kyverno/pkg/testrunner/testrunner_test.go

package testrunner

import "testing"

func Test_Mutate_EndPoint(t *testing.T) {
	testScenario(t, "/test/scenarios/test/scenario_mutate_endPpoint.yaml")
}

func Test_Mutate_imagePullPolicy(t *testing.T) {
	testScenario(t, "/test/scenarios/test/scenario_mutate_imagePullPolicy.yaml")
}

func Test_Mutate_Validate_qos(t *testing.T) {
	testScenario(t, "/test/scenarios/test/scenario_mutate_validate_qos.yaml")
}

func Test_validate_containerSecurityContext(t *testing.T) {
	testScenario(t, "/test/scenarios/test/scenario_validate_containerSecurityContext.yaml")
}

func Test_validate_deny_runasrootuser(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_deny_runasrootuser.yaml")
}

func Test_validate_disallow_priviledgedprivelegesecalation(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_container_disallow_priviledgedprivelegesecalation.yaml")
}

func Test_validate_healthChecks(t *testing.T) {
	testScenario(t, "/test/scenarios/test/scenario_validate_healthChecks.yaml")
}

func Test_validate_imageRegistries(t *testing.T) {
	testScenario(t, "/test/scenarios/test/scenario_validate_imageRegistries.yaml")
}

func Test_validate_nonRootUsers(t *testing.T) {
	testScenario(t, "/test/scenarios/test/scenario_validate_nonRootUser.yaml")
}

func Test_generate_networkPolicy(t *testing.T) {
	testScenario(t, "/test/scenarios/test/scenario_generate_networkPolicy.yaml")
}

// namespace is blank, not "default" as testrunner evaulates the policyengine, but the "default" is added by kubeapiserver
func Test_validate_image_latest_ifnotpresent_deny(t *testing.T) {
	testScenario(t, "/test/scenarios/test/scenario_validate_image_latest_ifnotpresent_deny.yaml")

}

func Test_validate_image_latest_ifnotpresent_pass(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_image_latest_ifnotpresent_pass.yaml")
}

func Test_validate_image_tag_notspecified_deny(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_image_tag_notspecified_deny.yaml")
}

func Test_validate_image_tag_notspecified_pass(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_image_tag_notspecified_pass.yaml")
}

func Test_validate_image_pullpolicy_notalways_deny(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_image_pullpolicy_notalways_deny.yaml")
}

func Test_validate_image_pullpolicy_notalways_pass(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_image_pullpolicy_notalways_pass.yaml")
}

func Test_validate_image_tag_latest_deny(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_image_tag_latest_deny.yaml")
}

func Test_validate_image_tag_latest_pass(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_image_tag_latest_pass.yaml")
}

func Test_mutate_pod_disable_automoutingapicred_pass(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_mutate_pod_disable_automountingapicred.yaml")
}

func Test_validate_default_namespace(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_default_namespace.yaml")
}

func Test_validate_host_path(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_host_path.yaml")
}

func Test_validate_host_network_port(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_host_network_port.yaml")
}

func Test_validate_hostPID_hostIPC(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_hostpid_hostipc.yaml")
}

func Test_validate_not_readonly_rootfilesystem(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_not_readonly_rootfilesystem.yaml")
}

func Test_validate_namespace_quota(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_namespace_quota.yaml")
}

func Test_validate_disallow_node_port(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_disallow_node_port.yaml")
}

func Test_validate_disallow_default_serviceaccount(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_disallow_default_serviceaccount.yaml")
}

func Test_validate_fsgroup(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_fsgroup.yaml")
}

func Test_validate_selinux_context(t *testing.T) {
	testScenario(t, "test/scenarios/test/scenario_validate_selinux_context.yaml")
}
rework the framework 2019-06-17 18:11:22 -07:00			`package testrunner`

			`import "testing"`

add success tests for validation & mutation 2019-08-29 18:48:58 -07:00			`func Test_Mutate_EndPoint(t *testing.T) {`
			`testScenario(t, "/test/scenarios/test/scenario_mutate_endPpoint.yaml")`
			`}`

			`func Test_Mutate_imagePullPolicy(t *testing.T) {`
			`testScenario(t, "/test/scenarios/test/scenario_mutate_imagePullPolicy.yaml")`
			`}`

			`func Test_Mutate_Validate_qos(t *testing.T) {`
			`testScenario(t, "/test/scenarios/test/scenario_mutate_validate_qos.yaml")`
			`}`
add validate helper functions 2019-08-29 11:44:50 -07:00
add success tests for validation & mutation 2019-08-29 18:48:58 -07:00			`func Test_validate_containerSecurityContext(t *testing.T) {`
			`testScenario(t, "/test/scenarios/test/scenario_validate_containerSecurityContext.yaml")`
refactor testrunner framework 2019-07-01 12:16:12 -07:00			`}`
add success tests for validation & mutation 2019-08-29 18:48:58 -07:00
Merge branch 'best_practice_policies' of https://github.com/nirmata/kyverno into best_practice_policies # Conflicts: # examples/best_practices/policy_validate_container_disallow_priviledgedprivelegesecalation.yaml # examples/best_practices/policy_validate_container_security_context.yaml # examples/best_practices/validate_container_security_context.yaml 2019-09-09 10:36:56 -07:00			`func Test_validate_deny_runasrootuser(t *testing.T) {`
add disallow_priviledgedprivelegesecalation test runner 2019-09-09 10:56:19 -07:00			`testScenario(t, "test/scenarios/test/scenario_validate_deny_runasrootuser.yaml")`
			`}`

			`func Test_validate_disallow_priviledgedprivelegesecalation(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_container_disallow_priviledgedprivelegesecalation.yaml")`
update testrunner for examples/best_practices/policy_validate_container_security_context.yaml 2019-09-06 18:54:19 -07:00			`}`

add success tests for validation & mutation 2019-08-29 18:48:58 -07:00			`func Test_validate_healthChecks(t *testing.T) {`
			`testScenario(t, "/test/scenarios/test/scenario_validate_healthChecks.yaml")`
			`}`

			`func Test_validate_imageRegistries(t *testing.T) {`
			`testScenario(t, "/test/scenarios/test/scenario_validate_imageRegistries.yaml")`
			`}`

			`func Test_validate_nonRootUsers(t *testing.T) {`
			`testScenario(t, "/test/scenarios/test/scenario_validate_nonRootUser.yaml")`
			`}`

fixes + support generate policies 2019-08-30 14:06:47 -07:00			`func Test_generate_networkPolicy(t *testing.T) {`
			`testScenario(t, "/test/scenarios/test/scenario_generate_networkPolicy.yaml")`
			`}`
add policies 2019-09-06 10:03:24 -07:00
			`// namespace is blank, not "default" as testrunner evaulates the policyengine, but the "default" is added by kubeapiserver`
			`func Test_validate_image_latest_ifnotpresent_deny(t *testing.T) {`
			`testScenario(t, "/test/scenarios/test/scenario_validate_image_latest_ifnotpresent_deny.yaml")`

			`}`

			`func Test_validate_image_latest_ifnotpresent_pass(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_image_latest_ifnotpresent_pass.yaml")`
			`}`

			`func Test_validate_image_tag_notspecified_deny(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_image_tag_notspecified_deny.yaml")`
			`}`

			`func Test_validate_image_tag_notspecified_pass(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_image_tag_notspecified_pass.yaml")`
			`}`

			`func Test_validate_image_pullpolicy_notalways_deny(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_image_pullpolicy_notalways_deny.yaml")`
			`}`

			`func Test_validate_image_pullpolicy_notalways_pass(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_image_pullpolicy_notalways_pass.yaml")`
			`}`

			`func Test_validate_image_tag_latest_deny(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_image_tag_latest_deny.yaml")`
			`}`

			`func Test_validate_image_tag_latest_pass(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_image_tag_latest_pass.yaml")`
			`}`

			`func Test_mutate_pod_disable_automoutingapicred_pass(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_mutate_pod_disable_automountingapicred.yaml")`
			`}`
add validate_namespace test runner 2019-09-09 14:33:55 -07:00
			`func Test_validate_default_namespace(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_default_namespace.yaml")`
			`}`
add validate_hostpath testrunner 2019-09-09 15:06:54 -07:00
			`func Test_validate_host_path(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_host_path.yaml")`
			`}`
update testrunner, unit test for validate_host_network_port 2019-09-09 16:08:15 -07:00
			`func Test_validate_host_network_port(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_host_network_port.yaml")`
			`}`
add policy_validate_hostPID_hosIPC.yaml 2019-09-09 17:34:25 -07:00
			`func Test_validate_hostPID_hostIPC(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_hostpid_hostipc.yaml")`
			`}`
add policy_validate_not_readonly_rootfilesystem.yaml 2019-09-09 18:13:38 -07:00
			`func Test_validate_not_readonly_rootfilesystem(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_not_readonly_rootfilesystem.yaml")`
			`}`
add resource_quota testrunner 2019-09-09 23:55:14 -07:00
add namespace_quota testrunner 2019-09-10 12:27:21 -07:00			`func Test_validate_namespace_quota(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_namespace_quota.yaml")`
			`}`
add policy_validate_disallow_node_port.yaml 2019-09-10 11:57:33 -07:00
			`func Test_validate_disallow_node_port(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_disallow_node_port.yaml")`
			`}`
add best-practice: policy_validate_disallow_default_serviceaccount 2019-09-16 14:16:54 -07:00
			`func Test_validate_disallow_default_serviceaccount(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_disallow_default_serviceaccount.yaml")`
			`}`
add security context "fsgroup" 2019-10-04 16:50:23 -07:00
			`func Test_validate_fsgroup(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_fsgroup.yaml")`
			`}`
add selinux best practice 2019-10-04 17:28:42 -07:00
			`func Test_validate_selinux_context(t *testing.T) {`
			`testScenario(t, "test/scenarios/test/scenario_validate_selinux_context.yaml")`
			`}`