From 0bb3ba7e828ce7565e8ea1e5671855eea9dc5574 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rn=20Guy=20S=C3=BC=C3=9F?= <joernguy.suess@csiro.au>
Date: Wed, 16 Jul 2025 11:06:00 +1000
Subject: [PATCH] fix: updated label match, added test

---
 .../templates/deployment.yaml                 | 11 ++-
 .../templates/tests/test-endpoints.yaml       | 92 ++++++-------------
 2 files changed, 40 insertions(+), 63 deletions(-)

diff --git a/charts/fhirflare-ig-toolkit/templates/deployment.yaml b/charts/fhirflare-ig-toolkit/templates/deployment.yaml
index 9543256..3f1eadf 100644
--- a/charts/fhirflare-ig-toolkit/templates/deployment.yaml
+++ b/charts/fhirflare-ig-toolkit/templates/deployment.yaml
@@ -10,6 +10,9 @@ spec:
   strategy:
     type: Recreate
   template:
+    metadata:
+      labels:
+        io.kompose.service: fhirflare
     spec:
       containers:
         - args:
@@ -34,4 +37,10 @@ spec:
           ports:
             - containerPort: 5000
               protocol: TCP
-      restartPolicy: Always
\ No newline at end of file
+          volumeMounts:
+            - name: logs
+              mountPath: /app/logs
+      restartPolicy: Always
+      volumes:
+        - name: logs
+          emptyDir: {}
\ No newline at end of file
diff --git a/charts/fhirflare-ig-toolkit/templates/tests/test-endpoints.yaml b/charts/fhirflare-ig-toolkit/templates/tests/test-endpoints.yaml
index 94a43cb..8c2478b 100644
--- a/charts/fhirflare-ig-toolkit/templates/tests/test-endpoints.yaml
+++ b/charts/fhirflare-ig-toolkit/templates/tests/test-endpoints.yaml
@@ -1,73 +1,41 @@
 apiVersion: v1
 kind: Pod
 metadata:
-  name: "{{ include "hapi-fhir-jpaserver.fullname" . }}-test-endpoints"
+  name: "{{ .Release.Name }}-fhirflare-test-endpoint"
   labels:
-    {{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }}
-    {{ include "hapi-fhir-jpaserver.fullname" . }}-client: "true"
+    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+    app.kubernetes.io/name: {{ .Chart.Name }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
     app.kubernetes.io/component: tests
   annotations:
     "helm.sh/hook": test
 spec:
   restartPolicy: Never
-  automountServiceAccountToken: {{ .Values.tests.automountServiceAccountToken }}
-  securityContext:
-    {{- toYaml .Values.tests.podSecurityContext | nindent 4 }}
   containers:
-    - name: test-metadata-endpoint
-      image: "{{ .Values.curl.image.registry }}/{{ .Values.curl.image.repository }}:{{ .Values.curl.image.tag }}"
-      command: ["curl", "--fail-with-body"]
-      args: ["http://{{ include "hapi-fhir-jpaserver.fullname" . }}:{{ .Values.service.port }}/fhir/metadata?_summary=true"]
-      {{- with .Values.restrictedContainerSecurityContext }}
+    - name: test-fhirflare-endpoint
+      image: curlimages/curl:8.12.1
+      command: ["curl", "--fail-with-body", "--retry", "5", "--retry-delay", "10"]
+      args: ["http://fhirflare:5000"]
       securityContext:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- if .Values.tests.resources }}
-      resources: {{- toYaml .Values.tests.resources | nindent 10 }}
-      {{- else if ne .Values.tests.resourcesPreset "none" }}
-      resources: {{- include "common.resources.preset" (dict "type" .Values.tests.resourcesPreset) | nindent 10 }}
-      {{- end }}
-      livenessProbe:
-        exec:
-          command: ["true"]
-      readinessProbe:
-        exec:
-          command: ["true"]
-    - name: test-patient-endpoint
-      image: "{{ .Values.curl.image.registry }}/{{ .Values.curl.image.repository }}:{{ .Values.curl.image.tag }}"
-      command: ["curl", "--fail-with-body"]
-      args: ["http://{{ include "hapi-fhir-jpaserver.fullname" . }}:{{ .Values.service.port }}/fhir/Patient?_count=1&_summary=true"]
-      {{- with .Values.restrictedContainerSecurityContext }}
-      securityContext:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- if .Values.tests.resources }}
-      resources: {{- toYaml .Values.tests.resources | nindent 10 }}
-      {{- else if ne .Values.tests.resourcesPreset "none" }}
-      resources: {{- include "common.resources.preset" (dict "type" .Values.tests.resourcesPreset) | nindent 10 }}
-      {{- end }}
-      livenessProbe:
-        exec:
-          command: ["true"]
-      readinessProbe:
-        exec:
-          command: ["true"]
-    - name: test-metrics-endpoint
-      image: "{{ .Values.curl.image.registry }}/{{ .Values.curl.image.repository }}:{{ .Values.curl.image.tag }}"
-      command: ["curl", "--fail-with-body"]
-      args: ["http://{{ include "hapi-fhir-jpaserver.fullname" . }}:{{ .Values.metrics.service.port }}/actuator/prometheus"]
-      {{- with .Values.restrictedContainerSecurityContext }}
-      securityContext:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-      {{- if .Values.tests.resources }}
-      resources: {{- toYaml .Values.tests.resources | nindent 10 }}
-      {{- else if ne .Values.tests.resourcesPreset "none" }}
-      resources: {{- include "common.resources.preset" (dict "type" .Values.tests.resourcesPreset) | nindent 10 }}
-      {{- end }}
-      livenessProbe:
-        exec:
-          command: ["true"]
-      readinessProbe:
-        exec:
-          command: ["true"]
+        allowPrivilegeEscalation: false
+        capabilities:
+          drop:
+          - ALL
+        privileged: false
+        readOnlyRootFilesystem: true
+        runAsGroup: 65534
+        runAsNonRoot: true
+        runAsUser: 65534
+        seccompProfile:
+          type: RuntimeDefault
+      resources:
+        limits:
+          cpu: 150m
+          ephemeral-storage: 2Gi
+          memory: 192Mi
+        requests:
+          cpu: 100m
+          ephemeral-storage: 50Mi
+          memory: 128Mi
\ No newline at end of file