diff --git a/.vscode/launch.json b/.vscode/launch.json index 8938f2ff35..c9e0300765 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -78,6 +78,16 @@ "console": "integratedTerminal", "cwd": "${workspaceRoot}" }, + { + "name": "Bootstrap-test-fixtures", + "request": "launch", + "runtimeArgs": ["run", "bootstrap-tests-fixtures"], + "runtimeExecutable": "npm", + "type": "node", + "envFile": ".env", + "console": "integratedTerminal", + "cwd": "${workspaceRoot}" + }, { "name": "Migrate values", "request": "launch", diff --git a/bin/dyff.sh b/bin/dyff.sh index 9701a8fc16..e8ce9c44b4 100755 --- a/bin/dyff.sh +++ b/bin/dyff.sh @@ -22,6 +22,6 @@ echo "$diff_output" | while read -r line; do # Use dyff to compare the files dyff between "$second_path" "$first_path" --omit-header \ --exclude "data.tls.key" --exclude "/data/ca.crt" --exclude "/data/tls.crt" --exclude "/data/tls.key" \ - --exclude-regexp "/checksum" --exclude-regexp "/webhooks.*" + --exclude-regexp "/checksum" --exclude-regexp "/webhooks.*" --ignore-order-changes fi done diff --git a/charts/team-ns/templates/argocd/argocd-applicationset.yaml b/charts/team-ns/templates/argocd/argocd-applicationset.yaml index 7bbfbcaef6..2a14c57eee 100644 --- a/charts/team-ns/templates/argocd/argocd-applicationset.yaml +++ b/charts/team-ns/templates/argocd/argocd-applicationset.yaml @@ -89,6 +89,7 @@ spec: jqPathExpressions: - ".spec.volumeClaimTemplates[].apiVersion" - ".spec.volumeClaimTemplates[].kind" + - ".spec.volumeClaimTemplates[].spec" {{- end }} destination: server: 'https://kubernetes.default.svc' diff --git a/package.json b/package.json index d8c166164c..e7f18e9ad1 100644 --- a/package.json +++ b/package.json @@ -163,7 +163,8 @@ "validate-templates:all": "set -e; i=29; while [ $i -le 32 ]; do NODE_ENV=test binzx/otomi validate-templates -k 1.$i; i=$(($i+1)); done", "validate-values": "ENV_DIR=$PWD/tests/fixtures NODE_ENV=test binzx/otomi validate-values", "bootstrap-dev": "rm -rf /tmp/otomi-bootstrap-dev; CI=1 VALUES_INPUT=$PWD/tests/bootstrap/input-local-dev.yaml ENV_DIR=/tmp/otomi-bootstrap-dev binzx/otomi bootstrap", - "bootstrap-dev-with-repo": "CI=1 ENV_DIR=/tmp/otomi-bootstrap-dev binzx/otomi bootstrap" + "bootstrap-dev-with-repo": "CI=1 ENV_DIR=/tmp/otomi-bootstrap-dev binzx/otomi bootstrap", + "bootstrap-tests-fixtures": "CI=1 ENV_DIR=$PWD/tests/fixtures binzx/otomi bootstrap" }, "standard-version": { "skip": { diff --git a/src/cmd/bootstrap.ts b/src/cmd/bootstrap.ts index 5823a15957..51ae952688 100644 --- a/src/cmd/bootstrap.ts +++ b/src/cmd/bootstrap.ts @@ -224,7 +224,7 @@ export const getUsers = (originalInput: any, deps = { generatePassword, addIniti } deps.addInitialPasswords(users) users.forEach((user) => { - set(user, 'id', user.id || randomUUID()) + set(user, 'name', user.name || randomUUID()) }) return users } diff --git a/src/cmd/migrate.ts b/src/cmd/migrate.ts index fd9a10c82a..27db8192a2 100644 --- a/src/cmd/migrate.ts +++ b/src/cmd/migrate.ts @@ -5,6 +5,7 @@ import { randomUUID } from 'crypto' import { diff } from 'deep-diff' import { copy, createFileSync, move, pathExists, renameSync, rm } from 'fs-extra' import { mkdir, readFile, writeFile } from 'fs/promises' +import { glob } from 'glob' import { cloneDeep, each, get, isObject, isUndefined, mapKeys, mapValues, omit, pick, pull, set, unset } from 'lodash' import { basename, dirname, join } from 'path' import { prepareEnvironment } from 'src/common/cli' @@ -19,7 +20,7 @@ import { BasicArguments, getParsedArgs, setParsedArgs } from 'src/common/yargs' import { v4 as uuidv4 } from 'uuid' import { parse } from 'yaml' import { Argv } from 'yargs' -import { $, cd, glob } from 'zx' +import { $, cd } from 'zx' const cmdName = getFilename(__filename) interface Arguments extends BasicArguments { @@ -544,7 +545,7 @@ export const migrateLegacyValues = async (envDir: string, deps = { writeFile }): }) const users = get(oldValues, 'users', []) users.forEach((user) => { - set(user, 'id', user.id || randomUUID()) + set(user, 'name', user.id || randomUUID()) }) oldValues.versions = { specVersion: 1 } const teamNames = await getTeamNames(env.ENV_DIR) diff --git a/src/common/crypt.ts b/src/common/crypt.ts index c7a1a736f2..56752f28c0 100644 --- a/src/common/crypt.ts +++ b/src/common/crypt.ts @@ -81,6 +81,8 @@ const processFileChunk = async (crypt: CR, files: string[]): Promise<(ProcessOut await writeFile(file, res.stdout) if (crypt.post) await crypt.post(file) return res + } else { + d.error(error.message) } } } diff --git a/src/common/repo.test.ts b/src/common/repo.test.ts index 1ed1019cc1..489afecd39 100644 --- a/src/common/repo.test.ts +++ b/src/common/repo.test.ts @@ -7,12 +7,26 @@ import { getResourceFileName, getResourceName, getTeamNameFromJsonPath, + getUniqueIdentifierFromFilePath, hasCorrespondingDecryptedFile, } from 'src/common/repo' import stubs from 'src/test-stubs' const { terminal } = stubs +describe('getUniqueIdentifierFromFilePath', () => { + it('should get user name from .dec file', () => { + expect(getUniqueIdentifierFromFilePath('secrets.7f5d1670-ea3d-48b5-aa48-0f9d62f80fdb.yaml.dec')).toEqual( + '7f5d1670-ea3d-48b5-aa48-0f9d62f80fdb', + ) + }) + it('should get user name', () => { + expect(getUniqueIdentifierFromFilePath('secrets.7f5d1670-ea3d-48b5-aa48-0f9d62f80fdb.yaml')).toEqual( + '7f5d1670-ea3d-48b5-aa48-0f9d62f80fdb', + ) + }) +}) + describe('getFilePath', () => { it('should get path for apps', () => { const fileMap: FileMap = { diff --git a/src/common/repo.ts b/src/common/repo.ts index 7fb4a3f0e4..6bcb5687b6 100644 --- a/src/common/repo.ts +++ b/src/common/repo.ts @@ -400,28 +400,36 @@ export async function saveValues( export function renderManifest(fileMap: FileMap, jsonPath: jsonpath.PathComponent[], data: Record) { //TODO remove this custom workaround for workloadValues - const manifest = - fileMap.kind === 'AplTeamWorkloadValues' - ? omit(data, ['id', 'name', 'teamId']) - : { - kind: fileMap.kind, - metadata: { - name: getResourceName(fileMap, jsonPath, data), - labels: {}, - }, - spec: data, - } - if (fileMap.resourceGroup === 'team' && fileMap.kind !== 'AplTeamWorkloadValues') { + let spec = data + if (fileMap.resourceGroup === 'team') { + spec = omit(data, ['id', 'name', 'teamId']) + } + const manifest = { + kind: fileMap.kind, + metadata: { + name: getResourceName(fileMap, jsonPath, data), + labels: {}, + }, + spec, + } + if (fileMap.resourceGroup === 'team') { manifest.metadata.labels['apl.io/teamId'] = getTeamNameFromJsonPath(jsonPath) } return manifest } -export function renderManifestForSecrets(fileMap: FileMap, data: Record) { +export function renderManifestForSecrets(fileMap: FileMap, resourceName: string, data: Record) { + let spec = data + if (fileMap.resourceGroup === 'users') { + spec = omit(data, ['id', 'name']) + } return { kind: fileMap.kind, - spec: data, + metadata: { + name: resourceName, + }, + spec, } } @@ -461,7 +469,8 @@ export async function saveResourceGroupToFiles( const nodeValue = node.value try { const filePath = getFilePath(fileMap, nodePath, nodeValue, 'secrets.') - const manifest = renderManifestForSecrets(fileMap, nodeValue) + const resourceName = getResourceName(fileMap, nodePath, nodeValue) + const manifest = renderManifestForSecrets(fileMap, resourceName, nodeValue) await deps.writeValuesToFile(filePath, manifest) } catch (e) { console.log(nodePath) @@ -472,6 +481,14 @@ export async function saveResourceGroupToFiles( ) } +export function getUniqueIdentifierFromFilePath(filePath: string): string { + return path + .basename(filePath) + .replace(/^secrets\./, '') + .replace(/\.yaml\.dec$/, '') + .replace(/\.yaml$/, '') +} + export async function setValuesFile(envDir: string, deps = { pathExists, loadValues, writeFile }): Promise { const valuesPath = path.join(envDir, 'values-repo.yaml') // if (await deps.pathExists(valuesPath)) return valuesPath @@ -554,7 +571,6 @@ export async function loadToSpec( if (hasCorrespondingDecryptedFile(filePath, files)) return promises.push(deps.loadFileToSpec(filePath, fileMap, spec)) }) - await Promise.all(promises) } @@ -565,18 +581,32 @@ export async function loadFileToSpec( deps = { loadYaml }, ): Promise { const jsonPath = getJsonPath(fileMap, filePath) - const data = await deps.loadYaml(filePath) - if (fileMap.processAs === 'arrayItem') { - const ref: Record[] = get(spec, jsonPath) - ref.push(data?.spec) - } else { - const ref: Record = get(spec, jsonPath) - // Decrypted secrets may need to be merged with plain text specs - const newRef = merge(cloneDeep(ref), data?.spec) - set(spec, jsonPath, newRef) + try { + const data = (await deps.loadYaml(filePath)) || {} + + if (!filePath.includes('secrets.')) { + if (fileMap.resourceGroup === 'team' && fileMap.processAs === 'arrayItem') { + data.spec.name = data.metadata.name + } + } + if (fileMap.resourceGroup === 'users') { + data.spec.name = getUniqueIdentifierFromFilePath(filePath) + } + if (fileMap.processAs === 'arrayItem') { + const ref: Record[] = get(spec, jsonPath) + ref.push(data?.spec) + } else { + const ref: Record = get(spec, jsonPath) + // Decrypted secrets may need to be merged with plain text specs + const newRef = merge(cloneDeep(ref), data?.spec) + set(spec, jsonPath, newRef) + } + } catch (e) { + console.log(filePath) + console.log(fileMap) + throw e } } - export async function getKmsSettings(envDir: string, deps = { loadToSpec }): Promise> { const kmsFiles = getFileMap('AplKms', envDir) const spec = {} diff --git a/tests/fixtures/.gitignore b/tests/fixtures/.gitignore index ac5af8b6ef..cd83b13206 100644 --- a/tests/fixtures/.gitignore +++ b/tests/fixtures/.gitignore @@ -11,4 +11,5 @@ core.yaml *.sample .env env/status.yaml -values-repo.yaml +env/bootstrap.yaml +values-repo.yaml \ No newline at end of file diff --git a/tests/fixtures/env/apps/alertmanager.yaml b/tests/fixtures/env/apps/alertmanager.yaml index 6aa45e6061..7a8d0f2300 100644 --- a/tests/fixtures/env/apps/alertmanager.yaml +++ b/tests/fixtures/env/apps/alertmanager.yaml @@ -4,3 +4,12 @@ metadata: labels: {} spec: enabled: true + _rawValues: {} + resources: + alertmanager: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 10m + memory: 64Mi diff --git a/tests/fixtures/env/apps/apl-gitea-operator.yaml b/tests/fixtures/env/apps/apl-gitea-operator.yaml new file mode 100644 index 0000000000..acd5b9e802 --- /dev/null +++ b/tests/fixtures/env/apps/apl-gitea-operator.yaml @@ -0,0 +1,14 @@ +kind: AplApp +metadata: + name: apl-gitea-operator + labels: {} +spec: + _rawValues: {} + resources: + operator: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 50m + memory: 128Mi diff --git a/tests/fixtures/env/apps/apl-harbor-operator.yaml b/tests/fixtures/env/apps/apl-harbor-operator.yaml new file mode 100644 index 0000000000..c03937ab3a --- /dev/null +++ b/tests/fixtures/env/apps/apl-harbor-operator.yaml @@ -0,0 +1,14 @@ +kind: AplApp +metadata: + name: apl-harbor-operator + labels: {} +spec: + _rawValues: {} + resources: + operator: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 50m + memory: 128Mi diff --git a/tests/fixtures/env/apps/apl-keycloak-operator.yaml b/tests/fixtures/env/apps/apl-keycloak-operator.yaml new file mode 100644 index 0000000000..f94de40448 --- /dev/null +++ b/tests/fixtures/env/apps/apl-keycloak-operator.yaml @@ -0,0 +1,14 @@ +kind: AplApp +metadata: + name: apl-keycloak-operator + labels: {} +spec: + _rawValues: {} + resources: + operator: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 50m + memory: 128Mi diff --git a/tests/fixtures/env/apps/argocd.yaml b/tests/fixtures/env/apps/argocd.yaml index cb298c8a0b..58ca73d7bb 100644 --- a/tests/fixtures/env/apps/argocd.yaml +++ b/tests/fixtures/env/apps/argocd.yaml @@ -8,10 +8,14 @@ spec: enabled: true maxReplicas: 5 minReplicas: 1 + targetCPUUtilizationPercentage: 80 + targetMemoryUtilizationPercentage: 80 server: enabled: true maxReplicas: 5 minReplicas: 1 + targetCPUUtilizationPercentage: 80 + targetMemoryUtilizationPercentage: 80 resources: applicationSet: limits: @@ -62,3 +66,10 @@ spec: requests: cpu: 50m memory: 256M + _rawValues: {} + applicationSet: + replicas: 1 + controller: + replicas: 1 + controllerOperationProcessors: 10 + controllerStatusProcessors: 20 diff --git a/tests/fixtures/env/apps/cert-manager.yaml b/tests/fixtures/env/apps/cert-manager.yaml index 92cc02e9cd..be2c7211a3 100644 --- a/tests/fixtures/env/apps/cert-manager.yaml +++ b/tests/fixtures/env/apps/cert-manager.yaml @@ -5,3 +5,33 @@ metadata: spec: externallyManagedTlsSecretName: mysecret issuer: externally-managed-tls-secret + _rawValues: {} + resources: + cainjector: + limits: + cpu: 200m + memory: 1Gi + requests: + cpu: 50m + memory: 384Mi + certManager: + limits: + cpu: '1' + memory: 512Mi + requests: + cpu: 50m + memory: 128Mi + startupapicheck: + limits: + cpu: 200m + memory: 384Mi + requests: + cpu: 50m + memory: 64Mi + webhook: + limits: + cpu: 100m + memory: 256Mi + requests: + cpu: 50m + memory: 64Mi diff --git a/tests/fixtures/env/apps/cnpg.yaml b/tests/fixtures/env/apps/cnpg.yaml index 4cbdf02ead..63812079e9 100644 --- a/tests/fixtures/env/apps/cnpg.yaml +++ b/tests/fixtures/env/apps/cnpg.yaml @@ -10,3 +10,4 @@ spec: requests: cpu: 100m memory: 200Mi + _rawValues: {} diff --git a/tests/fixtures/env/apps/drone.yaml b/tests/fixtures/env/apps/drone.yaml index cbb25a201f..c5437ea8de 100644 --- a/tests/fixtures/env/apps/drone.yaml +++ b/tests/fixtures/env/apps/drone.yaml @@ -13,3 +13,5 @@ spec: server: https://gitea.demo.eks.otomi.cloud github: {} provider: gitea + username: otomi-admin + trace: false diff --git a/tests/fixtures/env/apps/external-dns.yaml b/tests/fixtures/env/apps/external-dns.yaml new file mode 100644 index 0000000000..2b3113c3f3 --- /dev/null +++ b/tests/fixtures/env/apps/external-dns.yaml @@ -0,0 +1,13 @@ +kind: AplApp +metadata: + name: external-dns + labels: {} +spec: + logLevel: info + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi diff --git a/tests/fixtures/env/apps/falco.yaml b/tests/fixtures/env/apps/falco.yaml index 7ba1138c66..2ca180084f 100644 --- a/tests/fixtures/env/apps/falco.yaml +++ b/tests/fixtures/env/apps/falco.yaml @@ -5,3 +5,149 @@ metadata: spec: driver: ebpf enabled: true + _rawValues: + customRules: + otomi-rules.yaml: |- + - macro: protected_shell_spawner + condition: ( + container.image.repository in ( + ghcr.io/cloudnative-pg + ) + ) + - macro: k8s_containers + condition: ( + container.image.repository in ( + docker.io/velero/velero, + docker.io/weaveworks/kured, + ghcr.io/aquasecurity/trivy-operator, + quay.io/argoproj/argocd, + quay.io/keycloak/keycloak-operator, + k8s.gcr.io/kube-state-metrics/kube-state-metrics, + quay.io/jetstack/cert-manager-cainjector, + quay.io/jetstack/cert-manager-controller, + quay.io/jetstack/cert-manager-webhook, + quay.io/prometheus-operator/prometheus-operator, + quay.io/prometheus/prometheus, + quay.io/kiwigrid/k8s-sidecar, + docker.io/linode/apl-core, + docker.io/linode/apl-tasks, + docker.io/linode/apl-api, + docker.io/drone/drone-runner-kube, + docker.io/grafana/promtail, + gcr.io/tekton-releases/github.com/tektoncd/dashboard/cmd/dashboard, + quay.io/argoprojlabs/argocd-image-updater, + gcr.io/tekton-releases/github.com/tektoncd/triggers/cmd/eventlistenersink, + docker.io/bitnami/sealed-secrets-controller, + ghcr.io/cloudnative-pg/postgresql, + jaegertracing/jaeger-operator + ) or (k8s.ns.name = "kube-system") + or (k8s.ns.name = "ingress") + or (k8s.ns.name = "kyverno") + or (k8s.ns.name = "cnpg-system") + or (k8s.ns.name = "tekton-pipelines") + or (k8s.ns.name = "falco") + ) + - macro: user_known_write_below_etc_activities + condition: ( + (container.image.repository = docker.io/goharbor/harbor-core and proc.name = cp) or + (container.image.repository = docker.io/goharbor/harbor-registryctl and proc.name = cp) or + (container.image.repository = docker.io/goharbor/registry-photon and proc.name = cp) or + (container.image.repository = docker.io/goharbor/trivy-adapter-photon and proc.name = cp) + ) + - macro: user_sensitive_mount_containers + condition: ( + container.image.repository in ( + quay.io/prometheus/node-exporter + ) + ) + - macro: user_trusted_containers + condition: ( + container.image.repository in ( + docker.io/drone/drone-runner-kube, + docker.io/linode/apl-api, + docker.io/linode/apl-tasks + ) + ) + - macro: user_known_package_manager_in_container + condition: ( + container.image.repository in ( + docker.io/linode/apl-tasks + ) + ) + - macro: user_known_k8s_client_container + condition: ( + container.image.repository in ( + docker.io/linode/apl-tasks, + docker.io/linode/apl-core + ) or (k8s.ns.name = "drone-pipelines") + ) + - macro: user_known_non_sudo_setuid_conditions + condition: ( + container.image.repository in ( + docker.io/linode/apl-tasks, + docker.io/linode/apl-api, + docker.io/linode/apl-console, + docker.io/gitea/gitea, + docker.io/grafana/grafana + ) or (k8s.ns.name = "ingress") + or (k8s.ns.name = "keycloak") + ) + - macro: excessively_capable_container + condition: ( + container.image.repository in ( + docker.io/linode/apl-console, + docker.io/linode/apl-api + ) or (k8s.ns.name = "keycloak") + ) + - macro: user_known_write_below_root_activities + condition: ( + k8s.ns.name = "drone-pipelines" + ) + - macro: user_known_network_tool_activities + condition: ( + container.image.repository in ( + docker.io/gitea/gitea + ) or (k8s.ns.name = "keycloak") + ) + - macro: user_known_create_files_below_dev_activities + condition: ( + container.image.repository in ( + quay.io/operatorhubio/catalog + ) + ) + resources: + falco: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 100m + memory: 512Mi + falcoCtlFollow: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + falcoCtlInstall: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + falcoDriverLoader: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + falcoExporter: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 50m + memory: 128Mi diff --git a/tests/fixtures/env/apps/gitea.yaml b/tests/fixtures/env/apps/gitea.yaml index 9ffa0e983f..426e37ae0d 100644 --- a/tests/fixtures/env/apps/gitea.yaml +++ b/tests/fixtures/env/apps/gitea.yaml @@ -4,3 +4,34 @@ metadata: labels: {} spec: enabled: true + _rawValues: {} + adminUsername: otomi-admin + resources: + gitea: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 100m + memory: 256Mi + init: + limits: + cpu: 400m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + memcached: + limits: + cpu: 250m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi + memcachedMetrics: + limits: + cpu: 200m + memory: 128M + requests: + cpu: 10m + memory: 16M diff --git a/tests/fixtures/env/apps/grafana.yaml b/tests/fixtures/env/apps/grafana.yaml index 579deb917f..6a0c87d046 100644 --- a/tests/fixtures/env/apps/grafana.yaml +++ b/tests/fixtures/env/apps/grafana.yaml @@ -4,3 +4,19 @@ metadata: labels: {} spec: enabled: false + _rawValues: {} + resources: + grafana: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 10m + memory: 128Mi + sidecar: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi diff --git a/tests/fixtures/env/apps/harbor.yaml b/tests/fixtures/env/apps/harbor.yaml index 587d5a701f..f0055eab51 100644 --- a/tests/fixtures/env/apps/harbor.yaml +++ b/tests/fixtures/env/apps/harbor.yaml @@ -8,3 +8,70 @@ spec: jobservice: {} registry: credentials: {} + _rawValues: {} + oidcAutoOnboard: true + oidcUserClaim: email + resources: + chartmuseum: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 20m + memory: 56Mi + core: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 20m + memory: 128Mi + jobservice: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 20m + memory: 128Mi + nginx: + limits: + cpu: 200m + memory: 512Mi + requests: + cpu: 20m + memory: 32Mi + portal: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 20m + memory: 128Mi + redis: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 20m + memory: 128Mi + registry: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 20m + memory: 32Mi + registryController: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 20m + memory: 32Mi + trivy: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 100m + memory: 128Mi diff --git a/tests/fixtures/env/apps/httpbin.yaml b/tests/fixtures/env/apps/httpbin.yaml index 89f760414d..e728d876a2 100644 --- a/tests/fixtures/env/apps/httpbin.yaml +++ b/tests/fixtures/env/apps/httpbin.yaml @@ -4,3 +4,4 @@ metadata: labels: {} spec: enabled: true + _rawValues: {} diff --git a/tests/fixtures/env/apps/ingress-nginx.yaml b/tests/fixtures/env/apps/ingress-nginx.yaml new file mode 100644 index 0000000000..4b682d70dc --- /dev/null +++ b/tests/fixtures/env/apps/ingress-nginx.yaml @@ -0,0 +1,43 @@ +kind: AplApp +metadata: + name: ingress-nginx + labels: {} +spec: + _rawValues: {} + autoscaling: + enabled: true + maxReplicas: 10 + minReplicas: 2 + targetCPUUtilizationPercentage: 80 + targetMemoryUtilizationPercentage: 80 + maxBodySize: 1024m + maxBodySizeBytes: 1073741824 + modsecurity: + block: false + enabled: false + owasp: true + resources: + controller: + limits: + cpu: '2' + memory: 2Gi + requests: + cpu: 100m + memory: 384Mi + defaultBackend: + limits: + cpu: 20m + memory: 20Mi + requests: + cpu: 10m + memory: 10Mi + opentelemetry: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 100m + memory: 65Mi + tracing: + enabled: false + samplingRatio: '0.01' diff --git a/tests/fixtures/env/apps/istio.yaml b/tests/fixtures/env/apps/istio.yaml index 181997b866..1e9058b22f 100644 --- a/tests/fixtures/env/apps/istio.yaml +++ b/tests/fixtures/env/apps/istio.yaml @@ -10,6 +10,9 @@ spec: pilot: maxReplicas: 5 minReplicas: 1 + egressgateway: + maxReplicas: 10 + minReplicas: 2 egressGateway: enabled: false extensionProviders: @@ -51,6 +54,21 @@ spec: requests: cpu: 20m memory: 80Mi + egressgateway: + limits: + cpu: '1' + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + operator: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 20m + memory: 128Mi tracing: enabled: true samplingRatio: '0.01' + _rawValues: {} diff --git a/tests/fixtures/env/apps/jaeger.yaml b/tests/fixtures/env/apps/jaeger.yaml index 13e3e60e0c..369b16d8e2 100644 --- a/tests/fixtures/env/apps/jaeger.yaml +++ b/tests/fixtures/env/apps/jaeger.yaml @@ -4,3 +4,19 @@ metadata: labels: {} spec: enabled: true + _rawValues: {} + resources: + jaeger: + limits: + cpu: '1' + memory: 2Gi + requests: + cpu: 200m + memory: 384Mi + operator: + limits: + cpu: 500m + memory: 1Gi + requests: + cpu: 100m + memory: 128Mi diff --git a/tests/fixtures/env/apps/keycloak.yaml b/tests/fixtures/env/apps/keycloak.yaml index cd45afc7b1..bb3db86cd4 100644 --- a/tests/fixtures/env/apps/keycloak.yaml +++ b/tests/fixtures/env/apps/keycloak.yaml @@ -22,3 +22,5 @@ spec: cpu: 100m memory: 256Mi theme: otomi + _rawValues: {} + adminUsername: otomi-admin diff --git a/tests/fixtures/env/apps/kiali.yaml b/tests/fixtures/env/apps/kiali.yaml index 91bf52406c..74e04bc8c6 100644 --- a/tests/fixtures/env/apps/kiali.yaml +++ b/tests/fixtures/env/apps/kiali.yaml @@ -4,3 +4,19 @@ metadata: labels: {} spec: enabled: true + _rawValues: {} + resources: + operator: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 100m + memory: 256Mi + pod: + limits: + cpu: '2' + memory: 1Gi + requests: + cpu: 100m + memory: 768Mi diff --git a/tests/fixtures/env/apps/knative.yaml b/tests/fixtures/env/apps/knative.yaml index 3081566ec1..87942cd02c 100644 --- a/tests/fixtures/env/apps/knative.yaml +++ b/tests/fixtures/env/apps/knative.yaml @@ -61,3 +61,5 @@ spec: requests: cpu: 50m memory: 32Mi + serving: + replicas: 1 diff --git a/tests/fixtures/env/apps/kured.yaml b/tests/fixtures/env/apps/kured.yaml index a547eec912..dec73b366f 100644 --- a/tests/fixtures/env/apps/kured.yaml +++ b/tests/fixtures/env/apps/kured.yaml @@ -11,3 +11,11 @@ spec: startTime: 22:00 timeZone: CET enabled: true + resources: + kuredDaemonSet: + limits: + cpu: 50m + memory: 32Mi + requests: + cpu: 20m + memory: 16Mi diff --git a/tests/fixtures/env/apps/kyverno.yaml b/tests/fixtures/env/apps/kyverno.yaml index fb6fba3eec..ded3530968 100644 --- a/tests/fixtures/env/apps/kyverno.yaml +++ b/tests/fixtures/env/apps/kyverno.yaml @@ -4,3 +4,34 @@ metadata: labels: {} spec: enabled: true + _rawValues: {} + mode: DevTest + resources: + admissionController: + limits: + cpu: '1' + memory: 512Mi + requests: + cpu: 100m + memory: 128Mi + backgroundController: + limits: + cpu: '1' + memory: 512Mi + requests: + cpu: 50m + memory: 64Mi + cleanupController: + limits: + cpu: '1' + memory: 512Mi + requests: + cpu: 10m + memory: 64Mi + reportsController: + limits: + cpu: '1' + memory: 512Mi + requests: + cpu: 50m + memory: 128Mi diff --git a/tests/fixtures/env/apps/loki.yaml b/tests/fixtures/env/apps/loki.yaml index 4014ef01a6..5451d59d0c 100644 --- a/tests/fixtures/env/apps/loki.yaml +++ b/tests/fixtures/env/apps/loki.yaml @@ -83,7 +83,15 @@ spec: requests: cpu: 100m memory: 128Mi + reverseProxy: + limits: + cpu: 100m + memory: 32Mi + requests: + cpu: 50m + memory: 16Mi retention: duration: 24h period: 24h - v11StartDate: 2021-05-13 + v11StartDate: 2021-05-13T00:00:00.000Z + _rawValues: {} diff --git a/tests/fixtures/env/apps/metrics-server.yaml b/tests/fixtures/env/apps/metrics-server.yaml index b184af32c3..bff789e151 100644 --- a/tests/fixtures/env/apps/metrics-server.yaml +++ b/tests/fixtures/env/apps/metrics-server.yaml @@ -12,3 +12,6 @@ spec: requests: cpu: 100m memory: 64Mi + _rawValues: {} + apiServer: + create: true diff --git a/tests/fixtures/env/apps/minio.yaml b/tests/fixtures/env/apps/minio.yaml index f474a2f6a6..a6e74fdf2d 100644 --- a/tests/fixtures/env/apps/minio.yaml +++ b/tests/fixtures/env/apps/minio.yaml @@ -9,3 +9,11 @@ spec: size: 20Gi provisioning: enabled: true + _rawValues: {} + resources: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 500m + memory: 128Mi diff --git a/tests/fixtures/env/apps/oauth2-proxy-redis.yaml b/tests/fixtures/env/apps/oauth2-proxy-redis.yaml index 1d79fb16c9..6e09e52d38 100644 --- a/tests/fixtures/env/apps/oauth2-proxy-redis.yaml +++ b/tests/fixtures/env/apps/oauth2-proxy-redis.yaml @@ -2,4 +2,42 @@ kind: AplApp metadata: name: oauth2-proxy-redis labels: {} -spec: {} +spec: + _rawValues: {} + architecture: standalone + persistence: + master: + size: 1Gi + replica: + size: 1Gi + sentinel: + size: 1Gi + resources: + master: + limits: + cpu: 200m + memory: 128Mi + requests: + cpu: 20m + memory: 16Mi + metrics: + limits: + cpu: 100m + memory: 256Mi + requests: + cpu: 50m + memory: 64Mi + replica: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 200m + memory: 64Mi + sentinel: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 200m + memory: 64Mi diff --git a/tests/fixtures/env/apps/oauth2-proxy.yaml b/tests/fixtures/env/apps/oauth2-proxy.yaml index 4c3abe8259..1c7b367597 100644 --- a/tests/fixtures/env/apps/oauth2-proxy.yaml +++ b/tests/fixtures/env/apps/oauth2-proxy.yaml @@ -4,3 +4,11 @@ metadata: labels: {} spec: config: {} + _rawValues: {} + resources: + limits: + cpu: 200m + memory: 128Mi + requests: + cpu: 20m + memory: 32Mi diff --git a/tests/fixtures/env/apps/otel.yaml b/tests/fixtures/env/apps/otel.yaml index 3d3e9078bf..d977dacdc3 100644 --- a/tests/fixtures/env/apps/otel.yaml +++ b/tests/fixtures/env/apps/otel.yaml @@ -42,3 +42,4 @@ spec: requests: cpu: 50m memory: 16Mi + _rawValues: {} diff --git a/tests/fixtures/env/apps/otomi-api.yaml b/tests/fixtures/env/apps/otomi-api.yaml index 5d5d430c05..e0f1cec617 100644 --- a/tests/fixtures/env/apps/otomi-api.yaml +++ b/tests/fixtures/env/apps/otomi-api.yaml @@ -7,3 +7,19 @@ spec: git: email: some@secret.value user: someuser + _rawValues: {} + resources: + api: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 100m + memory: 256Mi + tools: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 300m + memory: 256Mi diff --git a/tests/fixtures/env/apps/otomi-console.yaml b/tests/fixtures/env/apps/otomi-console.yaml new file mode 100644 index 0000000000..1b9d0aee02 --- /dev/null +++ b/tests/fixtures/env/apps/otomi-console.yaml @@ -0,0 +1,13 @@ +kind: AplApp +metadata: + name: otomi-console + labels: {} +spec: + _rawValues: {} + resources: + limits: + cpu: 400m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi diff --git a/tests/fixtures/env/apps/otomi-operator.yaml b/tests/fixtures/env/apps/otomi-operator.yaml new file mode 100644 index 0000000000..2be889a864 --- /dev/null +++ b/tests/fixtures/env/apps/otomi-operator.yaml @@ -0,0 +1,14 @@ +kind: AplApp +metadata: + name: otomi-operator + labels: {} +spec: + _rawValues: {} + resources: + operator: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi diff --git a/tests/fixtures/env/apps/prometheus.yaml b/tests/fixtures/env/apps/prometheus.yaml index 7498e5320d..16c6c80336 100644 --- a/tests/fixtures/env/apps/prometheus.yaml +++ b/tests/fixtures/env/apps/prometheus.yaml @@ -32,3 +32,53 @@ spec: maxShards: 100 maxSamplesPerSend: 6000 target: https://remote.target.io/api/v1/push + insecureSkipVerify: false + _rawValues: {} + replicas: 1 + resources: + kube-state-metrics: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + node-exporter: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 50m + memory: 32Mi + prometheus: + limits: + cpu: '3' + memory: 3Gi + requests: + cpu: 100m + memory: 2Gi + prometheusConfigReloader: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 10m + memory: 24Mi + prometheusOperator: + limits: + cpu: 400m + memory: 256Mi + requests: + cpu: 50m + memory: 128Mi + thanosSidecar: + limits: + cpu: '1' + memory: 512Mi + requests: + cpu: 10m + memory: 64Mi + retention: 15d + retentionSize: 4GB + scrapeInterval: 60s + storageSize: 5Gi diff --git a/tests/fixtures/env/apps/promtail.yaml b/tests/fixtures/env/apps/promtail.yaml new file mode 100644 index 0000000000..52e46c6415 --- /dev/null +++ b/tests/fixtures/env/apps/promtail.yaml @@ -0,0 +1,14 @@ +kind: AplApp +metadata: + name: promtail + labels: {} +spec: + _rawValues: {} + enabled: false + resources: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 50m + memory: 160Mi diff --git a/tests/fixtures/env/apps/rabbitmq.yaml b/tests/fixtures/env/apps/rabbitmq.yaml index 4a99108f19..824a570d20 100644 --- a/tests/fixtures/env/apps/rabbitmq.yaml +++ b/tests/fixtures/env/apps/rabbitmq.yaml @@ -19,3 +19,4 @@ spec: requests: cpu: 100m memory: 128Mi + _rawValues: {} diff --git a/tests/fixtures/env/apps/sealed-secrets.yaml b/tests/fixtures/env/apps/sealed-secrets.yaml index 7a3d17ebee..fda34a0cea 100644 --- a/tests/fixtures/env/apps/sealed-secrets.yaml +++ b/tests/fixtures/env/apps/sealed-secrets.yaml @@ -2,4 +2,13 @@ kind: AplApp metadata: name: sealed-secrets labels: {} -spec: {} +spec: + _rawValues: {} + resources: + operator: + limits: + cpu: '2' + memory: 1Gi + requests: + cpu: 50m + memory: 64Mi diff --git a/tests/fixtures/env/apps/secrets.cert-manager.yaml b/tests/fixtures/env/apps/secrets.cert-manager.yaml index ca33ff9b7a..671916d60e 100644 --- a/tests/fixtures/env/apps/secrets.cert-manager.yaml +++ b/tests/fixtures/env/apps/secrets.cert-manager.yaml @@ -50,3 +50,6 @@ spec: rnZ+fMAuvPjrDXbtmqJsq0RXq1E07ng4ZDIjN+0pShVFQdakJRFo1y+d3b82lBYX EZrfMBCWVj31dXeGEHfVvOpwrQ5ffTzs2lVmTh7Ft61gs4TJ7gNTDbE= -----END RSA PRIVATE KEY----- +name: cert-manager +metadata: + name: cert-manager diff --git a/tests/fixtures/env/apps/secrets.drone.yaml b/tests/fixtures/env/apps/secrets.drone.yaml index 23c0b0d055..852a8fc797 100644 --- a/tests/fixtures/env/apps/secrets.drone.yaml +++ b/tests/fixtures/env/apps/secrets.drone.yaml @@ -4,3 +4,6 @@ spec: sourceControl: github: clientSecretValue: somesecretvalue +name: drone +metadata: + name: drone diff --git a/tests/fixtures/env/apps/secrets.gitea.yaml b/tests/fixtures/env/apps/secrets.gitea.yaml index 9096d57d62..bbf17fa907 100644 --- a/tests/fixtures/env/apps/secrets.gitea.yaml +++ b/tests/fixtures/env/apps/secrets.gitea.yaml @@ -2,3 +2,6 @@ kind: AplApp spec: adminPassword: giteaAdminPassword postgresqlPassword: postgresqlPassword +name: gitea +metadata: + name: gitea diff --git a/tests/fixtures/env/apps/secrets.grafana.yaml b/tests/fixtures/env/apps/secrets.grafana.yaml index a9d259b834..984e5171de 100644 --- a/tests/fixtures/env/apps/secrets.grafana.yaml +++ b/tests/fixtures/env/apps/secrets.grafana.yaml @@ -1,3 +1,6 @@ kind: AplApp spec: adminPassword: somesecretvalue +name: grafana +metadata: + name: grafana diff --git a/tests/fixtures/env/apps/secrets.harbor.yaml b/tests/fixtures/env/apps/secrets.harbor.yaml index 28096acbe2..84dcfe2783 100644 --- a/tests/fixtures/env/apps/secrets.harbor.yaml +++ b/tests/fixtures/env/apps/secrets.harbor.yaml @@ -13,3 +13,6 @@ spec: username: admin password: TJmTw62K9y4fZ83wgt0xmXzLwxpTHoJ4 secretKey: somesecretvalue +name: harbor +metadata: + name: harbor diff --git a/tests/fixtures/env/apps/secrets.keycloak.yaml b/tests/fixtures/env/apps/secrets.keycloak.yaml index f72dd56036..34f328f775 100644 --- a/tests/fixtures/env/apps/secrets.keycloak.yaml +++ b/tests/fixtures/env/apps/secrets.keycloak.yaml @@ -2,3 +2,6 @@ kind: AplApp spec: idp: clientSecret: somsecretvalue +name: keycloak +metadata: + name: keycloak diff --git a/tests/fixtures/env/apps/secrets.loki.yaml b/tests/fixtures/env/apps/secrets.loki.yaml index a9d259b834..fd1fbcf597 100644 --- a/tests/fixtures/env/apps/secrets.loki.yaml +++ b/tests/fixtures/env/apps/secrets.loki.yaml @@ -1,3 +1,6 @@ kind: AplApp spec: adminPassword: somesecretvalue +name: loki +metadata: + name: loki diff --git a/tests/fixtures/env/apps/secrets.oauth2-proxy-redis.yaml b/tests/fixtures/env/apps/secrets.oauth2-proxy-redis.yaml index 275eda29fb..56f2d4ce60 100644 --- a/tests/fixtures/env/apps/secrets.oauth2-proxy-redis.yaml +++ b/tests/fixtures/env/apps/secrets.oauth2-proxy-redis.yaml @@ -1,3 +1,6 @@ kind: AplApp spec: password: gkhugxJsPjhbCybH +name: oauth2-proxy-redis +metadata: + name: oauth2-proxy-redis diff --git a/tests/fixtures/env/apps/secrets.oauth2-proxy.yaml b/tests/fixtures/env/apps/secrets.oauth2-proxy.yaml index 34e87a691b..9361e610fe 100644 --- a/tests/fixtures/env/apps/secrets.oauth2-proxy.yaml +++ b/tests/fixtures/env/apps/secrets.oauth2-proxy.yaml @@ -2,3 +2,6 @@ kind: AplApp spec: config: cookieSecret: gkhugxJsPjhbCybH +name: oauth2-proxy +metadata: + name: oauth2-proxy diff --git a/tests/fixtures/env/apps/secrets.otomi-api.yaml b/tests/fixtures/env/apps/secrets.otomi-api.yaml index 21db6d009c..ae0f7adc9f 100644 --- a/tests/fixtures/env/apps/secrets.otomi-api.yaml +++ b/tests/fixtures/env/apps/secrets.otomi-api.yaml @@ -2,3 +2,6 @@ kind: AplApp spec: git: password: somesecretvalue +name: otomi-api +metadata: + name: otomi-api diff --git a/tests/fixtures/env/apps/secrets.prometheus.yaml b/tests/fixtures/env/apps/secrets.prometheus.yaml index df68d97de5..74b9528e64 100644 --- a/tests/fixtures/env/apps/secrets.prometheus.yaml +++ b/tests/fixtures/env/apps/secrets.prometheus.yaml @@ -4,3 +4,6 @@ spec: rwConfig: basicAuth: password: blalalalalal +name: prometheus +metadata: + name: prometheus diff --git a/tests/fixtures/env/apps/tekton.yaml b/tests/fixtures/env/apps/tekton.yaml index 3bc21b9825..1fbb85463a 100644 --- a/tests/fixtures/env/apps/tekton.yaml +++ b/tests/fixtures/env/apps/tekton.yaml @@ -2,4 +2,62 @@ kind: AplApp metadata: name: tekton labels: {} -spec: {} +spec: + _rawValues: {} + resources: + dashboard: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + pipelinesController: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 100m + memory: 128Mi + pipelinesEvents: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 100m + memory: 128Mi + pipelinesRemoteresolver: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 100m + memory: 128Mi + pipelinesWebhook: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 100m + memory: 144Mi + triggersController: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 50m + memory: 64Mi + triggersInterceptors: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 50m + memory: 64Mi + triggersWebhook: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 50m + memory: 64Mi diff --git a/tests/fixtures/env/apps/tempo.yaml b/tests/fixtures/env/apps/tempo.yaml index 5194bbead0..6d191727f0 100644 --- a/tests/fixtures/env/apps/tempo.yaml +++ b/tests/fixtures/env/apps/tempo.yaml @@ -82,3 +82,4 @@ spec: requests: cpu: 100m memory: 128Mi + _rawValues: {} diff --git a/tests/fixtures/env/apps/thanos.yaml b/tests/fixtures/env/apps/thanos.yaml index 24c38992b7..d3f31914f6 100644 --- a/tests/fixtures/env/apps/thanos.yaml +++ b/tests/fixtures/env/apps/thanos.yaml @@ -37,3 +37,4 @@ spec: requests: cpu: 100m memory: 128Mi + _rawValues: {} diff --git a/tests/fixtures/env/apps/trivy.yaml b/tests/fixtures/env/apps/trivy.yaml index b03cde3bba..ebd55c53f8 100644 --- a/tests/fixtures/env/apps/trivy.yaml +++ b/tests/fixtures/env/apps/trivy.yaml @@ -4,3 +4,21 @@ metadata: labels: {} spec: enabled: true + _rawValues: {} + operator: + replicaCount: 1 + resources: + operator: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 10m + memory: 512Mi + trivy: + limits: + cpu: '1' + memory: 1G + requests: + cpu: 10m + memory: 128M diff --git a/tests/fixtures/env/apps/velero.yaml b/tests/fixtures/env/apps/velero.yaml index 998322499f..32a26ce974 100644 --- a/tests/fixtures/env/apps/velero.yaml +++ b/tests/fixtures/env/apps/velero.yaml @@ -6,3 +6,12 @@ spec: enabled: true restic: enabled: false + _rawValues: {} + logLevel: info + resources: + limits: + cpu: '1' + memory: 512Mi + requests: + cpu: 20m + memory: 184Mi diff --git a/tests/fixtures/env/databases/gitea.yaml b/tests/fixtures/env/databases/gitea.yaml new file mode 100644 index 0000000000..9648b68a66 --- /dev/null +++ b/tests/fixtures/env/databases/gitea.yaml @@ -0,0 +1,17 @@ +kind: AplDatabase +metadata: + name: gitea + labels: {} +spec: + externalClusters: [] + imageName: null + recovery: {} + replicas: 2 + resources: + limits: + cpu: 200m + memory: 192Mi + requests: + cpu: 200m + memory: 192Mi + size: 5Gi diff --git a/tests/fixtures/env/databases/harbor.yaml b/tests/fixtures/env/databases/harbor.yaml index f425004222..d09bffd03c 100644 --- a/tests/fixtures/env/databases/harbor.yaml +++ b/tests/fixtures/env/databases/harbor.yaml @@ -4,3 +4,15 @@ metadata: labels: {} spec: replicas: 2 + coreDatabase: registry + externalClusters: [] + imageName: null + recovery: {} + resources: + limits: + cpu: 200m + memory: 192Mi + requests: + cpu: 200m + memory: 192Mi + size: 5Gi diff --git a/tests/fixtures/env/databases/keycloak.yaml b/tests/fixtures/env/databases/keycloak.yaml index a842a77c23..4b51373549 100644 --- a/tests/fixtures/env/databases/keycloak.yaml +++ b/tests/fixtures/env/databases/keycloak.yaml @@ -4,3 +4,15 @@ metadata: labels: {} spec: imported: false + externalClusters: [] + imageName: null + recovery: {} + replicas: 2 + resources: + limits: + cpu: 200m + memory: 192Mi + requests: + cpu: 200m + memory: 192Mi + size: 5Gi diff --git a/tests/fixtures/env/settings/cluster.yaml b/tests/fixtures/env/settings/cluster.yaml index aff71d331b..2aece57ce1 100644 --- a/tests/fixtures/env/settings/cluster.yaml +++ b/tests/fixtures/env/settings/cluster.yaml @@ -3,9 +3,9 @@ metadata: name: cluster labels: {} spec: + name: demo apiServer: https://1.1.1.1:8443 domainSuffix: dev.linode-apl.net k8sContext: linode-dev - name: demo owner: akamai provider: linode diff --git a/tests/fixtures/env/settings/dns.yaml b/tests/fixtures/env/settings/dns.yaml index 3fb7c12290..e9f9681e71 100644 --- a/tests/fixtures/env/settings/dns.yaml +++ b/tests/fixtures/env/settings/dns.yaml @@ -8,3 +8,4 @@ spec: provider: linode: {} zoneIdFilters: [] + policy: upsert-only diff --git a/tests/fixtures/env/settings/ingress.yaml b/tests/fixtures/env/settings/ingress.yaml index aa3e5d1e2c..9166c7e426 100644 --- a/tests/fixtures/env/settings/ingress.yaml +++ b/tests/fixtures/env/settings/ingress.yaml @@ -13,3 +13,4 @@ spec: sourceIpAddressFiltering: 10.0.0.0/24 platformClass: entrypoint: '' + className: platform diff --git a/tests/fixtures/env/settings/otomi.yaml b/tests/fixtures/env/settings/otomi.yaml index 3c77e8dab7..1520ac3bd2 100644 --- a/tests/fixtures/env/settings/otomi.yaml +++ b/tests/fixtures/env/settings/otomi.yaml @@ -6,7 +6,9 @@ spec: globalPullSecret: username: otomi hasExternalDNS: true - hasExternalIDP: true + hasExternalIDP: false nodeSelector: otomi: otomi-sys version: main + isMultitenant: true + isPreInstalled: false diff --git a/tests/fixtures/env/settings/secrets.alerts.yaml b/tests/fixtures/env/settings/secrets.alerts.yaml index 59b1159d1e..a16180e231 100644 --- a/tests/fixtures/env/settings/secrets.alerts.yaml +++ b/tests/fixtures/env/settings/secrets.alerts.yaml @@ -8,3 +8,6 @@ spec: lowPrio: https://xxxxxxxx.com slack: url: https://hooks.slack.com/services/id +name: alerts +metadata: + name: alerts diff --git a/tests/fixtures/env/settings/secrets.dns.yaml b/tests/fixtures/env/settings/secrets.dns.yaml index f5de12e005..a6024d2e07 100644 --- a/tests/fixtures/env/settings/secrets.dns.yaml +++ b/tests/fixtures/env/settings/secrets.dns.yaml @@ -3,3 +3,6 @@ spec: provider: linode: apiToken: xvxvxvxvxvxvxvxvxvxvxvxvx +name: dns +metadata: + name: dns diff --git a/tests/fixtures/env/settings/secrets.kms.yaml b/tests/fixtures/env/settings/secrets.kms.yaml index d4f64e4b3e..74b33f1f1c 100644 --- a/tests/fixtures/env/settings/secrets.kms.yaml +++ b/tests/fixtures/env/settings/secrets.kms.yaml @@ -3,3 +3,6 @@ spec: sops: azure: clientSecret: somesecretvalue +name: kms +metadata: + name: kms diff --git a/tests/fixtures/env/settings/secrets.obj.yaml b/tests/fixtures/env/settings/secrets.obj.yaml index 69cb8fb817..82c77762ff 100644 --- a/tests/fixtures/env/settings/secrets.obj.yaml +++ b/tests/fixtures/env/settings/secrets.obj.yaml @@ -3,3 +3,6 @@ spec: provider: linode: secretAccessKey: somesecretvalue +name: obj +metadata: + name: obj diff --git a/tests/fixtures/env/settings/secrets.oidc.yaml b/tests/fixtures/env/settings/secrets.oidc.yaml index e6e7c4781e..5f03c2f11d 100644 --- a/tests/fixtures/env/settings/secrets.oidc.yaml +++ b/tests/fixtures/env/settings/secrets.oidc.yaml @@ -1,3 +1,6 @@ kind: AplIdentityProvider spec: clientSecret: somesecretvalue +name: oidc +metadata: + name: oidc diff --git a/tests/fixtures/env/settings/secrets.otomi.yaml b/tests/fixtures/env/settings/secrets.otomi.yaml index 772399be41..12eda4e881 100644 --- a/tests/fixtures/env/settings/secrets.otomi.yaml +++ b/tests/fixtures/env/settings/secrets.otomi.yaml @@ -3,3 +3,6 @@ spec: adminPassword: bladibla globalPullSecret: password: blablabla +name: otomi +metadata: + name: otomi diff --git a/tests/fixtures/env/settings/secrets.platformBackups.yaml b/tests/fixtures/env/settings/secrets.platformBackups.yaml index 1aa3191fb0..4bb4a2acab 100644 --- a/tests/fixtures/env/settings/secrets.platformBackups.yaml +++ b/tests/fixtures/env/settings/secrets.platformBackups.yaml @@ -2,3 +2,6 @@ kind: AplBackupCollection spec: persistentVolumes: linodeApiToken: justanapitokenhere +name: platformBackups +metadata: + name: platformBackups diff --git a/tests/fixtures/env/settings/secrets.smtp.yaml b/tests/fixtures/env/settings/secrets.smtp.yaml index 35dcd25548..62a1d33e38 100644 --- a/tests/fixtures/env/settings/secrets.smtp.yaml +++ b/tests/fixtures/env/settings/secrets.smtp.yaml @@ -1,3 +1,6 @@ kind: AplSmtp spec: auth_password: somesecretvalue +name: smtp +metadata: + name: smtp diff --git a/tests/fixtures/env/teams/admin/apps.yaml b/tests/fixtures/env/teams/admin/apps.yaml index 7766e874e9..c35e01282d 100644 --- a/tests/fixtures/env/teams/admin/apps.yaml +++ b/tests/fixtures/env/teams/admin/apps.yaml @@ -3,4 +3,65 @@ metadata: name: admin labels: apl.io/teamId: admin -spec: {} +spec: + alertmanager: + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 10m + memory: 64Mi + grafana: + resources: + grafana: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 10m + memory: 128Mi + sidecar: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi + tekton: + resources: + buildpacksTask: + limits: + cpu: '2' + memory: 2Gi + requests: + cpu: 500m + memory: 512Mi + dashboard: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + gitCloneTask: + limits: + cpu: '2' + memory: 2Gi + requests: + cpu: 500m + memory: 512Mi + grypeTask: + limits: + cpu: '2' + memory: 2Gi + requests: + cpu: 500m + memory: 512Mi + kanikoTask: + limits: + cpu: '2' + memory: 2Gi + requests: + cpu: 500m + memory: 512Mi diff --git a/tests/fixtures/env/teams/admin/secrets.settings.yaml b/tests/fixtures/env/teams/admin/secrets.settings.yaml index 97ef94c413..595f37ad22 100644 --- a/tests/fixtures/env/teams/admin/secrets.settings.yaml +++ b/tests/fixtures/env/teams/admin/secrets.settings.yaml @@ -1,3 +1,6 @@ kind: AplTeamSettingSet spec: password: YTrnkdUsKPcGATfg +name: admin +metadata: + name: admin diff --git a/tests/fixtures/env/teams/admin/services/hello-admin.yaml b/tests/fixtures/env/teams/admin/services/hello-admin.yaml index 8e9942caf5..cd45bcb680 100644 --- a/tests/fixtures/env/teams/admin/services/hello-admin.yaml +++ b/tests/fixtures/env/teams/admin/services/hello-admin.yaml @@ -6,7 +6,6 @@ metadata: spec: auth: true domain: hello.team-admin.dev.linode-apl.net - name: hello-admin ownHost: true port: 80 type: public diff --git a/tests/fixtures/env/teams/admin/settings.yaml b/tests/fixtures/env/teams/admin/settings.yaml index 633c2d1395..281ded6530 100644 --- a/tests/fixtures/env/teams/admin/settings.yaml +++ b/tests/fixtures/env/teams/admin/settings.yaml @@ -4,7 +4,6 @@ metadata: labels: apl.io/teamId: admin spec: - id: admin managedMonitoring: alertmanager: true grafana: true @@ -14,3 +13,19 @@ spec: - downloadCertificateAuthority policies: - edit policies + apps: [] + service: + - ingress + alerts: + groupInterval: 5m + receivers: + - none + repeatInterval: 3h + networkPolicy: + egressPublic: true + ingressPrivate: true + resourceQuota: + - name: pods + value: '50' + - name: services.loadbalancers + value: '0' diff --git a/tests/fixtures/env/teams/admin/workloads/crossplane-custom-namespace.yaml b/tests/fixtures/env/teams/admin/workloads/crossplane-custom-namespace.yaml index 0cefa2eb6e..2629725120 100644 --- a/tests/fixtures/env/teams/admin/workloads/crossplane-custom-namespace.yaml +++ b/tests/fixtures/env/teams/admin/workloads/crossplane-custom-namespace.yaml @@ -5,7 +5,6 @@ metadata: apl.io/teamId: admin spec: chart: crossplane - name: crossplane-custom-namespace namespace: crossplane revision: 1.11.2 url: https://charts.crossplane.io/stable diff --git a/tests/fixtures/env/teams/admin/workloads/crossplane-team-namespace.yaml b/tests/fixtures/env/teams/admin/workloads/crossplane-team-namespace.yaml index 6d292e601b..6bac02d1bc 100644 --- a/tests/fixtures/env/teams/admin/workloads/crossplane-team-namespace.yaml +++ b/tests/fixtures/env/teams/admin/workloads/crossplane-team-namespace.yaml @@ -5,6 +5,5 @@ metadata: apl.io/teamId: admin spec: chart: crossplane - name: crossplane-team-namespace revision: 1.11.2 url: https://charts.crossplane.io/stable diff --git a/tests/fixtures/env/teams/admin/workloads/wa1.yaml b/tests/fixtures/env/teams/admin/workloads/wa1.yaml index db753391bb..f2cd4b469e 100644 --- a/tests/fixtures/env/teams/admin/workloads/wa1.yaml +++ b/tests/fixtures/env/teams/admin/workloads/wa1.yaml @@ -4,7 +4,6 @@ metadata: labels: apl.io/teamId: admin spec: - name: wa1 path: / revision: HEAD url: https://myrepo.local/mychart.git diff --git a/tests/fixtures/env/teams/admin/workloads/wa2.yaml b/tests/fixtures/env/teams/admin/workloads/wa2.yaml index 50be792960..09852ef8b5 100644 --- a/tests/fixtures/env/teams/admin/workloads/wa2.yaml +++ b/tests/fixtures/env/teams/admin/workloads/wa2.yaml @@ -5,6 +5,5 @@ metadata: apl.io/teamId: admin spec: chart: mychart - name: wa2 revision: 1.2.3 url: https://myregistry.local/mychart diff --git a/tests/fixtures/env/teams/demo/apps.yaml b/tests/fixtures/env/teams/demo/apps.yaml index 3380be3861..ea3b9cb9a6 100644 --- a/tests/fixtures/env/teams/demo/apps.yaml +++ b/tests/fixtures/env/teams/demo/apps.yaml @@ -41,3 +41,27 @@ spec: requests: cpu: 500m memory: 512Mi + alertmanager: + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 10m + memory: 64Mi + grafana: + resources: + grafana: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 10m + memory: 128Mi + sidecar: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi diff --git a/tests/fixtures/env/teams/demo/backups/bu1.yaml b/tests/fixtures/env/teams/demo/backups/bu1.yaml index 7a720b1f0e..5b03e3b9ee 100644 --- a/tests/fixtures/env/teams/demo/backups/bu1.yaml +++ b/tests/fixtures/env/teams/demo/backups/bu1.yaml @@ -4,7 +4,6 @@ metadata: labels: apl.io/teamId: demo spec: - name: bu1 schedule: 0 0 0 * * snapshotVolumes: true ttl: 8h diff --git a/tests/fixtures/env/teams/demo/backups/bu2.yaml b/tests/fixtures/env/teams/demo/backups/bu2.yaml index 04fc837278..9c2528cdaf 100644 --- a/tests/fixtures/env/teams/demo/backups/bu2.yaml +++ b/tests/fixtures/env/teams/demo/backups/bu2.yaml @@ -9,7 +9,6 @@ spec: value: hello - name: backup value: all - name: bu2 schedule: 0 0 0 * * snapshotVolumes: true ttl: 8h diff --git a/tests/fixtures/env/teams/demo/codeRepos/buildpacks-sample.yaml b/tests/fixtures/env/teams/demo/codeRepos/buildpacks-sample.yaml index 43fc3b75a9..202eb5d123 100644 --- a/tests/fixtures/env/teams/demo/codeRepos/buildpacks-sample.yaml +++ b/tests/fixtures/env/teams/demo/codeRepos/buildpacks-sample.yaml @@ -5,7 +5,5 @@ metadata: name: buildpacks-samples spec: gitService: github - name: buildpacks-samples private: false repositoryUrl: https://github.com/buildpacks/samples - teamId: demo diff --git a/tests/fixtures/env/teams/demo/codeRepos/buildpacks-samples.yaml b/tests/fixtures/env/teams/demo/codeRepos/buildpacks-samples.yaml new file mode 100644 index 0000000000..7557a1377e --- /dev/null +++ b/tests/fixtures/env/teams/demo/codeRepos/buildpacks-samples.yaml @@ -0,0 +1,9 @@ +kind: AplTeamCodeRepo +metadata: + name: buildpacks-samples + labels: + apl.io/teamId: demo +spec: + gitService: github + private: false + repositoryUrl: https://github.com/buildpacks/samples diff --git a/tests/fixtures/env/teams/demo/netpols/allow-egress-1.yaml b/tests/fixtures/env/teams/demo/netpols/allow-egress-1.yaml index 77a53ccc51..80cde1fa82 100644 --- a/tests/fixtures/env/teams/demo/netpols/allow-egress-1.yaml +++ b/tests/fixtures/env/teams/demo/netpols/allow-egress-1.yaml @@ -4,7 +4,6 @@ metadata: labels: apl.io/teamId: demo spec: - name: allow-egress-1 ruleType: egress: domain: demo.local diff --git a/tests/fixtures/env/teams/demo/netpols/allow-egress-2.yaml b/tests/fixtures/env/teams/demo/netpols/allow-egress-2.yaml index 71455d64df..c39ffaa60f 100644 --- a/tests/fixtures/env/teams/demo/netpols/allow-egress-2.yaml +++ b/tests/fixtures/env/teams/demo/netpols/allow-egress-2.yaml @@ -4,7 +4,6 @@ metadata: labels: apl.io/teamId: demo spec: - name: allow-egress-2 ruleType: egress: domain: demo.local diff --git a/tests/fixtures/env/teams/demo/netpols/allow-ingress-1.yaml b/tests/fixtures/env/teams/demo/netpols/allow-ingress-1.yaml index 2f8466ac26..4eb6084885 100644 --- a/tests/fixtures/env/teams/demo/netpols/allow-ingress-1.yaml +++ b/tests/fixtures/env/teams/demo/netpols/allow-ingress-1.yaml @@ -4,7 +4,6 @@ metadata: labels: apl.io/teamId: demo spec: - name: allow-ingress-1 ruleType: ingress: allow: diff --git a/tests/fixtures/env/teams/demo/secrets.settings.yaml b/tests/fixtures/env/teams/demo/secrets.settings.yaml new file mode 100644 index 0000000000..288c8798d6 --- /dev/null +++ b/tests/fixtures/env/teams/demo/secrets.settings.yaml @@ -0,0 +1,12 @@ +kind: AplTeamSettingSet +spec: + password: somesecretvalue + alerts: + email: + critical: admins@yourdoma.in + nonCritical: admins@yourdoma.in + slack: + url: https://slack.con +name: demo +metadata: + name: demo diff --git a/tests/fixtures/env/teams/demo/services/has-cert-svc.yaml b/tests/fixtures/env/teams/demo/services/has-cert-svc.yaml index 2353841ae9..da1b06945b 100644 --- a/tests/fixtures/env/teams/demo/services/has-cert-svc.yaml +++ b/tests/fixtures/env/teams/demo/services/has-cert-svc.yaml @@ -5,7 +5,6 @@ metadata: apl.io/teamId: demo spec: hasCert: true - name: has-cert-svc paths: - /jeho type: public diff --git a/tests/fixtures/env/teams/demo/services/hello-auth.yaml b/tests/fixtures/env/teams/demo/services/hello-auth.yaml index 41b5e9ad8b..05b335aa42 100644 --- a/tests/fixtures/env/teams/demo/services/hello-auth.yaml +++ b/tests/fixtures/env/teams/demo/services/hello-auth.yaml @@ -7,7 +7,6 @@ spec: domain: tlspass.dev.linode-apl.net ksvc: predeployed: true - name: hello-auth ownHost: true paths: [] port: 80 diff --git a/tests/fixtures/env/teams/demo/services/hello-blue-green.yaml b/tests/fixtures/env/teams/demo/services/hello-blue-green.yaml index c914f15ab4..9f6435205a 100644 --- a/tests/fixtures/env/teams/demo/services/hello-blue-green.yaml +++ b/tests/fixtures/env/teams/demo/services/hello-blue-green.yaml @@ -7,7 +7,6 @@ spec: ingressClassName: platform ksvc: predeployed: false - name: hello-blue-green ownHost: true paths: [] port: 80 diff --git a/tests/fixtures/env/teams/demo/services/hello.yaml b/tests/fixtures/env/teams/demo/services/hello.yaml index fb8c40860c..4656ca6663 100644 --- a/tests/fixtures/env/teams/demo/services/hello.yaml +++ b/tests/fixtures/env/teams/demo/services/hello.yaml @@ -18,7 +18,6 @@ spec: value: same-origin ksvc: predeployed: true - name: hello ownHost: true port: 80 tlsPass: true diff --git a/tests/fixtures/env/teams/demo/services/service-a.yaml b/tests/fixtures/env/teams/demo/services/service-a.yaml index 9a0e4b72b2..8fb3ffc93e 100644 --- a/tests/fixtures/env/teams/demo/services/service-a.yaml +++ b/tests/fixtures/env/teams/demo/services/service-a.yaml @@ -4,5 +4,4 @@ metadata: labels: apl.io/teamId: demo spec: - name: service-a type: cluster diff --git a/tests/fixtures/env/teams/demo/services/service-b.yaml b/tests/fixtures/env/teams/demo/services/service-b.yaml index 4b42900fa9..898203adcd 100644 --- a/tests/fixtures/env/teams/demo/services/service-b.yaml +++ b/tests/fixtures/env/teams/demo/services/service-b.yaml @@ -4,5 +4,4 @@ metadata: labels: apl.io/teamId: demo spec: - name: service-b type: cluster diff --git a/tests/fixtures/env/teams/demo/services/service-d.yaml b/tests/fixtures/env/teams/demo/services/service-d.yaml index 43adbdda42..4d8037a580 100644 --- a/tests/fixtures/env/teams/demo/services/service-d.yaml +++ b/tests/fixtures/env/teams/demo/services/service-d.yaml @@ -4,5 +4,4 @@ metadata: labels: apl.io/teamId: demo spec: - name: service-d type: cluster diff --git a/tests/fixtures/env/teams/demo/services/service-e.yaml b/tests/fixtures/env/teams/demo/services/service-e.yaml index 66e38600af..30c2060704 100644 --- a/tests/fixtures/env/teams/demo/services/service-e.yaml +++ b/tests/fixtures/env/teams/demo/services/service-e.yaml @@ -19,7 +19,6 @@ spec: - name: sander value: same-origin ingressClassName: net-a - name: service-e trafficControl: enabled: true weightV1: 50 diff --git a/tests/fixtures/env/teams/demo/services/some-svc.yaml b/tests/fixtures/env/teams/demo/services/some-svc.yaml index 00edf979fb..8563064875 100644 --- a/tests/fixtures/env/teams/demo/services/some-svc.yaml +++ b/tests/fixtures/env/teams/demo/services/some-svc.yaml @@ -4,6 +4,5 @@ metadata: labels: apl.io/teamId: demo spec: - name: some-svc port: 80 type: cluster diff --git a/tests/fixtures/env/teams/demo/services/tlspass.yaml b/tests/fixtures/env/teams/demo/services/tlspass.yaml index 6dfaf71591..d0eb63679f 100644 --- a/tests/fixtures/env/teams/demo/services/tlspass.yaml +++ b/tests/fixtures/env/teams/demo/services/tlspass.yaml @@ -6,7 +6,6 @@ metadata: spec: ksvc: predeployed: true - name: tlspass port: 443 tlsPass: true type: public diff --git a/tests/fixtures/env/teams/demo/settings.yaml b/tests/fixtures/env/teams/demo/settings.yaml index 0ae7ab6a41..0347774cd6 100644 --- a/tests/fixtures/env/teams/demo/settings.yaml +++ b/tests/fixtures/env/teams/demo/settings.yaml @@ -15,7 +15,7 @@ spec: channel: aaaaa channelCrit: aaaaa url: https://slack.con - id: demo + groupInterval: 5m managedMonitoring: alertmanager: true grafana: true @@ -25,8 +25,10 @@ spec: oidc: groupMapping: somesecretvalue resourceQuota: + - name: pods + value: '50' - name: services.loadbalancers - value: '1' + value: '0' selfService: access: - shell diff --git a/tests/fixtures/env/teams/demo/workloads/wd.yaml b/tests/fixtures/env/teams/demo/workloads/wd.yaml index 321fe79aec..4a9a6693a8 100644 --- a/tests/fixtures/env/teams/demo/workloads/wd.yaml +++ b/tests/fixtures/env/teams/demo/workloads/wd.yaml @@ -6,7 +6,6 @@ metadata: spec: imageUpdateStrategy: type: disabled - name: wd path: ./ revision: main url: https://myrepo.local/mychart.git diff --git a/tests/fixtures/env/teams/demo/workloads/wd1.yaml b/tests/fixtures/env/teams/demo/workloads/wd1.yaml index 46183c7830..432062d977 100644 --- a/tests/fixtures/env/teams/demo/workloads/wd1.yaml +++ b/tests/fixtures/env/teams/demo/workloads/wd1.yaml @@ -11,7 +11,6 @@ spec: tag: latest tagParameter: v2.image.tag type: digest - name: wd1 path: ./ revision: main url: https://myrepo.local/mychart.git diff --git a/tests/fixtures/env/teams/demo/workloads/wd2.yaml b/tests/fixtures/env/teams/demo/workloads/wd2.yaml index 28874b3e11..e8fafc1a4d 100644 --- a/tests/fixtures/env/teams/demo/workloads/wd2.yaml +++ b/tests/fixtures/env/teams/demo/workloads/wd2.yaml @@ -9,7 +9,6 @@ spec: imageRepository: harbor.try-otomi.net/team-orange/green versionConstraint: '1.12' type: semver - name: wd2 path: ./ revision: main url: https://myrepo.local/mychart.git diff --git a/tests/fixtures/env/teams/demo/workloads/wd3.yaml b/tests/fixtures/env/teams/demo/workloads/wd3.yaml index 376eacd2ed..4dc37ebb30 100644 --- a/tests/fixtures/env/teams/demo/workloads/wd3.yaml +++ b/tests/fixtures/env/teams/demo/workloads/wd3.yaml @@ -6,7 +6,6 @@ metadata: spec: imageUpdateStrategy: type: disabled - name: wd3 path: ./ revision: main url: https://myrepo.local/mychart.git diff --git a/tests/fixtures/env/teams/dev/apps.yaml b/tests/fixtures/env/teams/dev/apps.yaml index 3644c44051..61cbf3f5ed 100644 --- a/tests/fixtures/env/teams/dev/apps.yaml +++ b/tests/fixtures/env/teams/dev/apps.yaml @@ -3,4 +3,65 @@ metadata: name: dev labels: apl.io/teamId: dev -spec: {} +spec: + alertmanager: + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 10m + memory: 64Mi + grafana: + resources: + grafana: + limits: + cpu: '1' + memory: 1Gi + requests: + cpu: 10m + memory: 128Mi + sidecar: + limits: + cpu: 500m + memory: 256Mi + requests: + cpu: 10m + memory: 128Mi + tekton: + resources: + buildpacksTask: + limits: + cpu: '2' + memory: 2Gi + requests: + cpu: 500m + memory: 512Mi + dashboard: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + gitCloneTask: + limits: + cpu: '2' + memory: 2Gi + requests: + cpu: 500m + memory: 512Mi + grypeTask: + limits: + cpu: '2' + memory: 2Gi + requests: + cpu: 500m + memory: 512Mi + kanikoTask: + limits: + cpu: '2' + memory: 2Gi + requests: + cpu: 500m + memory: 512Mi diff --git a/tests/fixtures/env/teams/dev/netpols/allow-egress-2.yaml b/tests/fixtures/env/teams/dev/netpols/allow-egress-2.yaml index 41a8cf983d..f6c540e0ca 100644 --- a/tests/fixtures/env/teams/dev/netpols/allow-egress-2.yaml +++ b/tests/fixtures/env/teams/dev/netpols/allow-egress-2.yaml @@ -4,7 +4,6 @@ metadata: labels: apl.io/teamId: dev spec: - name: allow-egress-2 ruleType: type: egress egress: diff --git a/tests/fixtures/env/teams/dev/netpols/allow-ingress-1.yaml b/tests/fixtures/env/teams/dev/netpols/allow-ingress-1.yaml index 073d433871..8a94dd3658 100644 --- a/tests/fixtures/env/teams/dev/netpols/allow-ingress-1.yaml +++ b/tests/fixtures/env/teams/dev/netpols/allow-ingress-1.yaml @@ -4,7 +4,6 @@ metadata: labels: apl.io/teamId: dev spec: - name: allow-ingress-1 ruleType: ingress: allow: diff --git a/tests/fixtures/env/teams/dev/secrets.settings.yaml b/tests/fixtures/env/teams/dev/secrets.settings.yaml new file mode 100644 index 0000000000..41599125ef --- /dev/null +++ b/tests/fixtures/env/teams/dev/secrets.settings.yaml @@ -0,0 +1,6 @@ +kind: AplTeamSettingSet +spec: + password: IkdUsKPcGAdanjas +name: dev +metadata: + name: dev diff --git a/tests/fixtures/env/teams/dev/settings.yaml b/tests/fixtures/env/teams/dev/settings.yaml index d0c9331704..13f85cf8f6 100644 --- a/tests/fixtures/env/teams/dev/settings.yaml +++ b/tests/fixtures/env/teams/dev/settings.yaml @@ -4,7 +4,6 @@ metadata: labels: apl.io/teamId: dev spec: - id: dev managedMonitoring: alertmanager: true grafana: true @@ -17,4 +16,17 @@ spec: - downloadCertificateAuthority policies: - edit policies + apps: [] + service: + - ingress password: IkdUsKPcGAdanjas + alerts: + groupInterval: 5m + receivers: + - none + repeatInterval: 3h + resourceQuota: + - name: pods + value: '50' + - name: services.loadbalancers + value: '0' diff --git a/tests/fixtures/env/users/secrets.23d63558-49ed-48ba-bc28-8037a7236ddf.yaml b/tests/fixtures/env/users/secrets.23d63558-49ed-48ba-bc28-8037a7236ddf.yaml index 1314044ffb..9b672ed1fd 100644 --- a/tests/fixtures/env/users/secrets.23d63558-49ed-48ba-bc28-8037a7236ddf.yaml +++ b/tests/fixtures/env/users/secrets.23d63558-49ed-48ba-bc28-8037a7236ddf.yaml @@ -11,4 +11,4 @@ spec: lastName: admin teams: - demo - id: 23d63558-49ed-48ba-bc28-8037a7236ddf + name: 23d63558-49ed-48ba-bc28-8037a7236ddf diff --git a/tests/fixtures/env/users/secrets.9a3a478b-a747-4b4a-be69-a9abf1979df2.yaml b/tests/fixtures/env/users/secrets.9a3a478b-a747-4b4a-be69-a9abf1979df2.yaml index 6abee02960..0217ff6653 100644 --- a/tests/fixtures/env/users/secrets.9a3a478b-a747-4b4a-be69-a9abf1979df2.yaml +++ b/tests/fixtures/env/users/secrets.9a3a478b-a747-4b4a-be69-a9abf1979df2.yaml @@ -11,4 +11,4 @@ spec: lastName: member teams: - demo - id: 9a3a478b-a747-4b4a-be69-a9abf1979df2 + name: 9a3a478b-a747-4b4a-be69-a9abf1979df2 diff --git a/tests/fixtures/env/users/serets.a83e20b7-474a-4262-a3ad-b09813364ece.yaml b/tests/fixtures/env/users/secrets.a83e20b7-474a-4262-a3ad-b09813364ece.yaml similarity index 80% rename from tests/fixtures/env/users/serets.a83e20b7-474a-4262-a3ad-b09813364ece.yaml rename to tests/fixtures/env/users/secrets.a83e20b7-474a-4262-a3ad-b09813364ece.yaml index 5428e559bd..6d6f077461 100644 --- a/tests/fixtures/env/users/serets.a83e20b7-474a-4262-a3ad-b09813364ece.yaml +++ b/tests/fixtures/env/users/secrets.a83e20b7-474a-4262-a3ad-b09813364ece.yaml @@ -1,7 +1,6 @@ kind: AplUser metadata: name: a83e20b7-474a-4262-a3ad-b09813364ece - labels: {} spec: email: platform@admin.com firstName: platform @@ -9,4 +8,4 @@ spec: isPlatformAdmin: true isTeamAdmin: true lastName: admin - id: a83e20b7-474a-4262-a3ad-b09813364ece + name: a83e20b7-474a-4262-a3ad-b09813364ece diff --git a/values-schema.yaml b/values-schema.yaml index 35496bf7b1..fca52473da 100644 --- a/values-schema.yaml +++ b/values-schema.yaml @@ -1497,7 +1497,7 @@ definitions: type: object description: A user in keycloak, who can be a platform admin, a team admin, or a team member. properties: - id: + name: type: string email: $ref: '#/definitions/email'