From 1cd042c5884688f7feda18bb00574c4bdc53a137 Mon Sep 17 00:00:00 2001
From: Branden Cobb <cobb_branden@bah.com>
Date: Thu, 10 Jun 2021 20:51:35 +0000
Subject: [PATCH] helm-tests

---
 CHANGELOG.md                                  |   7 +++++
 chart/Chart.lock                              |   6 ++++
 chart/Chart.yaml                              |   6 +++-
 chart/charts/gluon-0.1.1.tgz                  | Bin 0 -> 2691 bytes
 chart/templates/NOTES.txt                     |   4 +--
 .../networkpolicies/helm-test-allow.yaml      |  19 +++++++++++++
 .../networkpolicies/namespace-allow.yaml      |  18 ++++++++++++
 chart/templates/tests/nexus-cypress-test.yaml |  23 ++++++++++++++++
 chart/tests/cypress/cypress.json              |   7 +++++
 chart/tests/cypress/nexus-healthspec.js       |  17 ++++++++++++
 chart/values.yaml                             |   5 ++--
 tests/README.md                               |   1 -
 tests/cypress.json                            |  10 -------
 tests/cypress/integration/nexus-healthspec.js |   5 ----
 tests/main-test-gateway.yaml                  |  26 ------------------
 tests/test-values.yml                         |  22 ++++++++++-----
 16 files changed, 122 insertions(+), 54 deletions(-)
 create mode 100644 chart/Chart.lock
 create mode 100644 chart/charts/gluon-0.1.1.tgz
 create mode 100644 chart/templates/bigbang/networkpolicies/helm-test-allow.yaml
 create mode 100644 chart/templates/bigbang/networkpolicies/namespace-allow.yaml
 create mode 100644 chart/templates/tests/nexus-cypress-test.yaml
 create mode 100644 chart/tests/cypress/cypress.json
 create mode 100644 chart/tests/cypress/nexus-healthspec.js
 delete mode 100644 tests/README.md
 delete mode 100644 tests/cypress.json
 delete mode 100644 tests/cypress/integration/nexus-healthspec.js
 delete mode 100644 tests/main-test-gateway.yaml

diff --git a/CHANGELOG.md b/CHANGELOG.md
index cbb51d7..1e04781 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,12 @@
 # Changelog
 
+## [29.1.0-bb.3] - 2021-06-08
+### Modified
+- Modified CI tests to use new library and infrastructure
+
+### Added
+- Network policy for helm-tests to save artifacts
+
 ## [29.1.0-bb.2]
 # Added
 * default-deny-all network policy
diff --git a/chart/Chart.lock b/chart/Chart.lock
new file mode 100644
index 0000000..e982991
--- /dev/null
+++ b/chart/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: gluon
+  repository: oci://registry.dso.mil/platform-one/big-bang/apps/library-charts/gluon
+  version: 0.1.1
+digest: sha256:cf1107c00a11cde8074a39624643312fe85ee11250bb7d9380e3787bde0af0f7
+generated: "2021-06-08T09:04:25.9101709-06:00"
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index b6173cf..ed5e087 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: nexus-repository-manager
-version: 29.1.0-bb.2
+version: 29.1.0-bb.3
 appVersion: 3.29.0
 description: Sonatype Nexus Repository Manager - Universal Binary repository
 type: application
@@ -22,3 +22,7 @@ sources:
 maintainers:
   - email:  support@sonatype.com
     name: Sonatype
+dependencies:
+  - name: gluon
+    version: "0.1.1"
+    repository: "oci://registry.dso.mil/platform-one/big-bang/apps/library-charts/gluon"
diff --git a/chart/charts/gluon-0.1.1.tgz b/chart/charts/gluon-0.1.1.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..b4a4878dae126348cdee9d80977a15121ba59f9f
GIT binary patch
literal 2691
zcmV-}3Vih+iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PGuUbK5pDpZP2H7*A^ZN>EZPyQfZjlP0-dX4*89bTZfJWHKPR
zq7Z`s4*=yjPVTqgfDehHNIh)D&gFy;76~jC*e9`zb<8s<{Kpfj47sEUzxNqhuh;9H
zo}A>ry<V^R+v}g4-s_+AhW)d%-f%d)*Xs`+4$kgD?{jRX*)naYy4Sn$T212qM;cAp
zYgC#^F@ov9iBN}%r6zxW1i!FAQFRIbM4musl?298!A~syiHg_}G{F(%D&&~U6i2{|
z3C^^_*&}_@ckY_Xed}t4{TobDP7P}RZDttXu_st(|7Q=I_J4BH8}9A@Hrmyd2mY~>
zs{zSnpP-5nE*R%fJems$e?0p27no@YP!WO5Oqv-m69k1i<AylDPnZTn&vOW%O3_P@
zV=xni2vf>4)Fa2srx=++D22iIrs^rNgY_!KGz2+CrC5X-4kOft32I%_(W)r{)d+`L
zW-7!Z=h*-B$+1L6IA#LDZBpt&32<PyH2ML?OlbpT);-^X9aJ*;gC-mfnFx6np?!$(
zJrL+0<tUEeqg{(;+`wVPLIX$h6;i$i$zUxKBa5kpY-+o+*k@2EBKx>r{!RN20?(i}
z+J75frV6zVr5Lj~q3QLV!W#SUKRg{S+W(+89Gvd$|2EpPY2@N3rS!eI_^n;djD?MX
zyv_}p1VKKddxW5%0mob+7mgc!=bVXX1dsDIex<3CprH{pbmRaOhYR=W3P^E0eQu5X
z(<g6nYpw%8g^(uq4BE~Fa3{zUq9^`D%5!%Fb|0S3!VtAy2JkMB#S`O>!1ac1KCW4W
zAytHF!z5wSXW|`(W(4k-a*Y;<(*Sw7p2e2i%?L_jO9FICLmYu6;w5sV8gnx8Zp)8~
z*sCizB>!L>HTjv#0Nla|OH%z~_lP{w1)ty}2<t9{fkDIE+aFupUzdz$-em3-3%70E
z)?w)xk7}YWhr4y59iXlfIbi7rTfFljO;bw<*+@T|4zT_4u8r;sYHR(!%7j35qZ8q3
z|KA_<n&-bkuXonp`~TZ$>wH5gev|UtB@_<(g^Ze>d@IjwmvA@qkh}EmJ9F+j#jtSO
zU7y0Pv5K(^Fj94a5vmLu)6nQn2z;MPRV}JfO<9PK!cb<yJkJHuEeB1@J(PZN)r&o>
zQzlTAT=7aVua<HS3cwN?;|LVSOdEAcA}vY6xNn`#SgOR60{wu+UO+|crz}Oz1bTC~
z)Y4Ub8_%-<L&HZy(j&e4dM`50Ur5fv%Mm;qKbPi(LXD!@(}h&$OvF!^8i8NiYbcY1
zifB~6df@s26MjJT#GUtf;r!)e`DEE|z{A-q8^fP}f)|0WRR|9rfG5B`IOIC-@Q-2e
zqaWea7a8YAF1&g3y^UbRY(7Ak7NC`|-)Sj|-TF1C<UC>uytEvtIKza&Sml=Ex8OV`
z@APIfX8228s|_7i`m8bmo);*2p;19NQ8GdByb02X+wlhv%GvPrU(bGj`}nsfPk%W0
z`w@Kn*w$ZLVU>-ohFP?=&0rVJsV2x$%^*etvqOg!XqV@L$_^@w59Y#Nk~7TkN669O
z^_Hk195ZJbcc_qF7dLpGja$7j<5=l|-(c&^SzNF47NtCQt4%o<_PSsdI#h^4Po&YX
zY@z^$D)64cH}MCSg7>#?zzfGS_SGg6LlucXbYow@8d9?g$;Uj=ae4wju7D!J>B$1p
z8!2*~537~=hU(nKk_Dx{p<368sjK$J%v{(^yW&h)gz_3XQ_O2umtw3_Qx>PTD9HlA
zZuO%i_p_=-3;Da$ijssjg;>S7g)Q9B6XJVj;NWWZHJp#lR+&nkCHSj7;_1<BxH^&5
z&tG*;B^Le#HIq^P{a>1A4@41D9W!btq)oi_=DylOUNAH1_SI3u?1_Z(*EPDAIcZW3
zhh=({9Kk^?QSx1L!3Nhi=~_qgrWCI~^P`w{ANMte3e8gsGDC@CI;vq;RKy4e=ikD?
z6h=R+UZ+NK?MQEVd2kK~i(JlgIrH&p&f|Y)(%>R_OMEMKv<*piH|07VGVS-)EV@O9
zLT#urRkZLNr)ce<u(L+M(`H^_mBE}_;}+@5E)&EgHJ5pOa`icsa4Vx*GT9Z9Ik~nR
zW^voATqPQuPZgU|gI*OzZk6OL6B#?nVt0Ym*u3M&z9mW8ATOYyTijZCp0_F!yc$g{
z-9vVhT`p1HS!%fxuvJ>CVQWHL1Gv5HDt4@t;LVcdHR<jX<@<JTll;F`FMYFukTv(e
zgOii9M*YXx*<fG)aVu?|_tw<yytjR|kZf+b0$7uIzU}nCH*~lAa!HO$)LUmwXl5o-
zu@CvS$oY4gFzL_u@=|i#iW_#JJK~4Rcu|x?Q}(lxS*l0yr|Z5c4#jy9P2MvLqjf$u
zMHLkNd6eyb3vP_Y{&1%A-y*tq-)znCfQg8S__~b$shGYs|I20XN(_?YOB`EFl^|A7
z>;Tj>ZA1OiS?~@+lMB1mes^fKTgf~>{cLhhvc72HguD7wm0Rz2@H5?Oo_+7yO@Fr5
z{rxWrfp<{;wYL82^x;zd*Ta*+{`-F$t;;$K>0hh-i`oFB5f&BbmP6g;V69^&$x{Qn
zDj{2-?yIgKE7^Cm3bIYy`I5ryKH#^C)e&}A`gPNsz>>CIFW_#sp3P$J+x_aS^Zz?2
z|61q&PtS(^rTDLZviJYD(bkyrLe|v#0=)mt3eZZb?yCN*-`jNo+U8YRHPRQ0vdUYQ
z)ts+g1nsc4s=d0ZQD3!KVYO6awTmjNT20h)an;h@?iWyuRMI=EEUMF7)#hwOcTw53
zTs~BAWR9w(;AfY2-X%#D4P=w8kEMb_Nr4GC{vIOPC^VQc>fovX{M3#KiW@w`M26ot
zMjFKh0O2H&5&ZT29BBgp!-)jf^E|h8;AJKR6Y+dHA*3C$1qJcjSB<2=Hqopu6sWm`
zP3i=8ed)iQ-Z!sbmvy$j@8;+=@BDAKIHLMYZc-dkx#usdIHKjcv)X8DQA0JjgQA9o
zb?&gJVHHWcENa-MWTC~-x2afIik8>u_-1}!J0Gyx{=3O(z|Xf|W9{nK4U03b#gc}}
zZ*A_4l8#M^GPa=on&lW?Es9<Bye^lpTsh$Vzh)BZaoEwu46Z+S#D7KnPi%<6Vj&fN
zh8T0*|Njr0`QQFv_;COKzqiuv!wYH*DxtwhC{zG0CMY1t7?12pHKpM>jZqWlKIH%5
zud}pp&3b~IL(F9W2{qw_iTGPk$f;pdgp`^|t)Gg>xeo&4Jd}pRRN<Jt$Ea|4e>o!X
zo8XrqMLyGR2~t$RnLy%@C$HYVGE$*)A0Epjkpf;negzRz+95GBe*U-EzC(f!%Fq8+
z9h2C%f2vnK75*GiK*RGag)!r(onxXeQs<Zi^xQcnCb7>_vDi8Ok8>YhQ^jPa;n|a?
x+99cuHf(nYi;(&SxRUQ2GS#7s(EoaGjrMKd_U&tE{|x{D|Nn#y-Ua|n0063gS|tDg

literal 0
HcmV?d00001

diff --git a/chart/templates/NOTES.txt b/chart/templates/NOTES.txt
index 026bdc7..ae0df1b 100644
--- a/chart/templates/NOTES.txt
+++ b/chart/templates/NOTES.txt
@@ -1,7 +1,7 @@
 1. Get the application URL by running these commands:
 {{- if .Values.ingress.enabled }}
-  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $.Values.ingress.hostRepo }}{{ . }}
-  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $.Values.ingress.hostDocker }}{{ . }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $.Values.ingress.hostRepo }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $.Values.ingress.hostDocker }}
 {{- else if contains "NodePort" .Values.service.serviceType }}
   export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "nexus.fullname" . }})
   export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
diff --git a/chart/templates/bigbang/networkpolicies/helm-test-allow.yaml b/chart/templates/bigbang/networkpolicies/helm-test-allow.yaml
new file mode 100644
index 0000000..319b034
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/helm-test-allow.yaml
@@ -0,0 +1,19 @@
+{{- $bbtests := .Values.bbtests | default dict -}}
+{{- $enabled := (hasKey $bbtests "enabled") -}}
+{{- if $enabled }}
+{{- if and .Values.networkPolicies.enabled .Values.bbtests.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-helm-test-egress
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      helm-test: enabled
+  policyTypes:
+  - Egress
+  egress:
+  - {}
+{{- end }}
+{{- end }}
diff --git a/chart/templates/bigbang/networkpolicies/namespace-allow.yaml b/chart/templates/bigbang/networkpolicies/namespace-allow.yaml
new file mode 100644
index 0000000..97a841c
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/namespace-allow.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.networkPolicies.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-in-ns
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector: {}
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - from:
+        - podSelector: {}
+  egress:
+    - to:
+        - podSelector: {}
+{{- end }}
diff --git a/chart/templates/tests/nexus-cypress-test.yaml b/chart/templates/tests/nexus-cypress-test.yaml
new file mode 100644
index 0000000..3f4797b
--- /dev/null
+++ b/chart/templates/tests/nexus-cypress-test.yaml
@@ -0,0 +1,23 @@
+{{- include "gluon.tests.cypress-configmap.overrides" (list . "nexus-test.cypress-configmap") }}
+{{- define "nexus-test.cypress-configmap" }}
+metadata:
+  labels:
+    app.kubernetes.io/name: {{ include "nexus.name" . }}
+    helm.sh/chart: {{ include "nexus.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: nexus-repository-manager
+    app.kubernetes.io/component: {{ include "nexus.name" . }}
+{{- end }}
+---
+{{- include "gluon.tests.cypress-runner.overrides" (list . "nexus-test.cypress-runner") -}}
+{{- define "nexus-test.cypress-runner" -}}
+metadata:
+  labels:
+    app.kubernetes.io/name: {{ include "nexus.name" . }}
+    helm.sh/chart: {{ include "nexus.chart" . }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/part-of: nexus-repository-manager
+    app.kubernetes.io/component: {{ include "nexus.name" . }}
+{{- end }}
diff --git a/chart/tests/cypress/cypress.json b/chart/tests/cypress/cypress.json
new file mode 100644
index 0000000..ff11846
--- /dev/null
+++ b/chart/tests/cypress/cypress.json
@@ -0,0 +1,7 @@
+{
+ 
+  "pluginsFile": false,
+  "supportFile": false,
+  "fixturesFolder": false
+  
+}
diff --git a/chart/tests/cypress/nexus-healthspec.js b/chart/tests/cypress/nexus-healthspec.js
new file mode 100644
index 0000000..6bcbd75
--- /dev/null
+++ b/chart/tests/cypress/nexus-healthspec.js
@@ -0,0 +1,17 @@
+describe('Basic Nexus', function() {
+    it('Visit the Nexus sign in page', function() {
+      cy.visit(Cypress.env('nexus_url'))
+      cy.contains("Sign in").click()
+      cy.get('input[name="username"]').type(Cypress.env('nexus_user'))
+      cy.get('input[name="password"]').type(Cypress.env('nexus_pass'))
+      cy.get('a[class="x-btn x-unselectable x-box-item x-toolbar-item x-btn-nx-primary-small"]').click()
+      cy.contains("Next").click()
+      cy.get('input[name="password"]').type(Cypress.env('nexus_pass_new'))
+      cy.get('input[name*="nx-password"]').type(Cypress.env('nexus_pass_new'))
+      cy.contains("Next").click({ force: true })
+      cy.contains("Disable anonymous access").click({ force: true })
+      cy.contains("Next").click({ force: true })
+      cy.contains("Finish").click()
+      cy.visit(`${Cypress.env('nexus_url')}/#admin/support/status`)
+    })        
+})
diff --git a/chart/values.yaml b/chart/values.yaml
index e0a6a9d..0519dec 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -46,7 +46,7 @@ sso:
 # -- End of BigBang Additions
 
 ingress:
-  enabled: true
+  enabled: false
   annotations: {kubernetes.io/ingress.class: nginx}
     # kubernetes.io/ingress.class: nginx
     # kubernetes.io/tls-acme: "true"
@@ -129,7 +129,8 @@ nexus:
   #   hostnames:
   #   - "example.com"
   #   - "www.example.com"
-  imagePullSecrets: []
+  imagePullSecrets:
+    - name: private-registry
 
 nameOverride: ""
 fullnameOverride: ""
diff --git a/tests/README.md b/tests/README.md
deleted file mode 100644
index d735775..0000000
--- a/tests/README.md
+++ /dev/null
@@ -1 +0,0 @@
-Cypress tests run headless calling the script cy-run.sh
\ No newline at end of file
diff --git a/tests/cypress.json b/tests/cypress.json
deleted file mode 100644
index 43b18da..0000000
--- a/tests/cypress.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
- 
-  "pluginsFile": false,
-  "supportFile": false,
-  "fixturesFolder": false,
-  "env": {
-    "nexus_url": "nexus.bigbang.dev"
-    
-  }
-}
diff --git a/tests/cypress/integration/nexus-healthspec.js b/tests/cypress/integration/nexus-healthspec.js
deleted file mode 100644
index dbaa644..0000000
--- a/tests/cypress/integration/nexus-healthspec.js
+++ /dev/null
@@ -1,5 +0,0 @@
-describe('Basic prometheus', function() {
-    it('Visits the prometheus sign in page', function() {
-      cy.visit(Cypress.env('nexus_url'))
-    })        
-})
diff --git a/tests/main-test-gateway.yaml b/tests/main-test-gateway.yaml
deleted file mode 100644
index 1c7d7d1..0000000
--- a/tests/main-test-gateway.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-apiVersion: networking.istio.io/v1beta1
-kind: Gateway
-metadata:
-  name: main
-  namespace: istio-system
-spec:
-  selector:
-    istio: ingressgateway
-  servers:
-  - hosts:
-    - '*'
-    port:
-      name: http
-      number: 80
-      protocol: HTTP
-    tls:
-      httpsRedirect: true
-  - hosts:
-    - '*.bigbang.dev'
-    port:
-      name: https
-      number: 443
-      protocol: HTTPS
-    tls:
-      credentialName: wildcard-cert
-      mode: SIMPLE
diff --git a/tests/test-values.yml b/tests/test-values.yml
index 5b40759..4493791 100644
--- a/tests/test-values.yml
+++ b/tests/test-values.yml
@@ -1,9 +1,17 @@
-
-istio: 
+bbtests:
   enabled: true
-nexus:
-  imagePullSecrets: 
-  - name: private-registry-mil
-networkPolicies:
-  enabled: true 
+  cypress:
+    artifacts: true
+    envs:
+      cypress_nexus_url: "http://nexus-nexus-repository-manager:8081"
+      cypress_nexus_user: "admin"
+      cypress_nexus_pass_new: "new_admin_password"
+    secretEnvs:
+      - name: cypress_nexus_pass
+        valueFrom:
+          secretKeyRef:
+            name: nexus-repository-manager-secret
+            key: admin.password
 
+networkPolicies:
+  enabled: true
-- 
GitLab