Merge pull request #206 from hubwoop/main

adds tests for require_unique_uid_per_workload policy

other/require_unique_uid_per_workload/resource.yaml

@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  labels:
+    app: server
+  name: already-taken-user
+spec:
+  containers:
+  - image: nginxinc/nginx-unprivileged
+    name: already-taken-user
+    securityContext:
+      runAsUser: 1337
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  labels:
+    app: server
+  name: free-user
+spec:
+  containers:
+  - image: nginxinc/nginx-unprivileged
+    name: free-user
+    securityContext:
+      runAsUser: 42

other/require_unique_uid_per_workload/test.yaml

@@ -0,0 +1,17 @@
+name: require_unique_uid_per_workload
+policies:
+  -  require_unique_uid_per_workload.yaml
+resources:
+  -  resource.yaml
+variables: variables.yaml
+results:
+  - policy: require-unique-uid-per-workload
+    rule: require-unique-uid
+    resource: already-taken-user
+    kind: Pod
+    result: fail
+  - policy: require-unique-uid-per-workload
+    rule: require-unique-uid
+    resource: free-user
+    kind: Pod
+    result: pass

other/require_unique_uid_per_workload/variables.yaml

@@ -0,0 +1,8 @@
+globalValues:
+  request.operation: CREATE
+policies:
+  - name: require-unique-uid-per-workload
+    rules:
+    - name: require-unique-uid
+      values:
+        uidsAllPodsExceptSameOwnerAsRequestObject: "[\"1337\"]"