From 09736d40dd8bf54268cb6c5afe0e0eb751622ab3 Mon Sep 17 00:00:00 2001 From: "gcp-cherry-pick-bot[bot]" <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com> Date: Wed, 2 Oct 2024 15:50:35 +0000 Subject: [PATCH] feat: use more chainsaw test templates (#11285) (#11292) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: use more chainsaw test templates * fix --------- Signed-off-by: Charles-Edouard Brétéché Co-authored-by: Charles-Edouard Brétéché --- .../chainsaw-test.yaml | 20 +++++++++----- .../policy-assert.yaml | 10 ------- .../chainsaw-test.yaml | 20 +++++++++----- .../policy-assert.yaml | 10 ------- .../chainsaw-test.yaml | 20 +++++++++----- .../policy-assert.yaml | 10 ------- .../chainsaw-test.yaml | 20 +++++++++----- .../policy-assert.yaml | 10 ------- .../chainsaw-test.yaml | 20 +++++++++----- .../policy-assert.yaml | 10 ------- .../chainsaw-test.yaml | 20 +++++++++----- .../policy-assert.yaml | 9 ------- .../policy/policy-applied/chainsaw-test.yaml | 20 +++++++++----- .../policy/policy-applied/policy-assert.yaml | 9 ------- .../chainsaw-test.yaml | 20 +++++++++----- .../policy-assert.yaml | 9 ------- .../policy-violation/chainsaw-test.yaml | 20 +++++++++----- .../policy-violation/policy-assert.yaml | 9 ------- .../fail-deprecated/chainsaw-test.yaml | 27 ++++++++++++++----- .../fail-deprecated/policy-assert.yaml | 19 ------------- .../cluster-policy/fail/chainsaw-test.yaml | 27 ++++++++++++++----- .../cluster-policy/fail/policy-assert.yaml | 19 ------------- .../chainsaw-test.yaml | 20 +++++++++----- .../policy-assert.yaml | 9 ------- .../policy.yaml | 1 - 25 files changed, 182 insertions(+), 206 deletions(-) delete mode 100644 test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-fail-generation/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-generation/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-mutation/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/events/clusterpolicy/message-exceeds-1024-characters/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/events/clusterpolicy/no-events-upon-skip-generation/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/events/policy/policy-applied-deprecated/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/events/policy/policy-applied/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/events/policy/policy-violation-deprecated/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/events/policy/policy-violation/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail-deprecated/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/rbac/mutate-policy-with-clusterrole/policy-assert.yaml diff --git a/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-fail-generation/chainsaw-test.yaml b/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-fail-generation/chainsaw-test.yaml index b15f6aef49..c69f0f5b6c 100755 --- a/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-fail-generation/chainsaw-test.yaml +++ b/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-fail-generation/chainsaw-test.yaml @@ -12,12 +12,20 @@ spec: file: permissions.yaml - assert: file: crd-assert.yaml - - name: step-02 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: rbac-policy - name: step-03 try: - apply: diff --git a/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-fail-generation/policy-assert.yaml b/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-fail-generation/policy-assert.yaml deleted file mode 100644 index 620afcda89..0000000000 --- a/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-fail-generation/policy-assert.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: rbac-policy -spec: {} -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-generation/chainsaw-test.yaml b/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-generation/chainsaw-test.yaml index ad41b9def9..78530ee6af 100755 --- a/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-generation/chainsaw-test.yaml +++ b/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-generation/chainsaw-test.yaml @@ -10,12 +10,20 @@ spec: content: kubectl patch configmap kyverno -p '{"data":{"generateSuccessEvents":"true"}}' -n kyverno - assert: file: kyverno-configmap-assert.yaml - - name: step-02 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: zk-kafka-address - name: step-03 try: - apply: diff --git a/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-generation/policy-assert.yaml b/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-generation/policy-assert.yaml deleted file mode 100644 index 8598c5b56d..0000000000 --- a/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-generation/policy-assert.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: zk-kafka-address -spec: {} -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-mutation/chainsaw-test.yaml b/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-mutation/chainsaw-test.yaml index b659ffdba3..c89e4159e2 100755 --- a/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-mutation/chainsaw-test.yaml +++ b/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-mutation/chainsaw-test.yaml @@ -10,12 +10,20 @@ spec: content: kubectl patch configmap kyverno -p '{"data":{"generateSuccessEvents":"true"}}' -n kyverno - assert: file: kyverno-configmap-assert.yaml - - name: step-02 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: add-labels - name: step-03 try: - apply: diff --git a/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-mutation/policy-assert.yaml b/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-mutation/policy-assert.yaml deleted file mode 100644 index 721c465283..0000000000 --- a/test/conformance/chainsaw/events/clusterpolicy/generate-events-upon-successful-mutation/policy-assert.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: add-labels -spec: {} -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/events/clusterpolicy/message-exceeds-1024-characters/chainsaw-test.yaml b/test/conformance/chainsaw/events/clusterpolicy/message-exceeds-1024-characters/chainsaw-test.yaml index 31c851f0e1..15b60d84e2 100755 --- a/test/conformance/chainsaw/events/clusterpolicy/message-exceeds-1024-characters/chainsaw-test.yaml +++ b/test/conformance/chainsaw/events/clusterpolicy/message-exceeds-1024-characters/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: message-exceeds-1024-characters spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: podsecurity-subrule-restricted - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/events/clusterpolicy/message-exceeds-1024-characters/policy-assert.yaml b/test/conformance/chainsaw/events/clusterpolicy/message-exceeds-1024-characters/policy-assert.yaml deleted file mode 100644 index 745e0ae3aa..0000000000 --- a/test/conformance/chainsaw/events/clusterpolicy/message-exceeds-1024-characters/policy-assert.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: podsecurity-subrule-restricted -spec: {} -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/events/clusterpolicy/no-events-upon-skip-generation/chainsaw-test.yaml b/test/conformance/chainsaw/events/clusterpolicy/no-events-upon-skip-generation/chainsaw-test.yaml index baf38d2e8f..5c7f87f281 100755 --- a/test/conformance/chainsaw/events/clusterpolicy/no-events-upon-skip-generation/chainsaw-test.yaml +++ b/test/conformance/chainsaw/events/clusterpolicy/no-events-upon-skip-generation/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: no-events-upon-skip-generation spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: default - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/events/clusterpolicy/no-events-upon-skip-generation/policy-assert.yaml b/test/conformance/chainsaw/events/clusterpolicy/no-events-upon-skip-generation/policy-assert.yaml deleted file mode 100644 index a434cb1fb9..0000000000 --- a/test/conformance/chainsaw/events/clusterpolicy/no-events-upon-skip-generation/policy-assert.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: default -spec: {} -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/events/policy/policy-applied-deprecated/chainsaw-test.yaml b/test/conformance/chainsaw/events/policy/policy-applied-deprecated/chainsaw-test.yaml index f4a7db3e0d..481bdb89c3 100755 --- a/test/conformance/chainsaw/events/policy/policy-applied-deprecated/chainsaw-test.yaml +++ b/test/conformance/chainsaw/events/policy/policy-applied-deprecated/chainsaw-test.yaml @@ -10,12 +10,20 @@ spec: content: kubectl patch configmap kyverno -p '{"data":{"generateSuccessEvents":"true"}}' -n kyverno - assert: file: kyverno-configmap-assert.yaml - - name: step-02 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../_step-templates/policy-ready.yaml + with: + bindings: + - name: name + value: require-labels - name: step-03 try: - apply: diff --git a/test/conformance/chainsaw/events/policy/policy-applied-deprecated/policy-assert.yaml b/test/conformance/chainsaw/events/policy/policy-applied-deprecated/policy-assert.yaml deleted file mode 100644 index bc25d0fdf8..0000000000 --- a/test/conformance/chainsaw/events/policy/policy-applied-deprecated/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: Policy -metadata: - name: require-labels -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/events/policy/policy-applied/chainsaw-test.yaml b/test/conformance/chainsaw/events/policy/policy-applied/chainsaw-test.yaml index f4a7db3e0d..481bdb89c3 100755 --- a/test/conformance/chainsaw/events/policy/policy-applied/chainsaw-test.yaml +++ b/test/conformance/chainsaw/events/policy/policy-applied/chainsaw-test.yaml @@ -10,12 +10,20 @@ spec: content: kubectl patch configmap kyverno -p '{"data":{"generateSuccessEvents":"true"}}' -n kyverno - assert: file: kyverno-configmap-assert.yaml - - name: step-02 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../_step-templates/policy-ready.yaml + with: + bindings: + - name: name + value: require-labels - name: step-03 try: - apply: diff --git a/test/conformance/chainsaw/events/policy/policy-applied/policy-assert.yaml b/test/conformance/chainsaw/events/policy/policy-applied/policy-assert.yaml deleted file mode 100644 index bc25d0fdf8..0000000000 --- a/test/conformance/chainsaw/events/policy/policy-applied/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: Policy -metadata: - name: require-labels -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/events/policy/policy-violation-deprecated/chainsaw-test.yaml b/test/conformance/chainsaw/events/policy/policy-violation-deprecated/chainsaw-test.yaml index b632e3f643..5aca0c447a 100755 --- a/test/conformance/chainsaw/events/policy/policy-violation-deprecated/chainsaw-test.yaml +++ b/test/conformance/chainsaw/events/policy/policy-violation-deprecated/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: policy-violation spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../_step-templates/policy-ready.yaml + with: + bindings: + - name: name + value: require-labels - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/events/policy/policy-violation-deprecated/policy-assert.yaml b/test/conformance/chainsaw/events/policy/policy-violation-deprecated/policy-assert.yaml deleted file mode 100644 index bc25d0fdf8..0000000000 --- a/test/conformance/chainsaw/events/policy/policy-violation-deprecated/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: Policy -metadata: - name: require-labels -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/events/policy/policy-violation/chainsaw-test.yaml b/test/conformance/chainsaw/events/policy/policy-violation/chainsaw-test.yaml index b632e3f643..5aca0c447a 100755 --- a/test/conformance/chainsaw/events/policy/policy-violation/chainsaw-test.yaml +++ b/test/conformance/chainsaw/events/policy/policy-violation/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: policy-violation spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../_step-templates/policy-ready.yaml + with: + bindings: + - name: name + value: require-labels - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/events/policy/policy-violation/policy-assert.yaml b/test/conformance/chainsaw/events/policy/policy-violation/policy-assert.yaml deleted file mode 100644 index bc25d0fdf8..0000000000 --- a/test/conformance/chainsaw/events/policy/policy-violation/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: Policy -metadata: - name: require-labels -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail-deprecated/chainsaw-test.yaml b/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail-deprecated/chainsaw-test.yaml index 73fd9f87fb..d263c30976 100755 --- a/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail-deprecated/chainsaw-test.yaml +++ b/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail-deprecated/chainsaw-test.yaml @@ -4,12 +4,27 @@ metadata: name: fail spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: require-labels + - name: wait policy ready + use: + template: ../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: add-labels - name: step-02 try: - assert: diff --git a/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail-deprecated/policy-assert.yaml b/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail-deprecated/policy-assert.yaml deleted file mode 100644 index 1676676194..0000000000 --- a/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail-deprecated/policy-assert.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: require-labels -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready ---- -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: add-labels -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail/chainsaw-test.yaml b/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail/chainsaw-test.yaml index 73fd9f87fb..d263c30976 100755 --- a/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail/chainsaw-test.yaml +++ b/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail/chainsaw-test.yaml @@ -4,12 +4,27 @@ metadata: name: fail spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: require-labels + - name: wait policy ready + use: + template: ../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: add-labels - name: step-02 try: - assert: diff --git a/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail/policy-assert.yaml b/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail/policy-assert.yaml deleted file mode 100644 index 1676676194..0000000000 --- a/test/conformance/chainsaw/force-failure-policy-ignore/cluster-policy/fail/policy-assert.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: require-labels -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready ---- -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: add-labels -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/rbac/mutate-policy-with-clusterrole/chainsaw-test.yaml b/test/conformance/chainsaw/rbac/mutate-policy-with-clusterrole/chainsaw-test.yaml index 34f006c2ec..ea84d7b984 100644 --- a/test/conformance/chainsaw/rbac/mutate-policy-with-clusterrole/chainsaw-test.yaml +++ b/test/conformance/chainsaw/rbac/mutate-policy-with-clusterrole/chainsaw-test.yaml @@ -8,9 +8,17 @@ spec: try: - apply: file: clusterrole.yaml - - name: step-02 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: policy-reload-on-secret-update diff --git a/test/conformance/chainsaw/rbac/mutate-policy-with-clusterrole/policy-assert.yaml b/test/conformance/chainsaw/rbac/mutate-policy-with-clusterrole/policy-assert.yaml deleted file mode 100644 index e0768771ae..0000000000 --- a/test/conformance/chainsaw/rbac/mutate-policy-with-clusterrole/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: policy-reload-on-secret-update -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/rbac/mutate-policy-with-clusterrole/policy.yaml b/test/conformance/chainsaw/rbac/mutate-policy-with-clusterrole/policy.yaml index f7f8f10dc0..8db8cc9a85 100644 --- a/test/conformance/chainsaw/rbac/mutate-policy-with-clusterrole/policy.yaml +++ b/test/conformance/chainsaw/rbac/mutate-policy-with-clusterrole/policy.yaml @@ -1,4 +1,3 @@ ---- apiVersion: kyverno.io/v1 kind: ClusterPolicy metadata: