dvirlabs/operators
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
operators/charts/kube-prometheus-stack/unittests/alertmanager/networkpolicy_test.yaml
dvirlabs 585ec5c4f3 Add prometheus operator
2025-05-23 07:43:19 +03:00

151 lines
4.5 KiB
YAML
Raw Blame History

suite: test networkpolicy
templates:
- alertmanager/networkpolicy.yaml
tests:
- it: should be empty if alertmanager is not enabled
set:
alertmanager.enabled: false
alertmanager.networkPolicy.enabled: true
asserts:
- hasDocuments:
count: 0
- it: should be empty if networkpolicy is not enabled
set:
alertmanager.enabled: true
alertmanager.networkPolicy.enabled: false
asserts:
- hasDocuments:
count: 0
- it: should have correct API version and kind
set:
alertmanager.enabled: true
alertmanager.networkPolicy.enabled: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: NetworkPolicy
- isAPIVersion:
of: networking.k8s.io/v1
- it: should configure gateway namespace correctly
set:
alertmanager.enabled: true
alertmanager.networkPolicy.enabled: true
alertmanager.networkPolicy.gateway.namespace: custom-gateway
asserts:
- equal:
path: spec.ingress[0].from[0].namespaceSelector.matchLabels["kubernetes.io/metadata.name"]
value: custom-gateway
- it: should configure gateway pod labels correctly
set:
alertmanager.enabled: true
alertmanager.networkPolicy.enabled: true
alertmanager.networkPolicy.gateway.podLabels:
app.kubernetes.io/name: custom-gateway
asserts:
- equal:
path: spec.ingress[0].from[0].podSelector.matchLabels
value:
app.kubernetes.io/name: custom-gateway
- it: should include Prometheus rules when enabled
set:
alertmanager.enabled: true
alertmanager.networkPolicy.enabled: true
alertmanager.networkPolicy.monitoringRules.prometheus: true
alertmanager.service.port: 9093
asserts:
- matchRegex:
path: spec.ingress[1].from[0].podSelector.matchLabels["app.kubernetes.io/name"]
pattern: prometheus
- it: should include Loki rules when enabled
set:
alertmanager.enabled: true
alertmanager.networkPolicy.enabled: true
alertmanager.networkPolicy.monitoringRules.loki: true
alertmanager.service.port: 9093
asserts:
- matchRegex:
path: spec.ingress[2].from[0].podSelector.matchLabels["app.kubernetes.io/name"]
pattern: loki
- it: should include cluster rules when enabled
set:
alertmanager.enabled: true
alertmanager.networkPolicy.enabled: true
alertmanager.networkPolicy.enableClusterRules: true
alertmanager.service.clusterPort: 9094
asserts:
- matchRegex:
path: spec.ingress[3].from[0].podSelector.matchLabels["app.kubernetes.io/name"]
pattern: alertmanager
- it: should add additional ingress rules when specified
set:
alertmanager.enabled: true
alertmanager.networkPolicy.enabled: true
alertmanager.networkPolicy.additionalIngress:
- from:
- namespaceSelector:
matchLabels:
name: custom-namespace
asserts:
- equal:
path: spec.ingress[-1].from[0].namespaceSelector.matchLabels.name
value: custom-namespace
- it: should include egress rules when enabled
set:
alertmanager.enabled: true
alertmanager.networkPolicy.enabled: true
alertmanager.networkPolicy.egress:
enabled: true
rules:
- to:
- podSelector:
matchLabels:
name: smtp-relay
asserts:
- equal:
path: spec.egress[0].to[0].podSelector.matchLabels.name
value: smtp-relay
- it: should use specified policy types
set:
alertmanager.enabled: true
alertmanager.networkPolicy.enabled: true
alertmanager.networkPolicy.policyTypes:
- Ingress
- Egress
asserts:
- equal:
path: spec.policyTypes
value:
- Ingress
- Egress
- it: should handle empty gateway pod labels
set:
alertmanager.enabled: true
alertmanager.networkPolicy.enabled: true
alertmanager.networkPolicy.gateway.namespace: custom-gateway
alertmanager.networkPolicy.gateway.podLabels: null
alertmanager.networkPolicy.policyTypes[0]: Ingress
alertmanager.service.port: 9093
asserts:
- hasDocuments:
count: 1
- isKind:
of: NetworkPolicy
- equal:
path: spec.ingress[0].from[0].namespaceSelector.matchLabels["kubernetes.io/metadata.name"]
value: custom-gateway
- equal:
path: spec.ingress[0].ports[0].port
value: 9093
Reference in New Issue View Git Blame Copy Permalink