diff --git a/CHANGELOG.md b/CHANGELOG.md index cbb51d7cbdf93274f461f286ce37b070a68ac5f6..1e04781a55dfa37cb572f7e2c3230b0bed9570ef 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # Changelog +## [29.1.0-bb.3] - 2021-06-08 +### Modified +- Modified CI tests to use new library and infrastructure + +### Added +- Network policy for helm-tests to save artifacts + ## [29.1.0-bb.2] # Added * default-deny-all network policy diff --git a/chart/Chart.lock b/chart/Chart.lock new file mode 100644 index 0000000000000000000000000000000000000000..e982991f05d2d8c8e225fb04bad273283845761a --- /dev/null +++ b/chart/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: gluon + repository: oci://registry.dso.mil/platform-one/big-bang/apps/library-charts/gluon + version: 0.1.1 +digest: sha256:cf1107c00a11cde8074a39624643312fe85ee11250bb7d9380e3787bde0af0f7 +generated: "2021-06-08T09:04:25.9101709-06:00" diff --git a/chart/Chart.yaml b/chart/Chart.yaml index b6173cfeec9a18be6eb9eb4a44ee2257386fc3e3..ed5e087e91eacfce4a24e0dd9799ff57f483bffe 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nexus-repository-manager -version: 29.1.0-bb.2 +version: 29.1.0-bb.3 appVersion: 3.29.0 description: Sonatype Nexus Repository Manager - Universal Binary repository type: application @@ -22,3 +22,7 @@ sources: maintainers: - email: support@sonatype.com name: Sonatype +dependencies: + - name: gluon + version: "0.1.1" + repository: "oci://registry.dso.mil/platform-one/big-bang/apps/library-charts/gluon" diff --git a/chart/charts/gluon-0.1.1.tgz b/chart/charts/gluon-0.1.1.tgz new file mode 100644 index 0000000000000000000000000000000000000000..b4a4878dae126348cdee9d80977a15121ba59f9f Binary files /dev/null and b/chart/charts/gluon-0.1.1.tgz differ diff --git a/chart/templates/NOTES.txt b/chart/templates/NOTES.txt index 026bdc74c549d51101f7fb6ebb0c1276fad7110d..ae0df1b1e1af64f63bb6f70688d5f8e211f60f08 100644 --- a/chart/templates/NOTES.txt +++ b/chart/templates/NOTES.txt @@ -1,7 +1,7 @@ 1. Get the application URL by running these commands: {{- if .Values.ingress.enabled }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $.Values.ingress.hostRepo }}{{ . }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $.Values.ingress.hostDocker }}{{ . }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $.Values.ingress.hostRepo }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $.Values.ingress.hostDocker }} {{- else if contains "NodePort" .Values.service.serviceType }} export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "nexus.fullname" . }}) export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") diff --git a/chart/templates/bigbang/networkpolicies/helm-test-allow.yaml b/chart/templates/bigbang/networkpolicies/helm-test-allow.yaml new file mode 100644 index 0000000000000000000000000000000000000000..319b0341e0daa84d2762360c6cbf0678ac243d88 --- /dev/null +++ b/chart/templates/bigbang/networkpolicies/helm-test-allow.yaml @@ -0,0 +1,19 @@ +{{- $bbtests := .Values.bbtests | default dict -}} +{{- $enabled := (hasKey $bbtests "enabled") -}} +{{- if $enabled }} +{{- if and .Values.networkPolicies.enabled .Values.bbtests.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: allow-helm-test-egress + namespace: {{ .Release.Namespace }} +spec: + podSelector: + matchLabels: + helm-test: enabled + policyTypes: + - Egress + egress: + - {} +{{- end }} +{{- end }} diff --git a/chart/templates/bigbang/networkpolicies/namespace-allow.yaml b/chart/templates/bigbang/networkpolicies/namespace-allow.yaml new file mode 100644 index 0000000000000000000000000000000000000000..97a841cca7ca41fbbfe94e4f1415e4230d70f49b --- /dev/null +++ b/chart/templates/bigbang/networkpolicies/namespace-allow.yaml @@ -0,0 +1,18 @@ +{{- if .Values.networkPolicies.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: allow-in-ns + namespace: {{ .Release.Namespace }} +spec: + podSelector: {} + policyTypes: + - Ingress + - Egress + ingress: + - from: + - podSelector: {} + egress: + - to: + - podSelector: {} +{{- end }} diff --git a/chart/templates/tests/nexus-cypress-test.yaml b/chart/templates/tests/nexus-cypress-test.yaml new file mode 100644 index 0000000000000000000000000000000000000000..3f4797b5ba492d55ab6b67a195f7d7e03e73dc65 --- /dev/null +++ b/chart/templates/tests/nexus-cypress-test.yaml @@ -0,0 +1,23 @@ +{{- include "gluon.tests.cypress-configmap.overrides" (list . "nexus-test.cypress-configmap") }} +{{- define "nexus-test.cypress-configmap" }} +metadata: + labels: + app.kubernetes.io/name: {{ include "nexus.name" . }} + helm.sh/chart: {{ include "nexus.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: nexus-repository-manager + app.kubernetes.io/component: {{ include "nexus.name" . }} +{{- end }} +--- +{{- include "gluon.tests.cypress-runner.overrides" (list . "nexus-test.cypress-runner") -}} +{{- define "nexus-test.cypress-runner" -}} +metadata: + labels: + app.kubernetes.io/name: {{ include "nexus.name" . }} + helm.sh/chart: {{ include "nexus.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/part-of: nexus-repository-manager + app.kubernetes.io/component: {{ include "nexus.name" . }} +{{- end }} diff --git a/chart/tests/cypress/cypress.json b/chart/tests/cypress/cypress.json new file mode 100644 index 0000000000000000000000000000000000000000..ff118466cbc35d6102f4bee7da8fe6db9e2c565c --- /dev/null +++ b/chart/tests/cypress/cypress.json @@ -0,0 +1,7 @@ +{ + + "pluginsFile": false, + "supportFile": false, + "fixturesFolder": false + +} diff --git a/chart/tests/cypress/nexus-healthspec.js b/chart/tests/cypress/nexus-healthspec.js new file mode 100644 index 0000000000000000000000000000000000000000..6bcbd75262baf58309a9369e6d360bf292b1fad1 --- /dev/null +++ b/chart/tests/cypress/nexus-healthspec.js @@ -0,0 +1,17 @@ +describe('Basic Nexus', function() { + it('Visit the Nexus sign in page', function() { + cy.visit(Cypress.env('nexus_url')) + cy.contains("Sign in").click() + cy.get('input[name="username"]').type(Cypress.env('nexus_user')) + cy.get('input[name="password"]').type(Cypress.env('nexus_pass')) + cy.get('a[class="x-btn x-unselectable x-box-item x-toolbar-item x-btn-nx-primary-small"]').click() + cy.contains("Next").click() + cy.get('input[name="password"]').type(Cypress.env('nexus_pass_new')) + cy.get('input[name*="nx-password"]').type(Cypress.env('nexus_pass_new')) + cy.contains("Next").click({ force: true }) + cy.contains("Disable anonymous access").click({ force: true }) + cy.contains("Next").click({ force: true }) + cy.contains("Finish").click() + cy.visit(`${Cypress.env('nexus_url')}/#admin/support/status`) + }) +}) diff --git a/chart/values.yaml b/chart/values.yaml index e0a6a9d27122f18ef48a51eff420e711766ae5bc..0519dec93dd0929e9e4994a1bdd1ed111740b93a 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -46,7 +46,7 @@ sso: # -- End of BigBang Additions ingress: - enabled: true + enabled: false annotations: {kubernetes.io/ingress.class: nginx} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" @@ -129,7 +129,8 @@ nexus: # hostnames: # - "example.com" # - "www.example.com" - imagePullSecrets: [] + imagePullSecrets: + - name: private-registry nameOverride: "" fullnameOverride: "" diff --git a/tests/README.md b/tests/README.md deleted file mode 100644 index d735775da03fd68374d2b934e190091aeefbeb05..0000000000000000000000000000000000000000 --- a/tests/README.md +++ /dev/null @@ -1 +0,0 @@ -Cypress tests run headless calling the script cy-run.sh \ No newline at end of file diff --git a/tests/cypress.json b/tests/cypress.json deleted file mode 100644 index 43b18da7e6191a0665ead1f129081fce0512c1ac..0000000000000000000000000000000000000000 --- a/tests/cypress.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - - "pluginsFile": false, - "supportFile": false, - "fixturesFolder": false, - "env": { - "nexus_url": "nexus.bigbang.dev" - - } -} diff --git a/tests/cypress/integration/nexus-healthspec.js b/tests/cypress/integration/nexus-healthspec.js deleted file mode 100644 index dbaa6447f5b0b06ceb84210c728be93144935ed9..0000000000000000000000000000000000000000 --- a/tests/cypress/integration/nexus-healthspec.js +++ /dev/null @@ -1,5 +0,0 @@ -describe('Basic prometheus', function() { - it('Visits the prometheus sign in page', function() { - cy.visit(Cypress.env('nexus_url')) - }) -}) diff --git a/tests/main-test-gateway.yaml b/tests/main-test-gateway.yaml deleted file mode 100644 index 1c7d7d1bd7598367474f3123659e7de6de5c88d3..0000000000000000000000000000000000000000 --- a/tests/main-test-gateway.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: networking.istio.io/v1beta1 -kind: Gateway -metadata: - name: main - namespace: istio-system -spec: - selector: - istio: ingressgateway - servers: - - hosts: - - '*' - port: - name: http - number: 80 - protocol: HTTP - tls: - httpsRedirect: true - - hosts: - - '*.bigbang.dev' - port: - name: https - number: 443 - protocol: HTTPS - tls: - credentialName: wildcard-cert - mode: SIMPLE diff --git a/tests/test-values.yml b/tests/test-values.yml index 5b4075970232071206db45638b0351e935f1d8c4..449379134c72894c2ff7d2ecc73ded6460babd7a 100644 --- a/tests/test-values.yml +++ b/tests/test-values.yml @@ -1,9 +1,17 @@ - -istio: +bbtests: enabled: true -nexus: - imagePullSecrets: - - name: private-registry-mil -networkPolicies: - enabled: true + cypress: + artifacts: true + envs: + cypress_nexus_url: "http://nexus-nexus-repository-manager:8081" + cypress_nexus_user: "admin" + cypress_nexus_pass_new: "new_admin_password" + secretEnvs: + - name: cypress_nexus_pass + valueFrom: + secretKeyRef: + name: nexus-repository-manager-secret + key: admin.password +networkPolicies: + enabled: true