Skip to content

Latest commit

 

History

History

tests

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
assets
assets
 
 
bats
bats
 
 
it
it
 
 
lib
lib
 
 
unit
unit
 
 
README.md
README.md
 
 
alpine.Dockerfile
alpine.Dockerfile
 
 
http.yaml
http.yaml
 
 
ubuntu.Dockerfile
ubuntu.Dockerfile
 
 

README.md

helm-secrets test suite

This tests suite use the bats-core framework.

Some test extension libraries are included in this project as git submodule.

Run

git submodule update --init --force

to checkout the submodules.

Wording

Inside helm-secrets we have 2 groups of tests:

  • unit tests

    Can be run without an reachable kubernetes cluster Located under ./unit/

  • integration tests

    Depends against a reachable kubernetes cluster Located under ./it/

Requirements

To execute the tests have to install some utilities first.

bats

Then follow the installation instruction for bats here: https://github.com/bats-core/bats-core#installation

More information's here: https://github.com/bats-core/bats-core

sops

Can be downloaded here: https://github.com/getsops/sops/releases

Alternately available via homebrew:

brew install sops

More information's here: https://github.com/getsops/sops

gpg

sops only non-public cloud encryption method based on gpg.

Alternately available via homebrew:

brew info gnupg

On Linux use your package manager to install gpg if it's not already installed.

vault-cli (optional)

The vault cli is only required to run the tests with the HELM_SECRETS_BACKEND=vault environment variable.

You could download vault here: https://www.vaultproject.io/downloads

Alternately available via homebrew:

brew info vault

onepassword (optional)

The 1Password CLI is only required to run the tests with the HELM_SECRETS_BACKEND=custom-onepassword environment variable.

Instructions on how to install and set up the 1Password CLI can be found here: https://developer.1password.com/docs/cli/get-started

Create the following test item before running the tests:

op item create --category=login \
    --title='helm-secrets test' \
    --vault='Private' \
    'username=test-username' \
    'password=mytestpassword123' \
    'email[email][email protected]' \
    'data.username[text]=a-test-name' \
    'data.password[password]=testthispassword' \
    'data 2.email[email][email protected]' \
    'data 2.password[password]=my-test-could-be-different!'

Run

If possible start the tests from the root of the repository. Then execute:

# Unit Tests
bats -r tests/unit

# IT Tests
bats -r tests/it

If bats is not installed locally, you could run bats directory from this repo:

# Unit Tests
./tests/bats/core/bin/bats -r tests/unit

# IT Tests
./tests/bats/core/bin/bats -r tests/it

This method is described as "Run bats from source" inside the bats-core documentation.

More information about running single tests or filtering tests can be found here: https://github.com/bats-core/bats-core#usage

By default, the sops backend is selected for tests. If you want to test another secret backend like vals, you could do it by env variable HELM_SECRETS_BACKEND=vals.

# Unit Tests
HELM_SECRETS_BACKEND=vault bats -r tests/unit

# IT Tests
HELM_SECRETS_BACKEND=vault bats -r tests/it

The vault tests require a reachable vault server. Start one on your local machine by running:

vault server -dev -dev-root-token-id=test

The tests will seed the vault server as needed.