suite: test certcontroller serviceaccount and secret templates: - cert-controller-serviceaccount.yaml tests: - it: should create certController ServiceAccount when certController.create, serviceAccount.create are true and webhook.certManager.enabled is false set: certController.create: true certController.serviceAccount.create: true webhook.certManager.enabled: false asserts: - containsDocument: apiVersion: v1 kind: ServiceAccount # certController.create is false - it: should not create certController ServiceAccount when certController.create is false set: certController.create: false certController.serviceAccount.create: true webhook.certManager.enabled: false asserts: - hasDocuments: count: 0 # serviceAccount.create is false - it: should not create certController ServiceAccount when serviceAccount.create is false set: certController.create: true certController.serviceAccount.create: false webhook.certManager.enabled: false asserts: - hasDocuments: count: 0 # the `not` flag - this is the inverted one - it: should not create certController ServiceAccount when webhook.certManager.enabled is true set: certController.create: true certController.serviceAccount.create: true webhook.certManager.enabled: true asserts: - hasDocuments: count: 0 - it: should create Secret when all conditions are met set: certController.metrics.listen.auth.enabled: true certController.create: true certController.serviceAccount.create: true webhook.certManager.enabled: false asserts: - hasDocuments: count: 2 - it: should not create Secret when certController.metrics.listen.auth.enabled is false set: certController.metrics.listen.auth.enabled: false certController.create: true certController.serviceAccount.create: true webhook.certManager.enabled: false asserts: - hasDocuments: count: 1 - it: should not create Secret and ServiceAccount when certController.create is false set: certController.metrics.listen.auth.enabled: true certController.create: false certController.serviceAccount.create: true webhook.certManager.enabled: false asserts: - hasDocuments: count: 0 - it: should not create Secret and ServiceAccount when certController.serviceAccount.create is false set: certController.metrics.listen.auth.enabled: true certController.create: true certController.serviceAccount.create: false webhook.certManager.enabled: false asserts: - hasDocuments: count: 0 - it: should not create Secret and ServiceAccount when webhook.certManager.enabled is true set: certController.metrics.listen.auth.enabled: true certController.create: true certController.serviceAccount.create: true webhook.certManager.enabled: true asserts: - hasDocuments: count: 0