kyverno/cmd/cli/kubectl-kyverno/_testdata/policies/check-image.yaml

apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
  name: check-image
  annotations:
    pod-policies.kyverno.io/autogen-controllers: none
spec:
  rules:
    - name: verify-signature
      match:
        resources:
          kinds:
            - Pod
      verifyImages:
      - imageReferences:
        - "*"
        attestors:
        - count: 1
          entries:
          - keys:
              publicKeys: |-
                -----BEGIN PUBLIC KEY-----
                MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFN8gGjQua2g8N+aLx3Eff+/j5HxL
                bV+H2z50/0A4d8XyMUvizPQBtcgei43pqLj1850m3wSwI08z2+6zT1QaEg==
                -----END PUBLIC KEY-----
feat: use kubectl-validate to load policies (#8384) * feat: use kubectl-validate to load policies Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * schemas Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * bump Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * policies v2beta1 Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * option Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * defaulting test Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * makefile Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * makefile Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> 2023-09-14 17:17:02 +02:00			`apiVersion: kyverno.io/v1`
			`kind: ClusterPolicy`
			`metadata:`
			`name: check-image`
			`annotations:`
			`pod-policies.kyverno.io/autogen-controllers: none`
			`spec:`
			`rules:`
			`- name: verify-signature`
			`match:`
			`resources:`
			`kinds:`
			`- Pod`
			`verifyImages:`
			`- imageReferences:`
			`- "*"`
			`attestors:`
			`- count: 1`
			`entries:`
			`- keys:`
			`publicKeys: \|-`
			`-----BEGIN PUBLIC KEY-----`
			`MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFN8gGjQua2g8N+aLx3Eff+/j5HxL`
			`bV+H2z50/0A4d8XyMUvizPQBtcgei43pqLj1850m3wSwI08z2+6zT1QaEg==`
			`-----END PUBLIC KEY-----`