Skip to content

Commit

Permalink
chore: migrate more kuttl tests to chainsaw
Browse files Browse the repository at this point in the history
Signed-off-by: Charles-Edouard Brétéché <[email protected]>
  • Loading branch information
eddycharly committed Dec 4, 2023
1 parent 173186e commit e3c2f30
Show file tree
Hide file tree
Showing 230 changed files with 1,128 additions and 678 deletions.
8 changes: 4 additions & 4 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -51,8 +51,8 @@ jobs:
- other/rec-req
- other/res
- other/s-z
- pod-security
- pod-security-cel
# - pod-security
# - pod-security-cel
- psa
- psp-migration
# - tekton
Expand Down Expand Up @@ -126,8 +126,8 @@ jobs:
# - other/rec-req
# - other/res
# - other/s-z
# - pod-security
# - pod-security-cel
- pod-security
- pod-security-cel
# - psa
# - psp-migration
# - tekton
Expand Down
File renamed without changes.
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
creationTimestamp: null
name: disallow-capabilities
spec:
steps:
- name: step-01
try:
- script:
content: |
sed 's/validationFailureAction: Audit/validationFailureAction: Enforce/' ../disallow-capabilities.yaml | kubectl create -f -
- assert:
file: chainsaw-step-01-assert-1.yaml
- name: step-02
try:
- apply:
file: ../../../../pod-security/baseline/disallow-capabilities/.chainsaw-test/pod-good.yaml
- apply:
expect:
- check:
($error != null): true
file: ../../../../pod-security/baseline/disallow-capabilities/.chainsaw-test/pod-bad.yaml
- apply:
file: ../../../../pod-security/baseline/disallow-capabilities/.chainsaw-test/podcontroller-good.yaml
- apply:
expect:
- check:
($error != null): true
file: ../../../../pod-security/baseline/disallow-capabilities/.chainsaw-test/podcontroller-bad.yaml
- name: step-99
try:
- delete:
ref:
apiVersion: kyverno.io/v1
kind: ClusterPolicy
name: disallow-capabilities

This file was deleted.

11 changes: 0 additions & 11 deletions pod-security-cel/baseline/disallow-capabilities/02-manifests.yaml

This file was deleted.

This file was deleted.

File renamed without changes.
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
creationTimestamp: null
name: disallow-host-namespaces
spec:
steps:
- name: step-01
try:
- script:
content: |
sed 's/validationFailureAction: Audit/validationFailureAction: Enforce/' ../disallow-host-namespaces.yaml | kubectl create -f -
- assert:
file: chainsaw-step-01-assert-1.yaml
- name: step-02
try:
- apply:
file: ../../../../pod-security/baseline/disallow-host-namespaces/.chainsaw-test/pod-good.yaml
- apply:
expect:
- check:
($error != null): true
file: ../../../../pod-security/baseline/disallow-host-namespaces/.chainsaw-test/pod-bad.yaml
- apply:
file: ../../../../pod-security/baseline/disallow-host-namespaces/.chainsaw-test/podcontroller-good.yaml
- apply:
expect:
- check:
($error != null): true
file: ../../../../pod-security/baseline/disallow-host-namespaces/.chainsaw-test/podcontroller-bad.yaml
- name: step-99
try:
- delete:
ref:
apiVersion: kyverno.io/v1
kind: ClusterPolicy
name: disallow-host-namespaces

This file was deleted.

This file was deleted.

This file was deleted.

File renamed without changes.
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
creationTimestamp: null
name: disallow-host-path
spec:
steps:
- name: step-01
try:
- script:
content: |
sed 's/validationFailureAction: Audit/validationFailureAction: Enforce/' ../disallow-host-path.yaml | kubectl create -f -
- assert:
file: chainsaw-step-01-assert-1.yaml
- name: step-02
try:
- apply:
file: ../../../../pod-security/baseline/disallow-host-path/.chainsaw-test/pod-good.yaml
- apply:
expect:
- check:
($error != null): true
file: ../../../../pod-security/baseline/disallow-host-path/.chainsaw-test/pod-bad.yaml
- apply:
file: ../../../../pod-security/baseline/disallow-host-path/.chainsaw-test/podcontroller-good.yaml
- apply:
expect:
- check:
($error != null): true
file: ../../../../pod-security/baseline/disallow-host-path/.chainsaw-test/podcontroller-bad.yaml
- name: step-99
try:
- delete:
ref:
apiVersion: kyverno.io/v1
kind: ClusterPolicy
name: disallow-host-path
5 changes: 0 additions & 5 deletions pod-security-cel/baseline/disallow-host-path/01-enforce.yaml

This file was deleted.

11 changes: 0 additions & 11 deletions pod-security-cel/baseline/disallow-host-path/02-manifests.yaml

This file was deleted.

6 changes: 0 additions & 6 deletions pod-security-cel/baseline/disallow-host-path/99-delete.yaml

This file was deleted.

File renamed without changes.
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
creationTimestamp: null
name: disallow-host-ports-range
spec:
steps:
- name: step-01
try:
- script:
content: |
sed 's/validationFailureAction: Audit/validationFailureAction: Enforce/' ../disallow-host-ports-range.yaml | kubectl create -f -
- assert:
file: chainsaw-step-01-assert-1.yaml
- name: step-02
try:
- apply:
file: ../../../../pod-security/baseline/disallow-host-ports-range/.chainsaw-test/pod-good.yaml
- apply:
expect:
- check:
($error != null): true
file: ../../../../pod-security/baseline/disallow-host-ports-range/.chainsaw-test/pod-bad.yaml
- apply:
file: ../../../../pod-security/baseline/disallow-host-ports-range/.chainsaw-test/podcontroller-good.yaml
- apply:
expect:
- check:
($error != null): true
file: ../../../../pod-security/baseline/disallow-host-ports-range/.chainsaw-test/podcontroller-bad.yaml
- name: step-99
try:
- delete:
ref:
apiVersion: kyverno.io/v1
kind: ClusterPolicy
name: disallow-host-ports-range

This file was deleted.

This file was deleted.

This file was deleted.

File renamed without changes.
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
creationTimestamp: null
name: disallow-host-ports
spec:
steps:
- name: step-01
try:
- script:
content: |
sed 's/validationFailureAction: Audit/validationFailureAction: Enforce/' ../disallow-host-ports.yaml | kubectl create -f -
- assert:
file: chainsaw-step-01-assert-1.yaml
- name: step-02
try:
- apply:
file: ../../../../pod-security/baseline/disallow-host-ports/.chainsaw-test/pod-good.yaml
- apply:
expect:
- check:
($error != null): true
file: ../../../../pod-security/baseline/disallow-host-ports/.chainsaw-test/pod-bad.yaml
- apply:
file: ../../../../pod-security/baseline/disallow-host-ports/.chainsaw-test/podcontroller-good.yaml
- apply:
expect:
- check:
($error != null): true
file: ../../../../pod-security/baseline/disallow-host-ports/.chainsaw-test/podcontroller-bad.yaml
- name: step-99
try:
- delete:
ref:
apiVersion: kyverno.io/v1
kind: ClusterPolicy
name: disallow-host-ports
5 changes: 0 additions & 5 deletions pod-security-cel/baseline/disallow-host-ports/01-enforce.yaml

This file was deleted.

11 changes: 0 additions & 11 deletions pod-security-cel/baseline/disallow-host-ports/02-manifests.yaml

This file was deleted.

6 changes: 0 additions & 6 deletions pod-security-cel/baseline/disallow-host-ports/99-delete.yaml

This file was deleted.

File renamed without changes.
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
creationTimestamp: null
name: disallow-host-process
spec:
steps:
- name: step-01
try:
- script:
content: |
sed 's/validationFailureAction: Audit/validationFailureAction: Enforce/' ../disallow-host-process.yaml | kubectl create -f -
- assert:
file: chainsaw-step-01-assert-1.yaml
- name: step-02
try:
- apply:
file: ../../../../pod-security/baseline/disallow-host-process/.chainsaw-test/pod-good.yaml
- apply:
expect:
- check:
($error != null): true
file: ../../../../pod-security/baseline/disallow-host-process/.chainsaw-test/pod-bad.yaml
- apply:
file: ../../../../pod-security/baseline/disallow-host-process/.chainsaw-test/podcontroller-good.yaml
- apply:
expect:
- check:
($error != null): true
file: ../../../../pod-security/baseline/disallow-host-process/.chainsaw-test/podcontroller-bad.yaml
- name: step-99
try:
- delete:
ref:
apiVersion: kyverno.io/v1
kind: ClusterPolicy
name: disallow-host-process

This file was deleted.

11 changes: 0 additions & 11 deletions pod-security-cel/baseline/disallow-host-process/02-manifests.yaml

This file was deleted.

Loading

0 comments on commit e3c2f30

Please sign in to comment.