kyverno/test/conformance/chainsaw/generate-validating-admission-policy/validatingpolicy/with-cel-exception/chainsaw-test.yaml

# yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/test-chainsaw-v1alpha1.json
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
  name: with-cel-exception
spec:
  steps:
  - name: create policy
    try:
    - create:
        file: policy.yaml
    - sleep:
        duration: 10s
  - name: create exception
    try:
    - create:
        file: exception.yaml
    - sleep:
        duration: 10s
  - name: check validatingadmissionpolicy
    try:
    - assert:
        file: validatingadmissionpolicy.yaml
  - name: check validatingadmissionpolicybinding
    try:
    - assert:
        file: validatingadmissionpolicybinding.yaml
  - name: create a skipped deployment
    try:
    - apply:
        file: skipped-deployment.yaml
  - name: create a bad deployment
    try:
    - script:
        content: kubectl apply -f bad-deployment.yaml
        check:  
          ($error != null): true
          # This check ensures the contents of stderr are exactly as shown.  
          (trim_space($stderr)): |-
            The deployments "bad-deployment" is invalid: : ValidatingAdmissionPolicy 'vpol-check-deployment-labels' with binding 'vpol-check-deployment-labels-binding' denied request: Deployment labels must be env=prod
feat: generate VAPs given celexceptions (#12255) * feat: generate VAPs given celexceptions Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * chore: modify chainsaw tests Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> * fix linter Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> --------- Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> 2025-02-27 15:08:35 +02:00			`# yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/test-chainsaw-v1alpha1.json`
			`apiVersion: chainsaw.kyverno.io/v1alpha1`
			`kind: Test`
			`metadata:`
			`name: with-cel-exception`
			`spec:`
			`steps:`
			`- name: create policy`
			`try:`
			`- create:`
			`file: policy.yaml`
			`- sleep:`
			`duration: 10s`
			`- name: create exception`
			`try:`
			`- create:`
			`file: exception.yaml`
			`- sleep:`
			`duration: 10s`
			`- name: check validatingadmissionpolicy`
			`try:`
			`- assert:`
			`file: validatingadmissionpolicy.yaml`
			`- name: check validatingadmissionpolicybinding`
			`try:`
			`- assert:`
			`file: validatingadmissionpolicybinding.yaml`
			`- name: create a skipped deployment`
			`try:`
			`- apply:`
			`file: skipped-deployment.yaml`
			`- name: create a bad deployment`
			`try:`
			`- script:`
			`content: kubectl apply -f bad-deployment.yaml`
			`check:`
			`($error != null): true`
			`# This check ensures the contents of stderr are exactly as shown.`
			`(trim_space($stderr)): \|-`
			`The deployments "bad-deployment" is invalid: : ValidatingAdmissionPolicy 'vpol-check-deployment-labels' with binding 'vpol-check-deployment-labels-binding' denied request: Deployment labels must be env=prod`