From a97bb78ee7e7e7649205e1ca7658a940611f532e Mon Sep 17 00:00:00 2001 From: Siebe Vanden Eynden Date: Fri, 17 Sep 2021 12:14:04 +0200 Subject: [PATCH] feat: add service account name to worker deployments --- assets/auto-deploy-app/Chart.yaml | 2 +- .../templates/worker-deployment.yaml | 3 + .../test/templates/test_helpers.go | 4 + .../test/templates/workerdeployment_test.go | 170 ++++++++++++++++++ 4 files changed, 178 insertions(+), 1 deletion(-) diff --git a/assets/auto-deploy-app/Chart.yaml b/assets/auto-deploy-app/Chart.yaml index ea0a88b..819d0b3 100644 --- a/assets/auto-deploy-app/Chart.yaml +++ b/assets/auto-deploy-app/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 description: GitLab's Auto-deploy Helm Chart name: auto-deploy-app -version: 2.11.3 +version: 2.13.0 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png diff --git a/assets/auto-deploy-app/templates/worker-deployment.yaml b/assets/auto-deploy-app/templates/worker-deployment.yaml index 596f488..953aebc 100644 --- a/assets/auto-deploy-app/templates/worker-deployment.yaml +++ b/assets/auto-deploy-app/templates/worker-deployment.yaml @@ -41,6 +41,9 @@ items: tier: worker release: {{ $.Release.Name }} spec: +{{- if or ($.Values.serviceAccount.name) ($.Values.serviceAccountName) }} + serviceAccountName: {{ $.Values.serviceAccount.name | default $.Values.serviceAccountName | quote }} +{{- end }} imagePullSecrets: {{ toYaml $.Values.image.secrets | indent 12 }} {{- with $nodeSelectorConfig := default $.Values.nodeSelector $workerConfig.nodeSelector -}} diff --git a/assets/auto-deploy-app/test/templates/test_helpers.go b/assets/auto-deploy-app/test/templates/test_helpers.go index da8c498..1f163ab 100644 --- a/assets/auto-deploy-app/test/templates/test_helpers.go +++ b/assets/auto-deploy-app/test/templates/test_helpers.go @@ -80,6 +80,10 @@ type workerDeploymentSelectorTestCase struct { ExpectedSelector *metav1.LabelSelector } +type workerDeploymentServiceAccountTestCase struct { + ExpectedServiceAccountName string +} + type deploymentList struct { metav1.TypeMeta `json:",inline"` diff --git a/assets/auto-deploy-app/test/templates/workerdeployment_test.go b/assets/auto-deploy-app/test/templates/workerdeployment_test.go index fd7b498..d8fc029 100644 --- a/assets/auto-deploy-app/test/templates/workerdeployment_test.go +++ b/assets/auto-deploy-app/test/templates/workerdeployment_test.go @@ -319,6 +319,176 @@ func TestWorkerDeploymentTemplate(t *testing.T) { }) } + // serviceAccountName + for _, tc := range []struct { + CaseName string + Release string + Values map[string]string + + ExpectedDeployments []workerDeploymentServiceAccountTestCase + }{ + { + CaseName: "default service account", + Release: "production", + ExpectedDeployments: []workerDeploymentServiceAccountTestCase{ + { + ExpectedServiceAccountName: "", + }, + }, + }, + { + CaseName: "empty service account name", + Release: "production", + Values: map[string]string{ + "serviceAccountName": "", + }, + ExpectedDeployments: []workerDeploymentServiceAccountTestCase{ + { + ExpectedServiceAccountName: "", + }, + }, + }, + { + CaseName: "custom service account name - myServiceAccount", + Release: "production", + Values: map[string]string{ + "serviceAccountName": "myServiceAccount", + }, + ExpectedDeployments: []workerDeploymentServiceAccountTestCase{ + { + ExpectedServiceAccountName: "myServiceAccount", + }, + }, + }, + } { + t.Run(tc.CaseName, func(t *testing.T) { + namespaceName := "minimal-ruby-app-" + strings.ToLower(random.UniqueId()) + + values := map[string]string{ + "gitlab.app": "auto-devops-examples/minimal-ruby-app", + "gitlab.env": "prod", + "workers.worker1.command[0]": "echo", + "workers.worker1.command[1]": "worker1", + } + + mergeStringMap(values, tc.Values) + + options := &helm.Options{ + SetValues: values, + KubectlOptions: k8s.NewKubectlOptions("", "", namespaceName), + } + + output := helm.RenderTemplate(t, options, helmChartPath, tc.Release, []string{"templates/worker-deployment.yaml"}) + + var deployments deploymentAppsV1List + helm.UnmarshalK8SYaml(t, output, &deployments) + + require.Len(t, deployments.Items, len(tc.ExpectedDeployments)) + + for i, expectedDeployment := range tc.ExpectedDeployments { + deployment := deployments.Items[i] + require.Equal(t, expectedDeployment.ExpectedServiceAccountName, deployment.Spec.Template.Spec.ServiceAccountName) + } + }) + } + + // serviceAccount + for _, tc := range []struct { + CaseName string + Release string + Values map[string]string + + ExpectedDeployments []workerDeploymentServiceAccountTestCase + }{ + { + CaseName: "default service account", + Release: "production", + ExpectedDeployments: []workerDeploymentServiceAccountTestCase{ + { + ExpectedServiceAccountName: "", + }, + }, + }, + { + CaseName: "empty service account name", + Release: "production", + Values: map[string]string{ + "serviceAccount.name": "", + }, + ExpectedDeployments: []workerDeploymentServiceAccountTestCase{ + { + ExpectedServiceAccountName: "", + }, + }, + }, + { + CaseName: "custom service account name - myServiceAccount", + Release: "production", + Values: map[string]string{ + "serviceAccount.name": "myServiceAccount", + }, + ExpectedDeployments: []workerDeploymentServiceAccountTestCase{ + { + ExpectedServiceAccountName: "myServiceAccount", + }, + }, + }, + { + CaseName: "serviceAccount.name takes precedence over serviceAccountName", + Release: "production", + Values: map[string]string{ + "serviceAccount.name": "myServiceAccount1", + "serviceAccountName": "myServiceAccount2", + }, + ExpectedDeployments: []workerDeploymentServiceAccountTestCase{ + { + ExpectedServiceAccountName: "myServiceAccount1", + }, + }, + }, + } { + t.Run(tc.CaseName, func(t *testing.T) { + namespaceName := "minimal-ruby-app-" + strings.ToLower(random.UniqueId()) + + values := map[string]string{ + "gitlab.app": "auto-devops-examples/minimal-ruby-app", + "gitlab.env": "prod", + "workers.worker1.command[0]": "echo", + "workers.worker1.command[1]": "worker1", + } + + mergeStringMap(values, tc.Values) + + options := &helm.Options{ + SetValues: values, + KubectlOptions: k8s.NewKubectlOptions("", "", namespaceName), + } + + output := helm.RenderTemplate( + t, + options, + helmChartPath, + tc.Release, + []string{"templates/worker-deployment.yaml"}, + ) + + var deployments deploymentAppsV1List + helm.UnmarshalK8SYaml(t, output, &deployments) + + require.Len(t, deployments.Items, len(tc.ExpectedDeployments)) + + for i, expectedDeployment := range tc.ExpectedDeployments { + deployment := deployments.Items[i] + require.Equal( + t, + expectedDeployment.ExpectedServiceAccountName, + deployment.Spec.Template.Spec.ServiceAccountName, + ) + } + }) + } + + // worker lifecycle for _, tc := range []struct { CaseName string -- GitLab