Skip to content

Commit

Permalink
Merge pull request #50 from AechGG/feat/issue-49/service-account
Browse files Browse the repository at this point in the history
feat: issue 49: service account creation
  • Loading branch information
yorinasub17 authored Dec 14, 2019
2 parents 36e7998 + 61c11e0 commit 6f16e64
Show file tree
Hide file tree
Showing 3 changed files with 77 additions and 2 deletions.
18 changes: 18 additions & 0 deletions charts/k8s-service/templates/serviceaccount.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
{{- if .Values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.serviceAccount.name }}
namespace: {{ $.Release.Namespace }}
labels:
app: {{ template "k8s-service.name" . }}
{{- if .Values.serviceAccount.labels }}
{{- toYaml .Values.serviceAccount.labels | nindent 4 }}
{{- end }}
{{- if .Values.serviceAccount.annotations }}
annotations:
{{ toYaml .Values.serviceAccount.annotations | indent 4 }}
{{- end }}
imagePullSecrets:
{{ toYaml .Values.imagePullSecrets | indent 2 }}
{{- end }}
10 changes: 8 additions & 2 deletions charts/k8s-service/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -398,11 +398,17 @@ imagePullSecrets: []
# Namespace.
# - automountServiceAccountToken (bool) : Whether or not to automatically mount the ServiceAccount token as a volume
# into the Pod. Note that this can be used to override the equivalent config
# on the SerrviceAccount.
# on the ServiceAccount.
# - create (bool) : Whether or not to create a service account with the desired name
# - annotations (map) : Annotations will add the provided map to the annotations for the service
# account created
#
# The default config uses empty string to indicate that the default service account should be used.
# The default config uses empty string to indicate that the default service account should be used and one shouldn't
# be created
serviceAccount:
name: ""
create: false
labels: {}

# horizontalPodAutoscaler is a map that configures the Horizontal Pod Autoscaler information for this pod
# The expected keys of hpa are:
Expand Down
51 changes: 51 additions & 0 deletions test/k8s_service_service_account_template_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,65 @@
package test

import (
"path/filepath"
"strings"
"testing"

"github.com/ghodss/yaml"
"github.com/gruntwork-io/terratest/modules/helm"
"github.com/gruntwork-io/terratest/modules/random"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)

// Test that setting serviceAccount.create = true will cause the helm template to render the Service Account resource
func TestK8SServiceAccountCreateTrueCreatesServiceAccount(t *testing.T) {
t.Parallel()
randomSAName := strings.ToLower(random.UniqueId())

helmChartPath, err := filepath.Abs(filepath.Join("..", "charts", "k8s-service"))
require.NoError(t, err)

// We make sure to pass in the linter_values.yaml values file, which we assume has all the required values defined.
// We then use SetValues to override all the defaults.
options := &helm.Options{
ValuesFiles: []string{filepath.Join("..", "charts", "k8s-service", "linter_values.yaml")},
SetValues: map[string]string{"serviceAccount.name": randomSAName, "serviceAccount.create": "true"},
}
out := helm.RenderTemplate(t, options, helmChartPath, []string{"templates/serviceaccount.yaml"})

// We take the output and render it to a map to validate it has created a service account output or not
rendered := map[string]interface{}{}
err = yaml.Unmarshal([]byte(out), &rendered)
assert.NoError(t, err)
assert.NotEqual(t, 0, len(rendered))
assert.Equal(t, randomSAName, rendered["metadata"].(map[string]interface{})["name"])
}

// Test that setting serviceAccount.create = false will cause the helm template to not render the Service Account
// resource
func TestK8SServiceAccountCreateFalse(t *testing.T) {
t.Parallel()
randomSAName := strings.ToLower(random.UniqueId())

helmChartPath, err := filepath.Abs(filepath.Join("..", "charts", "k8s-service"))
require.NoError(t, err)

// We make sure to pass in the linter_values.yaml values file, which we assume has all the required values defined.
// We then use SetValues to override all the defaults.
options := &helm.Options{
ValuesFiles: []string{filepath.Join("..", "charts", "k8s-service", "linter_values.yaml")},
SetValues: map[string]string{"serviceAccount.name": randomSAName, "serviceAccount.create": "false"},
}
out := helm.RenderTemplate(t, options, helmChartPath, []string{"templates/serviceaccount.yaml"})

// We take the output and render it to a map to validate it has created a service account output or not
rendered := map[string]interface{}{}
err = yaml.Unmarshal([]byte(out), &rendered)
assert.NoError(t, err)
assert.Equal(t, 0, len(rendered))
}

func TestK8SServiceServiceAccountInjection(t *testing.T) {
t.Parallel()
randomSAName := strings.ToLower(random.UniqueId())
Expand Down

0 comments on commit 6f16e64

Please sign in to comment.