kyverno/test/conformance/chainsaw/exceptions/exclude-restricted-capabilities/chainsaw-test.yaml

apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
  name: exclude-restricted-capabilities
spec:
  steps:
  - name: create policy
    use:
      template: ../../_step-templates/create-policy.yaml
      with:
        bindings:
        - name: file
          value: policy.yaml
  - name: wait policy ready
    use:
      template: ../../_step-templates/cluster-policy-ready.yaml
      with:
        bindings:
        - name: name
          value: psa
  - name: step-02
    try:
    - apply:
        file: ns.yaml
    - assert:
        file: ns.yaml
  - name: step-03
    try:
    - apply:
        file: exception.yaml
  - name: step-04
    try:
    - apply:
        file: pod-allowed-1.yaml
    - apply:
        file: pod-allowed-2.yaml
    - apply:
        expect:
        - check:
            ($error != null): true
        file: pod-rejected-1.yaml
    - apply:
        expect:
        - check:
            ($error != null): true
        file: pod-rejected-2.yaml
    - apply:
        expect:
        - check:
            ($error != null): true
        file: pod-rejected-3.yaml
    - apply:
        expect:
        - check:
            ($error != null): true
        file: pod-rejected-4.yaml
feat: add chainsaw tests for pod security in exceptions (#9667) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> 2024-02-06 15:07:58 +02:00			`apiVersion: chainsaw.kyverno.io/v1alpha1`
			`kind: Test`
			`metadata:`
			`name: exclude-restricted-capabilities`
			`spec:`
			`steps:`
chore: use more chainsaw step templates (#11311) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2024-10-03 13:56:30 +02:00			`- name: create policy`
			`use:`
			`template: ../../_step-templates/create-policy.yaml`
			`with:`
			`bindings:`
			`- name: file`
			`value: policy.yaml`
			`- name: wait policy ready`
			`use:`
			`template: ../../_step-templates/cluster-policy-ready.yaml`
			`with:`
			`bindings:`
			`- name: name`
			`value: psa`
feat: add chainsaw tests for pod security in exceptions (#9667) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> 2024-02-06 15:07:58 +02:00			`- name: step-02`
			`try:`
			`- apply:`
			`file: ns.yaml`
			`- assert:`
			`file: ns.yaml`
			`- name: step-03`
			`try:`
			`- apply:`
			`file: exception.yaml`
			`- name: step-04`
			`try:`
			`- apply:`
			`file: pod-allowed-1.yaml`
			`- apply:`
			`file: pod-allowed-2.yaml`
			`- apply:`
			`expect:`
			`- check:`
			`($error != null): true`
			`file: pod-rejected-1.yaml`
			`- apply:`
			`expect:`
			`- check:`
			`($error != null): true`
			`file: pod-rejected-2.yaml`
			`- apply:`
			`expect:`
			`- check:`
			`($error != null): true`
			`file: pod-rejected-3.yaml`
			`- apply:`
			`expect:`
			`- check:`
			`($error != null): true`
			`file: pod-rejected-4.yaml`