oncall-engine/helm/oncall/tests/redis_password_env_test.yaml

suite: test Redis password envs for deployments
release:
  name: oncall
templates:
  - engine/deployment.yaml
  - engine/job-migrate.yaml
  - celery/deployment.yaml
  - secrets.yaml
tests:
  - it: secrets -> should fail if externalRedis.password not set
    set:
      broker.type: redis
      redis.enabled: false
      externalRedis.host: some-redis-host
    asserts:
      - failedTemplate:
          errorMessage: externalRedis.password is required if not redis.enabled and not externalRedis.existingSecret
        template: secrets.yaml

  - it: externalRedis.password -> should create a Secret -redis-external
    templates:
      - engine/deployment.yaml
      - engine/job-migrate.yaml
      - celery/deployment.yaml
    set:
      broker.type: redis
      redis.enabled: false
      externalRedis:
        host: some-redis-host
        password: abcd123
    asserts:
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_PASSWORD
            valueFrom:
              secretKeyRef:
                name: oncall-redis-external
                key: redis-password
      - containsDocument:
          kind: Secret
          apiVersion: v1
          metadata.name: oncall-redis-external
        template: secrets.yaml
      - equal:
          path: data.redis-password
          value: abcd123
          decodeBase64: true
        documentIndex: 1
        template: secrets.yaml

  - it: externalRedis.existingSecret -> should use existing secret
    templates:
      - engine/deployment.yaml
      - engine/job-migrate.yaml
      - celery/deployment.yaml
    set:
      broker.type: redis
      redis.enabled: false
      externalRedis:
        host: some-redis-host
        existingSecret: some-redis-secret
        passwordKey: redis-password-key
    asserts:
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_PASSWORD
            valueFrom:
              secretKeyRef:
                name: some-redis-secret
                key: redis-password-key

  - it: externalRedis.passwordKey -> should be used for existing secret
    templates:
      - engine/deployment.yaml
      - engine/job-migrate.yaml
      - celery/deployment.yaml
    set:
      broker.type: redis
      redis.enabled: false
      externalRedis:
        host: some-redis-host
        existingSecret: some-redis-secret
        passwordKey: redis.key
    asserts:
      - contains:
          path: spec.template.spec.containers[0].env
          content:
            name: REDIS_PASSWORD
            valueFrom:
              secretKeyRef:
                name: some-redis-secret
                key: redis.key