diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 3350a7d..0cf4a9a 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -54,7 +54,12 @@ jobs: uses: helm/kind-action@v1.4.0 - name: Install and test helm charts if: steps.list-changed.outputs.changed == 'true' || github.event_name == 'push' - run: ct install --target-branch ${{ env.TARGET_BRANCH }} --since ${{ env.SINCE }} + run: | + for TEST_DIR in tests/ci/* + do + echo "Running test $(pwd)/${TEST_DIR}" + ct install --target-branch ${{ env.TARGET_BRANCH }} --charts $(pwd)/${TEST_DIR} + done - if: github.event_name == 'push' && github.ref_name == 'main' name: Run chart-releaser uses: helm/chart-releaser-action@v1.4.0 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..092fb41 --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +# Ignore chart locks produced by ct testing +tests/ci/*/Chart.lock + +# Ignore chart archives produced by ct testing +tests/ci/*/charts \ No newline at end of file diff --git a/charts/zot/Chart.yaml b/charts/zot/Chart.yaml index eedd826..469d06b 100644 --- a/charts/zot/Chart.yaml +++ b/charts/zot/Chart.yaml @@ -3,4 +3,4 @@ appVersion: v2.0.0-rc6 description: A Helm chart for Kubernetes name: zot type: application -version: 0.1.34 +version: 0.1.35 diff --git a/charts/zot/ci/mount-config-secrets-values.yaml b/charts/zot/ci/mount-config-secrets-values.yaml deleted file mode 100644 index 7b9451f..0000000 --- a/charts/zot/ci/mount-config-secrets-values.yaml +++ /dev/null @@ -1,35 +0,0 @@ -mountConfig: true -configFiles: - config.json: |- - { - "storage": { "rootDirectory": "/var/lib/registry" }, - "http": { - "address": "0.0.0.0", - "port": "5000", - "auth": { "htpasswd": { "path": "/secret/htpasswd" } }, - "accessControl": { - "repositories": { - "**": { - "policies": [{ - "users": ["user"], - "actions": ["read"] - }], - "defaultPolicy": [] - } - }, - "adminPolicy": { - "users": ["admin"], - "actions": ["read", "create", "update", "delete"] - } - } - }, - "log": { "level": "debug" } - } - -mountSecret: true -secretFiles: - # Example htpasswd with 'admin:admin' & 'user:user' user:pass pairs - htpasswd: |- - admin:$2y$05$vmiurPmJvHylk78HHFWuruFFVePlit9rZWGA/FbZfTEmNRneGJtha - user:$2y$05$L86zqQDfH5y445dcMlwu6uHv.oXFgT6AiJCwpv3ehr7idc0rI3S2G -authHeader: "dXNlcjp1c2Vy" diff --git a/charts/zot/ci/static-cluster-ip-values.yaml b/charts/zot/ci/static-cluster-ip-values.yaml deleted file mode 100644 index 684e460..0000000 --- a/charts/zot/ci/static-cluster-ip-values.yaml +++ /dev/null @@ -1,3 +0,0 @@ -service: - type: ClusterIP - clusterIP: 10.96.0.15 diff --git a/charts/zot/ci/tls-values.yaml b/charts/zot/ci/tls-values.yaml deleted file mode 100644 index 7784e87..0000000 --- a/charts/zot/ci/tls-values.yaml +++ /dev/null @@ -1,48 +0,0 @@ -httpGet: - scheme: HTTPS - -mountConfig: true -configFiles: - config.json: |- - { - "storage": { "rootDirectory": "/var/lib/registry" }, - "http": { - "address": "0.0.0.0", - "port": "5000", - "auth": { "htpasswd": { "path": "/secret/htpasswd" } }, - "accessControl": { - "repositories": { - "**": { - "policies": [{ - "users": ["user"], - "actions": ["read"] - }], - "defaultPolicy": [] - } - }, - "adminPolicy": { - "users": ["admin"], - "actions": ["read", "create", "update", "delete"] - } - }, - "tls": { - "cert": "/secret/servercert/certificate", - "key": "/secret/serverkey/key" - } - }, - "log": { "level": "debug" } - } - -mountSecret: true -secretFiles: - # Example htpasswd with 'admin:admin' & 'user:user' user:pass pairs - htpasswd: |- - admin:$2y$05$vmiurPmJvHylk78HHFWuruFFVePlit9rZWGA/FbZfTEmNRneGJtha - user:$2y$05$L86zqQDfH5y445dcMlwu6uHv.oXFgT6AiJCwpv3ehr7idc0rI3S2G -authHeader: "dXNlcjp1c2Vy" - -externalSecrets: - - secretName: "servercert" - mountPath: "/secret/servercert" - - secretName: "serverkey" - mountPath: "/secret/serverkey" diff --git a/charts/zot/templates/tests/test-connection-fails.yaml b/charts/zot/templates/tests/test-connection-fails.yaml index 8f39285..0e7a059 100644 --- a/charts/zot/templates/tests/test-connection-fails.yaml +++ b/charts/zot/templates/tests/test-connection-fails.yaml @@ -6,6 +6,7 @@ metadata: {{- include "zot.labels" . | nindent 4 }} annotations: "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed spec: containers: - name: wget diff --git a/charts/zot/templates/tests/test-connection.yaml b/charts/zot/templates/tests/test-connection.yaml index 3767508..59c64b4 100644 --- a/charts/zot/templates/tests/test-connection.yaml +++ b/charts/zot/templates/tests/test-connection.yaml @@ -1,67 +1,4 @@ apiVersion: v1 -kind: Secret -metadata: - name: servercert -data: - certificate: |- - LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN6akNDQWJhZ0F3SUJBZ0lVR3pFR1pjY3VU - Y2tDeU9KYzVSTExrZVpYZGJFd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0RERUtNQWdHQTFVRUF3d0JL - akFlRncweU16QTNNVGN4TmpBNU1UZGFGdzB6TXpBM01UUXhOakE1TVRkYQpNQ0V4RXpBUkJnTlZC - QXNNQ2xSbGMzUlRaWEoyWlhJeENqQUlCZ05WQkFNTUFTb3dnZ0VpTUEwR0NTcUdTSWIzCkRRRUJB - UVVBQTRJQkR3QXdnZ0VLQW9JQkFRQ2dLVVlPMS9pemJTK1QvSTBOZE9xUENSM1AzWEY2YlFPdnYw - YzYKU1FnVCtyU3B6K2tacnYrd2orQTlDYVUyTnVxZ1k1dEl5aHltWDZOLzVGWGw3RnMyOGhZdFZu - ZXI0SXN1WDBPQwo3WUhINTMwdGd5a1VzM3BwYzZqSjlqQjNLOEVaN2tKaGUxdGxTRytsaUUwMFFs - Yk5nbnJOR2JPS1ltaGxrTTBWClJtNzlTbytqNmVZUlZPZHhJNkFDdWplNTJiYXlFN2p3ZndyeEIx - a1ZMWEFGQU12enFOWkRiNzNZSWM2bE1jOWoKcmcxOUFkQklFbjBkc1FxQ3V3VDhoYXdwbldNR0kv - Mi9ySWduWTZHOEVqN1hsMnBYSlhvZmsxZTlHb25uQTZ0NwpnYWl5VmQ4ZUtYUjQxNnpIb3FGN1Z6 - RkZNcU4rSGs1VUlLeVJ2OVZ0T1dVOHdVNEZBZ01CQUFHakV6QVJNQThHCkExVWRFUVFJTUFhSEJI - OEFBQUV3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCQUduZnJmbFFkTVpYNEEwc1VEK04KeHZQYVB3 - c0hZdG01WHNnOWlmQWIrYVV1ME4yTkpnQ3ZGdFBDV3k5a2J1SDJDNnFZYllZcndvUmlwVHBGQlo1 - QgpOR1UzQS9QNkhkbExwdEVWQi9kZmE5RjVnMDRNclNEblV2Sis0ZlpjY1VscjhVTVB0eGNhQUl0 - MVQxQVo0RHQ0CjRnamVROWxzVWw0ZVFyM20vRGxSRjk5RDRjNS9nT3dRL3BKVEF4MkhaL0o0Rjhl - emF4TWRWMXhOQkNXZ1JJZ3cKQngrSXhIT2tORDhtNWNwZmxrLy9meGtjMktjc3dmdkNTY0UrUFpB - YWpONW1uRFRTWjdIZXQ1Y1RNR2xyL1FCWAp5KzJkUkdkRGpGMVJNS2RJVEhTRHNhekxCNzZmWHl3 - OEZuT0hCTnZkMkFpNmxzTC9PS2pxRTFMU0JqdVFRdDhQCkRwZz0KLS0tLS1FTkQgQ0VSVElGSUNB - VEUtLS0tLQo= ---- -apiVersion: v1 -kind: Secret -metadata: - name: serverkey -data: - key: |- - LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2Z0lCQURBTkJna3Foa2lHOXcwQkFRRUZB - QVNDQktnd2dnU2tBZ0VBQW9JQkFRQ2dLVVlPMS9pemJTK1QKL0kwTmRPcVBDUjNQM1hGNmJRT3Z2 - MGM2U1FnVCtyU3B6K2tacnYrd2orQTlDYVUyTnVxZ1k1dEl5aHltWDZOLwo1RlhsN0ZzMjhoWXRW - bmVyNElzdVgwT0M3WUhINTMwdGd5a1VzM3BwYzZqSjlqQjNLOEVaN2tKaGUxdGxTRytsCmlFMDBR - bGJOZ25yTkdiT0tZbWhsa00wVlJtNzlTbytqNmVZUlZPZHhJNkFDdWplNTJiYXlFN2p3ZndyeEIx - a1YKTFhBRkFNdnpxTlpEYjczWUljNmxNYzlqcmcxOUFkQklFbjBkc1FxQ3V3VDhoYXdwbldNR0kv - Mi9ySWduWTZHOApFajdYbDJwWEpYb2ZrMWU5R29ubkE2dDdnYWl5VmQ4ZUtYUjQxNnpIb3FGN1Z6 - RkZNcU4rSGs1VUlLeVJ2OVZ0Ck9XVTh3VTRGQWdNQkFBRUNnZ0VBUWcvRUxlczNVZ3IvVFBNbTJ4 - NFdnZGtveXN4ME9pTXRHaGl6c0g3ZkxoNkMKMW1oRHBheGhHdHE5aTIrbkRhMnBLVzdzWmlHM240 - aGpVQ1ZHcVFmTXQrVXk4SkJ4M0J0S1RWNU40bnRFeE1mZgpBaDdQbXhKTXM2SlpSTFNmV1FoYkpl - NzR3bXkzVGhlS3RhUjY4OHRKTW90WFM3SUdORlpTNlZISXhiVy9vZ213CkdUQmlKejV1aHNhYkFT - UVVySWNvUDVXUy93VmE0ejh2Z2wxb2UwdEMrdFpseHkrODh0b3ZVRm1SSU01ZHZNYmUKa2YwWXlE - bzgrblQrejRob2FRbzdlTDVuMG1QWEVoVUdERkNDS0J0aGdaYjE5QzBGRUZLbGsvUFQrSGl1QUxR - dQp0cnpjdHBHeUhuK3YyVTZqM2d4NnlGOUhLR1phWWRqV1MveEtQc3Y5SVFLQmdRRE1WaG9nMWZx - ZjhLTEZWVTZVCis0ZTRiQjJCWU95YzlKQXlneHNTVXhoSzVMdVVCeFBLWnhobU1nMkdlS2VRT2py - YldzNm9Jd3V0M3VpMjlNNEsKdDgyV0UvYXFidk54NFRqODBEdzJmTEFBaGtzOXJLNVVnRXJXdGRi - a1AzSVk1L3hiN2ErZEFDU1AzWWFQSlIwUQpza3pnQjlRNUtzYWtSU282UStqb1hnQ29Md0tCZ1FE - SXArTmNkTm03Y2NIRDg0SlBMQkF2d2dGQS9ORkxTQTVyCjRORlZ6eDN1eDU4a2FJMVBBMnJSUjh3 - bzJTWjVoTXhOM1FSa2t0TEZFa09PbkwrcGRpNVBFN2pNVEwrcUd3VHAKMmg4VTdQOGNrVFU3RGky - N2hCc3R5ZEo0ZWlSQ1dUZFphclAraUQ3Mms3bExKaUhvL3U1UkYxY0szR2FvaUxXQQpKUGl5UU00 - c0N3S0JnUUNzMVZOS1hOT2RQd1BlbDdaZEM1Z1RwTmNjSE9obUpmSmwxMEVwc2NGRmI4MDlldk1C - CmEweFcvSlUySFkzVnozc0RHUDdkZHE4bFJQdGY3UmJ1TitPYndvME1RY2FHbDNNRlcvamlPWHNC - SnBZenQ0REoKRnE2Mmg1NFk5NVZCZmMrVnppaVJTcEtpWVVTMGhUYmRiWUxhcDZTWktoWlUwZS9T - MHFnSkM2SFFud0tCZ0E5cgpOMEZuaVVPcUhpV2NsS3JZeS9XZmh0RWpuRUdZcStNR1I0KzhkcVJl - bXBBRnFMWWxvUk9yM0xoVzEyb0hGbHYxClc5ME9tenVoaDZkeHpCaU5pRWx6VG9RRWNjWDBoWkFp - dnJpdzdYbVlmdXFtMEVUVWhmSWl6QldON1ROYi83RFQKVGptRTVyR3o4RTBpQlFFT2RlbXRUWGI4 - TUxkS3FnZkt6NEdERVZTNUFvR0JBTDJOdHUyT0FlbS82Q0VadUZoegpsSzFnRXlYUzBjaXUxMmx1 - UVhib3JEd3p3enErYWJWL3IwdlQveGtZS1BDUzVQMFVMUWhzQUd6N0tpck10clZCCkQvM3F5aXV6 - UlU1cDg2SmlIa0c1Z1JHa2Y0TStsK0FMNjhaSytoY2FqWEJyN1VjM2ZKb3dpK3Z6NGlwaThERDYK - QVpHc2dMWlhjUWVjMkJJYWUrTHphalV6Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K ---- -apiVersion: v1 kind: Pod metadata: name: "{{ include "zot.fullname" . }}-test-connection" @@ -69,6 +6,7 @@ metadata: {{- include "zot.labels" . | nindent 4 }} annotations: "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed spec: containers: - name: wget diff --git a/tests/ci/default/.helmignore b/tests/ci/default/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/tests/ci/default/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/tests/ci/default/Chart.yaml b/tests/ci/default/Chart.yaml new file mode 100644 index 0000000..25bfa4c --- /dev/null +++ b/tests/ci/default/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: default +description: Test chart for zot default values +type: application +version: 0.1.0 +appVersion: "0.1.0" +dependencies: +- name: zot + version: 0.1.35 + repository: "file://../../../charts/zot" diff --git a/charts/zot/ci/default-values.yaml b/tests/ci/default/values.yaml similarity index 100% rename from charts/zot/ci/default-values.yaml rename to tests/ci/default/values.yaml diff --git a/tests/ci/mount-config-secrets/.helmignore b/tests/ci/mount-config-secrets/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/tests/ci/mount-config-secrets/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/tests/ci/mount-config-secrets/Chart.yaml b/tests/ci/mount-config-secrets/Chart.yaml new file mode 100644 index 0000000..5247157 --- /dev/null +++ b/tests/ci/mount-config-secrets/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: mount-config-secrets +description: Test chart for zot mount-config secrets values +type: application +version: 0.1.0 +appVersion: "0.1.0" +dependencies: +- name: zot + version: 0.1.35 + repository: "file://../../../charts/zot" diff --git a/tests/ci/mount-config-secrets/values.yaml b/tests/ci/mount-config-secrets/values.yaml new file mode 100644 index 0000000..bd0419c --- /dev/null +++ b/tests/ci/mount-config-secrets/values.yaml @@ -0,0 +1,36 @@ +zot: + mountConfig: true + configFiles: + config.json: |- + { + "storage": { "rootDirectory": "/var/lib/registry" }, + "http": { + "address": "0.0.0.0", + "port": "5000", + "auth": { "htpasswd": { "path": "/secret/htpasswd" } }, + "accessControl": { + "repositories": { + "**": { + "policies": [{ + "users": ["user"], + "actions": ["read"] + }], + "defaultPolicy": [] + } + }, + "adminPolicy": { + "users": ["admin"], + "actions": ["read", "create", "update", "delete"] + } + } + }, + "log": { "level": "debug" } + } + + mountSecret: true + secretFiles: + # Example htpasswd with 'admin:admin' & 'user:user' user:pass pairs + htpasswd: |- + admin:$2y$05$vmiurPmJvHylk78HHFWuruFFVePlit9rZWGA/FbZfTEmNRneGJtha + user:$2y$05$L86zqQDfH5y445dcMlwu6uHv.oXFgT6AiJCwpv3ehr7idc0rI3S2G + authHeader: "dXNlcjp1c2Vy" diff --git a/tests/ci/static-cluster-ip/.helmignore b/tests/ci/static-cluster-ip/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/tests/ci/static-cluster-ip/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/tests/ci/static-cluster-ip/Chart.yaml b/tests/ci/static-cluster-ip/Chart.yaml new file mode 100644 index 0000000..7f38cdb --- /dev/null +++ b/tests/ci/static-cluster-ip/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: static-cluster-ip +description: Test chart for zot static cluster ip values +type: application +version: 0.1.0 +appVersion: "0.1.0" +dependencies: +- name: zot + version: 0.1.35 + repository: "file://../../../charts/zot" diff --git a/tests/ci/static-cluster-ip/values.yaml b/tests/ci/static-cluster-ip/values.yaml new file mode 100644 index 0000000..69502d1 --- /dev/null +++ b/tests/ci/static-cluster-ip/values.yaml @@ -0,0 +1,4 @@ +zot: + service: + type: ClusterIP + clusterIP: 10.96.0.15 \ No newline at end of file diff --git a/tests/ci/tls/.helmignore b/tests/ci/tls/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/tests/ci/tls/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/tests/ci/tls/Chart.yaml b/tests/ci/tls/Chart.yaml new file mode 100644 index 0000000..e98aea5 --- /dev/null +++ b/tests/ci/tls/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: tls +description: Test chart for zot tls values +type: application +version: 0.1.0 +appVersion: "0.1.0" +dependencies: +- name: zot + version: 0.1.35 + repository: "file://../../../charts/zot" diff --git a/tests/ci/tls/templates/servercert.yaml b/tests/ci/tls/templates/servercert.yaml new file mode 100644 index 0000000..ceebe4a --- /dev/null +++ b/tests/ci/tls/templates/servercert.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: Secret +metadata: + name: servercert +data: + certificate: |- + LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN6akNDQWJhZ0F3SUJBZ0lVR3pFR1pjY3VU + Y2tDeU9KYzVSTExrZVpYZGJFd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0RERUtNQWdHQTFVRUF3d0JL + akFlRncweU16QTNNVGN4TmpBNU1UZGFGdzB6TXpBM01UUXhOakE1TVRkYQpNQ0V4RXpBUkJnTlZC + QXNNQ2xSbGMzUlRaWEoyWlhJeENqQUlCZ05WQkFNTUFTb3dnZ0VpTUEwR0NTcUdTSWIzCkRRRUJB + UVVBQTRJQkR3QXdnZ0VLQW9JQkFRQ2dLVVlPMS9pemJTK1QvSTBOZE9xUENSM1AzWEY2YlFPdnYw + YzYKU1FnVCtyU3B6K2tacnYrd2orQTlDYVUyTnVxZ1k1dEl5aHltWDZOLzVGWGw3RnMyOGhZdFZu + ZXI0SXN1WDBPQwo3WUhINTMwdGd5a1VzM3BwYzZqSjlqQjNLOEVaN2tKaGUxdGxTRytsaUUwMFFs + Yk5nbnJOR2JPS1ltaGxrTTBWClJtNzlTbytqNmVZUlZPZHhJNkFDdWplNTJiYXlFN2p3ZndyeEIx + a1ZMWEFGQU12enFOWkRiNzNZSWM2bE1jOWoKcmcxOUFkQklFbjBkc1FxQ3V3VDhoYXdwbldNR0kv + Mi9ySWduWTZHOEVqN1hsMnBYSlhvZmsxZTlHb25uQTZ0NwpnYWl5VmQ4ZUtYUjQxNnpIb3FGN1Z6 + RkZNcU4rSGs1VUlLeVJ2OVZ0T1dVOHdVNEZBZ01CQUFHakV6QVJNQThHCkExVWRFUVFJTUFhSEJI + OEFBQUV3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCQUduZnJmbFFkTVpYNEEwc1VEK04KeHZQYVB3 + c0hZdG01WHNnOWlmQWIrYVV1ME4yTkpnQ3ZGdFBDV3k5a2J1SDJDNnFZYllZcndvUmlwVHBGQlo1 + QgpOR1UzQS9QNkhkbExwdEVWQi9kZmE5RjVnMDRNclNEblV2Sis0ZlpjY1VscjhVTVB0eGNhQUl0 + MVQxQVo0RHQ0CjRnamVROWxzVWw0ZVFyM20vRGxSRjk5RDRjNS9nT3dRL3BKVEF4MkhaL0o0Rjhl + emF4TWRWMXhOQkNXZ1JJZ3cKQngrSXhIT2tORDhtNWNwZmxrLy9meGtjMktjc3dmdkNTY0UrUFpB + YWpONW1uRFRTWjdIZXQ1Y1RNR2xyL1FCWAp5KzJkUkdkRGpGMVJNS2RJVEhTRHNhekxCNzZmWHl3 + OEZuT0hCTnZkMkFpNmxzTC9PS2pxRTFMU0JqdVFRdDhQCkRwZz0KLS0tLS1FTkQgQ0VSVElGSUNB + VEUtLS0tLQo= \ No newline at end of file diff --git a/tests/ci/tls/templates/serverkey.yaml b/tests/ci/tls/templates/serverkey.yaml new file mode 100644 index 0000000..7f66b9e --- /dev/null +++ b/tests/ci/tls/templates/serverkey.yaml @@ -0,0 +1,36 @@ +apiVersion: v1 +kind: Secret +metadata: + name: serverkey +data: + key: |- + LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2Z0lCQURBTkJna3Foa2lHOXcwQkFRRUZB + QVNDQktnd2dnU2tBZ0VBQW9JQkFRQ2dLVVlPMS9pemJTK1QKL0kwTmRPcVBDUjNQM1hGNmJRT3Z2 + MGM2U1FnVCtyU3B6K2tacnYrd2orQTlDYVUyTnVxZ1k1dEl5aHltWDZOLwo1RlhsN0ZzMjhoWXRW + bmVyNElzdVgwT0M3WUhINTMwdGd5a1VzM3BwYzZqSjlqQjNLOEVaN2tKaGUxdGxTRytsCmlFMDBR + bGJOZ25yTkdiT0tZbWhsa00wVlJtNzlTbytqNmVZUlZPZHhJNkFDdWplNTJiYXlFN2p3ZndyeEIx + a1YKTFhBRkFNdnpxTlpEYjczWUljNmxNYzlqcmcxOUFkQklFbjBkc1FxQ3V3VDhoYXdwbldNR0kv + Mi9ySWduWTZHOApFajdYbDJwWEpYb2ZrMWU5R29ubkE2dDdnYWl5VmQ4ZUtYUjQxNnpIb3FGN1Z6 + RkZNcU4rSGs1VUlLeVJ2OVZ0Ck9XVTh3VTRGQWdNQkFBRUNnZ0VBUWcvRUxlczNVZ3IvVFBNbTJ4 + NFdnZGtveXN4ME9pTXRHaGl6c0g3ZkxoNkMKMW1oRHBheGhHdHE5aTIrbkRhMnBLVzdzWmlHM240 + aGpVQ1ZHcVFmTXQrVXk4SkJ4M0J0S1RWNU40bnRFeE1mZgpBaDdQbXhKTXM2SlpSTFNmV1FoYkpl + NzR3bXkzVGhlS3RhUjY4OHRKTW90WFM3SUdORlpTNlZISXhiVy9vZ213CkdUQmlKejV1aHNhYkFT + UVVySWNvUDVXUy93VmE0ejh2Z2wxb2UwdEMrdFpseHkrODh0b3ZVRm1SSU01ZHZNYmUKa2YwWXlE + bzgrblQrejRob2FRbzdlTDVuMG1QWEVoVUdERkNDS0J0aGdaYjE5QzBGRUZLbGsvUFQrSGl1QUxR + dQp0cnpjdHBHeUhuK3YyVTZqM2d4NnlGOUhLR1phWWRqV1MveEtQc3Y5SVFLQmdRRE1WaG9nMWZx + ZjhLTEZWVTZVCis0ZTRiQjJCWU95YzlKQXlneHNTVXhoSzVMdVVCeFBLWnhobU1nMkdlS2VRT2py + YldzNm9Jd3V0M3VpMjlNNEsKdDgyV0UvYXFidk54NFRqODBEdzJmTEFBaGtzOXJLNVVnRXJXdGRi + a1AzSVk1L3hiN2ErZEFDU1AzWWFQSlIwUQpza3pnQjlRNUtzYWtSU282UStqb1hnQ29Md0tCZ1FE + SXArTmNkTm03Y2NIRDg0SlBMQkF2d2dGQS9ORkxTQTVyCjRORlZ6eDN1eDU4a2FJMVBBMnJSUjh3 + bzJTWjVoTXhOM1FSa2t0TEZFa09PbkwrcGRpNVBFN2pNVEwrcUd3VHAKMmg4VTdQOGNrVFU3RGky + N2hCc3R5ZEo0ZWlSQ1dUZFphclAraUQ3Mms3bExKaUhvL3U1UkYxY0szR2FvaUxXQQpKUGl5UU00 + c0N3S0JnUUNzMVZOS1hOT2RQd1BlbDdaZEM1Z1RwTmNjSE9obUpmSmwxMEVwc2NGRmI4MDlldk1C + CmEweFcvSlUySFkzVnozc0RHUDdkZHE4bFJQdGY3UmJ1TitPYndvME1RY2FHbDNNRlcvamlPWHNC + SnBZenQ0REoKRnE2Mmg1NFk5NVZCZmMrVnppaVJTcEtpWVVTMGhUYmRiWUxhcDZTWktoWlUwZS9T + MHFnSkM2SFFud0tCZ0E5cgpOMEZuaVVPcUhpV2NsS3JZeS9XZmh0RWpuRUdZcStNR1I0KzhkcVJl + bXBBRnFMWWxvUk9yM0xoVzEyb0hGbHYxClc5ME9tenVoaDZkeHpCaU5pRWx6VG9RRWNjWDBoWkFp + dnJpdzdYbVlmdXFtMEVUVWhmSWl6QldON1ROYi83RFQKVGptRTVyR3o4RTBpQlFFT2RlbXRUWGI4 + TUxkS3FnZkt6NEdERVZTNUFvR0JBTDJOdHUyT0FlbS82Q0VadUZoegpsSzFnRXlYUzBjaXUxMmx1 + UVhib3JEd3p3enErYWJWL3IwdlQveGtZS1BDUzVQMFVMUWhzQUd6N0tpck10clZCCkQvM3F5aXV6 + UlU1cDg2SmlIa0c1Z1JHa2Y0TStsK0FMNjhaSytoY2FqWEJyN1VjM2ZKb3dpK3Z6NGlwaThERDYK + QVpHc2dMWlhjUWVjMkJJYWUrTHphalV6Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K \ No newline at end of file diff --git a/tests/ci/tls/values.yaml b/tests/ci/tls/values.yaml new file mode 100644 index 0000000..56318b5 --- /dev/null +++ b/tests/ci/tls/values.yaml @@ -0,0 +1,49 @@ +zot: + httpGet: + scheme: HTTPS + + mountConfig: true + configFiles: + config.json: |- + { + "storage": { "rootDirectory": "/var/lib/registry" }, + "http": { + "address": "0.0.0.0", + "port": "5000", + "auth": { "htpasswd": { "path": "/secret/htpasswd" } }, + "accessControl": { + "repositories": { + "**": { + "policies": [{ + "users": ["user"], + "actions": ["read"] + }], + "defaultPolicy": [] + } + }, + "adminPolicy": { + "users": ["admin"], + "actions": ["read", "create", "update", "delete"] + } + }, + "tls": { + "cert": "/secret/servercert/certificate", + "key": "/secret/serverkey/key" + } + }, + "log": { "level": "debug" } + } + + mountSecret: true + secretFiles: + # Example htpasswd with 'admin:admin' & 'user:user' user:pass pairs + htpasswd: |- + admin:$2y$05$vmiurPmJvHylk78HHFWuruFFVePlit9rZWGA/FbZfTEmNRneGJtha + user:$2y$05$L86zqQDfH5y445dcMlwu6uHv.oXFgT6AiJCwpv3ehr7idc0rI3S2G + authHeader: "dXNlcjp1c2Vy" + + externalSecrets: + - secretName: "servercert" + mountPath: "/secret/servercert" + - secretName: "serverkey" + mountPath: "/secret/serverkey"