From 305bd71da00d17b1f379bf7d4636ef2af9179f5b Mon Sep 17 00:00:00 2001
From: Ievgenii Shepeliuk <eshepelyuk@gmail.com>
Date: Fri, 27 Oct 2023 16:56:14 +0000
Subject: [PATCH] feat: introduce values schema

Signed-off-by: Ievgenii Shepeliuk <eshepelyuk@gmail.com>
---
 charts/opa-kube-mgmt/values.schema.json | 28 +++++++++++
 charts/opa-kube-mgmt/values.yaml        |  4 +-
 justfile                                | 18 ++++---
 test/lint/images.yaml                   | 65 +++++++++++++++++++++++++
 test/linter/test.sh                     | 65 -------------------------
 5 files changed, 105 insertions(+), 75 deletions(-)
 create mode 100644 charts/opa-kube-mgmt/values.schema.json
 create mode 100644 test/lint/images.yaml
 delete mode 100755 test/linter/test.sh

diff --git a/charts/opa-kube-mgmt/values.schema.json b/charts/opa-kube-mgmt/values.schema.json
new file mode 100644
index 00000000..3e5a2816
--- /dev/null
+++ b/charts/opa-kube-mgmt/values.schema.json
@@ -0,0 +1,28 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "$id": "https://github.com/open-policy-agent/kube-mgmt",
+  "title": "kube-mgmt helm values",
+
+  "definitions": {
+    "image": {
+      "type": "object", "title": "OPA docker image configuration", "required": ["repository", "tag"],
+      "properties": {
+        "repository": {"type": "string"},
+        "tag": {"type": "string"},
+        "pullPolicy": {"type": "string", "default": "IfNotPresent"}
+      }
+    }
+  },
+
+  "type": "object", "required": ["image", "mgmt"], "additionalProperties": true,
+  "properties": {
+    "image": {"$ref":  "#/definitions/image"},
+    "mgmt": {
+      "type": "object", "additionalProperties": true, "required": ["image", "enabled"],
+      "properties": {
+        "enabled": {"type": "boolean", "default": true},
+        "image": {"$ref": "#/definitions/image"}
+      }
+    }
+  }
+}
diff --git a/charts/opa-kube-mgmt/values.yaml b/charts/opa-kube-mgmt/values.yaml
index 53443b5f..ad95c403 100644
--- a/charts/opa-kube-mgmt/values.yaml
+++ b/charts/opa-kube-mgmt/values.yaml
@@ -109,7 +109,7 @@ authz:
 hostNetwork:
   enabled: false
 
-# Docker image and tag to deploy.
+# OPA docker image configuration.
 image:
   repository: openpolicyagent/opa
   tag: 0.53.1
@@ -134,7 +134,7 @@ mgmt:
   enabled: true
   image:
     repository: openpolicyagent/kube-mgmt
-    tag: null # appVersion is used by default, set to desired value to override
+    tag: "0.0.0" # appVersion is used by default, set to desired value to override
     pullPolicy: IfNotPresent
   extraArgs: []
   extraEnv: []
diff --git a/justfile b/justfile
index 73d33743..8cf0d5d0 100644
--- a/justfile
+++ b/justfile
@@ -26,24 +26,26 @@ _latest:
     crane tag ${SKAFFOLD_IMAGE} latest
   fi
 
+_helm-unittest:
+  helm plugin ls | grep unittest || helm plugin install https://github.com/helm-unittest/helm-unittest.git
+
 # golang linter
 lint-go:
   go vet ./...
   staticcheck ./...
 
 # helm linter
-lint-helm:
-  ./test/linter/test.sh
+lint-helm filter="*": _helm-unittest
+  helm unittest -f '../../test/lint/{{filter}}.yaml' charts/opa-kube-mgmt
 
-# run unit tests
+# run all unit tests
 lint: lint-go lint-helm
 
-# stub
-test-helm:
-  helm plugin ls | grep unittest || helm plugin install https://github.com/helm-unittest/helm-unittest.git
-  helm unittest -f '../../test/unit/*.yaml' charts/opa-kube-mgmt
+# run helm unit tests
+test-helm filter="*": _helm-unittest
+  helm unittest -f '../../test/unit/{{filter}}.yaml' charts/opa-kube-mgmt
 
-# golang unit tests
+# run golang unit tests
 test-go:
   go test ./...
 
diff --git a/test/lint/images.yaml b/test/lint/images.yaml
new file mode 100644
index 00000000..2356a736
--- /dev/null
+++ b/test/lint/images.yaml
@@ -0,0 +1,65 @@
+suite: lint image and mgmt.image
+templates:
+  - fake.yaml
+tests:
+  - it: image is null
+    set:
+      image: null
+    asserts:
+      - failedTemplate:
+          errorMessage: |
+            values don't meet the specifications of the schema(s) in the following chart(s):
+            opa-kube-mgmt:
+            - (root): image is required
+  - it: image.repository not string
+    set:
+      image:
+        repository: 5
+    asserts:
+      - failedTemplate:
+          errorMessage: |
+            values don't meet the specifications of the schema(s) in the following chart(s):
+            opa-kube-mgmt:
+            - image.repository: Invalid type. Expected: string, given: integer
+  - it: image.tag not string
+    set:
+      image:
+        tag: 5
+    asserts:
+      - failedTemplate:
+          errorMessage: |
+            values don't meet the specifications of the schema(s) in the following chart(s):
+            opa-kube-mgmt:
+            - image.tag: Invalid type. Expected: string, given: integer
+  - it: mgmt.image is null
+    set:
+      mgmt:
+        image: null
+    asserts:
+      - failedTemplate:
+          errorMessage: |
+            values don't meet the specifications of the schema(s) in the following chart(s):
+            opa-kube-mgmt:
+            - mgmt: image is required
+  - it: mgmt.image.repository not string
+    set:
+      mgmt:
+        image:
+          repository: 5
+    asserts:
+      - failedTemplate:
+          errorMessage: |
+            values don't meet the specifications of the schema(s) in the following chart(s):
+            opa-kube-mgmt:
+            - mgmt.image.repository: Invalid type. Expected: string, given: integer
+  - it: mgmt.image.tag not string
+    set:
+      mgmt:
+        image:
+          tag: 5
+    asserts:
+      - failedTemplate:
+          errorMessage: |
+            values don't meet the specifications of the schema(s) in the following chart(s):
+            opa-kube-mgmt:
+            - mgmt.image.tag: Invalid type. Expected: string, given: integer
diff --git a/test/linter/test.sh b/test/linter/test.sh
deleted file mode 100755
index 13ac4018..00000000
--- a/test/linter/test.sh
+++ /dev/null
@@ -1,65 +0,0 @@
-#!/bin/bash
-
-helm lint charts/opa-kube-mgmt --strict
-if [ $? -ne 0 ]; then
-  exit 1
-fi
-
-helm lint charts/opa-kube-mgmt --strict --set mgmt.enabled=true
-if [ $? -ne 0 ]; then
-  exit 1
-fi
-
-helm lint charts/opa-kube-mgmt --strict --set sar.enabled=true
-if [ $? -ne 0 ]; then
-  exit 1
-fi
-
-helm lint charts/opa-kube-mgmt --strict --set certManager.enabled=true
-if [ $? -ne 0 ]; then
-  exit 1
-fi
-
-helm lint charts/opa-kube-mgmt --strict --set prometheus.enabled=true
-if [ $? -ne 0 ]; then
-  exit 1
-fi
-
-helm lint charts/opa-kube-mgmt --strict --set admissionController.enabled=true
-if [ $? -ne 0 ]; then
-  exit 1
-fi
-
-helm lint charts/opa-kube-mgmt --strict --set authz.enabled=true
-if [ $? -ne 0 ]; then
-  exit 1
-fi
-
-helm lint charts/opa-kube-mgmt --strict --set useHttps=false
-if [ $? -ne 0 ]; then
-  exit 1
-fi
-
-helm lint charts/opa-kube-mgmt --strict --set "extraArgs={aa,bb,cc}"
-if [ $? -ne 0 ]; then
-  exit 1
-fi
-
-helm lint charts/opa-kube-mgmt --strict --set authz.enabled=true --set authz.mgmtToken.secretName=secretName --set authz.mgmtToken.secretKey=secretKey
-if [ $? -ne 0 ]; then
-  exit 1
-fi
-
-helm lint charts/opa-kube-mgmt --strict --set extraVolumeMounts\[0\].name=storage --set extraVolumeMounts\[0\].mountPath=/storage
-if [ $? -ne 0 ]; then
-  exit 1
-fi
-
-helm lint charts/opa-kube-mgmt --strict --set mgmt.replicate.ignoreNs={qwe.asd}
-if [ $? -ne 0 ]; then
-  exit 1
-fi
-
-echo "=================================================================================="
-echo "                                LINT PASSED"
-echo "=================================================================================="