-
Notifications
You must be signed in to change notification settings - Fork 3.7k
Expand file tree
/
Copy pathenv-defaults_test.yaml
More file actions
102 lines (95 loc) · 3.27 KB
/
Copy pathenv-defaults_test.yaml
File metadata and controls
102 lines (95 loc) · 3.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
suite: envDefaults — secret-mode-aware inlining (round-9 regression net)
release:
name: t
namespace: sim
defaults: &defaults
app.env.BETTER_AUTH_SECRET: x
app.env.ENCRYPTION_KEY: x
app.env.INTERNAL_API_SECRET: x
app.env.CRON_SECRET: x
postgresql.auth.password: x
tests:
- it: inline mode renders localhost envDefaults on the app pod
template: deployment-app.yaml
set:
<<: *defaults
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: BETTER_AUTH_URL
value: http://localhost:3000
- it: inline mode renders localhost envDefaults on the realtime pod
template: deployment-realtime.yaml
set:
<<: *defaults
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: BETTER_AUTH_URL
value: http://localhost:3000
- it: existingSecret mode skips envDefaults on the app pod
template: deployment-app.yaml
set:
app.secrets.existingSecret.enabled: true
app.secrets.existingSecret.name: my-secret
postgresql.auth.password: x
asserts:
- notContains:
path: spec.template.spec.containers[0].env
content:
name: BETTER_AUTH_URL
value: http://localhost:3000
- it: existingSecret mode skips envDefaults on the realtime pod
template: deployment-realtime.yaml
set:
app.secrets.existingSecret.enabled: true
app.secrets.existingSecret.name: my-secret
postgresql.auth.password: x
asserts:
- notContains:
path: spec.template.spec.containers[0].env
content:
name: BETTER_AUTH_URL
value: http://localhost:3000
- it: existingSecret mode inlines user-set app.env values on the app pod
template: deployment-app.yaml
set:
app.secrets.existingSecret.enabled: true
app.secrets.existingSecret.name: my-secret
app.env.NEXT_PUBLIC_APP_URL: "https://prod.example.com"
postgresql.auth.password: x
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: NEXT_PUBLIC_APP_URL
value: "https://prod.example.com"
- it: existingSecret mode propagates app.env to the realtime pod (round-7 regression)
template: deployment-realtime.yaml
set:
app.secrets.existingSecret.enabled: true
app.secrets.existingSecret.name: my-secret
app.env.NEXT_PUBLIC_APP_URL: "https://prod.example.com"
postgresql.auth.password: x
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: NEXT_PUBLIC_APP_URL
value: "https://prod.example.com"
- it: realtime.env wins over app.env on the realtime pod in existingSecret mode
template: deployment-realtime.yaml
set:
app.secrets.existingSecret.enabled: true
app.secrets.existingSecret.name: my-secret
app.env.NEXT_PUBLIC_APP_URL: "https://prod.example.com"
realtime.env.NEXT_PUBLIC_APP_URL: "https://realtime.example.com"
postgresql.auth.password: x
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: NEXT_PUBLIC_APP_URL
value: "https://realtime.example.com"