diff --git a/charts/testkube-api/templates/role.yaml b/charts/testkube-api/templates/role.yaml index a1ff0619e..e60b36f7d 100644 --- a/charts/testkube-api/templates/role.yaml +++ b/charts/testkube-api/templates/role.yaml @@ -268,6 +268,40 @@ rules: --- +apiVersion: {{ include "global.capabilities.rbac.apiVersion" . }} +kind: Role +metadata: + name: webhooktemplate-role-{{ .Release.Name }} + labels: {{- include "testkube-api.labels" . | nindent 4 }} + {{- if .Values.global.labels }} + {{- include "global.tplvalues.render" ( dict "value" .Values.global.labels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.global.annotations}} + annotations: {{- include "global.tplvalues.render" ( dict "value" .Values.global.annotations "context" $ ) | nindent 4 }} + {{- end }} +rules: + - apiGroups: + - executor.testkube.io + resources: + - webhooktemplates + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - deletecollection + - apiGroups: + - executor.testkube.io + resources: + - webhooktemplates/status + verbs: + - get + +--- + apiVersion: {{ include "global.capabilities.rbac.apiVersion" . }} kind: Role metadata: diff --git a/charts/testkube-api/templates/rolebinding.yaml b/charts/testkube-api/templates/rolebinding.yaml index aad2567c7..714a50fe6 100644 --- a/charts/testkube-api/templates/rolebinding.yaml +++ b/charts/testkube-api/templates/rolebinding.yaml @@ -175,6 +175,28 @@ subjects: --- +apiVersion: {{ include "global.capabilities.rbac.apiVersion" . }} +kind: RoleBinding +metadata: + name: webhooktemplates-crb-{{ .Release.Name }} + labels: {{- include "testkube-api.labels" . | nindent 4 }} + {{- if .Values.global.labels }} + {{- include "global.tplvalues.render" ( dict "value" .Values.global.labels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.global.annotations}} + annotations: {{- include "global.tplvalues.render" ( dict "value" .Values.global.annotations "context" $ ) | nindent 4 }} + {{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: webhooktemplate-role-{{ .Release.Name }} +subjects: + - kind: ServiceAccount + name: {{ include "testkube-api.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + +--- + apiVersion: {{ include "global.capabilities.rbac.apiVersion" . }} kind: RoleBinding metadata: diff --git a/charts/testkube-operator/templates/executor.testkube.io_webhooks.yaml b/charts/testkube-operator/templates/executor.testkube.io_webhooks.yaml index 907642206..6154990ef 100644 --- a/charts/testkube-operator/templates/executor.testkube.io_webhooks.yaml +++ b/charts/testkube-operator/templates/executor.testkube.io_webhooks.yaml @@ -35,6 +35,36 @@ spec: spec: description: WebhookSpec defines the desired state of Webhook properties: + config: + additionalProperties: + description: webhook configuration value + properties: + secret: + description: private value stored in secret to use in webhook + template + properties: + key: + description: object key + type: string + name: + description: object name + type: string + namespace: + description: object kubernetes namespace + type: string + required: + - key + - name + type: object + value: + description: public value to use in webhook template + type: string + type: object + description: webhook configuration + type: object + disabled: + description: Disabled will disable the webhook + type: boolean events: description: Events declare list if events on which webhook should be called @@ -81,6 +111,34 @@ spec: OnStateChange will trigger the webhook only when the result of the current execution differs from the previous result of the same test/test suite/workflow Deprecated: field is not used type: boolean + parameters: + description: webhook parameters + items: + description: webhook parameter schema + properties: + default: + description: default parameter value + type: string + description: + description: description for the parameter + type: string + example: + description: example value for the parameter + type: string + name: + description: unique parameter name + type: string + pattern: + description: regular expression to match + type: string + required: + description: whether parameter is required + type: boolean + type: object + required: + - name + description: webhook parameters + type: array payloadObjectField: description: will load the generated payload for notification inside the object @@ -98,9 +156,15 @@ spec: description: Uri is address where webhook should be made (golang template supported) type: string - disabled: - description: disable the webhook - type: boolean + webhookTemplateRef: + description: webhook template reference + properties: + name: + description: webhook template name to include + type: string + required: + - name + type: object type: object status: description: WebhookStatus defines the observed state of Webhook diff --git a/charts/testkube-operator/templates/executor.testkube.io_webhooktemplates.yaml b/charts/testkube-operator/templates/executor.testkube.io_webhooktemplates.yaml new file mode 100644 index 000000000..1c94b7032 --- /dev/null +++ b/charts/testkube-operator/templates/executor.testkube.io_webhooktemplates.yaml @@ -0,0 +1,176 @@ +{{- if .Values.installCRD }} +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: webhooktemplates.executor.testkube.io +spec: + group: executor.testkube.io + names: + kind: WebhookTemplate + listKind: WebhookTemplateList + plural: webhooktemplates + singular: webhooktemplate + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: WebhookTemplate is the Schema for the webhook templates API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: WebhookTemplateSpec defines the desired state of Webhook + Template + properties: + config: + additionalProperties: + description: webhook configuration value + properties: + secret: + description: private value stored in secret to use in webhook + template + properties: + key: + description: object key + type: string + name: + description: object name + type: string + namespace: + description: object kubernetes namespace + type: string + required: + - key + - name + type: object + value: + description: public value to use in webhook template + type: string + type: object + description: webhook configuration + type: object + disabled: + description: Disabled will disable the webhook + type: boolean + events: + description: Events declare list if events on which webhook should + be called + items: + enum: + - start-test + - end-test-success + - end-test-failed + - end-test-aborted + - end-test-timeout + - become-test-up + - become-test-down + - become-test-failed + - become-test-aborted + - become-test-timeout + - start-testsuite + - end-testsuite-success + - end-testsuite-failed + - end-testsuite-aborted + - end-testsuite-timeout + - become-testsuite-up + - become-testsuite-down + - become-testsuite-failed + - become-testsuite-aborted + - become-testsuite-timeout + - start-testworkflow + - queue-testworkflow + - end-testworkflow-success + - end-testworkflow-failed + - end-testworkflow-aborted + - become-testworkflow-up + - become-testworkflow-down + - become-testworkflow-failed + - become-testworkflow-aborted + type: string + type: array + headers: + additionalProperties: + type: string + description: webhook headers (golang template supported) + type: object + parameters: + description: webhook parameters + items: + description: webhook parameter schema + properties: + default: + description: default parameter value + type: string + description: + description: description for the parameter + type: string + example: + description: example value for the parameter + type: string + name: + description: unique parameter name + type: string + pattern: + description: regular expression to match + type: string + required: + description: whether parameter is required + type: boolean + type: object + required: + - name + description: webhook parameters + type: array + payloadObjectField: + description: will load the generated payload for notification inside + the object + type: string + payloadTemplate: + description: golang based template for notification payload + type: string + payloadTemplateReference: + description: name of the template resource + type: string + selector: + description: Labels to filter for tests and test suites + type: string + uri: + description: Uri is address where webhook should be made (golang template + supported) + type: string + type: object + status: + description: WebhookTemplateStatus defines the observed state of Webhook + Template + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +{{- end }} diff --git a/charts/testkube-operator/templates/role.yaml b/charts/testkube-operator/templates/role.yaml index a02049667..f1a822a65 100644 --- a/charts/testkube-operator/templates/role.yaml +++ b/charts/testkube-operator/templates/role.yaml @@ -144,6 +144,32 @@ rules: - get - patch - update +- apiGroups: + - executor.testkube.io + resources: + - webhooktemplates + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - executor.testkube.io + resources: + - webhooktemplates/finalizers + verbs: + - update +- apiGroups: + - executor.testkube.io + resources: + - webhooktemplates/status + verbs: + - get + - patch + - update - apiGroups: - tests.testkube.io resources: