From 1d061a4c38432c7d75c4adfa10b9a0786fa6ed5f Mon Sep 17 00:00:00 2001 From: Sylvain Desbureaux Date: Fri, 8 Nov 2019 15:27:20 +0100 Subject: [NBI] Use the common galera cluster of ONAP Instead of having our "own" galera cluster, use the common one already proposed by OOM. If a local cluster is needed, you just need to set global.mariadbGalera.localCluster to True. Also create a common chart that create the needed values for the database. Change-Id: I9ad551b76a40732b4ab3fc34ba7cde6ca90fe432 Issue-ID: EXTAPI-348 Signed-off-by: Sylvain Desbureaux --- .../common/mariadb-init/tests/configmap_test.yaml | 114 ++++++++ kubernetes/common/mariadb-init/tests/job_test.yaml | 307 +++++++++++++++++++++ .../common/mariadb-init/tests/secret_test.yaml | 49 ++++ 3 files changed, 470 insertions(+) create mode 100644 kubernetes/common/mariadb-init/tests/configmap_test.yaml create mode 100644 kubernetes/common/mariadb-init/tests/job_test.yaml create mode 100644 kubernetes/common/mariadb-init/tests/secret_test.yaml (limited to 'kubernetes/common/mariadb-init/tests') diff --git a/kubernetes/common/mariadb-init/tests/configmap_test.yaml b/kubernetes/common/mariadb-init/tests/configmap_test.yaml new file mode 100644 index 0000000000..34914cdb3e --- /dev/null +++ b/kubernetes/common/mariadb-init/tests/configmap_test.yaml @@ -0,0 +1,114 @@ +--- +suite: test configmap behavior +templates: + - configmap.yaml +tests: + - it: "should render with default value" + asserts: + - isKind: + of: ConfigMap + - equal: + path: metadata.name + value: RELEASE-NAME-mariadb-init + - equal: + path: metadata.namespace + value: NAMESPACE + - matchRegex: + path: metadata.labels.app + pattern: mariadb-init + - equal: + path: data + value: + db_init.sh: | + #!/bin/sh + # Copyright © 2019 Orange + # + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + + echo "Creating database ynsaUCru6mUNwGal and user u5WZ1GMSIS1wHZF..." + + mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 + CREATE OR REPLACE USER 'u5WZ1GMSIS1wHZF'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD}'; + CREATE OR REPLACE USER 'u5WZ1GMSIS1wHZF'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}'; + CREATE DATABASE IF NOT EXISTS ynsaUCru6mUNwGal; + GRANT ALL PRIVILEGES ON ynsaUCru6mUNwGal.* TO 'u5WZ1GMSIS1wHZF'@'%'; + GRANT ALL PRIVILEGES ON ynsaUCru6mUNwGal.* TO 'u5WZ1GMSIS1wHZF'@'localhost'; + EOF + + echo "Created database ynsaUCru6mUNwGal and user u5WZ1GMSIS1wHZF." + - it: "shoud render with other databases" + set: + config: + userName: testUser + mysqlDatabase: testDB + mysqlAdditionalDatabases: + dbOne: + user: one + password: pwd1 + dbTwo: + user: two + password: pwd2 + asserts: + - equal: + path: data + value: + db_init.sh: | + #!/bin/sh + # Copyright © 2019 Orange + # + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + + echo "Creating database testDB and user testUser..." + + mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 + CREATE OR REPLACE USER 'testUser'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD}'; + CREATE OR REPLACE USER 'testUser'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}'; + CREATE DATABASE IF NOT EXISTS testDB; + GRANT ALL PRIVILEGES ON testDB.* TO 'testUser'@'%'; + GRANT ALL PRIVILEGES ON testDB.* TO 'testUser'@'localhost'; + EOF + + echo "Created database testDB and user testUser." + + echo "Creating database dbOne and user one..." + + mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 + CREATE OR REPLACE USER 'one'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD_DBONE}'; + CREATE OR REPLACE USER 'one'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_DBONE}'; + CREATE DATABASE IF NOT EXISTS dbOne; + GRANT ALL PRIVILEGES ON dbOne.* TO 'one'@'%'; + GRANT ALL PRIVILEGES ON dbOne.* TO 'one'@'localhost'; + EOF + + echo "Created database dbOne and user one." + echo "Creating database dbTwo and user two..." + + mysql -h ${DB_HOST} -P ${DB_PORT} -uroot -p$MYSQL_ROOT_PASSWORD << 'EOF' || exit 1 + CREATE OR REPLACE USER 'two'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD_DBTWO}'; + CREATE OR REPLACE USER 'two'@'%' IDENTIFIED BY '${MYSQL_PASSWORD_DBTWO}'; + CREATE DATABASE IF NOT EXISTS dbTwo; + GRANT ALL PRIVILEGES ON dbTwo.* TO 'two'@'%'; + GRANT ALL PRIVILEGES ON dbTwo.* TO 'two'@'localhost'; + EOF + + echo "Created database dbTwo and user two." diff --git a/kubernetes/common/mariadb-init/tests/job_test.yaml b/kubernetes/common/mariadb-init/tests/job_test.yaml new file mode 100644 index 0000000000..7523ee1c6e --- /dev/null +++ b/kubernetes/common/mariadb-init/tests/job_test.yaml @@ -0,0 +1,307 @@ +--- +suite: test job behavior +templates: + - job.yaml +tests: + - it: "should render with default value (global)" + asserts: + - isKind: + of: Job + - matchRegex: + path: metadata.name + pattern: -mariadb-init-config-job$ + - equal: + path: metadata.namespace + value: NAMESPACE + - matchRegex: + path: metadata.labels.app + pattern: mariadb-init + - matchRegex: + path: spec.template.metadata.labels.app + pattern: mariadb-init + - matchRegex: + path: spec.template.metadata.name + pattern: mariadb-init + - isNull: + path: spec.template.spec.nodeSelector + - isNull: + path: spec.template.spec.affinity + - it: "should render with default value (init container)" + asserts: + - matchRegex: + path: spec.template.spec.initContainers[0].name + pattern: mariadb-init-readiness + - contains: + path: spec.template.spec.initContainers[0].args + content: mariadb-galera + - equal: + path: spec.template.spec.initContainers[0].image + value: oomk8s/readiness-check:2.0.2 + - equal: + path: spec.template.spec.initContainers[0].imagePullPolicy + value: IfNotPresent + - it: "should render with default value (container)" + asserts: + - matchRegex: + path: spec.template.spec.containers[0].name + pattern: mariadb-init + - equal: + path: spec.template.spec.containers[0].image + value: nexus3.onap.org:10001/mariadb:10.1.38 + - equal: + path: spec.template.spec.containers[0].imagePullPolicy + value: IfNotPresent + - contains: + path: spec.template.spec.containers[0].env + content: + name: DB_HOST + value: mariadb-galera + - contains: + path: spec.template.spec.containers[0].env + content: + name: DB_PORT + value: "3306" + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: RELEASE-NAME-mariadb-galera-mariadb-galera + key: db-root-password + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + name: RELEASE-NAME-mariadb-init-secret + key: db-user-password + - contains: + path: spec.template.spec.containers[0].volumeMounts + content: + name: mariadb-conf + mountPath: /db_init/ + readOnly: true + - equal: + path: spec.template.spec.containers[0].resources.limits.cpu + value: 100m + - equal: + path: spec.template.spec.containers[0].resources.limits.memory + value: 500Mbi + - equal: + path: spec.template.spec.containers[0].resources.requests.cpu + value: 10m + - equal: + path: spec.template.spec.containers[0].resources.requests.memory + value: 10Mbi + - it: "should render with default value (volumes)" + asserts: + - contains: + path: spec.template.spec.volumes + content: + name: mariadb-conf + configMap: + name: RELEASE-NAME-mariadb-init + + - it: "should render with nameOverride set" + set: + nameOverride: myJob + asserts: + - matchRegex: + path: metadata.name + pattern: -myJob-config-job$ + - matchRegex: + path: metadata.labels.app + pattern: myJob + - matchRegex: + path: spec.template.metadata.labels.app + pattern: myJob + - matchRegex: + path: spec.template.metadata.name + pattern: myJob + - matchRegex: + path: spec.template.spec.initContainers[0].name + pattern: myJob-readiness + - matchRegex: + path: spec.template.spec.containers[0].name + pattern: myJob + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + # replicating name from mariadb galera cluster, kind of hardcoded... + name: RELEASE-NAME-myJob-secret + key: db-user-password + - contains: + path: spec.template.spec.volumes + content: + name: mariadb-conf + configMap: + name: RELEASE-NAME-myJob + + - it: "should render with configmap set" + set: + config: + config_map: myCM + asserts: + - contains: + path: spec.template.spec.volumes + content: + name: mariadb-conf + configMap: + name: RELEASE-NAME-myCM + + - it: "should render with mariadbGalera changes" + set: + global: + mariadbGalera: + nameOverride: myMaria + servicePort: 545 + asserts: + - contains: + path: spec.template.spec.initContainers[0].args + content: myMaria + - contains: + path: spec.template.spec.containers[0].env + content: + name: DB_HOST + value: myMaria + - contains: + path: spec.template.spec.containers[0].env + content: + name: DB_PORT + value: "545" + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: RELEASE-NAME-mariadb-galera-myMaria + key: db-root-password + + - it: "should render with full mariadbGalera changes" + set: + global: + mariadbGalera: + nameOverride: myMaria + servicePort: 545 + userRootSecret: galera-secret + userRootSecretKey: root-password + asserts: + - contains: + path: spec.template.spec.initContainers[0].args + content: myMaria + - contains: + path: spec.template.spec.containers[0].env + content: + name: DB_HOST + value: myMaria + - contains: + path: spec.template.spec.containers[0].env + content: + name: DB_PORT + value: "545" + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: galera-secret + key: root-password + + - it: "should set the right nodeSelector" + set: + nodeSelector: + disktype: ssd + asserts: + - equal: + path: spec.template.spec.nodeSelector.disktype + value: ssd + + - it: "should set the right affinity" + set: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/e2e-az-name + operator: In + values: + - e2e-az1 + - e2e-az2 + asserts: + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/e2e-az-name + operator: In + values: + - e2e-az1 + - e2e-az2 + - it: "should use large flavor" + set: + flavor: large + asserts: + - equal: + path: spec.template.spec.containers[0].resources.limits.cpu + value: 200m + - equal: + path: spec.template.spec.containers[0].resources.limits.memory + value: 500Mbi + - equal: + path: spec.template.spec.containers[0].resources.requests.cpu + value: 20m + - equal: + path: spec.template.spec.containers[0].resources.requests.memory + value: 20Mbi + - it: "should use unlimited flavor" + set: + flavor: unlimited + asserts: + - isEmpty: + path: spec.template.spec.containers[0].resources + - it: "shoud render with other databases" + set: + config: + mysqlAdditionalDatabases: + dbOne: + user: one + password: pwd1 + dbTwo: + user: two + password: pwd2 + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + name: RELEASE-NAME-mariadb-init-secret + key: db-user-password + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_PASSWORD_DBONE + valueFrom: + secretKeyRef: + name: RELEASE-NAME-mariadb-init-secret + key: db-dbOne-user-password + - contains: + path: spec.template.spec.containers[0].env + content: + name: MYSQL_PASSWORD_DBTWO + valueFrom: + secretKeyRef: + name: RELEASE-NAME-mariadb-init-secret + key: db-dbTwo-user-password diff --git a/kubernetes/common/mariadb-init/tests/secret_test.yaml b/kubernetes/common/mariadb-init/tests/secret_test.yaml new file mode 100644 index 0000000000..ef0565d6c0 --- /dev/null +++ b/kubernetes/common/mariadb-init/tests/secret_test.yaml @@ -0,0 +1,49 @@ +--- +suite: test secret behavior +templates: + - secret.yaml +tests: + - it: "should render with default values" + asserts: + - isKind: + of: Secret + - equal: + path: metadata.name + value: RELEASE-NAME-mariadb-init + - equal: + path: metadata.namespace + value: NAMESPACE + - matchRegex: + path: metadata.labels.app + pattern: mariadb-init-config-job + - equal: + path: data.db-user-password + value: Q2lAc2hzT2QzcGt5MVZqaQ== + - it: "should render specific password value base64 encoded" + set: + config: + userPassword: yolo + asserts: + - equal: + path: data.db-user-password + value: eW9sbw== + - it: "shoud render with other databases" + set: + config: + mysqlAdditionalDatabases: + dbOne: + user: one + password: pwd1 + dbTwo: + user: two + password: pwd2 + asserts: + - equal: + path: data.db-user-password + value: Q2lAc2hzT2QzcGt5MVZqaQ== + - equal: + path: data.db-dbOne-user-password + value: cHdkMQ== + - equal: + path: data.db-dbTwo-user-password + value: cHdkMg== -- cgit 1.2.3-korg