-
Notifications
You must be signed in to change notification settings - Fork 37
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Updated tests to test against split out items (#17)
* Updated tests to test against split out items * Added tools used by testing
- Loading branch information
1 parent
d32cd06
commit 6ed0e96
Showing
6 changed files
with
140 additions
and
69 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
split_via_yq() { | ||
SEARCH_PATH=$1 | ||
SEARCH_DIR=$(dirname "$1") | ||
KEY=$2 | ||
|
||
mkdir -p /tmp/rego-policies/${SEARCH_DIR} | ||
|
||
for file in $(ls ${SEARCH_PATH} | xargs) ; do | ||
yq --yaml-output "${KEY}" ${file} > /tmp/rego-policies/${SEARCH_DIR}/$(basename "${file}") | ||
done | ||
} | ||
|
||
split_via_jq() { | ||
SEARCH_PATH=$1 | ||
SEARCH_DIR=$(dirname "$1") | ||
KEY=$2 | ||
|
||
mkdir -p /tmp/rego-policies/${SEARCH_DIR} | ||
|
||
for file in $(ls ${SEARCH_PATH} | xargs) ; do | ||
jq "${KEY}" ${file} > /tmp/rego-policies/${SEARCH_DIR}/$(basename "${file}") | ||
done | ||
} | ||
|
||
copy_file_via_yq() { | ||
FILE_PATH=$1 | ||
FILE_DIR=$(dirname "$1") | ||
|
||
mkdir -p /tmp/rego-policies/${FILE_DIR} | ||
|
||
yq --yaml-output "." ${FILE_PATH} > /tmp/rego-policies/${FILE_DIR}/$(basename ${FILE_PATH}) | ||
} | ||
|
||
copy_dir_via_jq() { | ||
SEARCH_PATH=$1 | ||
SEARCH_DIR=$(dirname "$1") | ||
|
||
mkdir -p /tmp/rego-policies/${SEARCH_DIR} | ||
|
||
for file in $(ls ${SEARCH_PATH} | xargs) ; do | ||
jq '.' ${file} > /tmp/rego-policies/${SEARCH_DIR}/$(basename ${file}) | ||
done | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
--- | ||
apiVersion: v1 | ||
kind: List | ||
metadata: | ||
name: Foo | ||
items: | ||
# Cluster Scoped | ||
- apiVersion: v1 | ||
kind: SecurityContextConstraints | ||
metadata: | ||
name: Bar | ||
# Project Scoped | ||
- apiVersion: v1 | ||
kind: ProjectRequest | ||
metadata: | ||
name: Bar | ||
- apiVersion: v1 | ||
kind: ImageStream | ||
metadata: | ||
name: Bar | ||
- apiVersion: v1 | ||
kind: BuildConfig | ||
metadata: | ||
name: Bar | ||
- apiVersion: v1 | ||
kind: DeploymentConfig | ||
metadata: | ||
name: Bar | ||
- apiVersion: v1 | ||
kind: RoleBinding | ||
metadata: | ||
name: Bar | ||
- apiVersion: v1 | ||
kind: Route | ||
metadata: | ||
name: Bar |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,38 +1,51 @@ | ||
#!/usr/bin/env bats | ||
|
||
@test "k8s-validation-rolebinding" { | ||
run conftest test _test/k8s-validation-rolebinding --output tap | ||
load _helpers | ||
|
||
[ "$status" -eq 1 ] | ||
[ "${lines[1]}" = "not ok 1 - _test/k8s-validation-rolebinding/list.yml - RoleBinding/NoApiGroup: RoleBinding roleRef.apiGroup key is null, use rbac.authorization.k8s.io instead." ] | ||
[ "${lines[2]}" = "not ok 2 - _test/k8s-validation-rolebinding/list.yml - RoleBinding/NoKind: RoleBinding roleRef.kind key is null, use ClusterRole or Role instead." ] | ||
[ "${lines[3]}" = "# Successes" ] | ||
@test "_test/k8s-validation-rolebinding" { | ||
split_via_yq "_test/k8s-validation-rolebinding/*.yml" ".items[]" | ||
run conftest test /tmp/rego-policies/_test/k8s-validation-rolebinding --output tap | ||
|
||
[ "$status" -eq 1 ] | ||
[ "${lines[1]}" = "not ok 1 - /tmp/rego-policies/_test/k8s-validation-rolebinding/list.yml - RoleBinding/NoApiGroup: RoleBinding roleRef.apiGroup key is null, use rbac.authorization.k8s.io instead." ] | ||
[ "${lines[2]}" = "not ok 2 - /tmp/rego-policies/_test/k8s-validation-rolebinding/list.yml - RoleBinding/NoKind: RoleBinding roleRef.kind key is null, use ClusterRole or Role instead." ] | ||
[ "${lines[3]}" = "# Successes" ] | ||
} | ||
|
||
@test "_test/ocp-42-deprecated-apiversions" { | ||
split_via_yq "_test/ocp-42-deprecated-apiversions/*.yml" ".items[]" | ||
run conftest test /tmp/rego-policies/_test/ocp-42-deprecated-apiversions --output tap | ||
|
||
[ "$status" -eq 1 ] | ||
[ "${lines[1]}" = "not ok 1 - /tmp/rego-policies/_test/ocp-42-deprecated-apiversions/list.yml - Foo/Bar: servicecatalog.k8s.io/v1beta1 is deprecated." ] | ||
[ "${lines[2]}" = "not ok 2 - /tmp/rego-policies/_test/ocp-42-deprecated-apiversions/list.yml - Foo/Bar: automationbroker.io/v1alpha1 is deprecated." ] | ||
[ "${lines[3]}" = "not ok 3 - /tmp/rego-policies/_test/ocp-42-deprecated-apiversions/list.yml - Foo/Bar: osb.openshift.io/v1 is deprecated." ] | ||
[ "${lines[4]}" = "not ok 4 - /tmp/rego-policies/_test/ocp-42-deprecated-apiversions/list.yml - Foo/Bar: operatorsources.operators.coreos.com/v1 is deprecated." ] | ||
[ "${lines[5]}" = "not ok 5 - /tmp/rego-policies/_test/ocp-42-deprecated-apiversions/list.yml - Foo/Bar: catalogsourceconfigs.operators.coreos.com/v1 is deprecated." ] | ||
[ "${lines[6]}" = "not ok 6 - /tmp/rego-policies/_test/ocp-42-deprecated-apiversions/list.yml - Foo/Bar: catalogsourceconfigs.operators.coreos.com/v2 is deprecated." ] | ||
[ "${lines[7]}" = "# Successes" ] | ||
} | ||
|
||
@test "ocp-42-deprecated-apiversions" { | ||
run conftest test _test/ocp-42-deprecated-apiversions --output tap | ||
|
||
[ "$status" -eq 1 ] | ||
[ "${lines[1]}" = "not ok 1 - _test/ocp-42-deprecated-apiversions/list.yml - Foo/Bar: servicecatalog.k8s.io/v1beta1 is deprecated." ] | ||
[ "${lines[2]}" = "not ok 2 - _test/ocp-42-deprecated-apiversions/list.yml - Foo/Bar: automationbroker.io/v1alpha1 is deprecated." ] | ||
[ "${lines[3]}" = "not ok 3 - _test/ocp-42-deprecated-apiversions/list.yml - Foo/Bar: osb.openshift.io/v1 is deprecated." ] | ||
[ "${lines[4]}" = "not ok 4 - _test/ocp-42-deprecated-apiversions/list.yml - Foo/Bar: operatorsources.operators.coreos.com/v1 is deprecated." ] | ||
[ "${lines[5]}" = "not ok 5 - _test/ocp-42-deprecated-apiversions/list.yml - Foo/Bar: catalogsourceconfigs.operators.coreos.com/v1 is deprecated." ] | ||
[ "${lines[6]}" = "not ok 6 - _test/ocp-42-deprecated-apiversions/list.yml - Foo/Bar: catalogsourceconfigs.operators.coreos.com/v2 is deprecated." ] | ||
[ "${lines[7]}" = "# Successes" ] | ||
@test "_test/ocp-43-deprecated-apiversions/template.yml" { | ||
copy_file_via_yq "_test/ocp-43-deprecated-apiversions/template.yml" | ||
run conftest test _test/ocp-43-deprecated-apiversions/template.yml --output tap | ||
|
||
[ "$status" -eq 1 ] | ||
[ "${lines[1]}" = "not ok 1 - _test/ocp-43-deprecated-apiversions/template.yml - Template/Foo: API v1 for Template is no longer served by default, use template.openshift.io/v1 instead." ] | ||
[ "${lines[2]}" = "# Successes" ] | ||
} | ||
|
||
@test "ocp-43-deprecated-apiversions" { | ||
run conftest test _test/ocp-43-deprecated-apiversions --output tap | ||
|
||
[ "$status" -eq 1 ] | ||
[ "${lines[1]}" = "not ok 1 - _test/ocp-43-deprecated-apiversions/template.yml - Template/Foo: API v1 for Template is no longer served by default, use template.openshift.io/v1 instead." ] | ||
[ "${lines[2]}" = "not ok 2 - _test/ocp-43-deprecated-apiversions/template.yml - ProjectRequest/Bar: API v1 for ProjectRequest is no longer served by default, use project.openshift.io/v1 instead." ] | ||
[ "${lines[3]}" = "not ok 3 - _test/ocp-43-deprecated-apiversions/template.yml - ImageStream/Bar: API v1 for ImageStream is no longer served by default, use image.openshift.io/v1 instead." ] | ||
[ "${lines[4]}" = "not ok 4 - _test/ocp-43-deprecated-apiversions/template.yml - BuildConfig/Bar: API v1 for BuildConfig is no longer served by default, use build.openshift.io/v1 instead." ] | ||
[ "${lines[5]}" = "not ok 5 - _test/ocp-43-deprecated-apiversions/template.yml - DeploymentConfig/Bar: API v1 for DeploymentConfig is no longer served by default, use apps.openshift.io/v1 instead." ] | ||
[ "${lines[6]}" = "not ok 6 - _test/ocp-43-deprecated-apiversions/template.yml - RoleBinding/Bar: API v1 for RoleBinding is no longer served by default, use rbac.authorization.k8s.io/v1 instead." ] | ||
[ "${lines[7]}" = "not ok 7 - _test/ocp-43-deprecated-apiversions/template.yml - Route/Bar: API v1 for Route is no longer served by default, use route.openshift.io/v1 instead." ] | ||
[ "${lines[8]}" = "not ok 8 - _test/ocp-43-deprecated-apiversions/template.yml - SecurityContextConstraints/Bar: API v1 for SecurityContextConstraints is no longer served by default, use security.openshift.io/v1 instead." ] | ||
[ "${lines[9]}" = "# Successes" ] | ||
@test "_test/ocp-43-deprecated-apiversions/list.yml" { | ||
split_via_yq "_test/ocp-43-deprecated-apiversions/list.yml" ".items[]" | ||
run conftest test /tmp/rego-policies/_test/ocp-43-deprecated-apiversions/list.yml --output tap | ||
|
||
[ "$status" -eq 1 ] | ||
[ "${lines[1]}" = "not ok 1 - /tmp/rego-policies/_test/ocp-43-deprecated-apiversions/list.yml - SecurityContextConstraints/Bar: API v1 for SecurityContextConstraints is no longer served by default, use security.openshift.io/v1 instead." ] | ||
[ "${lines[2]}" = "not ok 2 - /tmp/rego-policies/_test/ocp-43-deprecated-apiversions/list.yml - ProjectRequest/Bar: API v1 for ProjectRequest is no longer served by default, use project.openshift.io/v1 instead." ] | ||
[ "${lines[3]}" = "not ok 3 - /tmp/rego-policies/_test/ocp-43-deprecated-apiversions/list.yml - ImageStream/Bar: API v1 for ImageStream is no longer served by default, use image.openshift.io/v1 instead." ] | ||
[ "${lines[4]}" = "not ok 4 - /tmp/rego-policies/_test/ocp-43-deprecated-apiversions/list.yml - BuildConfig/Bar: API v1 for BuildConfig is no longer served by default, use build.openshift.io/v1 instead." ] | ||
[ "${lines[5]}" = "not ok 5 - /tmp/rego-policies/_test/ocp-43-deprecated-apiversions/list.yml - DeploymentConfig/Bar: API v1 for DeploymentConfig is no longer served by default, use apps.openshift.io/v1 instead." ] | ||
[ "${lines[6]}" = "not ok 6 - /tmp/rego-policies/_test/ocp-43-deprecated-apiversions/list.yml - RoleBinding/Bar: API v1 for RoleBinding is no longer served by default, use rbac.authorization.k8s.io/v1 instead." ] | ||
[ "${lines[7]}" = "not ok 7 - /tmp/rego-policies/_test/ocp-43-deprecated-apiversions/list.yml - Route/Bar: API v1 for Route is no longer served by default, use route.openshift.io/v1 instead." ] | ||
[ "${lines[8]}" = "# Successes" ] | ||
} |