Add helm-unittest suites and CI for kafka-ui chart

.github/workflows/helm.yaml

@@ -7,6 +7,19 @@ on:
   paths:
    - "charts/**"
 jobs:
+  unit-test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Helm tool installer
+        uses: Azure/setup-helm@v3
+
+      - name: Install helm-unittest plugin
+        run: helm plugin install https://github.com/helm-unittest/helm-unittest
+
+      - name: Run helm unit tests
+        run: helm unittest charts/kafka-ui
+
   build-and-test:
     runs-on: ubuntu-latest
     steps:

charts/kafka-ui/Chart.yaml

@@ -2,6 +2,6 @@ apiVersion: v2
 name: kafka-ui
 description: A Helm chart for kafka-UI
 type: application
-version: 1.6.4
+version: 1.6.6
 appVersion: v1.5.0
 icon: https://raw.githubusercontent.com/kafbat/kafka-ui/main/documentation/images/logo_new.png

charts/kafka-ui/tests/README.md

@@ -0,0 +1,57 @@
+# Chart unit tests
+
+These suites use [`helm-unittest`](https://github.com/helm-unittest/helm-unittest)
+to render the chart's templates and assert on the resulting manifests. They run
+in milliseconds, need no Kubernetes cluster, and catch template regressions
+(missing fields, broken conditionals, failed `fail`/`required` guards) before a
+change is ever applied.
+
+## Running locally
+
+Install the plugin once:
+
+```bash
+helm plugin install https://github.com/helm-unittest/helm-unittest
+```
+
+Then run the suites from the repository root:
+
+```bash
+helm unittest charts/kafka-ui
+```
+
+## Layout
+
+One suite per template, named `<template>_test.yaml`:
+
+| Suite | Template under test | Highlights |
+|-------|---------------------|------------|
+| `ingress_test.yaml`    | `ingress.yaml`    | API version selection, TLS, ingressClassName, templated host |
+| `service_test.yaml`    | `service.yaml`    | type/port, NodePort/LoadBalancer specifics, selector labels |
+| `deployment_test.yaml` | `deployment.yaml` | replicas vs. autoscaling, image reference, probes, env wiring |
+| `notes_test.yaml`      | `NOTES.txt`       | ClusterIP port-forward fallback |
+
+## Adding tests for a new feature
+
+When you add or change a template, add or update the matching `*_test.yaml`
+suite in the same PR. A good suite covers:
+
+1. **Does not render when disabled** — the feature's `enabled: false` path.
+2. **Renders correctly when enabled** — kind, apiVersion, name, namespace.
+3. **Each configurable knob** — one assertion per value that changes output.
+4. **Guards** — every `fail`/`required` is exercised with `failedTemplate`
+   so a misconfiguration is a red test, not a red CI render.
+
+### Notes for templates that `include` siblings
+
+`deployment.yaml` builds checksum annotations by `include`-ing `configmap.yaml`,
+`configmap_fromValues.yaml` and `secret.yaml`. Those templates must be listed
+under `templates:` so the includes resolve, and each test uses a
+`documentSelector` with `skipEmptyTemplates: true` to assert against the
+Deployment document while ignoring the (often empty) configmap/secret renders.
+
+### Notes for `NOTES.txt`
+
+`NOTES.txt` is plain text, not a manifest, so use the raw assertions
+(`matchRegexRaw`, `equalRaw`) which operate on the rendered text directly
+instead of a YAML `path`.

charts/kafka-ui/tests/deployment_test.yaml

@@ -0,0 +1,172 @@
+suite: Deployment
+
+# deployment.yaml computes checksum annotations by include-ing configmap.yaml,
+# configmap_fromValues.yaml and secret.yaml, so those templates must be loaded
+# for the suite to render. Those three emit no documents under most of these
+# cases, so each test selects the Deployment document and skips empty templates.
+templates:
+  - deployment.yaml
+  - configmap.yaml
+  - configmap_fromValues.yaml
+  - secret.yaml
+
+tests:
+  - it: renders a Deployment with the fullname and release namespace
+    release:
+      name: kafka-ui
+      namespace: kafka
+    documentSelector:
+      path: kind
+      value: Deployment
+      skipEmptyTemplates: true
+    asserts:
+      - isKind:
+          of: Deployment
+      - isAPIVersion:
+          of: apps/v1
+      - equal:
+          path: metadata.name
+          value: kafka-ui
+      - equal:
+          path: metadata.namespace
+          value: kafka
+
+  - it: sets replicas from replicaCount when autoscaling is disabled
+    set:
+      replicaCount: 3
+      autoscaling:
+        enabled: false
+    documentSelector:
+      path: kind
+      value: Deployment
+      skipEmptyTemplates: true
+    asserts:
+      - equal:
+          path: spec.replicas
+          value: 3
+
+  - it: omits replicas when autoscaling is enabled
+    set:
+      autoscaling:
+        enabled: true
+    documentSelector:
+      path: kind
+      value: Deployment
+      skipEmptyTemplates: true
+    asserts:
+      - notExists:
+          path: spec.replicas
+
+  - it: builds the image reference from registry, repository and appVersion
+    chart:
+      appVersion: v1.5.0
+    documentSelector:
+      path: kind
+      value: Deployment
+      skipEmptyTemplates: true
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].image
+          value: ghcr.io/kafbat/kafka-ui:v1.5.0
+
+  - it: allows the image tag to be overridden
+    set:
+      image:
+        tag: v1.4.0
+    documentSelector:
+      path: kind
+      value: Deployment
+      skipEmptyTemplates: true
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].image
+          value: ghcr.io/kafbat/kafka-ui:v1.4.0
+
+  - it: honours a global imageRegistry override
+    set:
+      global:
+        imageRegistry: my-mirror.example.com
+      image:
+        tag: v1.5.0
+    documentSelector:
+      path: kind
+      value: Deployment
+      skipEmptyTemplates: true
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].image
+          value: my-mirror.example.com/kafbat/kafka-ui:v1.5.0
+
+  - it: exposes the http container port 8080
+    documentSelector:
+      path: kind
+      value: Deployment
+      skipEmptyTemplates: true
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[0].ports[0].name
+          value: http
+      - equal:
+          path: spec.template.spec.containers[0].ports[0].containerPort
+          value: 8080
+
+  - it: wires the service account name
+    release:
+      name: kafka-ui
+    set:
+      serviceAccount:
+        create: true
+    documentSelector:
+      path: kind
+      value: Deployment
+      skipEmptyTemplates: true
+    asserts:
+      - equal:
+          path: spec.template.spec.serviceAccountName
+          value: kafka-ui
+
+  - it: defines liveness, readiness and startup probes
+    documentSelector:
+      path: kind
+      value: Deployment
+      skipEmptyTemplates: true
+    asserts:
+      - exists:
+          path: spec.template.spec.containers[0].livenessProbe
+      - exists:
+          path: spec.template.spec.containers[0].readinessProbe
+      - exists:
+          path: spec.template.spec.containers[0].startupProbe
+
+  - it: renders env entries supplied via env
+    set:
+      env:
+        - name: MY_VAR
+          value: my-value
+    documentSelector:
+      path: kind
+      value: Deployment
+      skipEmptyTemplates: true
+    asserts:
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: MY_VAR
+            value: my-value
+
+  - it: sets the config additional-location env when yamlApplicationConfig is set
+    set:
+      yamlApplicationConfig:
+        kafka:
+          clusters:
+            - name: local
+    documentSelector:
+      path: kind
+      value: Deployment
+      skipEmptyTemplates: true
+    asserts:
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: SPRING_CONFIG_ADDITIONAL-LOCATION
+            value: /kafka-ui/config.yml