kyverno/test/cli/test-mutate/bug-demo/patched-resource-pattern.yaml

apiVersion: v1
kind: Pod
metadata:
  name: pod1
  namespace: default
spec:
  containers:
  - image: dummy
    name: main-1
    securityContext:
      capabilities:
        drop:
        - ALL
      privileged: false
      runAsNonRoot: true
      runAsUser: 1
  - image: dummy
    name: main-2
    securityContext:
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
      privileged: false
      runAsNonRoot: false
  - image: dummy
    name: main-3
    securityContext:
      capabilities:
        drop:
        - ALL
      privileged: false
      runAsNonRoot: true
  - image: dummy
    name: main-4
    securityContext:
      capabilities:
        add:
        - SYS_ADMIN
        - FOO
        drop: []
      privileged: false
      runAsNonRoot: false
      runAsUser: 0
  - image: dummy
    name: main-5
    securityContext:
      capabilities:
        add:
        - SYS_ADMIN
        - FOO
        drop: []
      privileged: false
  - image: dummy
    name: main-6
    securityContext:
      allowPrivilegeEscalation: true
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
      privileged: false
      runAsUser: 0
  - image: dummy
    name: main-7
    securityContext:
      allowPrivilegeEscalation: true
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
      privileged: false
      runAsNonRoot: true
      runAsUser: 0
  - image: dummy
    name: main-8
    securityContext:
      allowPrivilegeEscalation: true
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
      privileged: false
      runAsNonRoot: false
      runAsUser: 1
  - image: dummy
    name: main-9
    securityContext:
      allowPrivilegeEscalation: true
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
      privileged: false
      runAsUser: 1
  - image: dummy
    name: main-10
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
      runAsNonRoot: false
      runAsUser: 0
  - image: dummy
    name: main-11
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        drop:
        - ALL
      runAsNonRoot: true
  - image: dummy
    name: main-12
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        add:
        - SYS_ADMIN
        - FOO
        drop: []
      runAsNonRoot: true
      runAsUser: 0
  - image: dummy
    name: main-13
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        add:
        - SYS_ADMIN
        - FOO
        drop: []
      runAsNonRoot: false
      runAsUser: 1
  - image: dummy
    name: main-14
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        add:
        - SYS_ADMIN
        - FOO
        drop: []
      runAsUser: 1
  - image: dummy
    name: main-15
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        add:
        - SYS_ADMIN
        - FOO
        drop: []
      runAsNonRoot: false
  - image: dummy
    name: main-16
    securityContext:
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
      runAsUser: 0
  - image: dummy
    name: main-17
    securityContext:
      allowPrivilegeEscalation: true
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
  - image: dummy
    name: main-18
    securityContext:
      allowPrivilegeEscalation: true
      capabilities:
        add:
        - SYS_ADMIN
        - FOO
        drop: []
      runAsNonRoot: true
      runAsUser: 1
  - image: dummy
    name: main-19
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
      privileged: true
      runAsNonRoot: true
      runAsUser: 1
  - image: dummy
    name: main-20
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        add:
        - SYS_ADMIN
        - FOO
        drop: []
      privileged: true
      runAsUser: 0
  - image: dummy
    name: main-21
    securityContext:
      allowPrivilegeEscalation: false
      capabilities:
        add:
        - SYS_ADMIN
        - FOO
        drop: []
      privileged: true
  - image: dummy
    name: main-22
    securityContext:
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
      privileged: true
      runAsNonRoot: true
      runAsUser: 0
  - image: dummy
    name: main-23
    securityContext:
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
      privileged: true
      runAsNonRoot: false
      runAsUser: 1
  - image: dummy
    name: main-24
    securityContext:
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
      privileged: true
      runAsUser: 1
  - image: dummy
    name: main-25
    securityContext:
      allowPrivilegeEscalation: true
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
      privileged: true
      runAsNonRoot: false
      runAsUser: 0
  - image: dummy
    name: main-26
    securityContext:
      allowPrivilegeEscalation: true
      capabilities:
        add:
        - FOO
        drop:
        - SYS_ADMIN
      privileged: true
      runAsNonRoot: false
  - image: dummy
    name: main-27
    securityContext:
      allowPrivilegeEscalation: true
      capabilities:
        add:
        - SYS_ADMIN
        - FOO
        drop: []
      privileged: true
      runAsNonRoot: true
fix: kyverno test wrongly finds 'patchedResource mismatch' due to wrong order in array (#8362) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2023-09-12 19:57:23 +02:00			`apiVersion: v1`
			`kind: Pod`
			`metadata:`
			`name: pod1`
			`namespace: default`
			`spec:`
			`containers:`
			`- image: dummy`
			`name: main-1`
			`securityContext:`
			`capabilities:`
			`drop:`
			`- ALL`
			`privileged: false`
			`runAsNonRoot: true`
			`runAsUser: 1`
			`- image: dummy`
			`name: main-2`
			`securityContext:`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`privileged: false`
			`runAsNonRoot: false`
			`- image: dummy`
			`name: main-3`
			`securityContext:`
			`capabilities:`
			`drop:`
			`- ALL`
			`privileged: false`
			`runAsNonRoot: true`
			`- image: dummy`
			`name: main-4`
			`securityContext:`
			`capabilities:`
			`add:`
			`- SYS_ADMIN`
			`- FOO`
			`drop: []`
			`privileged: false`
			`runAsNonRoot: false`
			`runAsUser: 0`
			`- image: dummy`
			`name: main-5`
			`securityContext:`
			`capabilities:`
			`add:`
			`- SYS_ADMIN`
			`- FOO`
			`drop: []`
			`privileged: false`
			`- image: dummy`
			`name: main-6`
			`securityContext:`
			`allowPrivilegeEscalation: true`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`privileged: false`
			`runAsUser: 0`
			`- image: dummy`
			`name: main-7`
			`securityContext:`
			`allowPrivilegeEscalation: true`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`privileged: false`
			`runAsNonRoot: true`
			`runAsUser: 0`
			`- image: dummy`
			`name: main-8`
			`securityContext:`
			`allowPrivilegeEscalation: true`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`privileged: false`
			`runAsNonRoot: false`
			`runAsUser: 1`
			`- image: dummy`
			`name: main-9`
			`securityContext:`
			`allowPrivilegeEscalation: true`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`privileged: false`
			`runAsUser: 1`
			`- image: dummy`
			`name: main-10`
			`securityContext:`
			`allowPrivilegeEscalation: false`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`runAsNonRoot: false`
			`runAsUser: 0`
			`- image: dummy`
			`name: main-11`
			`securityContext:`
			`allowPrivilegeEscalation: false`
			`capabilities:`
			`drop:`
			`- ALL`
			`runAsNonRoot: true`
			`- image: dummy`
			`name: main-12`
			`securityContext:`
			`allowPrivilegeEscalation: false`
			`capabilities:`
			`add:`
			`- SYS_ADMIN`
			`- FOO`
			`drop: []`
			`runAsNonRoot: true`
			`runAsUser: 0`
			`- image: dummy`
			`name: main-13`
			`securityContext:`
			`allowPrivilegeEscalation: false`
			`capabilities:`
			`add:`
			`- SYS_ADMIN`
			`- FOO`
			`drop: []`
			`runAsNonRoot: false`
			`runAsUser: 1`
			`- image: dummy`
			`name: main-14`
			`securityContext:`
			`allowPrivilegeEscalation: false`
			`capabilities:`
			`add:`
			`- SYS_ADMIN`
			`- FOO`
			`drop: []`
			`runAsUser: 1`
			`- image: dummy`
			`name: main-15`
			`securityContext:`
			`allowPrivilegeEscalation: false`
			`capabilities:`
			`add:`
			`- SYS_ADMIN`
			`- FOO`
			`drop: []`
			`runAsNonRoot: false`
			`- image: dummy`
			`name: main-16`
			`securityContext:`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`runAsUser: 0`
			`- image: dummy`
			`name: main-17`
			`securityContext:`
			`allowPrivilegeEscalation: true`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`- image: dummy`
			`name: main-18`
			`securityContext:`
			`allowPrivilegeEscalation: true`
			`capabilities:`
			`add:`
			`- SYS_ADMIN`
			`- FOO`
			`drop: []`
			`runAsNonRoot: true`
			`runAsUser: 1`
			`- image: dummy`
			`name: main-19`
			`securityContext:`
			`allowPrivilegeEscalation: false`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`privileged: true`
			`runAsNonRoot: true`
			`runAsUser: 1`
			`- image: dummy`
			`name: main-20`
			`securityContext:`
			`allowPrivilegeEscalation: false`
			`capabilities:`
			`add:`
			`- SYS_ADMIN`
			`- FOO`
			`drop: []`
			`privileged: true`
			`runAsUser: 0`
			`- image: dummy`
			`name: main-21`
			`securityContext:`
			`allowPrivilegeEscalation: false`
			`capabilities:`
			`add:`
			`- SYS_ADMIN`
			`- FOO`
			`drop: []`
			`privileged: true`
			`- image: dummy`
			`name: main-22`
			`securityContext:`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`privileged: true`
			`runAsNonRoot: true`
			`runAsUser: 0`
			`- image: dummy`
			`name: main-23`
			`securityContext:`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`privileged: true`
			`runAsNonRoot: false`
			`runAsUser: 1`
			`- image: dummy`
			`name: main-24`
			`securityContext:`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`privileged: true`
			`runAsUser: 1`
			`- image: dummy`
			`name: main-25`
			`securityContext:`
			`allowPrivilegeEscalation: true`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`privileged: true`
			`runAsNonRoot: false`
			`runAsUser: 0`
			`- image: dummy`
			`name: main-26`
			`securityContext:`
			`allowPrivilegeEscalation: true`
			`capabilities:`
			`add:`
			`- FOO`
			`drop:`
			`- SYS_ADMIN`
			`privileged: true`
			`runAsNonRoot: false`
			`- image: dummy`
			`name: main-27`
			`securityContext:`
			`allowPrivilegeEscalation: true`
			`capabilities:`
			`add:`
			`- SYS_ADMIN`
			`- FOO`
			`drop: []`
			`privileged: true`
			`runAsNonRoot: true`