Common Refactor Project

[PrivatePuffin]

We're planning to completely refactor the common chart and here are some important key notes that need to be tracked/completed:

• [x] Move Common to a seperate REPO
• [ ] Ensure unit-test coverage for all available options
• [x] investigate moving unittests to helm unittest like k8s-at-home (https://github.com/k8s-at-home/library-charts/pull/133/commits/7c1221836621e0cef300e14ce6ffc44b8f031a0c)
• [x] move common/library-charts to helm unittest instead of ruby or go
• [x] Ensure SCALE specific templating is not done on non-scale deployments
• [x] Make the auto permissions ACL-aware/compatible
• [x] add NFS storage options.
• [x] add NFS storage GUI
• [x] allow tpl for annotations
• [x] allow tpl for labels
• [X] allow tpl for additional containers
• [x] allow to disable inotify patch

Unit Tests Tracking list

This section lists the required unittests, some might already be present (and can be checked off after verifying they exists), others need to be writhen from scratch. Feel free to submit PR's for additional unittests to the following branch: https://github.com/truecharts/library-charts/tree/staging

That way they will be added to the following PR: https://github.com/truecharts/library-charts/pull/16

Controller:

• [x] Enable
• [x] disble
• [x] type: daemonset, deployment, statefullset
• [ ] annotationsList
• [ ] annotations
• [ ] LabelsList
• [ ] Labels
• [x] replica's (on both daemonset and statefullset)
• [ ] strategy: all options for deployments and statefullsets
• [ ] rolingUpdate: test if values propage on both pod types
• [ ] check if revision history limit propagates on all deployment types

Images:

• [ ] image selector: test if selector works on all deployment types
• [x] command: test if command propagates on all deployment types
• [x] args: test if propagates on all deployment types
• [ ] extraArgs: test if propagates (and merges) on all deployment types
• [ ] TZ: test if propagates on all deployment types
• [ ] patchInitify: test if this can be disabled correctly

pod:

• [ ] podAnnotations: check if correctly applied
• [ ] podAnnotationsList: check if merged and correctly applied
• [ ] podLabels: check if correctly applied
• [ ] podLabelsList: check if merged and correctly applied
• [ ] tty: check can be enabled
• [ ] stdin: check can be enabled

HPA:

• [ ] test if defaults are all set correctly on main HPA
• [ ] test if additional HPA's can be created with correct defaults
• [ ] targetKind: test can be set
• [ ] target: test can be set
• [ ] minReplicas: test can be set
• [ ] maxReplicas: test can be set
• [ ] targetCPUUtilizationPercentage: test can be set
• [ ] targetMemoryUtilizationPercentage: check if can be set

serviceAccount:

• [ ] test if main serviceAccount can be enabled
• [ ] test if additional serviceAccounts can be created
• [ ] test if other serviceaccount can be flagged as primary
• [ ] test if annotations can be set

rbac:

• [ ] test if can be enabled
• [ ] test if others can be created
• [ ] test if others can correctly be set as primary
• [ ] test if clusterRoleLabels can be set
• [ ] test if clusterRoleAnnotations can be set
• [ ] test if clusterRuleBinderingLabels can be set
• [ ] test if clusterRuleBindingAnnotations can be set
• [ ] test if rules can be set
• [ ] test if subjects can be added
• [ ] test if default subject is applied correctly
• [ ] test if the default serviceAccountName can be set

networkPolicy:

• [ ] test if can be enabled
• [ ] test if podSelector defaults to helm-chart selector labels
• [ ] test if policyTypes can be set
• [ ] test if egress can be set
• [ ] test if ingress can be set
• [ ] test if multiple can be added.

secretEnv:

• [X] secret loaded as env when env vars are set
• [ ] secret created when env vars are set

secret:

• [ ] test if secret can get added
• [ ] test if example-secret is not loaded (test disble)
• [ ] test if data gets loaded into secret

priorityClassName:

• [ ] test if it gets parsed

schedulerName:

• [ ] test if it gets parsed

hostname:

• [ ] test if it gets parsed

dnsConfig:

• [ ] test the default ndots setting is correctly being set
• [ ] test if we can add more settings and they get parsed correctly

enableServiceLinks:

• [ ] Check if this can be enabled

security:

• [ ] Check if PUID results in the env-vars being set by default
• [ ] check us UMASK results in the env-vars being set by default
• [ ] Check we we can change PUID
• [ ] Check if we can change UMASK

customCapabilities:

• [ ] test if we can add capabilities through this
• [ ] test if we can drop capabilities through this

podSecurityContext:

• [ ] Test if the defaults are set correctly
• [ ] test if we can change runAsUser
• [ ] test if we can change runAsGroup
• [ ] test if we can change fsGroup
• [ ] test if we can add supplementalGroups
• [ ] test if we can change fsGroupChangePolicy

lifecycle:

• [ ] test if settings added here propagate into the chart correctly

installContainers:

• [x] test if containers added here gets added
• [x] test if TPL can be used
• [ ] ensure they are only run on install

upgradeContainers:

• [x] test if the containers added here get added
• [x] test if TPL can be used
• [ ] ensure they are only run on upgrade

probes:

• [ ] test if each of the probe types can be disabled
• [ ] test if each of the probes can be set to TCP and UDP
• [ ] test if the path can be changed
• [ ] test if the spec can be changed
• [ ] check if service/port configs propagate to probes
• [ ] check if the custom options works

termination:

• [ ] #2732
• [ ] check if messagePolicy gets set correctly
• [ ] ensure default of gracePeriodSeconds gets set
• [ ] check if gracePeriodSeconds can get changed

serviceList:

• [ ] Ensure items here get merged with service

ingressList:

• [ ] Ensure items here get merged with Ingress

deviceList:

• [ ] check if correct hostPath mountpoints are created
• [ ] check if automatic supplemental groups are set on SCALE

persistenceList:

• [ ] Ensure this is merged with persistenceList

configmap:

• [ ] ensure the default config configmap is not created by default (check disable)
• [ ] check if configmap can be enabled
• [ ] check if more configmaps can be added
• [ ] check if data makes it into the configmap

Autopermissions:

• [ ] Ensure initcontainer gets created
• [ ] Ensure script gets generated correctly
• [ ] ensure script gets altered based on fsGroup and persistence settings

nodeSelector:

• [ ] ensure this propagates into the chart at all

Affinity:

• [ ] ensure this propagates into the chart at all

topologySpreadConstraints:

• [ ] ensure this propagates into the chart at all

tolerations:

• [ ] ensure this propagates into the chart at all

hostAliases:

• [ ] ensure these can be added

resources:

• [ ] Ensure limits can be altered
• [ ] Ensure requests can be altered
• [ ] test if custom resource settings can be appended here

env:

• [X] check if everything loaded as envs and can use tpl

hostNetwork:

• [x] test if it gets enabled when enabled

dnsPolicy:

• [x] test if default is "ClusterFirst" when hostNetwork is false
• [x] test if default is "ClusterFirstWithHostNet" when hostNetwork is true
• [x] test is above defaults can be overriden manually.

initContainers:

• [x] test if the containers specified here get added correctly.
• [x] test if TPL can be used

additionalContainers:

• [x] test if the containers added here get added
• [x] test if TPL can be used

service:

• [X] Already covered by current tests

Ingress:

• [X] Already covered by current tests

persistence:

• [X] Already covered by current tests

volumeClaimTemplates:

• [X] Already covered by current tests

addons:

• [X] Already covered by current tests

---

SCALE Specific tests

General:

scaleGPU:

• [ ] ensure this propagates (even without actuall SCALE or GPU present it should propagate something)
• [ ] ensure it sets the additional supplementalGroups
• [ ] add a fake nvidia gpu and test if our custom env-var gets set
• [ ] ensure the custom nvidia env-var is not present on non-scale deployments

persistence:

• [ ] ensure simple persistence type gets tested
• [ ] Test default storageClass as SCALE App for PVC
• [ ] Test default storageClass as SCALE App for VCT

Service:

• [ ] ensure simple servicetype gets tested

Ingress:

• [X] ensure traefik annotations get set
• [ ] ensure middleware options work
• [ ] Ensure normal ingress is fully usable without SCALE certs
• [ ] Test SCALE Cert generation
• [ ] Test SCALE certificate loaded with Ingress

Portal:

• [x] test if can be enabled
• [x] test if path can be overrided
• [x] test if the hostIP can be overrided
• [x] test if the port can be overrided
• [ ] Ensure it correctly reads the main ingress when enabled
• [ ] Ensure it reads the correct main service when enabled (both loadbalancer and nodePort)

externalInterfaces:

• [ ] needs a thorough write from scratch

[PrivatePuffin]

@all-contributors please add @Sagit-chu for video and doc

[allcontributors[bot]]

@Ornias1993

I've put up a pull request to add @Sagit-chu! :tada:

[PrivatePuffin]

@all-contributors please add @brunofatia for financial

[allcontributors[bot]]

@Ornias1993

I've put up a pull request to add @brunofatia! :tada:

[truecharts-admin]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in two weeks if no further activity occurs. Thank you for your contributions.

[PrivatePuffin]

Nearly all done or moved to projects instead