def test_compile_with_helm_params(self):
temp = tempfile.mkdtemp()
sys.argv = [
"kapitan", "compile", "--output-path", temp, "-t",
"nginx-ingress-helm-params"
]
with open('inventory/targets/nginx-ingress-helm-params.yml',
'r') as fp:
manifest = yaml.safe_load(fp.read())
helm_params = manifest['parameters']['kapitan']['compile'][0][
'helm_params']
release_name = helm_params['release_name']
namespace = helm_params['namespace']
main()
controller_deployment_file = os.path.join(
temp, "compiled", "nginx-ingress-helm-params", "nginx-ingress",
"templates", "controller-deployment.yaml")
self.assertTrue(os.path.isfile(controller_deployment_file))
with open(controller_deployment_file, 'r') as fp:
manifest = yaml.safe_load(fp.read())
container = manifest['spec']['template']['spec']['containers'][0]
property = container['args'][4]
self.assertEqual(
property, '--configmap={}/{}'.format(
namespace, release_name + '-nginx-ingress-my-controller'))
def test_compiled_copy_all_targets(self):
sys.argv = ["kapitan", "compile"]
main()
file_path_hash = directory_hash(os.path.join("components", "busybox"))
compile_path_hash = directory_hash(
os.path.join("compiled", "busybox", "copy"))
self.assertEqual(file_path_hash, compile_path_hash)
def test_compile_multiple_charts_per_target(self):
temp = tempfile.mkdtemp()
sys.argv = ["kapitan", "compile", "--output-path", temp,
"-t", "nginx-istio"]
main()
self.assertTrue(os.path.isdir(os.path.join(temp, "compiled", "nginx-istio", "istio", "templates")))
self.assertTrue(os.path.isdir(os.path.join(temp, "compiled", "nginx-istio", "nginx-ingress", "templates")))
def test_validate_command_fail(self):
file_name_format = "inventory/classes/component/mysql{}.yml"
original_file = file_name_format.format("")
copied_file = file_name_format.format("_copy")
copyfile(original_file, copied_file)
wrong_manifest_kind = "deployment"
with open(original_file, "r") as fp:
d = yaml.safe_load(fp)
# change kind from service to deployment
d["parameters"]["kapitan"]["validate"][0][
"kind"] = wrong_manifest_kind
with open(original_file, "w") as fp:
yaml.dump(d, fp, default_flow_style=False)
sys.argv = ["kapitan", "validate", "--schemas-path", self.cache_dir]
with self.assertRaises(SystemExit), self.assertLogs(
logger="kapitan.targets", level="ERROR") as log:
try:
main()
finally:
# copy back the original file
copyfile(copied_file, original_file)
os.remove(copied_file)
self.assertTrue(" ".join(log.output).find(
"invalid '{}' manifest".format(wrong_manifest_kind)) != -1)
def test_compile_fetch(self):
"Runs $ kapitan compile --fetch --output-path temp -t nginx nginx-dev monitoring-dev"
temp = tempfile.mkdtemp()
sys.argv = [
"kapitan",
"compile",
"--fetch",
"--output-path",
temp,
"-t",
"nginx",
"nginx-dev",
"monitoring-dev",
]
main()
self.assertTrue(
os.path.isdir(os.path.join(temp, "components", "tests")))
self.assertTrue(
os.path.isdir(
os.path.join(temp, "components", "acs-engine-autoscaler")))
self.assertTrue(
os.path.isdir(
os.path.join(temp, "components", "kapitan-repository")))
self.assertTrue(
os.path.isdir(os.path.join(temp, "components", "source")))
self.assertTrue(
os.path.isdir(os.path.join(temp, "charts", "prometheus")))
rmtree(temp)
def test_compile_fetch(self):
temp = tempfile.mkdtemp()
DEPENDENCY_OUTPUT_CONFIG["root_dir"] = temp
sys.argv = [
"kapitan",
"compile",
"--fetch",
"--output-path",
temp,
"-t",
"nginx",
"nginx-dev",
"monitoring-dev",
"-p",
"4",
]
main()
self.assertTrue(
os.path.isdir(os.path.join(temp, "components", "tests")))
self.assertTrue(
os.path.isdir(
os.path.join(temp, "components", "acs-engine-autoscaler")))
self.assertTrue(
os.path.isdir(
os.path.join(temp, "components", "kapitan-repository")))
self.assertTrue(
os.path.isdir(os.path.join(temp, "components", "source")))
self.assertTrue(
os.path.isdir(os.path.join(temp, "charts", "prometheus")))
def test_cli_secret_write_reveal_gpg(self):
"""
run $ kapitan secrets --write
and $ kapitan secrets --reveal
with [email protected] recipient
"""
test_secret_content = "I am a secret!"
test_secret_file = tempfile.mktemp()
with open(test_secret_file, "w") as fp:
fp.write(test_secret_content)
sys.argv = [
"kapitan", "secrets", "--write", "gpg:test_secret", "-f",
test_secret_file, "--secrets-path", SECRETS_PATH, "--recipients",
"*****@*****.**"
]
main()
test_tag_content = "revealing: ?{gpg:test_secret}"
test_tag_file = tempfile.mktemp()
with open(test_tag_file, "w") as fp:
fp.write(test_tag_content)
sys.argv = [
"kapitan", "secrets", "--reveal", "-f", test_tag_file,
"--secrets-path", SECRETS_PATH
]
# set stdout as string
stdout = io.StringIO()
with contextlib.redirect_stdout(stdout):
main()
self.assertEqual("revealing: {}".format(test_secret_content),
stdout.getvalue())
os.remove(test_tag_file)
def test_compile_fetch_classes_that_doesnot_exist_yet(self):
"""
runs $ kapitan compile --fetch --search-paths temp_dir --output-path temp_dir --inventory-path temp_dir/inventory -t nginx
The `test-objects` class of target `nginx` does not exist initially, it is fetched and then compiled
"""
os.chdir(os.path.join(os.getcwd(), "..", "environment_three"))
temp_dir = tempfile.mkdtemp()
copy_tree(".", temp_dir) # copying the test environment to search path
sys.argv = [
"kapitan",
"compile",
"--fetch",
"--search-path",
temp_dir,
"--output-path",
temp_dir,
"--inventory-path",
os.path.join(temp_dir, "inventory"),
"-t",
"nginx",
]
main()
self.assertTrue(os.path.exists(os.path.join(temp_dir, "compiled", "nginx")))
rmtree(temp_dir)
def test_compile(self):
sys.argv = ["kapitan", "compile"]
main()
compiled_dir_hash = directory_hash(os.getcwd() + "/compiled")
test_compiled_dir_hash = directory_hash(
os.getcwd() + "/../../tests/test_terraform_compiled")
self.assertEqual(compiled_dir_hash, test_compiled_dir_hash)
def test_compile_with_helm_values_files(self):
temp = tempfile.mkdtemp()
sys.argv = [
"kapitan", "compile", "--output-path", temp, "-t",
"monitoring-dev", "monitoring-prd"
]
main()
dev_server_deployment_file = os.path.join(temp, "compiled",
"monitoring-dev",
"prometheus", "templates",
"server-deployment.yaml")
prd_server_deployment_file = os.path.join(temp, "compiled",
"monitoring-prd",
"prometheus", "templates",
"server-deployment.yaml")
self.assertTrue(os.path.isfile(dev_server_deployment_file))
with open(dev_server_deployment_file, "r") as fp:
manifest = yaml.safe_load(fp.read())
name = manifest["metadata"]["name"]
self.assertEqual(name, "prometheus-dev-server")
self.assertTrue(os.path.isfile(prd_server_deployment_file))
with open(prd_server_deployment_file, "r") as fp:
manifest = yaml.safe_load(fp.read())
name = manifest["metadata"]["name"]
self.assertEqual(name, "prometheus-prd-server")
def test_compile_with_helm_params(self):
temp = tempfile.mkdtemp()
sys.argv = [
"kapitan", "compile", "--output-path", temp, "-t",
"nginx-ingress-helm-params"
]
with open("inventory/targets/nginx-ingress-helm-params.yml",
"r") as fp:
manifest = yaml.safe_load(fp.read())
helm_params = manifest["parameters"]["kapitan"]["compile"][0][
"helm_params"]
release_name = helm_params["name"]
namespace = helm_params["namespace"]
main()
controller_deployment_file = os.path.join(
temp,
"compiled",
"nginx-ingress-helm-params",
"nginx-ingress",
"templates",
"controller-deployment.yaml",
)
self.assertTrue(os.path.isfile(controller_deployment_file))
with open(controller_deployment_file, "r") as fp:
manifest = yaml.safe_load(fp.read())
container = manifest["spec"]["template"]["spec"]["containers"][0]
property = container["args"][4]
self.assertEqual(
property, "--configmap={}/{}".format(
namespace, release_name + "-nginx-ingress-my-controller"))
def test_compile_helm_input(self):
"""compile targets with helm inputs in parallel"""
temp_main = tempfile.mkdtemp()
sys.argv = [
"kapitan",
"compile",
"--output-path",
temp_main,
"-t",
"nginx-ingress",
"nginx-ingress-helm-params",
"acs-engine-autoscaler",
]
with contextlib.redirect_stdout(io.StringIO()):
main()
main_hash = directory_hash(temp_main + "/compiled")
temp_bin = tempfile.mkdtemp()
subprocess.run(
[
"../../" + BINARY_PATH,
"compile",
"--output-path",
temp_bin,
"-t",
"nginx-ingress",
"nginx-ingress-helm-params",
"acs-engine-autoscaler",
],
stdout=subprocess.DEVNULL,
)
bin_hash = directory_hash(temp_bin + "/compiled")
self.assertEqual(bin_hash, main_hash)
def test_compile(self):
sys.argv[1] = "compile"
main()
compiled_dir_hash = get_directory_hash(os.getcwd() + '/compiled')
test_compiled_dir_hash = get_directory_hash(
os.getcwd() + '/../../tests/test_kubernetes_compiled')
self.assertEqual(compiled_dir_hash, test_compiled_dir_hash)
def test_cli_secret_write_plain_ref(self):
"""
run $ kapitan refs --write plain:test_secret
and $ kapitan refs --reveal -f sometest_file
"""
test_secret_content = "secret_value!"
test_secret_file = tempfile.mktemp()
with open(test_secret_file, "w") as fp:
fp.write(test_secret_content)
sys.argv = [
"kapitan", "refs", "--write", "plain:test_secret", "-f",
test_secret_file, "--refs-path", REFS_PATH
]
main()
test_tag_content = "revealing: ?{plain:test_secret}"
test_tag_file = tempfile.mktemp()
with open(test_tag_file, "w") as fp:
fp.write(test_tag_content)
sys.argv = [
"kapitan", "refs", "--reveal", "-f", test_tag_file, "--refs-path",
REFS_PATH
]
# set stdout as string
stdout = io.StringIO()
with contextlib.redirect_stdout(stdout):
main()
self.assertEqual("revealing: {}".format(test_secret_content),
stdout.getvalue())
os.remove(test_tag_file)
def test_validate_command_pass(self):
sys.argv = ["kapitan", "validate", "--schemas-path", self.cache_dir]
try:
main()
except SystemExit:
self.fail(
"Kubernetes manifest validation error raised unexpectedly")
def test_compile(self):
sys.argv = ["kapitan", "compile"]
main()
compiled_dir_hash = directory_hash(os.getcwd() + '/compiled')
test_compiled_dir_hash = directory_hash(
os.getcwd() + '/../../tests/test_docker_compiled')
self.assertEqual(compiled_dir_hash, test_compiled_dir_hash)
def test_cli_secret_write_reveal_awskms(self):
"""
run $ kapitan secrets --write awskms:test_secret
and $ kapitan secrets --reveal
using mock KMS key
"""
test_secret_content = "mock"
test_secret_file = tempfile.mktemp()
with open(test_secret_file, "w") as fp:
fp.write(test_secret_content)
sys.argv = ["kapitan", "secrets", "--write", "awskms:test_secret",
"-f", test_secret_file,
"--secrets-path", SECRETS_PATH,
"--key", "mock"]
main()
test_tag_content = "revealing: ?{awskms:test_secret}"
test_tag_file = tempfile.mktemp()
with open(test_tag_file, "w") as fp:
fp.write(test_tag_content)
sys.argv = ["kapitan", "secrets", "--reveal",
"-f", test_tag_file,
"--secrets-path", SECRETS_PATH]
# set stdout as string
stdout = io.StringIO()
with contextlib.redirect_stdout(stdout):
main()
self.assertEqual("revealing: {}".format(test_secret_content),
stdout.getvalue())
os.remove(test_tag_file)
def test_cli_secret_write_base64_ref(self):
"""
run $ kapitan secrets --write ref:test_secret --base64
and $ kapitan secrets --reveal -f sometest_file
"""
test_secret_content = "secret_value!"
test_secret_content_b64 = base64.b64encode(test_secret_content.encode())
test_secret_file = tempfile.mktemp()
with open(test_secret_file, "w") as fp:
fp.write(test_secret_content)
sys.argv = ["kapitan", "secrets", "--write", "ref:test_secret",
"--base64", "-f", test_secret_file,
"--secrets-path", SECRETS_PATH]
main()
test_tag_content = "revealing: ?{ref:test_secret}"
test_tag_file = tempfile.mktemp()
with open(test_tag_file, "w") as fp:
fp.write(test_tag_content)
sys.argv = ["kapitan", "secrets", "--reveal",
"-f", test_tag_file,
"--secrets-path", SECRETS_PATH]
# set stdout as string
stdout = io.StringIO()
with contextlib.redirect_stdout(stdout):
main()
self.assertEqual("revealing: {}".format(test_secret_content_b64.decode()),
stdout.getvalue())
os.remove(test_tag_file)
def test_compile_not_enough_args(self):
with self.assertRaises(SystemExit) as cm:
# Ignoring stdout for "kapitan --help"
with contextlib.redirect_stdout(io.StringIO()):
sys.argv = ["kapitan"]
main()
self.assertEqual(cm.exception.code, 1)
def test_init(self):
with tempfile.TemporaryDirectory() as tmp_dir:
sys.argv = ["kapitan", "init", "--directory", tmp_dir]
main()
template_dir = os.path.join(os.getcwd(), "kapitan", "inputs",
"templates")
diff_files = []
for root, dirs, files in os.walk(tmp_dir):
diff_files += files
for root, dirs, files in os.walk(template_dir):
for f in files:
if f in diff_files:
diff_files.remove(f)
self.assertEqual(len(diff_files), 0)
# check that generated directory compiles
prevdir = os.getcwd()
os.chdir(tmp_dir)
sys.argv = ["kapitan", "compile"]
main()
os.chdir(prevdir)
reset_cache()
def test_compile_multiple_targets(self):
temp = tempfile.mkdtemp()
sys.argv = [
"kapitan",
"compile",
"--output-path",
temp,
"-t",
"acs-engine-autoscaler",
"nginx-ingress",
"-p",
"2",
]
main()
self.assertTrue(
os.path.isfile(
os.path.join(
temp,
"compiled",
"acs-engine-autoscaler",
"acs-engine-autoscaler",
"templates",
"secrets.yaml",
)))
self.assertTrue(
os.path.isfile(
os.path.join(temp, "compiled", "nginx-ingress",
"nginx-ingress", "templates",
"clusterrolebinding.yaml")))
def test_cli_secret_base64_write_reveal_gpg(self):
"""
run $ kapitan secrets --write --base64
and $ kapitan secrets --reveal
with [email protected] recipient
"""
test_secret_content = "I am another secret!"
test_secret_file = tempfile.mktemp()
with open(test_secret_file, "w") as fp:
fp.write(test_secret_content)
sys.argv = [
"kapitan", "secrets", "--write", "gpg:test_secretb64", "-f",
test_secret_file, "--base64", "--secrets-path", SECRETS_PATH,
"--recipients", "*****@*****.**"
]
main()
test_tag_content = "?{gpg:test_secretb64}"
test_tag_file = tempfile.mktemp()
with open(test_tag_file, "w") as fp:
fp.write(test_tag_content)
sys.argv = [
"kapitan", "secrets", "--reveal", "-f", test_tag_file,
"--secrets-path", SECRETS_PATH
]
# set stdout as string
stdout = io.StringIO()
with contextlib.redirect_stdout(stdout):
main()
stdout_base64 = base64.b64decode(stdout.getvalue()).decode()
self.assertEqual(test_secret_content, stdout_base64)
os.remove(test_tag_file)
def test_compile(self):
sys.argv = ["kapitan", "compile", "-c"]
main()
os.remove('./compiled/.kapitan_cache')
compiled_dir_hash = directory_hash(os.getcwd() + '/compiled')
test_compiled_dir_hash = directory_hash(
os.getcwd() + '/../../tests/test_kubernetes_compiled')
self.assertEqual(compiled_dir_hash, test_compiled_dir_hash)
def test_compile(self):
sys.argv = ["kapitan", "compile", "-c"]
main()
# Compile again to verify caching works as expected
main()
os.remove("./compiled/.kapitan_cache")
compiled_dir_hash = directory_hash(os.getcwd() + "/compiled")
test_compiled_dir_hash = directory_hash(os.getcwd() + "/../../tests/test_kubernetes_compiled")
self.assertEqual(compiled_dir_hash, test_compiled_dir_hash)
def test_cli_ref_reveal_recursive_dir(self):
"""
run $ kapitan refs --reveal -f /some/dir
where /some/dir has manifests in nested dirs:
/some/dir/1.yml
/some/dir/another/2.yml
/some/dir/another/dir/3.yml
"""
# create 3 refs
for ref_count in range(1, 4):
ref_content = "I am ref{}!".format(ref_count)
ref_file = tempfile.mktemp()
with open(ref_file, "w") as fp:
fp.write(ref_content)
sys.argv = [
"kapitan", "refs", "--write",
"base64:test_ref_{}".format(ref_count), "-f", ref_file,
"--refs-path", REFS_PATH
]
main()
# create nested dir structure with unrevealed manifests
unrevealed_dir = tempfile.mkdtemp()
ref_content = """---\nref_value_{}: {}\n"""
some_dir = os.path.join(unrevealed_dir, "some/dir")
some_dir_other = os.path.join(unrevealed_dir, "some/dir/another")
some_dir_another = os.path.join(unrevealed_dir, "some/dir/another/dir")
os.makedirs(some_dir)
os.makedirs(some_dir_other)
os.makedirs(some_dir_another)
# write manifests in nested dirs
expected_output = ""
for dir_path in enumerate((some_dir, some_dir_other, some_dir_another),
1):
count, path = dir_path
manifest_path = os.path.join(path, "{}.yml".format(count))
with open(manifest_path, "w") as f:
ref = "?{{base64:test_ref_{}}}".format(count)
f.write(ref_content.format(count, ref))
# set expected revealed output
expected_ref_rev = "I am ref{}!".format(count)
expected_output += ref_content.format(count, expected_ref_rev)
sys.argv = [
"kapitan", "refs", "--reveal", "-f", some_dir, "--refs-path",
REFS_PATH
]
# set stdout as string
stdout = io.StringIO()
with contextlib.redirect_stdout(stdout):
main()
self.assertEqual(expected_output, stdout.getvalue())
def test_compile_target_with_label(self):
shutil.rmtree("compiled")
sys.argv = ["kapitan", "compile", "-l", "type=kadet"]
main()
self.assertTrue(
os.path.exists("compiled/minikube-nginx-kadet")
and not os.path.exists("compiled/minikube-nginx-jsonnet"))
# Reset compiled dir
sys.argv = ["kapitan", "compile"]
main()
def test_compile_subcharts(self):
temp = tempfile.mkdtemp()
sys.argv = ["kapitan", "compile", "--output-path", temp, "-t", "istio"]
main()
self.assertTrue(
os.path.isdir(
os.path.join(temp, "compiled", "istio", "istio", "charts")))
self.assertTrue(
os.path.isdir(
os.path.join(temp, "compiled", "istio", "istio", "templates")))
def test_compile_specific_target(self):
shutil.rmtree("compiled")
sys.argv = ["kapitan", "compile", "-t", "minikube-mysql"]
main()
self.assertTrue(
os.path.exists("compiled/minikube-mysql")
and not os.path.exists("compiled/minikube-es"))
# Reset compiled dir
sys.argv = ["kapitan", "compile"]
main()
def test_compile_with_helm_values(self):
temp = tempfile.mkdtemp()
sys.argv = ["kapitan", "compile", "--output-path", temp, "-t", "nginx-ingress"]
main()
controller_deployment_file = \
os.path.join(temp, "compiled", "nginx-ingress", "nginx-ingress", "templates", "controller-deployment.yaml")
self.assertTrue(os.path.isfile(controller_deployment_file))
with open(controller_deployment_file, 'r') as fp:
manifest = yaml.safe_load(fp.read())
name = manifest['metadata']['name']
self.assertEqual(name, '-nginx-ingress-my-controller')
def test_cli_secret_validate_targets(self):
"""
run $ kapitan secrets --validate-targets
expect 0 (success) exit status code
"""
with self.assertRaises(SystemExit) as cm:
sys.argv = ["kapitan", "secrets", "--validate-targets",
"--secrets-path", "examples/kubernetes/secrets/targets/",
"--inventory-path", "examples/kubernetes/inventory/"]
main()
self.assertEqual(cm.exception.code, 0)
