diff --git a/charts/kspm-collector/templates/_helpers.tpl b/charts/kspm-collector/templates/_helpers.tpl index 1ab2cdbfd..f277fa2e1 100644 --- a/charts/kspm-collector/templates/_helpers.tpl +++ b/charts/kspm-collector/templates/_helpers.tpl @@ -132,12 +132,12 @@ Sysdig NATS service URL Helper to define if to enable nats_insecure */}} {{- define "kspmCollector.natsInsecure" -}} -{{- if and (hasKey .Values "sslVerifyCertificate") ( .Values.sslVerifyCertificate ) -}} +{{- if (.Values.sslVerifyCertificate | default .Values.global.sslVerifyCertificate) -}} "false" -{{- else if and (hasKey .Values.global "sslVerifyCertificate") ( .Values.global.sslVerifyCertificate ) -}} - "false" -{{- else -}} +{{- else if or (eq .Values.sslVerifyCertificate false) (eq .Values.global.sslVerifyCertificate false) -}} "true" +{{- else -}} + "false" {{- end -}} {{- end -}} diff --git a/charts/kspm-collector/tests/cert_validation_test.yaml b/charts/kspm-collector/tests/cert_validation_test.yaml new file mode 100644 index 000000000..6a3d5b63b --- /dev/null +++ b/charts/kspm-collector/tests/cert_validation_test.yaml @@ -0,0 +1,45 @@ +suite: KSPM Collector Skip certificate tests +templates: + - templates/configmap.yaml +tests: + - it: "SSL certificate validation enabled" + set: + clusterName: "test" + global: + kspm: + deploy: true + templates: + - templates/configmap.yaml + asserts: + - equal: + path: data.nats_insecure + value: "false" + + - it: "Global SSL certificate validation disabled" + set: + clusterName: "test" + nodeAnalyzer.hostScanner.deploy: true + global: + kspm: + deploy: true + sslVerifyCertificate: false + templates: + - templates/configmap.yaml + asserts: + - equal: + path: data.nats_insecure + value: "true" + + - it: "SSL certificate validation disabled" + set: + clusterName: "test" + global: + kspm: + deploy: true + sslVerifyCertificate: false + templates: + - templates/configmap.yaml + asserts: + - equal: + path: data.nats_insecure + value: "true" diff --git a/charts/kspm-collector/tests/proxy_test.yaml b/charts/kspm-collector/tests/proxy_test.yaml new file mode 100644 index 000000000..9e8b8b6a3 --- /dev/null +++ b/charts/kspm-collector/tests/proxy_test.yaml @@ -0,0 +1,68 @@ +suite: KSPM Collector Proxy tests +templates: + - templates/configmap.yaml +tests: + - it: "No proxy configured" + set: + clusterName: "test" + global: + kspm: + deploy: true + templates: + - templates/configmap.yaml + asserts: + - notExists: + path: data.http_proxy + - notExists: + path: data.https_proxy + - notExists: + path: data.no_proxy + + - it: "Global proxy settings are set" + set: + clusterName: "test" + global: + kspm: + deploy: true + proxy: + httpProxy: "http://squid.domain.local:3128" + httpsProxy: "http://squid.domain.local:3128" + noProxy: "100.64.0.0/10" + templates: + - templates/configmap.yaml + asserts: + - isKind: + of: ConfigMap + - equal: + path: data.http_proxy + value: "http://squid.domain.local:3128" + - equal: + path: data.https_proxy + value: "http://squid.domain.local:3128" + - equal: + path: data.no_proxy + value: "100.64.0.0/10" + + - it: "Proxy settings are set" + set: + clusterName: "test" + global: + kspm: + deploy: true + httpProxy: "http://squid.domain.local:3128" + httpsProxy: "http://squid.domain.local:3128" + noProxy: "100.64.0.0/10" + templates: + - templates/configmap.yaml + asserts: + - isKind: + of: ConfigMap + - equal: + path: data.http_proxy + value: "http://squid.domain.local:3128" + - equal: + path: data.https_proxy + value: "http://squid.domain.local:3128" + - equal: + path: data.no_proxy + value: "100.64.0.0/10"