openstack-helm-infra/nagios/templates/pod-helm-tests.yaml
astebenkova 950fc70b0c [osh-selenium] Upgrade image to ubuntu_jammy
+ run tests in a read-only file system
+ change google-chrome data directory from ~/.config/google-chrome
  (which is immutable) to /tmp/google-chrome (writable), otherwise
  Chrome fails to launch
+ activate new headless mode as the old one will be soon removed
  https://developer.chrome.com/docs/chromium/new-headless

Change-Id: I7d183b3f3d2fdc3086a5db5fa62473f777b9eb7a
2024-09-03 14:56:49 +03:00

82 lines
3.2 KiB
YAML

{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.pod_helm_test }}
{{- $envAll := . }}
{{- $nagiosUserSecret := .Values.secrets.nagios.admin }}
{{- $serviceAccountName := print .Release.Name "-test" }}
{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: v1
kind: Pod
metadata:
name: "{{.Release.Name}}-test"
labels:
{{ tuple $envAll "nagios" "test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
annotations:
"helm.sh/hook": test-success
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
{{ dict "envAll" $envAll "podName" "nagios-test" "containerNames" (list "init" "nagios-helm-tests") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
spec:
{{ dict "envAll" $envAll "application" "monitoring" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
serviceAccountName: {{ $serviceAccountName }}
nodeSelector:
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
restartPolicy: Never
initContainers:
{{ tuple $envAll "tests" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
containers:
- name: nagios-helm-tests
{{ tuple $envAll "selenium_tests" | include "helm-toolkit.snippets.image" | indent 6 }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
{{ dict "envAll" $envAll "application" "monitoring" "container" "helm_tests" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 6 }}
command:
- /tmp/selenium-tests.py
env:
- name: NAGIOS_USER
valueFrom:
secretKeyRef:
name: {{ $nagiosUserSecret }}
key: NAGIOSADMIN_USER
- name: NAGIOS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ $nagiosUserSecret }}
key: NAGIOSADMIN_PASS
- name: NAGIOS_URI
value: {{ tuple "nagios" "internal" "http" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
- name: CHROME_CONFIG_HOME
value: /tmp/google-chrome
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: artifacts
mountPath: /tmp/artifacts
- name: nagios-bin
mountPath: /tmp/selenium-tests.py
subPath: selenium-tests.py
readOnly: true
volumes:
- name: pod-tmp
emptyDir: {}
- name: artifacts
emptyDir: {}
- name: nagios-bin
configMap:
name: nagios-bin
defaultMode: 0555
{{- end }}