oncall-engine/helm/oncall/tests/redis_env_test.yaml

suite: test Redis configs for deployments
templates:
  - engine/deployment.yaml
  - engine/job-migrate.yaml
  - celery/deployment.yaml
  - secrets.yaml
release:
  name: oncall
tests:
  - it: redis.enabled=true -> should use default values from redis subchart
    templates:
      - engine/deployment.yaml
      - engine/job-migrate.yaml
      - celery/deployment.yaml
    set:
      broker.type: redis
      redis.enabled: true
    asserts:
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: BROKER_TYPE
            value: redis
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_HOST
            value: oncall-redis-master
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_PORT
            value: "6379"
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_PASSWORD
            valueFrom:
              secretKeyRef:
                key: redis-password
                name: oncall-redis

  - it: redis.enabled=true -> should use custom auth values from redis subchart
    templates:
      - engine/deployment.yaml
      - engine/job-migrate.yaml
      - celery/deployment.yaml
    set:
      broker.type: redis
      redis.enabled: true
      rabbitmq:
        auth:
          username: test_user
          password: test_password
    asserts:
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: BROKER_TYPE
            value: redis
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_HOST
            value: oncall-redis-master
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_PORT
            value: "6379"
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_PASSWORD
            valueFrom:
              secretKeyRef:
                key: redis-password
                name: oncall-redis

  - it: redis.enabled=false -> should fail if host not set
    set:
      broker.type: redis
      redis.enabled: false
      externalRedis:
        existingSecret: some-redis-secret
    asserts:
      - failedTemplate:
          errorMessage: externalRedis.host is required if not redis.enabled
        template: engine/job-migrate.yaml

  - it: redis.enabled=false -> should fail if not externalRabbitmq.existingSecret or not externalRabbitmq.password
    templates:
      - engine/deployment.yaml
      - engine/job-migrate.yaml
      - celery/deployment.yaml
    set:
      broker.type: redis
      rabbitmq.enabled: false
      redis.enabled: false
    asserts:
      - failedTemplate:
          errorMessage: externalRedis.host is required if not redis.enabled
        template: engine/job-migrate.yaml

  - it: redis.enabled=false -> should use internal custom values
    templates:
      - engine/deployment.yaml
      - engine/job-migrate.yaml
      - celery/deployment.yaml
    set:
      broker.type: redis
      rabbitmq.enabled: false
      redis.enabled: false
      externalRedis:
        protocol: rediss
        host: custom-host
        port: 6380
        database: 15
        password: custom-password
    asserts:
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: BROKER_TYPE
            value: redis
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_PROTOCOL
            value: rediss
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_HOST
            value: custom-host
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_PORT
            value: "6380"
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_DATABASE
            value: "15"
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_PASSWORD
            valueFrom:
              secretKeyRef:
                key: redis-password
                name: oncall-redis-external
      - containsDocument:
          kind: Secret
          apiVersion: v1
          metadata.name: oncall-redis-external
        template: secrets.yaml
      - equal:
          path: data.redis-password
          value: custom-password
          decodeBase64: true
        documentIndex: 1
        template: secrets.yaml

  - it: redis.enabled=false and Redis ACL -> should use internal custom values with username
    templates:
      - engine/deployment.yaml
      - engine/job-migrate.yaml
      - celery/deployment.yaml
    set:
      broker.type: redis
      rabbitmq.enabled: false
      redis.enabled: false
      externalRedis:
        host: custom-host
        username: custom-username
        password: custom-password
    asserts:
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: BROKER_TYPE
            value: redis
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_PROTOCOL
            value: redis
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_HOST
            value: custom-host
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_PORT
            value: "6379"
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_DATABASE
            value: "0"
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_USERNAME
            value: "custom-username"
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_PASSWORD
            valueFrom:
              secretKeyRef:
                key: redis-password
                name: oncall-redis-external
      - containsDocument:
          kind: Secret
          apiVersion: v1
          metadata.name: oncall-redis-external
        template: secrets.yaml
      - equal:
          path: data.redis-password
          value: custom-password
          decodeBase64: true
        documentIndex: 1
        template: secrets.yaml

  - it: redis.enabled=false and redis.externalRedis.ssl_options.enabled=true -> should set SSL-related variables
    templates:
      - engine/deployment.yaml
      - engine/job-migrate.yaml
      - celery/deployment.yaml
    set:
      broker.type: redis
      rabbitmq.enabled: false
      redis.enabled: false
      externalRedis:
        protocol: rediss
        host: custom-host
        port: 6380
        password: custom-password
        ssl_options:
          enabled: true
          ca_certs: /mnt/ssl/ca.crt
          certfile: /mnt/ssl/client.crt
          keyfile: /mnt/ssl/client.key
          cert_reqs: cert_required
    asserts:
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_SSL_CA_CERTS
            value: "/mnt/ssl/ca.crt"
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_SSL_CERTFILE
            value: "/mnt/ssl/client.crt"
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_SSL_KEYFILE
            value: "/mnt/ssl/client.key"
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_SSL_CERT_REQS
            value: "cert_required"

  - it: |
      redis.enabled=false and migrate.useHook=>true -> should add "helm.sh/hook" annotations
      to secret with Redis credentials
    templates:
      - secrets.yaml
    set:
      migrate.useHook: true
      broker.type: redis
      rabbitmq.enabled: false
      redis.enabled: false
      externalRedis:
        host: custom-host
        port: 6379
        password: custom-password
    asserts:
      - containsDocument:
          kind: Secret
          apiVersion: v1
          name: oncall-redis-external
        documentIndex: 1
      - isSubset:
          path: metadata.annotations
          content:
            "helm.sh/hook": pre-install,pre-upgrade
            "helm.sh/hook-weight": "-5"
        documentIndex: 1