From d187da176d95c6b756559990816588ad8d677f36 Mon Sep 17 00:00:00 2001
From: Marco Ebert <marco_ebert@icloud.com>
Date: Tue, 24 Sep 2024 14:02:41 +0200
Subject: [PATCH] Chart: Add missing constraints and tests. (#863)

---
 helm/cluster-aws/README.md                  |  2 +-
 helm/cluster-aws/ci/test-auditd-values.yaml | 21 +++++++++++++++++++++
 helm/cluster-aws/values.schema.json         |  5 ++++-
 helm/cluster-aws/values.yaml                |  1 +
 4 files changed, 27 insertions(+), 2 deletions(-)
 create mode 100644 helm/cluster-aws/ci/test-auditd-values.yaml

diff --git a/helm/cluster-aws/README.md b/helm/cluster-aws/README.md
index 46844e89..da3548c8 100644
--- a/helm/cluster-aws/README.md
+++ b/helm/cluster-aws/README.md
@@ -287,7 +287,7 @@ Properties within the `.global.connectivity` object
 | `global.connectivity.network.pods` | **Pods**|**Type:** `object`<br/>|
 | `global.connectivity.network.pods.cidrBlocks` | **Pod subnets** - CIDR blocks used for pods. Right now, only one block is supported.<br/><br/>**Note if you use `global.connectivity.cilium.ipamMode=eni` (https://docs.cilium.io/en/latest/network/concepts/ipam/eni/#ipam-eni):** this will be associated as secondary VPC CIDR. Therefore, only sizes /16 to /28 sizes are possible (see https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html). And `global.connectivity.eniModePodSubnets` must be a valid split of the CIDR you chose here – we recommend setting `10.1.0.0/16` here for ENI mode because the default values for `global.connectivity.eniModePodSubnets` match that CIDR.|**Type:** `array`<br/>**Default:** `["100.64.0.0/12"]`|
 | `global.connectivity.network.pods.cidrBlocks[*]` | **Pod subnet** - IPv4 address range for pods, in CIDR notation.|**Type:** `string`<br/>**Example:** `"10.244.0.0/16"`<br/>|
-| `global.connectivity.network.pods.nodeCidrMaskSize` | **Node CIDR mask size** - The size of the mask that is used for the node CIDR. The node CIDR is a sub-range of the pod CIDR and so the mask size and pod CIDR must be chosen such that there is enough space for the maximum number of nodes in the cluster.|**Type:** `integer`<br/>|
+| `global.connectivity.network.pods.nodeCidrMaskSize` | **Node CIDR mask size** - The size of the mask that is used for the node CIDR. The node CIDR is a sub-range of the pod CIDR and so the mask size and pod CIDR must be chosen such that there is enough space for the maximum number of nodes in the cluster.|**Type:** `integer`<br/>**Default:** `24`|
 | `global.connectivity.network.services` | **Services**|**Type:** `object`<br/>|
 | `global.connectivity.network.services.cidrBlocks` | **K8s Service subnets**|**Type:** `array`<br/>**Default:** `["172.31.0.0/16"]`|
 | `global.connectivity.network.services.cidrBlocks[*]` | **Service subnet** - IPv4 address range for kubernetes services, in CIDR notation.|**Type:** `string`<br/>**Example:** `"172.31.0.0/16"`<br/>|
diff --git a/helm/cluster-aws/ci/test-auditd-values.yaml b/helm/cluster-aws/ci/test-auditd-values.yaml
new file mode 100644
index 00000000..663ace62
--- /dev/null
+++ b/helm/cluster-aws/ci/test-auditd-values.yaml
@@ -0,0 +1,21 @@
+global:
+  release:
+    version: v27.0.0-alpha.1
+  metadata:
+    name: test-wc-minimal
+    organization: test
+    servicePriority: lowest
+  components:
+    auditd:
+      enabled: true
+  connectivity:
+    baseDomain: example.com
+  providerSpecific:
+    region: "eu-west-1"
+  managementCluster: test
+
+cluster:
+  internal:
+    ephemeralConfiguration:
+      offlineTesting:
+        renderWithoutReleaseResource: true
diff --git a/helm/cluster-aws/values.schema.json b/helm/cluster-aws/values.schema.json
index 2390b69e..950ad4f0 100644
--- a/helm/cluster-aws/values.schema.json
+++ b/helm/cluster-aws/values.schema.json
@@ -1202,7 +1202,10 @@
                                         "nodeCidrMaskSize": {
                                             "type": "integer",
                                             "title": "Node CIDR mask size",
-                                            "description": "The size of the mask that is used for the node CIDR. The node CIDR is a sub-range of the pod CIDR and so the mask size and pod CIDR must be chosen such that there is enough space for the maximum number of nodes in the cluster."
+                                            "description": "The size of the mask that is used for the node CIDR. The node CIDR is a sub-range of the pod CIDR and so the mask size and pod CIDR must be chosen such that there is enough space for the maximum number of nodes in the cluster.",
+                                            "default": 24,
+                                            "maximum": 27,
+                                            "minimum": 16
                                         }
                                     }
                                 },
diff --git a/helm/cluster-aws/values.yaml b/helm/cluster-aws/values.yaml
index 5bf1ead6..0431f896 100644
--- a/helm/cluster-aws/values.yaml
+++ b/helm/cluster-aws/values.yaml
@@ -336,6 +336,7 @@ global:
       pods:
         cidrBlocks:
           - 100.64.0.0/12
+        nodeCidrMaskSize: 24
       services:
         cidrBlocks:
           - 172.31.0.0/16