test SUCCESS!' + +echo 'Testing creation of an application database...' +psql_cmd "postgres" ${DB_ADMIN_USER} ${ADMIN_PASSWORD} "CREATE DATABASE ${TEST_DATABASE_NAME};" +echo 'Database Creation Test SUCCESS!' + +echo 'Testing creation of an application user...' +psql_cmd "postgres" ${DB_ADMIN_USER} ${ADMIN_PASSWORD} "CREATE ROLE ${TEST_DATABASE_USER} LOGIN PASSWORD '${TEST_DATABASE_PASSWORD}';" +psql_cmd "postgres" ${DB_ADMIN_USER} ${ADMIN_PASSWORD} "GRANT ALL PRIVILEGES ON DATABASE ${TEST_DATABASE_NAME} to ${TEST_DATABASE_USER};" +echo 'User Creation SUCCESS!' + +echo 'Testing creation of an application table...' +psql_cmd ${TEST_DATABASE_NAME} ${TEST_DATABASE_USER} ${TEST_DATABASE_PASSWORD} "CREATE TABLE ${TEST_TABLE_NAME} (name text);" +echo 'Table Creation SUCCESS!' + +echo 'Testing DML...' +psql_cmd ${TEST_DATABASE_NAME} ${TEST_DATABASE_USER} ${TEST_DATABASE_PASSWORD} "INSERT INTO ${TEST_TABLE_NAME} (name) VALUES ('test.');" +psql_cmd ${TEST_DATABASE_NAME} ${TEST_DATABASE_USER} ${TEST_DATABASE_PASSWORD} "SELECT * FROM ${TEST_TABLE_NAME};" +psql_cmd ${TEST_DATABASE_NAME} ${TEST_DATABASE_USER} ${TEST_DATABASE_PASSWORD} "DELETE FROM ${TEST_TABLE_NAME};" +echo 'DML Test SUCCESS!' + +exit 0 diff --git a/postgresql/templates/configmap-bin.yaml b/postgresql/templates/configmap-bin.yaml index 76fcc74a1..4feb64229 100644 --- a/postgresql/templates/configmap-bin.yaml +++ b/postgresql/templates/configmap-bin.yaml @@ -31,4 +31,6 @@ data: {{ tuple "bin/_start.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} readiness.sh: | {{ tuple "bin/_readiness.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db_test.sh: | +{{ tuple "bin/_db_test.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} {{- end }} diff --git a/postgresql/templates/pod-test.yaml b/postgresql/templates/pod-test.yaml new file mode 100644 index 000000000..66b955539 --- /dev/null +++ b/postgresql/templates/pod-test.yaml @@ -0,0 +1,71 @@ +{{/* +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. */}} +{{- if .Values.manifests.test_basic }} +{{- $dependencies := .Values.dependencies.static.tests }} +{{- $serviceAccountName := print .Release.Name "-test" }} +{{ tuple . $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +--- +apiVersion: v1 +kind: Pod +metadata: + name: "{{ .Release.Name }}-db-test" + annotations: + "helm.sh/hook": "test-success" +spec: + restartPolicy: Never + serviceAccountName: {{ $serviceAccountName }} + nodeSelector: + {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }} + initContainers: +{{ tuple . $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} + containers: + - name: "{{ .Release.Name }}-db-test" + env: + - name: DB_FQDN + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.postgresql.admin }} + key: DATABASE_HOST + - name: DB_PORT + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.postgresql.admin }} + key: DATABASE_PORT + - name: DB_ADMIN_USER + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.postgresql.admin }} + key: POSTGRES_USER + - name: ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.postgresql.admin }} + key: POSTGRES_PASSWORD + + image: {{ .Values.images.tags.postgresql }} + imagePullPolicy: {{ .Values.images.pull_policy }} +{{ tuple . .Values.pod.resources.test | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }} + command: ["/tmp/db_test.sh"] + volumeMounts: + - name: postgresql-bin + mountPath: /tmp/db_test.sh + subPath: db_test.sh + readOnly: true + volumes: + - name: postgresql-bin + configMap: + name: postgresql-bin + defaultMode: 0555 +... +{{- end }} diff --git a/postgresql/templates/secret-admin.yaml b/postgresql/templates/secret-admin.yaml index 998cb384e..ca220c35d 100644 --- a/postgresql/templates/secret-admin.yaml +++ b/postgresql/templates/secret-admin.yaml @@ -24,4 +24,7 @@ type: Opaque data: POSTGRES_USER: {{ .Values.endpoints.postgresql.auth.admin.username | b64enc }} POSTGRES_PASSWORD: {{ .Values.endpoints.postgresql.auth.admin.password | b64enc }} + DATABASE_PORT: {{ tuple "postgresql" "internal" "postgresql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | b64enc }} + DATABASE_HOST: |- +{{ tuple "postgresql" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" | b64enc | indent 4 }} {{- end }} diff --git a/postgresql/values.yaml b/postgresql/values.yaml index 714c425fd..f57fff9f3 100644 --- a/postgresql/values.yaml +++ b/postgresql/values.yaml @@ -53,6 +53,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + test: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" prometheus_postgresql_exporter: limits: memory: "1024Mi" @@ -107,6 +114,9 @@ labels: server: node_selector_key: openstack-control-plane node_selector_value: enabled + test: + node_selectory_key: openstack-control-plane + node_selector_value: enabled prometheus_postgresql_exporter: node_selector_key: openstack-control-plane node_selector_value: enabled @@ -123,6 +133,10 @@ dependencies: static: postgresql: jobs: null + tests: + services: + - endpoint: internal + service: postgresql image_repo_sync: services: - endpoint: internal