diff --git a/.github/workflows/gotest.yml b/.github/workflows/gotest.yml index a524f8c..8fc7b75 100644 --- a/.github/workflows/gotest.yml +++ b/.github/workflows/gotest.yml @@ -19,4 +19,4 @@ jobs: - run: go mod download - name: Run Go unit tests run: | - go test $(go list ./... | grep -v /internal/registry) + go test ./... diff --git a/go.mod b/go.mod index 73494a9..1377977 100644 --- a/go.mod +++ b/go.mod @@ -15,6 +15,7 @@ require ( github.com/go-chi/chi/v5 v5.1.0 github.com/gookit/event v1.1.2 github.com/onsi/ginkgo/v2 v2.20.2 + github.com/ory/dockertest/v3 v3.11.0 github.com/prometheus/client_golang v1.20.4 github.com/reugn/go-quartz v0.13.0 github.com/sirupsen/logrus v1.9.3 @@ -28,14 +29,21 @@ require ( ) require ( + dario.cat/mergo v1.0.0 // indirect + github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect github.com/BurntSushi/toml v1.4.0 // indirect + github.com/Microsoft/go-winio v0.6.2 // indirect + github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 // indirect github.com/beorn7/perks v1.0.1 // indirect + github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/containerd/continuity v0.4.3 // indirect github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 // indirect github.com/containers/ocicrypt v1.2.0 // indirect github.com/containers/storage v1.55.0 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/distribution/reference v0.6.0 // indirect + github.com/docker/cli v27.1.1+incompatible // indirect github.com/docker/distribution v2.8.3+incompatible // indirect github.com/docker/docker v27.1.1+incompatible // indirect github.com/docker/docker-credential-helpers v0.8.2 // indirect @@ -51,6 +59,7 @@ require ( github.com/go-openapi/jsonreference v0.21.0 // indirect github.com/go-openapi/swag v0.23.0 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect + github.com/go-viper/mapstructure/v2 v2.2.1 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect @@ -58,6 +67,7 @@ require ( github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 // indirect + github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/google/uuid v1.6.0 // indirect github.com/gorilla/mux v1.8.1 // indirect github.com/imdario/mergo v0.3.16 // indirect @@ -68,14 +78,17 @@ require ( github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.19 // indirect + github.com/moby/docker-image-spec v1.3.1 // indirect github.com/moby/sys/mountinfo v0.7.2 // indirect github.com/moby/sys/user v0.2.0 // indirect + github.com/moby/term v0.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/onsi/gomega v1.34.2 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.0 // indirect + github.com/opencontainers/runc v1.1.13 // indirect github.com/opencontainers/runtime-spec v1.2.0 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect @@ -86,6 +99,10 @@ require ( github.com/stretchr/objx v0.5.2 // indirect github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect github.com/x448/float16 v0.8.4 // indirect + github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect + github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect + github.com/xeipuuv/gojsonschema v1.2.0 // indirect + go.uber.org/zap v1.27.0 // indirect golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect golang.org/x/mod v0.20.0 // indirect golang.org/x/net v0.28.0 // indirect diff --git a/go.sum b/go.sum index 16b01f9..018a85d 100644 --- a/go.sum +++ b/go.sum @@ -1,13 +1,27 @@ +dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= +dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= +filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA= +filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4= +github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0= +github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0= github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= github.com/Masterminds/semver/v3 v3.3.0 h1:B8LGeaivUe71a5qox1ICM/JLl0NqZSW5CHyL+hmvYS0= github.com/Masterminds/semver/v3 v3.3.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM= +github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= +github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= +github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw= +github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bombsimon/logrusr/v4 v4.1.0 h1:uZNPbwusB0eUXlO8hIUwStE6Lr5bLN6IgYgG+75kuh4= github.com/bombsimon/logrusr/v4 v4.1.0/go.mod h1:pjfHC5e59CvjTBIU3V3sGhFWFAnsnhOR03TRc6im0l8= +github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= +github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/containerd/continuity v0.4.3 h1:6HVkalIp+2u1ZLH1J/pYX2oBVXlJZvh1X1A7bEZ9Su8= +github.com/containerd/continuity v0.4.3/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ= github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= github.com/containers/image/v5 v5.32.2 h1:SzNE2Y6sf9b1GJoC8qjCuMBXwQrACFp4p0RK15+4gmQ= @@ -22,6 +36,8 @@ github.com/containrrr/shoutrrr v0.8.0 h1:mfG2ATzIS7NR2Ec6XL+xyoHzN97H8WPjir8aYzJ github.com/containrrr/shoutrrr v0.8.0/go.mod h1:ioyQAyu1LJY6sILuNyKaQaw+9Ttik5QePU8atnAdO2o= github.com/crazy-max/diun/v4 v4.28.0 h1:3kWWkc6TAII32Mxlc7PMN32IEMYcglms0ycqBSpNtFE= github.com/crazy-max/diun/v4 v4.28.0/go.mod h1:vw/KMvUuaBNolMgwhfib72+neHK+ZOUF6DfmQLDOKbo= +github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= +github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= @@ -66,8 +82,12 @@ github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= +github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y= +github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= +github.com/go-viper/mapstructure/v2 v2.2.1 h1:ZAaOCxANMuZx5RCeg0mBdEZk7DZasvvZIxtHqx8aGss= +github.com/go-viper/mapstructure/v2 v2.2.1/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= @@ -84,6 +104,8 @@ github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 h1:5iH8iuqE5apketRbSFBy+X1V0o+l+8NF1avt4HWl7cA= github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= +github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= +github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gookit/color v1.5.4 h1:FZmqs7XOyGgCAxmWyPslpiok1k05wmY3SJTytgvYFs0= @@ -114,6 +136,8 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= +github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= +github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= @@ -121,10 +145,14 @@ github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovk github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= +github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= github.com/moby/sys/mountinfo v0.7.2 h1:1shs6aH5s4o5H2zQLn796ADW1wMrIwHsyJ2v9KouLrg= github.com/moby/sys/mountinfo v0.7.2/go.mod h1:1YOa8w8Ih7uW0wALDUgT1dTTSBrZ+HiBLGws92L2RU4= github.com/moby/sys/user v0.2.0 h1:OnpapJsRp25vkhw8TFG6OLJODNh/3rEwRWtJ3kakwRM= github.com/moby/sys/user v0.2.0/go.mod h1:RYstrcWOJpVh+6qzUqp2bU3eaRpdiQeKGlKitaH0PM8= +github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= +github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -140,8 +168,12 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug= github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM= +github.com/opencontainers/runc v1.1.13 h1:98S2srgG9vw0zWcDpFMn5TRrh8kLxa/5OFUstuUhmRs= +github.com/opencontainers/runc v1.1.13/go.mod h1:R016aXacfp/gwQBYw2FDGa9m+n6atbLWrYY8hNMT/sA= github.com/opencontainers/runtime-spec v1.2.0 h1:z97+pHb3uELt/yiAWD691HNHQIF07bE7dzrbT927iTk= github.com/opencontainers/runtime-spec v1.2.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/ory/dockertest/v3 v3.11.0 h1:OiHcxKAvSDUwsEVh2BjxQQc/5EHz9n0va9awCtNGuyA= +github.com/ory/dockertest/v3 v3.11.0/go.mod h1:VIPxS1gwT9NpPOrfD3rACs8Y9Z7yhzO4SB194iUDnUI= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -180,6 +212,13 @@ github.com/vbatts/tar-split v0.11.5 h1:3bHCTIheBm1qFTcgh9oPu+nNBtX+XJIupG/vacinC github.com/vbatts/tar-split v0.11.5/go.mod h1:yZbwRsSeGjusneWgA781EKej9HF8vme8okylkAeNKLk= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= +github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= +github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= +github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no= github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -188,8 +227,8 @@ go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= -go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -213,6 +252,7 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -253,6 +293,9 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= +gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU= +gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU= k8s.io/api v0.31.1 h1:Xe1hX/fPW3PXYYv8BlozYqw63ytA92snr96zMW9gWTU= k8s.io/api v0.31.1/go.mod h1:sbN1g6eY6XVLeqNsZGLnI5FwVseTrZX7Fv3O26rhAaI= k8s.io/apiextensions-apiserver v0.31.0 h1:fZgCVhGwsclj3qCw1buVXCV6khjRzKC5eCFt24kyLSk= diff --git a/test/manifests/README.md b/test/manifests/README.md deleted file mode 100644 index 7b0f2fa..0000000 --- a/test/manifests/README.md +++ /dev/null @@ -1,20 +0,0 @@ -# Unit test env - -## Setup - -```bash -microk8s start -microk8s addons enable ingress -``` - -## Deploy - -```bash -kustomize build --enable-helm . | kubectl apply -f - -``` - -## Remove - -```bash -kustomize build --enable-helm . | kubectl delete -f - -``` diff --git a/test/manifests/kustomization.yaml b/test/manifests/kustomization.yaml deleted file mode 100644 index 392d46c..0000000 --- a/test/manifests/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - - -resources: - - ns-tests.yaml - - tests diff --git a/test/manifests/ns-tests.yaml b/test/manifests/ns-tests.yaml deleted file mode 100644 index 8d327e4..0000000 --- a/test/manifests/ns-tests.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - creationTimestamp: null - name: tests -spec: {} -status: {} diff --git a/test/manifests/tests/ingress/helm/values.yaml b/test/manifests/tests/ingress/helm/values.yaml deleted file mode 100644 index fbd0b31..0000000 --- a/test/manifests/tests/ingress/helm/values.yaml +++ /dev/null @@ -1,1190 +0,0 @@ -## nginx configuration -## Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/index.md -## - -## Overrides for generated resource names -# See templates/_helpers.tpl -# nameOverride: -# fullnameOverride: - -# -- Override the deployment namespace; defaults to .Release.Namespace -namespaceOverride: "" -## Labels to apply to all resources -## -commonLabels: {} -# scmhash: abc123 -# myLabel: aakkmd - -controller: - name: controller - enableAnnotationValidations: false - image: - ## Keep false as default for now! - chroot: false - registry: registry.k8s.io - image: ingress-nginx/controller - ## for backwards compatibility consider setting the full image url via the repository value below - ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail - ## repository: - tag: "v1.11.2" - digest: sha256:d5f8217feeac4887cb1ed21f27c2674e58be06bd8f5184cacea2a69abaf78dce - digestChroot: sha256:21b55a2f0213a18b91612a8c0850167e00a8e34391fd595139a708f9c047e7a8 - pullPolicy: IfNotPresent - runAsNonRoot: true - # www-data -> uid 101 - runAsUser: 101 - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - readOnlyRootFilesystem: false - # -- Use an existing PSP instead of creating one - existingPsp: "" - # -- Configures the controller container name - containerName: controller - # -- Configures the ports that the nginx-controller listens on - containerPort: - http: 80 - https: 443 - # -- Global configuration passed to the ConfigMap consumed by the controller. Values may contain Helm templates. - # Ref.: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/ - config: {} - # -- Annotations to be added to the controller config configuration configmap. - configAnnotations: {} - # -- Will add custom headers before sending traffic to backends according to https://github.com/kubernetes/ingress-nginx/tree/main/docs/examples/customization/custom-headers - proxySetHeaders: {} - # -- Will add custom headers before sending response traffic to the client according to: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#add-headers - addHeaders: {} - # -- Optionally customize the pod dnsConfig. - dnsConfig: {} - # -- Optionally customize the pod hostAliases. - hostAliases: [] - # - ip: 127.0.0.1 - # hostnames: - # - foo.local - # - bar.local - # - ip: 10.1.2.3 - # hostnames: - # - foo.remote - # - bar.remote - # -- Optionally customize the pod hostname. - hostname: {} - # -- Optionally change this to ClusterFirstWithHostNet in case you have 'hostNetwork: true'. - # By default, while using host network, name resolution uses the host's DNS. If you wish nginx-controller - # to keep resolving names inside the k8s network, use ClusterFirstWithHostNet. - dnsPolicy: ClusterFirst - # -- Bare-metal considerations via the host network https://kubernetes.github.io/ingress-nginx/deploy/baremetal/#via-the-host-network - # Ingress status was blank because there is no Service exposing the Ingress-Nginx Controller in a configuration using the host network, the default --publish-service flag used in standard cloud setups does not apply - reportNodeInternalIp: false - # -- Process Ingress objects without ingressClass annotation/ingressClassName field - # Overrides value for --watch-ingress-without-class flag of the controller binary - # Defaults to false - watchIngressWithoutClass: false - # -- Process IngressClass per name (additionally as per spec.controller). - ingressClassByName: false - # -- This configuration enables Topology Aware Routing feature, used together with service annotation service.kubernetes.io/topology-mode="auto" - # Defaults to false - enableTopologyAwareRouting: false - # -- This configuration disable Nginx Controller Leader Election - disableLeaderElection: false - # -- Duration a leader election is valid before it's getting re-elected, e.g. `15s`, `10m` or `1h`. (Default: 30s) - electionTTL: "" - # -- This configuration defines if Ingress Controller should allow users to set - # their own *-snippet annotations, otherwise this is forbidden / dropped - # when users add those annotations. - # Global snippets in ConfigMap are still respected - allowSnippetAnnotations: false - # -- Required for use with CNI based kubernetes installations (such as ones set up by kubeadm), - # since CNI and hostport don't mix yet. Can be deprecated once https://github.com/kubernetes/kubernetes/issues/23920 - # is merged - hostNetwork: false - ## Use host ports 80 and 443 - ## Disabled by default - hostPort: - # -- Enable 'hostPort' or not - enabled: false - ports: - # -- 'hostPort' http port - http: 80 - # -- 'hostPort' https port - https: 443 - # NetworkPolicy for controller component. - networkPolicy: - # -- Enable 'networkPolicy' or not - enabled: false - # -- Election ID to use for status update, by default it uses the controller name combined with a suffix of 'leader' - electionID: "" - # -- This section refers to the creation of the IngressClass resource. - # IngressClasses are immutable and cannot be changed after creation. - # We do not support namespaced IngressClasses, yet, so a ClusterRole and a ClusterRoleBinding is required. - ingressClassResource: - # -- Name of the IngressClass - name: nginx - # -- Create the IngressClass or not - enabled: true - # -- If true, Ingresses without `ingressClassName` get assigned to this IngressClass on creation. - # Ingress creation gets rejected if there are multiple default IngressClasses. - # Ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#default-ingress-class - default: false - # -- Annotations to be added to the IngressClass resource. - annotations: {} - # -- Controller of the IngressClass. An Ingress Controller looks for IngressClasses it should reconcile by this value. - # This value is also being set as the `--controller-class` argument of this Ingress Controller. - # Ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class - controllerValue: k8s.io/ingress-nginx - # -- Aliases of this IngressClass. Creates copies with identical settings but the respective alias as name. - # Useful for development environments with only one Ingress Controller but production-like Ingress resources. - # `default` gets enabled on the original IngressClass only. - aliases: [] - # aliases: - # - nginx-alias-1 - # - nginx-alias-2 - # -- A link to a custom resource containing additional configuration for the controller. - # This is optional if the controller consuming this IngressClass does not require additional parameters. - # Ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class - parameters: {} - # parameters: - # apiGroup: k8s.example.com - # kind: IngressParameters - # name: external-lb - # -- For backwards compatibility with ingress.class annotation, use ingressClass. - # Algorithm is as follows, first ingressClassName is considered, if not present, controller looks for ingress.class annotation - ingressClass: nginx - # -- Labels to add to the pod container metadata - podLabels: {} - # key: value - - # -- Security context for controller pods - podSecurityContext: {} - # -- sysctls for controller pods - ## Ref: https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ - sysctls: {} - # sysctls: - # "net.core.somaxconn": "8192" - # -- Security context for controller containers - containerSecurityContext: {} - # -- Allows customization of the source of the IP address or FQDN to report - # in the ingress status field. By default, it reads the information provided - # by the service. If disable, the status field reports the IP address of the - # node or nodes where an ingress controller pod is running. - publishService: - # -- Enable 'publishService' or not - enabled: true - # -- Allows overriding of the publish service to bind to - # Must be / - pathOverride: "" - # Limit the scope of the controller to a specific namespace - scope: - # -- Enable 'scope' or not - enabled: false - # -- Namespace to limit the controller to; defaults to $(POD_NAMESPACE) - namespace: "" - # -- When scope.enabled == false, instead of watching all namespaces, we watching namespaces whose labels - # only match with namespaceSelector. Format like foo=bar. Defaults to empty, means watching all namespaces. - namespaceSelector: "" - # -- Allows customization of the configmap / nginx-configmap namespace; defaults to $(POD_NAMESPACE) - configMapNamespace: "" - tcp: - # -- Allows customization of the tcp-services-configmap; defaults to $(POD_NAMESPACE) - configMapNamespace: "" - # -- Annotations to be added to the tcp config configmap - annotations: {} - udp: - # -- Allows customization of the udp-services-configmap; defaults to $(POD_NAMESPACE) - configMapNamespace: "" - # -- Annotations to be added to the udp config configmap - annotations: {} - # -- Maxmind license key to download GeoLite2 Databases. - ## https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases - maxmindLicenseKey: "" - # -- Additional command line arguments to pass to Ingress-Nginx Controller - # E.g. to specify the default SSL certificate you can use - extraArgs: {} - ## extraArgs: - ## default-ssl-certificate: "/" - ## time-buckets: "0.005,0.01,0.025,0.05,0.1,0.25,0.5,1,2.5,5,10" - ## length-buckets: "10,20,30,40,50,60,70,80,90,100" - ## size-buckets: "10,100,1000,10000,100000,1e+06,1e+07" - - # -- Additional environment variables to set - extraEnvs: [] - # extraEnvs: - # - name: FOO - # valueFrom: - # secretKeyRef: - # key: FOO - # name: secret-resource - - # -- Use a `DaemonSet` or `Deployment` - kind: Deployment - # -- Annotations to be added to the controller Deployment or DaemonSet - ## - annotations: {} - # keel.sh/pollSchedule: "@every 60m" - - # -- Labels to be added to the controller Deployment or DaemonSet and other resources that do not have option to specify labels - ## - labels: {} - # keel.sh/policy: patch - # keel.sh/trigger: poll - - # -- The update strategy to apply to the Deployment or DaemonSet - ## - updateStrategy: {} - # rollingUpdate: - # maxUnavailable: 1 - # type: RollingUpdate - - # -- `minReadySeconds` to avoid killing pods before we are ready - ## - minReadySeconds: 0 - # -- Node tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## - tolerations: [] - # - key: "key" - # operator: "Equal|Exists" - # value: "value" - # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" - - # -- Affinity and anti-affinity rules for server scheduling to nodes - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## - affinity: {} - # # An example of preferred pod anti-affinity, weight is in the range 1-100 - # podAntiAffinity: - # preferredDuringSchedulingIgnoredDuringExecution: - # - weight: 100 - # podAffinityTerm: - # labelSelector: - # matchExpressions: - # - key: app.kubernetes.io/name - # operator: In - # values: - # - '{{ include "ingress-nginx.name" . }}' - # - key: app.kubernetes.io/instance - # operator: In - # values: - # - '{{ .Release.Name }}' - # - key: app.kubernetes.io/component - # operator: In - # values: - # - controller - # topologyKey: kubernetes.io/hostname - - # # An example of required pod anti-affinity - # podAntiAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # - labelSelector: - # matchExpressions: - # - key: app.kubernetes.io/name - # operator: In - # values: - # - '{{ include "ingress-nginx.name" . }}' - # - key: app.kubernetes.io/instance - # operator: In - # values: - # - '{{ .Release.Name }}' - # - key: app.kubernetes.io/component - # operator: In - # values: - # - controller - # topologyKey: kubernetes.io/hostname - - # -- Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in. - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - ## - topologySpreadConstraints: [] - # - labelSelector: - # matchLabels: - # app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}' - # app.kubernetes.io/instance: '{{ .Release.Name }}' - # app.kubernetes.io/component: controller - # topologyKey: topology.kubernetes.io/zone - # maxSkew: 1 - # whenUnsatisfiable: ScheduleAnyway - # - labelSelector: - # matchLabels: - # app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}' - # app.kubernetes.io/instance: '{{ .Release.Name }}' - # app.kubernetes.io/component: controller - # topologyKey: kubernetes.io/hostname - # maxSkew: 1 - # whenUnsatisfiable: ScheduleAnyway - - # -- `terminationGracePeriodSeconds` to avoid killing pods before we are ready - ## wait up to five minutes for the drain of connections - ## - terminationGracePeriodSeconds: 300 - # -- Node labels for controller pod assignment - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ - ## - nodeSelector: - kubernetes.io/os: linux - ## Liveness and readiness probe values - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## - ## startupProbe: - ## httpGet: - ## # should match container.healthCheckPath - ## path: "/healthz" - ## port: 10254 - ## scheme: HTTP - ## initialDelaySeconds: 5 - ## periodSeconds: 5 - ## timeoutSeconds: 2 - ## successThreshold: 1 - ## failureThreshold: 5 - livenessProbe: - httpGet: - # should match container.healthCheckPath - path: "/healthz" - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 5 - readinessProbe: - httpGet: - # should match container.healthCheckPath - path: "/healthz" - port: 10254 - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - # -- Path of the health check endpoint. All requests received on the port defined by - # the healthz-port parameter are forwarded internally to this path. - healthCheckPath: "/healthz" - # -- Address to bind the health check endpoint. - # It is better to set this option to the internal node address - # if the Ingress-Nginx Controller is running in the `hostNetwork: true` mode. - healthCheckHost: "" - # -- Annotations to be added to controller pods - ## - podAnnotations: {} - replicaCount: 1 - # -- Minimum available pods set in PodDisruptionBudget. - # Define either 'minAvailable' or 'maxUnavailable', never both. - minAvailable: 1 - # -- Maximum unavailable pods set in PodDisruptionBudget. If set, 'minAvailable' is ignored. - # maxUnavailable: 1 - - ## Define requests resources to avoid probe issues due to CPU utilization in busy nodes - ## ref: https://github.com/kubernetes/ingress-nginx/issues/4735#issuecomment-551204903 - ## Ideally, there should be no limits. - ## https://engineering.indeedblog.com/blog/2019/12/cpu-throttling-regression-fix/ - resources: - ## limits: - ## cpu: 100m - ## memory: 90Mi - requests: - cpu: 100m - memory: 90Mi - # Mutually exclusive with keda autoscaling - autoscaling: - enabled: false - annotations: {} - minReplicas: 1 - maxReplicas: 11 - targetCPUUtilizationPercentage: 50 - targetMemoryUtilizationPercentage: 50 - behavior: {} - # scaleDown: - # stabilizationWindowSeconds: 300 - # policies: - # - type: Pods - # value: 1 - # periodSeconds: 180 - # scaleUp: - # stabilizationWindowSeconds: 300 - # policies: - # - type: Pods - # value: 2 - # periodSeconds: 60 - autoscalingTemplate: [] - # Custom or additional autoscaling metrics - # ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#support-for-custom-metrics - # - type: Pods - # pods: - # metric: - # name: nginx_ingress_controller_nginx_process_requests_total - # target: - # type: AverageValue - # averageValue: 10000m - - # Mutually exclusive with hpa autoscaling - keda: - apiVersion: "keda.sh/v1alpha1" - ## apiVersion changes with keda 1.x vs 2.x - ## 2.x = keda.sh/v1alpha1 - ## 1.x = keda.k8s.io/v1alpha1 - enabled: false - minReplicas: 1 - maxReplicas: 11 - pollingInterval: 30 - cooldownPeriod: 300 - # fallback: - # failureThreshold: 3 - # replicas: 11 - restoreToOriginalReplicaCount: false - scaledObject: - annotations: {} - # Custom annotations for ScaledObject resource - # annotations: - # key: value - triggers: [] - # - type: prometheus - # metadata: - # serverAddress: http://:9090 - # metricName: http_requests_total - # threshold: '100' - # query: sum(rate(http_requests_total{deployment="my-deployment"}[2m])) - - behavior: {} - # scaleDown: - # stabilizationWindowSeconds: 300 - # policies: - # - type: Pods - # value: 1 - # periodSeconds: 180 - # scaleUp: - # stabilizationWindowSeconds: 300 - # policies: - # - type: Pods - # value: 2 - # periodSeconds: 60 - # -- Enable mimalloc as a drop-in replacement for malloc. - ## ref: https://github.com/microsoft/mimalloc - ## - enableMimalloc: true - ## Override NGINX template - customTemplate: - configMapName: "" - configMapKey: "" - service: - # -- Enable controller services or not. This does not influence the creation of either the admission webhook or the metrics service. - enabled: true - external: - # -- Enable the external controller service or not. Useful for internal-only deployments. - enabled: true - # -- Annotations to be added to the external controller service. See `controller.service.internal.annotations` for annotations to be added to the internal controller service. - annotations: {} - # -- Labels to be added to both controller services. - labels: {} - # -- Type of the external controller service. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types - type: LoadBalancer - # -- Pre-defined cluster internal IP address of the external controller service. Take care of collisions with existing services. - # This value is immutable. Set once, it can not be changed without deleting and re-creating the service. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address - clusterIP: "" - # -- List of node IP addresses at which the external controller service is available. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips - externalIPs: [] - # -- Deprecated: Pre-defined IP address of the external controller service. Used by cloud providers to connect the resulting load balancer service to a pre-existing static IP. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer - loadBalancerIP: "" - # -- Restrict access to the external controller service. Values must be CIDRs. Allows any source address by default. - loadBalancerSourceRanges: [] - # -- Load balancer class of the external controller service. Used by cloud providers to select a load balancer implementation other than the cloud provider default. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class - loadBalancerClass: "" - # -- Enable node port allocation for the external controller service or not. Applies to type `LoadBalancer` only. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation - # allocateLoadBalancerNodePorts: true - - # -- External traffic policy of the external controller service. Set to "Local" to preserve source IP on providers supporting it. - # Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - externalTrafficPolicy: "" - # -- Session affinity of the external controller service. Must be either "None" or "ClientIP" if set. Defaults to "None". - # Ref: https://kubernetes.io/docs/reference/networking/virtual-ips/#session-affinity - sessionAffinity: "" - # -- Specifies the health check node port (numeric port number) for the external controller service. - # If not specified, the service controller allocates a port from your cluster's node port range. - # Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - # healthCheckNodePort: 0 - - # -- Represents the dual-stack capabilities of the external controller service. Possible values are SingleStack, PreferDualStack or RequireDualStack. - # Fields `ipFamilies` and `clusterIP` depend on the value of this field. - # Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services - ipFamilyPolicy: SingleStack - # -- List of IP families (e.g. IPv4, IPv6) assigned to the external controller service. This field is usually assigned automatically based on cluster configuration and the `ipFamilyPolicy` field. - # Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services - ipFamilies: - - IPv4 - # -- Enable the HTTP listener on both controller services or not. - enableHttp: true - # -- Enable the HTTPS listener on both controller services or not. - enableHttps: true - ports: - # -- Port the external HTTP listener is published with. - http: 80 - # -- Port the external HTTPS listener is published with. - https: 443 - targetPorts: - # -- Port of the ingress controller the external HTTP listener is mapped to. - http: http - # -- Port of the ingress controller the external HTTPS listener is mapped to. - https: https - # -- Declare the app protocol of the external HTTP and HTTPS listeners or not. Supersedes provider-specific annotations for declaring the backend protocol. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol - appProtocol: true - nodePorts: - # -- Node port allocated for the external HTTP listener. If left empty, the service controller allocates one from the configured node port range. - http: "" - # -- Node port allocated for the external HTTPS listener. If left empty, the service controller allocates one from the configured node port range. - https: "" - # -- Node port mapping for external TCP listeners. If left empty, the service controller allocates them from the configured node port range. - # Example: - # tcp: - # 8080: 30080 - tcp: {} - # -- Node port mapping for external UDP listeners. If left empty, the service controller allocates them from the configured node port range. - # Example: - # udp: - # 53: 30053 - udp: {} - internal: - # -- Enable the internal controller service or not. Remember to configure `controller.service.internal.annotations` when enabling this. - enabled: false - # -- Annotations to be added to the internal controller service. Mandatory for the internal controller service to be created. Varies with the cloud service. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - annotations: {} - # -- Type of the internal controller service. - # Defaults to the value of `controller.service.type`. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types - type: "" - # -- Pre-defined cluster internal IP address of the internal controller service. Take care of collisions with existing services. - # This value is immutable. Set once, it can not be changed without deleting and re-creating the service. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address - clusterIP: "" - # -- List of node IP addresses at which the internal controller service is available. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips - externalIPs: [] - # -- Deprecated: Pre-defined IP address of the internal controller service. Used by cloud providers to connect the resulting load balancer service to a pre-existing static IP. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer - loadBalancerIP: "" - # -- Restrict access to the internal controller service. Values must be CIDRs. Allows any source address by default. - loadBalancerSourceRanges: [] - # -- Load balancer class of the internal controller service. Used by cloud providers to select a load balancer implementation other than the cloud provider default. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class - loadBalancerClass: "" - # -- Enable node port allocation for the internal controller service or not. Applies to type `LoadBalancer` only. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation - # allocateLoadBalancerNodePorts: true - - # -- External traffic policy of the internal controller service. Set to "Local" to preserve source IP on providers supporting it. - # Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - externalTrafficPolicy: "" - # -- Session affinity of the internal controller service. Must be either "None" or "ClientIP" if set. Defaults to "None". - # Ref: https://kubernetes.io/docs/reference/networking/virtual-ips/#session-affinity - sessionAffinity: "" - # -- Specifies the health check node port (numeric port number) for the internal controller service. - # If not specified, the service controller allocates a port from your cluster's node port range. - # Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - # healthCheckNodePort: 0 - - # -- Represents the dual-stack capabilities of the internal controller service. Possible values are SingleStack, PreferDualStack or RequireDualStack. - # Fields `ipFamilies` and `clusterIP` depend on the value of this field. - # Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services - ipFamilyPolicy: SingleStack - # -- List of IP families (e.g. IPv4, IPv6) assigned to the internal controller service. This field is usually assigned automatically based on cluster configuration and the `ipFamilyPolicy` field. - # Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services - ipFamilies: - - IPv4 - ports: {} - # -- Port the internal HTTP listener is published with. - # Defaults to the value of `controller.service.ports.http`. - # http: 80 - # -- Port the internal HTTPS listener is published with. - # Defaults to the value of `controller.service.ports.https`. - # https: 443 - - targetPorts: {} - # -- Port of the ingress controller the internal HTTP listener is mapped to. - # Defaults to the value of `controller.service.targetPorts.http`. - # http: http - # -- Port of the ingress controller the internal HTTPS listener is mapped to. - # Defaults to the value of `controller.service.targetPorts.https`. - # https: https - - # -- Declare the app protocol of the internal HTTP and HTTPS listeners or not. Supersedes provider-specific annotations for declaring the backend protocol. - # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol - appProtocol: true - nodePorts: - # -- Node port allocated for the internal HTTP listener. If left empty, the service controller allocates one from the configured node port range. - http: "" - # -- Node port allocated for the internal HTTPS listener. If left empty, the service controller allocates one from the configured node port range. - https: "" - # -- Node port mapping for internal TCP listeners. If left empty, the service controller allocates them from the configured node port range. - # Example: - # tcp: - # 8080: 30080 - tcp: {} - # -- Node port mapping for internal UDP listeners. If left empty, the service controller allocates them from the configured node port range. - # Example: - # udp: - # 53: 30053 - udp: {} - # shareProcessNamespace enables process namespace sharing within the pod. - # This can be used for example to signal log rotation using `kill -USR1` from a sidecar. - shareProcessNamespace: false - # -- Additional containers to be added to the controller pod. - # See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. - extraContainers: [] - # - name: my-sidecar - # image: nginx:latest - # - name: lemonldap-ng-controller - # image: lemonldapng/lemonldap-ng-controller:0.2.0 - # args: - # - /lemonldap-ng-controller - # - --alsologtostderr - # - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration - # env: - # - name: POD_NAME - # valueFrom: - # fieldRef: - # fieldPath: metadata.name - # - name: POD_NAMESPACE - # valueFrom: - # fieldRef: - # fieldPath: metadata.namespace - # volumeMounts: - # - name: copy-portal-skins - # mountPath: /srv/var/lib/lemonldap-ng/portal/skins - - # -- Additional volumeMounts to the controller main container. - extraVolumeMounts: [] - # - name: copy-portal-skins - # mountPath: /var/lib/lemonldap-ng/portal/skins - - # -- Additional volumes to the controller pod. - extraVolumes: [] - # - name: copy-portal-skins - # emptyDir: {} - - # -- Containers, which are run before the app containers are started. - extraInitContainers: [] - # - name: init-myservice - # image: busybox - # command: ['sh', '-c', 'until nslookup myservice; do echo waiting for myservice; sleep 2; done;'] - - # -- Modules, which are mounted into the core nginx image. See values.yaml for a sample to add opentelemetry module - extraModules: [] - # - name: mytestmodule - # image: - # registry: registry.k8s.io - # image: ingress-nginx/mytestmodule - # ## for backwards compatibility consider setting the full image url via the repository value below - # ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail - # ## repository: - # tag: "v1.0.0" - # digest: "" - # distroless: false - # containerSecurityContext: - # runAsNonRoot: true - # runAsUser: - # allowPrivilegeEscalation: false - # seccompProfile: - # type: RuntimeDefault - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # resources: {} - # - # The image must contain a `/usr/local/bin/init_module.sh` executable, which - # will be executed as initContainers, to move its config files within the - # mounted volume. - - opentelemetry: - enabled: false - name: opentelemetry - image: - registry: registry.k8s.io - image: ingress-nginx/opentelemetry-1.25.3 - ## for backwards compatibility consider setting the full image url via the repository value below - ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail - ## repository: - tag: v20240813-b933310d - digest: sha256:f7604ac0547ed64d79b98d92133234e66c2c8aade3c1f4809fed5eec1fb7f922 - distroless: true - containerSecurityContext: - runAsNonRoot: true - # -- The image's default user, inherited from its base image `cgr.dev/chainguard/static`. - runAsUser: 65532 - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - resources: {} - admissionWebhooks: - name: admission - annotations: {} - # ignore-check.kube-linter.io/no-read-only-rootfs: "This deployment needs write access to root filesystem". - - ## Additional annotations to the admission webhooks. - ## These annotations will be added to the ValidatingWebhookConfiguration and - ## the Jobs Spec of the admission webhooks. - enabled: true - # -- Additional environment variables to set - extraEnvs: [] - # extraEnvs: - # - name: FOO - # valueFrom: - # secretKeyRef: - # key: FOO - # name: secret-resource - # -- Admission Webhook failure policy to use - failurePolicy: Fail - # timeoutSeconds: 10 - port: 8443 - certificate: "/usr/local/certificates/cert" - key: "/usr/local/certificates/key" - namespaceSelector: {} - objectSelector: {} - # -- Labels to be added to admission webhooks - labels: {} - # -- Use an existing PSP instead of creating one - existingPsp: "" - service: - annotations: {} - # clusterIP: "" - externalIPs: [] - # loadBalancerIP: "" - loadBalancerSourceRanges: [] - servicePort: 443 - type: ClusterIP - createSecretJob: - name: create - # -- Security context for secret creation containers - securityContext: - runAsNonRoot: true - runAsUser: 65532 - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - resources: {} - # limits: - # cpu: 10m - # memory: 20Mi - # requests: - # cpu: 10m - # memory: 20Mi - patchWebhookJob: - name: patch - # -- Security context for webhook patch containers - securityContext: - runAsNonRoot: true - runAsUser: 65532 - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - resources: {} - patch: - enabled: true - image: - registry: registry.k8s.io - image: ingress-nginx/kube-webhook-certgen - ## for backwards compatibility consider setting the full image url via the repository value below - ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail - ## repository: - tag: v1.4.3 - digest: sha256:a320a50cc91bd15fd2d6fa6de58bd98c1bd64b9a6f926ce23a600d87043455a3 - pullPolicy: IfNotPresent - # -- Provide a priority class name to the webhook patching job - ## - priorityClassName: "" - podAnnotations: {} - # NetworkPolicy for webhook patch - networkPolicy: - # -- Enable 'networkPolicy' or not - enabled: false - nodeSelector: - kubernetes.io/os: linux - tolerations: [] - # -- Labels to be added to patch job resources - labels: {} - # -- Security context for secret creation & webhook patch pods - securityContext: {} - # -- Admission webhook patch job RBAC - rbac: - # -- Create RBAC or not - create: true - # -- Admission webhook patch job service account - serviceAccount: - # -- Create a service account or not - create: true - # -- Custom service account name - name: "" - # -- Auto-mount service account token or not - automountServiceAccountToken: true - # Use certmanager to generate webhook certs - certManager: - enabled: false - # self-signed root certificate - rootCert: - # default to be 5y - duration: "" - admissionCert: - # default to be 1y - duration: "" - # issuerRef: - # name: "issuer" - # kind: "ClusterIssuer" - metrics: - port: 10254 - portName: metrics - # if this port is changed, change healthz-port: in extraArgs: accordingly - enabled: false - service: - annotations: {} - # prometheus.io/scrape: "true" - # prometheus.io/port: "10254" - # -- Labels to be added to the metrics service resource - labels: {} - # clusterIP: "" - - # -- List of IP addresses at which the stats-exporter service is available - ## Ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips - ## - externalIPs: [] - # loadBalancerIP: "" - loadBalancerSourceRanges: [] - servicePort: 10254 - type: ClusterIP - # externalTrafficPolicy: "" - # nodePort: "" - serviceMonitor: - enabled: false - additionalLabels: {} - annotations: {} - ## The label to use to retrieve the job name from. - ## jobLabel: "app.kubernetes.io/name" - namespace: "" - namespaceSelector: {} - ## Default: scrape .Release.Namespace or namespaceOverride only - ## To scrape all, use the following: - ## namespaceSelector: - ## any: true - scrapeInterval: 30s - # honorLabels: true - targetLabels: [] - relabelings: [] - metricRelabelings: [] - prometheusRule: - enabled: false - additionalLabels: {} - # namespace: "" - rules: [] - # # These are just examples rules, please adapt them to your needs - # - alert: NGINXConfigFailed - # expr: count(nginx_ingress_controller_config_last_reload_successful == 0) > 0 - # for: 1s - # labels: - # severity: critical - # annotations: - # description: bad ingress config - nginx config test failed - # summary: uninstall the latest ingress changes to allow config reloads to resume - # # By default a fake self-signed certificate is generated as default and - # # it is fine if it expires. If `--default-ssl-certificate` flag is used - # # and a valid certificate passed please do not filter for `host` label! - # # (i.e. delete `{host!="_"}` so also the default SSL certificate is - # # checked for expiration) - # - alert: NGINXCertificateExpiry - # expr: (avg(nginx_ingress_controller_ssl_expire_time_seconds{host!="_"}) by (host) - time()) < 604800 - # for: 1s - # labels: - # severity: critical - # annotations: - # description: ssl certificate(s) will expire in less then a week - # summary: renew expiring certificates to avoid downtime - # - alert: NGINXTooMany500s - # expr: 100 * ( sum( nginx_ingress_controller_requests{status=~"5.+"} ) / sum(nginx_ingress_controller_requests) ) > 5 - # for: 1m - # labels: - # severity: warning - # annotations: - # description: Too many 5XXs - # summary: More than 5% of all requests returned 5XX, this requires your attention - # - alert: NGINXTooMany400s - # expr: 100 * ( sum( nginx_ingress_controller_requests{status=~"4.+"} ) / sum(nginx_ingress_controller_requests) ) > 5 - # for: 1m - # labels: - # severity: warning - # annotations: - # description: Too many 4XXs - # summary: More than 5% of all requests returned 4XX, this requires your attention - # -- Improve connection draining when ingress controller pod is deleted using a lifecycle hook: - # With this new hook, we increased the default terminationGracePeriodSeconds from 30 seconds - # to 300, allowing the draining of connections up to five minutes. - # If the active connections end before that, the pod will terminate gracefully at that time. - # To effectively take advantage of this feature, the Configmap feature - # worker-shutdown-timeout new value is 240s instead of 10s. - ## - lifecycle: - preStop: - exec: - command: - - /wait-shutdown - priorityClassName: "" -# -- Rollback limit -## -revisionHistoryLimit: 10 -## Default 404 backend -## -defaultBackend: - ## - enabled: false - name: defaultbackend - image: - registry: registry.k8s.io - image: defaultbackend-amd64 - ## for backwards compatibility consider setting the full image url via the repository value below - ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail - ## repository: - tag: "1.5" - pullPolicy: IfNotPresent - runAsNonRoot: true - # nobody user -> uid 65534 - runAsUser: 65534 - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - readOnlyRootFilesystem: true - # -- Use an existing PSP instead of creating one - existingPsp: "" - extraArgs: {} - serviceAccount: - create: true - name: "" - automountServiceAccountToken: true - # -- Additional environment variables to set for defaultBackend pods - extraEnvs: [] - port: 8080 - ## Readiness and liveness probes for default backend - ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ - ## - livenessProbe: - failureThreshold: 3 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - readinessProbe: - failureThreshold: 6 - initialDelaySeconds: 0 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 5 - # -- The update strategy to apply to the Deployment or DaemonSet - ## - updateStrategy: {} - # rollingUpdate: - # maxUnavailable: 1 - # type: RollingUpdate - - # -- `minReadySeconds` to avoid killing pods before we are ready - ## - minReadySeconds: 0 - # -- Node tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## - tolerations: [] - # - key: "key" - # operator: "Equal|Exists" - # value: "value" - # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" - - # -- Affinity and anti-affinity rules for server scheduling to nodes - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - affinity: {} - # # An example of preferred pod anti-affinity, weight is in the range 1-100 - # podAntiAffinity: - # preferredDuringSchedulingIgnoredDuringExecution: - # - weight: 100 - # podAffinityTerm: - # labelSelector: - # matchExpressions: - # - key: app.kubernetes.io/name - # operator: In - # values: - # - '{{ include "ingress-nginx.name" . }}' - # - key: app.kubernetes.io/instance - # operator: In - # values: - # - '{{ .Release.Name }}' - # - key: app.kubernetes.io/component - # operator: In - # values: - # - default-backend - # topologyKey: kubernetes.io/hostname - - # # An example of required pod anti-affinity - # podAntiAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # - labelSelector: - # matchExpressions: - # - key: app.kubernetes.io/name - # operator: In - # values: - # - '{{ include "ingress-nginx.name" . }}' - # - key: app.kubernetes.io/instance - # operator: In - # values: - # - '{{ .Release.Name }}' - # - key: app.kubernetes.io/component - # operator: In - # values: - # - default-backend - # topologyKey: kubernetes.io/hostname - - # -- Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in. - # Ref.: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - topologySpreadConstraints: [] - # - labelSelector: - # matchLabels: - # app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}' - # app.kubernetes.io/instance: '{{ .Release.Name }}' - # app.kubernetes.io/component: default-backend - # topologyKey: topology.kubernetes.io/zone - # maxSkew: 1 - # whenUnsatisfiable: ScheduleAnyway - # - labelSelector: - # matchLabels: - # app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}' - # app.kubernetes.io/instance: '{{ .Release.Name }}' - # app.kubernetes.io/component: default-backend - # topologyKey: kubernetes.io/hostname - # maxSkew: 1 - # whenUnsatisfiable: ScheduleAnyway - # -- Security context for default backend pods - podSecurityContext: {} - # -- Security context for default backend containers - containerSecurityContext: {} - # -- Labels to add to the pod container metadata - podLabels: {} - # key: value - - # -- Node labels for default backend pod assignment - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ - ## - nodeSelector: - kubernetes.io/os: linux - # -- Annotations to be added to default backend pods - ## - podAnnotations: {} - replicaCount: 1 - minAvailable: 1 - resources: {} - # limits: - # cpu: 10m - # memory: 20Mi - # requests: - # cpu: 10m - # memory: 20Mi - - extraVolumeMounts: [] - ## Additional volumeMounts to the default backend container. - # - name: copy-portal-skins - # mountPath: /var/lib/lemonldap-ng/portal/skins - - extraVolumes: [] - ## Additional volumes to the default backend pod. - # - name: copy-portal-skins - # emptyDir: {} - - extraConfigMaps: [] - ## Additional configmaps to the default backend pod. - # - name: my-extra-configmap-1 - # labels: - # type: config-1 - # data: - # extra_file_1.html: | - # - # - name: my-extra-configmap-2 - # labels: - # type: config-2 - # data: - # extra_file_2.html: | - # - - autoscaling: - annotations: {} - enabled: false - minReplicas: 1 - maxReplicas: 2 - targetCPUUtilizationPercentage: 50 - targetMemoryUtilizationPercentage: 50 - # NetworkPolicy for default backend component. - networkPolicy: - # -- Enable 'networkPolicy' or not - enabled: false - service: - annotations: {} - # clusterIP: "" - - # -- List of IP addresses at which the default backend service is available - ## Ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips - ## - externalIPs: [] - # loadBalancerIP: "" - loadBalancerSourceRanges: [] - servicePort: 80 - type: ClusterIP - priorityClassName: "" - # -- Labels to be added to the default backend resources - labels: {} -## Enable RBAC as per https://github.com/kubernetes/ingress-nginx/blob/main/docs/deploy/rbac.md and https://github.com/kubernetes/ingress-nginx/issues/266 -rbac: - create: true - scope: false -## If true, create & use Pod Security Policy resources -## https://kubernetes.io/docs/concepts/policy/pod-security-policy/ -podSecurityPolicy: - enabled: false -serviceAccount: - create: true - name: "" - automountServiceAccountToken: true - # -- Annotations for the controller service account - annotations: {} -# -- Optional array of imagePullSecrets containing private registry credentials -## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ -imagePullSecrets: [] -# - name: secretName - -# -- TCP service key-value pairs -## Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/exposing-tcp-udp-services.md -## -tcp: {} -# "8080": "default/example-tcp-svc:9000" - -# -- UDP service key-value pairs -## Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/exposing-tcp-udp-services.md -## -udp: {} -# "53": "kube-system/kube-dns:53" - -# -- Prefix for TCP and UDP ports names in ingress controller service -## Some cloud providers, like Yandex Cloud may have a requirements for a port name regex to support cloud load balancer integration -portNamePrefix: "" -# -- (string) A base64-encoded Diffie-Hellman parameter. -# This can be generated with: `openssl dhparam 4096 2> /dev/null | base64` -## Ref: https://github.com/kubernetes/ingress-nginx/tree/main/docs/examples/customization/ssl-dh-param -dhParam: "" diff --git a/test/manifests/tests/ingress/kustomization.yaml b/test/manifests/tests/ingress/kustomization.yaml deleted file mode 100644 index aa55392..0000000 --- a/test/manifests/tests/ingress/kustomization.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -helmCharts: -- name: ingress-nginx - repo: https://kubernetes.github.io/ingress-nginx - releaseName: ingress-nginx - namespace: tests - version: 4.11.2 - valuesFile: helm/values.yaml diff --git a/test/manifests/tests/kustomization.yaml b/test/manifests/tests/kustomization.yaml deleted file mode 100644 index 7def041..0000000 --- a/test/manifests/tests/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -namespace: tests - -resources: - - ./registry - - ./ingress diff --git a/test/manifests/tests/registry/README.md b/test/manifests/tests/registry/README.md deleted file mode 100644 index f708757..0000000 --- a/test/manifests/tests/registry/README.md +++ /dev/null @@ -1,20 +0,0 @@ - -# Registry - -## Generate htpasswd secret - -```sh -docker run --rm --entrypoint htpasswd registry:2.7.0 -Bbn myuser mypasswd > htpasswd -``` - -Output: - -```txt -myuser:$2y$05$P7carSLFLt2fvJzZbj10yuD0zc69z/dD9X92rzlbdKp0cr8Sjq9Km -``` - -## Create secret for registry - -```sh -kubectl --namespace tests create secret generic auth-secret --from-file=htpasswd --dry-run=client -o yaml > secret.yaml -``` diff --git a/test/manifests/tests/registry/helm/values.yaml b/test/manifests/tests/registry/helm/values.yaml deleted file mode 100644 index 1847a0b..0000000 --- a/test/manifests/tests/registry/helm/values.yaml +++ /dev/null @@ -1,3 +0,0 @@ -replicaCount: 1 -secrets: - htpasswd: myuser:$2y$05$1Pw2wBr/9gGtXMB7ZfuDvO7jiBZL6/quR5lk2gw3qDKcEN4wc4XjW diff --git a/test/manifests/tests/registry/ingress.yaml b/test/manifests/tests/registry/ingress.yaml deleted file mode 100644 index ef81b4f..0000000 --- a/test/manifests/tests/registry/ingress.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/proxy-body-size: "0" - nginx.ingress.kubernetes.io/proxy-read-timeout: "600" - nginx.ingress.kubernetes.io/proxy-send-timeout: "600" - name: docker-registry -spec: - ingressClassName: nginx - rules: - - host: registry.127.0.0.1.nip.io - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: docker-registry - port: - number: 5000 diff --git a/test/manifests/tests/registry/kustomization.yaml b/test/manifests/tests/registry/kustomization.yaml deleted file mode 100644 index 35840f4..0000000 --- a/test/manifests/tests/registry/kustomization.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: - - ingress.yaml - -helmCharts: -- name: docker-registry - repo: https://helm.twun.io - releaseName: docker-registry - namespace: tests - version: 2.2.3 - valuesFile: helm/values.yaml diff --git a/internal/registry/Dockerfile b/test/registry/Dockerfile similarity index 100% rename from internal/registry/Dockerfile rename to test/registry/Dockerfile diff --git a/test/registry/registry-config/config.yaml b/test/registry/registry-config/config.yaml new file mode 100644 index 0000000..86154ec --- /dev/null +++ b/test/registry/registry-config/config.yaml @@ -0,0 +1,25 @@ +version: 0.1 +log: + fields: + service: registry +storage: + cache: + blobdescriptor: inmemory +http: + addr: :5000 + headers: + X-Content-Type-Options: [nosniff] + debug: + addr: :5001 + prometheus: + enabled: false + path: /metrics +health: + storagedriver: + enabled: true + interval: 10s + threshold: 3 +auth: + htpasswd: + realm: basic-realm + path: /etc/distribution/htpasswd diff --git a/test/manifests/tests/registry/htpasswd b/test/registry/registry-config/htpasswd similarity index 100% rename from test/manifests/tests/registry/htpasswd rename to test/registry/registry-config/htpasswd diff --git a/internal/registry/registry_test.go b/test/registry/registry_test.go similarity index 66% rename from internal/registry/registry_test.go rename to test/registry/registry_test.go index 82a1a9e..05ed972 100644 --- a/internal/registry/registry_test.go +++ b/test/registry/registry_test.go @@ -3,13 +3,18 @@ package registry_test import ( "context" "fmt" + "os" "os/exec" + "path/filepath" "strings" "testing" + "github.com/ory/dockertest/v3" + dc "github.com/ory/dockertest/v3/docker" "github.com/stretchr/testify/assert" "github.com/thanhpk/randstr" + "github.com/orange-cloudavenue/kube-image-updater/internal/log" "github.com/orange-cloudavenue/kube-image-updater/internal/registry" ) @@ -27,6 +32,11 @@ func buildImageRegistryWithTag(version string) string { } func initImageRegistry() { + // docker login + if err := exec.Command("docker", "login", "-u", "myuser", "-p", "mypasswd", "registry.127.0.0.1.nip.io").Run(); err != nil { + log.Errorf("Could not login to registry: %s", err) + } + for _, version := range versions { if err := exec.Command("docker", "build", "-f", "Dockerfile", "-t", buildImageRegistryWithTag(version), ".").Run(); err != nil { //nolint:gosec continue @@ -38,14 +48,6 @@ func initImageRegistry() { } } -func cleanupImageRegistry() { - for _, version := range versions { - if err := exec.Command("docker", "rmi", buildImageRegistryWithTag(version)).Run(); err != nil { //nolint:gosec - continue - } - } -} - func TestNew(t *testing.T) { tests := []struct { name string @@ -82,6 +84,47 @@ func TestNew(t *testing.T) { } func TestTags(t *testing.T) { + pool, err := dockertest.NewPool("") + if err != nil { + log.Fatalf("Could not construct pool: %s", err) + } + + // uses pool to try to connect to Docker + err = pool.Client.Ping() + if err != nil { + log.Fatalf("Could not connect to Docker: %s", err) + } + + dir, err := filepath.Abs(filepath.Dir(os.Args[0])) + if err != nil { + log.Fatal(err) + } + + // pulls an image, creates a container based on it and runs it + resource, err := pool.RunWithOptions( + &dockertest.RunOptions{ + Repository: "registry", + Tag: "2", + Name: "docker-registry", + PortBindings: map[dc.Port][]dc.PortBinding{ + "5000/tcp": {{HostIP: "", HostPort: "80"}}, + }, + Mounts: []string{ + dir + "/registry-config:/etc/distribution", + }, + }, + ) + if err != nil { + log.Fatalf("Could not start resource: %s", err) + } + + defer func() { + // purge the resource + if err := pool.Purge(resource); err != nil { + log.Fatalf("Could not purge resource: %s", err) + } + }() + tests := []struct { name string repo string @@ -116,7 +159,6 @@ func TestTags(t *testing.T) { } initImageRegistry() - defer cleanupImageRegistry() for _, tt := range tests { t.Run(tt.name, func(t *testing.T) {