121 lines
3.2 KiB
YAML
121 lines
3.2 KiB
YAML
suite: Secret
|
|
templates:
|
|
- secret.yaml
|
|
tests:
|
|
- it: generate a secret when neither authToken nor joinParams.tokenName are provided
|
|
asserts:
|
|
- hasDocuments:
|
|
count: 1
|
|
- isKind:
|
|
of: Secret
|
|
- matchSnapshot: {}
|
|
- it: generates a secret when authToken is provided
|
|
set:
|
|
authToken: sample-auth-token-dont-use-this
|
|
asserts:
|
|
- hasDocuments:
|
|
count: 1
|
|
- isKind:
|
|
of: Secret
|
|
- equal:
|
|
path: metadata.name
|
|
value: teleport-kube-agent-join-token
|
|
- matchSnapshot: {}
|
|
|
|
- it: generates a secret when joinParams.tokenName is provided
|
|
set:
|
|
joinParams:
|
|
tokenName: sample-auth-token-dont-use-this
|
|
asserts:
|
|
- hasDocuments:
|
|
count: 1
|
|
- isKind:
|
|
of: Secret
|
|
- equal:
|
|
path: metadata.name
|
|
value: teleport-kube-agent-join-token
|
|
- matchSnapshot: {}
|
|
|
|
- it: generates a secret with a custom name when authToken and secretName are provided
|
|
set:
|
|
authToken: sample-auth-token-dont-use-this
|
|
secretName: some-other-secret-name
|
|
asserts:
|
|
- hasDocuments:
|
|
count: 1
|
|
- isKind:
|
|
of: Secret
|
|
- equal:
|
|
path: metadata.name
|
|
value: some-other-secret-name
|
|
- matchSnapshot: {}
|
|
|
|
- it: generates a secret with a custom name when authToken and joinTokenSecret.name are provided
|
|
set:
|
|
authToken: sample-auth-token-dont-use-this
|
|
joinTokenSecret:
|
|
name: some-other-secret-name
|
|
create: true
|
|
asserts:
|
|
- hasDocuments:
|
|
count: 1
|
|
- isKind:
|
|
of: Secret
|
|
- equal:
|
|
path: metadata.name
|
|
value: some-other-secret-name
|
|
- matchSnapshot: {}
|
|
|
|
- it: generates a secret when jamfCredentialsSecret.create is true
|
|
values:
|
|
- ../.lint/jamf-service.yaml
|
|
asserts:
|
|
- containsDocument:
|
|
kind: Secret
|
|
apiVersion: v1
|
|
name: teleport-jamf-api-credentials
|
|
- matchSnapshot: {}
|
|
# documentIndex: 0=Secret(joinToken) 1=Secret(jamfSecret)
|
|
documentIndex: 1
|
|
|
|
- it: does not create a secret when joinTokenSecret.create is false
|
|
set:
|
|
authToken: sample-auth-token-dont-use-this
|
|
joinTokenSecret:
|
|
name: some-other-secret-name
|
|
create: false
|
|
asserts:
|
|
- hasDocuments:
|
|
count: 0
|
|
|
|
- it: does not create a secret when jamfCredentialsSecret.create is false
|
|
values:
|
|
- ../.lint/jamf-service-existing-secret.yaml
|
|
asserts:
|
|
- hasDocuments:
|
|
count: 1 # only joinToken secret is created
|
|
|
|
- it: sets Secret labels when specified
|
|
values:
|
|
- ../.lint/extra-labels.yaml
|
|
asserts:
|
|
- equal:
|
|
path: metadata.labels.app\.kubernetes\.io/name
|
|
value: teleport-kube-agent
|
|
- equal:
|
|
path: metadata.labels.resource
|
|
value: secret
|
|
- matchSnapshot: {}
|
|
|
|
- it: sets Secret annotations when specified
|
|
values:
|
|
- ../.lint/annotations.yaml
|
|
asserts:
|
|
- equal:
|
|
path: metadata.annotations.kubernetes\.io/secret
|
|
value: test-annotation
|
|
- equal:
|
|
path: metadata.annotations.kubernetes\.io/secret-different
|
|
value: 6
|
|
- matchSnapshot: {}
|