From de9beccd229f5ad651bfdad7cb332ccf86568bdb Mon Sep 17 00:00:00 2001
From: Iain Sproat <68657+iainsproat@users.noreply.github.com>
Date: Wed, 2 Nov 2022 17:16:53 +0000
Subject: [PATCH] Helm test is deployed as a job (#1174)

- this allows it to be identified in alerting more easily
---
 .../templates/tests/deployment.yml            | 78 ++++++++++---------
 1 file changed, 41 insertions(+), 37 deletions(-)

diff --git a/utils/helm/speckle-server/templates/tests/deployment.yml b/utils/helm/speckle-server/templates/tests/deployment.yml
index e29205717..25b977c26 100644
--- a/utils/helm/speckle-server/templates/tests/deployment.yml
+++ b/utils/helm/speckle-server/templates/tests/deployment.yml
@@ -1,49 +1,53 @@
 {{- if .Values.helm_test_enabled }}
-apiVersion: v1
-kind: Pod
+
+apiVersion: batch/v1
+kind: Job
 metadata:
-  name: "speckle-test-deployment"
+  name: "speckle-test"
   namespace: {{ .Values.namespace }}
   annotations:
-    "helm.sh/hook": test
+    helm.sh/hook: test
   labels:
 {{ include "test.labels" . | indent 4 }}
 spec:
-  containers:
-    - name: test-deployment
-      image: speckle/speckle-test-deployment:{{ .Values.docker_image_tag }}
-      env:
-        - name: SPECKLE_SERVER
-          value: https://{{ .Values.domain }}
-        - name: SERVER_VERSION
-          value: {{ .Values.docker_image_tag }}
-      resources:
-        requests:
-          cpu: {{ .Values.test.requests.cpu }}
-          memory: {{ .Values.test.requests.memory }}
-        limits:
-          cpu: {{ .Values.test.limits.cpu }}
-          memory: {{ .Values.test.limits.memory }}
+  backoffLimit: 1
+  parallelism: 1
+  completions: 1
+  template:
+    spec:
+      containers:
+        - name: test-deployment
+          image: speckle/speckle-test-deployment:{{ .Values.docker_image_tag }}
+          env:
+            - name: SPECKLE_SERVER
+              value: https://{{ .Values.domain }}
+            - name: SERVER_VERSION
+              value: {{ .Values.docker_image_tag }}
+          resources:
+            requests:
+              cpu: {{ .Values.test.requests.cpu }}
+              memory: {{ .Values.test.requests.memory }}
+            limits:
+              cpu: {{ .Values.test.limits.cpu }}
+              memory: {{ .Values.test.limits.memory }}
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsNonRoot: true
+            runAsUser: 20000
+      restartPolicy: Never
       securityContext:
-        allowPrivilegeEscalation: false
-        capabilities:
-          drop:
-            - ALL
-        privileged: false
-        readOnlyRootFilesystem: true
         runAsNonRoot: true
         runAsUser: 20000
+        runAsGroup: 30000
+        seccompProfile:
+          type: RuntimeDefault
 
-  restartPolicy: Never
-
-  securityContext:
-    runAsNonRoot: true
-    runAsUser: 20000
-    runAsGroup: 30000
-    seccompProfile:
-      type: RuntimeDefault
-
-  {{- if .Values.test.serviceAccount.create }}
-  serviceAccountName: {{ include "test.name" $ }}
-  {{- end }}
+      {{- if .Values.test.serviceAccount.create }}
+      serviceAccountName: {{ include "test.name" $ }}
+      {{- end }}
 {{- end }}