diff --git a/.github/workflows/cicd.yaml b/.github/workflows/cicd.yaml index 9758a836..22cd8f01 100644 --- a/.github/workflows/cicd.yaml +++ b/.github/workflows/cicd.yaml @@ -50,3 +50,19 @@ jobs: path: | htmlcov/ coverage.xml + + helm-test: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + - name: Helm install + uses: azure/setup-helm@v4 + with: + version: latest + - run: helm lint helm + - name: Helm unit tests + uses: d3adb5/helm-unittest-action@v2 + with: + helm-version: latest + charts: helm/ diff --git a/helm/README.md b/helm/README.md new file mode 100644 index 00000000..f8260c9a --- /dev/null +++ b/helm/README.md @@ -0,0 +1,9 @@ +# STAC Auth Proxy Helm Chart + +For documentation, see [Kubernetes Deployment](https://developmentseed.org/stac-auth-proxy/user-guide/kubernetes). + +## Local Installation + +```bash +helm install stac-auth-proxy ./helm +``` diff --git a/helm/tests/deployment_test.yaml b/helm/tests/deployment_test.yaml new file mode 100644 index 00000000..0cc72add --- /dev/null +++ b/helm/tests/deployment_test.yaml @@ -0,0 +1,51 @@ +suite: test deployment +templates: + - deployment.yaml +tests: + - it: should create deployment with correct name + set: + env.UPSTREAM_URL: "https://example.com" + env.OIDC_DISCOVERY_URL: "https://example.com/.well-known/openid-configuration" + asserts: + - isKind: + of: Deployment + - matchRegex: + path: metadata.name + pattern: ^RELEASE-NAME-stac-auth-proxy$ + + - it: should set replica count + set: + replicaCount: 3 + env.UPSTREAM_URL: "https://example.com" + env.OIDC_DISCOVERY_URL: "https://example.com/.well-known/openid-configuration" + asserts: + - equal: + path: spec.replicas + value: 3 + + - it: should set required environment variables + set: + env.UPSTREAM_URL: "https://stac-api.example.com" + env.OIDC_DISCOVERY_URL: "https://auth.example.com/.well-known/openid-configuration" + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: UPSTREAM_URL + value: "https://stac-api.example.com" + - contains: + path: spec.template.spec.containers[0].env + content: + name: OIDC_DISCOVERY_URL + value: "https://auth.example.com/.well-known/openid-configuration" + + - it: should use correct image + set: + image.repository: "custom/repo" + image.tag: "v1.2.3" + env.UPSTREAM_URL: "https://example.com" + env.OIDC_DISCOVERY_URL: "https://example.com/.well-known/openid-configuration" + asserts: + - equal: + path: spec.template.spec.containers[0].image + value: "custom/repo:v1.2.3" diff --git a/helm/tests/service_test.yaml b/helm/tests/service_test.yaml new file mode 100644 index 00000000..386a56a3 --- /dev/null +++ b/helm/tests/service_test.yaml @@ -0,0 +1,36 @@ +suite: test service +templates: + - service.yaml +tests: + - it: should create service with correct name + set: + env.UPSTREAM_URL: "https://example.com" + env.OIDC_DISCOVERY_URL: "https://example.com/.well-known/openid-configuration" + asserts: + - isKind: + of: Service + - matchRegex: + path: metadata.name + pattern: ^RELEASE-NAME-stac-auth-proxy$ + + - it: should use ClusterIP by default + set: + env.UPSTREAM_URL: "https://example.com" + env.OIDC_DISCOVERY_URL: "https://example.com/.well-known/openid-configuration" + asserts: + - equal: + path: spec.type + value: ClusterIP + + - it: should expose correct port + set: + service.port: 8000 + env.UPSTREAM_URL: "https://example.com" + env.OIDC_DISCOVERY_URL: "https://example.com/.well-known/openid-configuration" + asserts: + - equal: + path: spec.ports[0].port + value: 8000 + - equal: + path: spec.ports[0].targetPort + value: http