1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-13 19:28:55 +00:00

feat: add kuttl test for namespaced generate policy, with clone and sync (#6386)

* add a kuttl test

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix policy type

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix policy type

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix policy type

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* rename files

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* rename files

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* rename files

Signed-off-by: ShutingZhao <shuting@nirmata.com>

---------

Signed-off-by: ShutingZhao <shuting@nirmata.com>
This commit is contained in:
shuting 2023-02-24 19:36:19 +08:00 committed by GitHub
parent d6482bcecd
commit 07b350166f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 112 additions and 0 deletions

View file

@ -0,0 +1,13 @@
apiVersion: v1
kind: Namespace
metadata:
name: poltest
---
apiVersion: v1
data:
foo: YmFy
kind: Secret
metadata:
name: regcred
namespace: poltest
type: Opaque

View file

@ -0,0 +1,13 @@
apiVersion: v1
kind: Namespace
metadata:
name: poltest
---
apiVersion: v1
data:
foo: YmFy
kind: Secret
metadata:
name: regcred
namespace: poltest
type: Opaque

View file

@ -0,0 +1,10 @@
apiVersion: kyverno.io/v2beta1
kind: Policy
metadata:
name: pol-sync-clone
namespace: poltest
status:
conditions:
- reason: Succeeded
status: "True"
type: Ready

View file

@ -0,0 +1,22 @@
apiVersion: kyverno.io/v2beta1
kind: Policy
metadata:
name: pol-sync-clone
namespace: poltest
spec:
rules:
- name: gen-zk
match:
any:
- resources:
kinds:
- ConfigMap
generate:
apiVersion: v1
kind: Secret
name: myclonedsecret
namespace: poltest
synchronize: true
clone:
namespace: poltest
name: regcred

View file

@ -0,0 +1,7 @@
apiVersion: v1
data:
foo: bar
kind: ConfigMap
metadata:
name: foo
namespace: poltest

View file

@ -0,0 +1,8 @@
apiVersion: v1
data:
foo: YmFy
kind: Secret
metadata:
name: myclonedsecret
namespace: poltest
type: Opaque

View file

@ -0,0 +1,8 @@
apiVersion: v1
data:
foo: Ymx1ZQ==
kind: Secret
metadata:
name: myclonedsecret
namespace: poltest
type: Opaque

View file

@ -0,0 +1,4 @@
apiVersion: kuttl.dev/v1beta1
kind: TestStep
commands:
- command: sleep 3

View file

@ -0,0 +1,8 @@
apiVersion: v1
data:
foo: YmFy
kind: Secret
metadata:
name: myclonedsecret
namespace: poltest
type: Opaque

View file

@ -0,0 +1,11 @@
## Description
This test ensures that modification of the downstream (cloned) resource used by a Policy `generate` rule with sync enabled using a clone declaration causes those changes to be reverted and synchronized from the state of the upstream/source.
## Expected Behavior
After the downstream resource is modified, the changes should be reverted after synchronization occurs. If the downstream resource is synced with the state of the source resource, the test passes. If the downstream resource remains in a modified state, the test fails.
## Reference Issue(s)
https://github.com/kyverno/kyverno/issues/5100

View file

@ -0,0 +1,8 @@
apiVersion: v1
data:
foo: YmFy
kind: Secret
metadata:
name: myclonedsecret
namespace: poltest
type: Opaque