This tests suite use the bats-core framework.
Some test extension libraries are included in this project as git submodule.
Run
git submodule update --init --force
to checkout the submodules.
Inside helm-secrets we have 2 groups of tests:
-
unit tests
Can be run without an reachable kubernetes cluster Located under ./unit/
-
integration tests
Depends against a reachable kubernetes cluster Located under ./it/
To execute the tests have to install some utilities first.
Then follow the installation instruction for bats here: https://github.com/bats-core/bats-core#installation
More information's here: https://github.com/bats-core/bats-core
Can be downloaded here: https://github.com/mozilla/sops/releases
Alternately available via homebrew:
brew install sops
More information's here: https://github.com/mozilla/sops
sops only non public cloud encryption method based on gpg.
Alternately available via homebrew:
brew info gnupg
On Linux use your package manager to install gpg if it's not already installed.
The vault cli is only required to run the tests with the HELM_SECRETS_DRIVER=vault
environment variable.
You could download vault here: https://www.vaultproject.io/downloads
Alternately available via homebrew:
brew info vault
If possible start the tests from the root of the repository. Then execute:
# Unit Tests
bats -r tests/unit
# IT Tests
bats -r tests/it
If bats is not installed locally, you could run bats directory from this repo:
# Unit Tests
./tests/bats/core/bin/bats -r tests/unit
# IT Tests
./tests/bats/core/bin/bats -r tests/it
This method is described as "Run bats from source" inside the bats-core documentation.
More information about running single tests or filtering tests can be found here: https://github.com/bats-core/bats-core#usage
By default, the sops driver is selected for tests. If you want to test an other secrets driver like
vault you could do it by env variable HELM_SECRETS_DRIVER=vault
.
# Unit Tests
HELM_SECRETS_DRIVER=vault bats -r tests/unit
# IT Tests
HELM_SECRETS_DRIVER=vault bats -r tests/it
The vault tests require a reachable vault server. Start one on you local machine by run:
vault server -dev -dev-root-token-id=test
The tests will seed the vault server as needed.