mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 16:06:56 +00:00
Code Activity
kyverno/test/conformance/chainsaw/exceptions/psa-run-as-non-root/chainsaw-test.yaml

36 lines
833 B
YAML
Raw Normal View History

feat add chainsaw tests for pod security and exceptions (#10664) * feat add chainsaw tests for pod security and exceptions Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix: enable ProcMountType in the kind config Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-07-16 15:14:47 +03:00
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
creationTimestamp: null
name: psa-run-as-non-root
spec:
steps:
- name: step-01
try:
- apply:
file: policy.yaml
- assert:
file: policy-assert.yaml
- name: step-02
try:
- apply:
file: exception.yaml
- name: step-03
try:
- script:
content: kubectl apply -f bad-pod-01.yaml
check:
($error != null): true
(contains($stderr, 'spec.containers[0].securityContext.runAsNonRoot')): true
- name: step-04
try:
- script:
content: kubectl apply -f bad-pod-02.yaml
check:
($error != null): true
(contains($stderr, 'spec.containers[0].securityContext.runAsNonRoot')): true
- name: step-05
try:
- apply:
file: good-pod.yaml
Copy permalink