Fixed a bug on KSPM Collector where nats_insecure was set to wrong va…

…lues, added tests for proxy and skip of certificate

Signed-off-by: Daniele De Lorenzi <[email protected]>

charts/kspm-collector/templates/_helpers.tpl

@@ -132,12 +132,12 @@ Sysdig NATS service URL
  Helper to define if to enable nats_insecure
 */}}
 {{- define "kspmCollector.natsInsecure" -}}
-{{- if and (hasKey .Values "sslVerifyCertificate") ( .Values.sslVerifyCertificate ) -}}
+{{- if (.Values.sslVerifyCertificate | default .Values.global.sslVerifyCertificate) -}}
     "false"
-{{- else if and (hasKey .Values.global "sslVerifyCertificate") ( .Values.global.sslVerifyCertificate ) -}}
-    "false"
-{{- else -}}
+{{- else if or (eq .Values.sslVerifyCertificate false) (eq .Values.global.sslVerifyCertificate false) -}}
     "true"
+{{- else -}}
+    "false"
 {{- end -}}
 {{- end -}}
 

charts/kspm-collector/tests/cert_validation_test.yaml

@@ -0,0 +1,45 @@
+suite: KSPM Collector Skip certificate tests
+templates:
+  - templates/configmap.yaml
+tests:
+  - it: "SSL certificate validation enabled"
+    set:
+      clusterName: "test"
+      global:
+        kspm:
+          deploy: true
+    templates:
+      - templates/configmap.yaml
+    asserts:
+      - equal:
+          path: data.nats_insecure
+          value: "false"
+
+  - it: "Global SSL certificate validation disabled"
+    set:
+      clusterName: "test"
+      nodeAnalyzer.hostScanner.deploy: true
+      global:
+        kspm:
+          deploy: true
+        sslVerifyCertificate: false
+    templates:
+      - templates/configmap.yaml
+    asserts:
+      - equal:
+          path: data.nats_insecure
+          value: "true"
+
+  - it: "SSL certificate validation disabled"
+    set:
+      clusterName: "test"
+      global:
+        kspm:
+          deploy: true
+      sslVerifyCertificate: false
+    templates:
+      - templates/configmap.yaml
+    asserts:
+      - equal:
+          path: data.nats_insecure
+          value: "true"

charts/kspm-collector/tests/proxy_test.yaml

@@ -0,0 +1,68 @@
+suite: KSPM Collector Proxy tests
+templates:
+  - templates/configmap.yaml
+tests:
+  - it: "No proxy configured"
+    set:
+      clusterName: "test"
+      global:
+        kspm:
+          deploy: true
+    templates:
+      - templates/configmap.yaml
+    asserts:
+      - notExists:
+          path: data.http_proxy
+      - notExists:
+          path: data.https_proxy
+      - notExists:
+          path: data.no_proxy
+
+  - it: "Global proxy settings are set"
+    set:
+      clusterName: "test"
+      global:
+        kspm:
+          deploy: true
+        proxy:
+          httpProxy: "http://squid.domain.local:3128"
+          httpsProxy: "http://squid.domain.local:3128"
+          noProxy: "100.64.0.0/10"
+    templates:
+      - templates/configmap.yaml
+    asserts:
+      - isKind:
+          of: ConfigMap
+      - equal:
+          path: data.http_proxy
+          value: "http://squid.domain.local:3128"
+      - equal:
+          path: data.https_proxy
+          value: "http://squid.domain.local:3128"
+      - equal:
+          path: data.no_proxy
+          value: "100.64.0.0/10"
+
+  - it: "Proxy settings are set"
+    set:
+      clusterName: "test"
+      global:
+        kspm:
+          deploy: true
+      httpProxy: "http://squid.domain.local:3128"
+      httpsProxy: "http://squid.domain.local:3128"
+      noProxy: "100.64.0.0/10"
+    templates:
+      - templates/configmap.yaml
+    asserts:
+      - isKind:
+          of: ConfigMap
+      - equal:
+          path: data.http_proxy
+          value: "http://squid.domain.local:3128"
+      - equal:
+          path: data.https_proxy
+          value: "http://squid.domain.local:3128"
+      - equal:
+          path: data.no_proxy
+          value: "100.64.0.0/10"