From 16a851cd8b14706f2d069d4dcc03c69d543f552b Mon Sep 17 00:00:00 2001
From: Shuting Zhao <shutting06@gmail.com>
Date: Mon, 7 Oct 2019 11:35:04 -0700
Subject: [PATCH] update sysctl

---
 examples/best_practices/README.md                             | 3 ++-
 ...sallow_sysctl.yaml => policy_validate_sysctl_configs.yaml} | 0
 ...llow_sysctl.yaml => resource_validate_sysctl_configs.yaml} | 0
 pkg/testrunner/testrunner_test.go                             | 2 +-
 ...llow_sysctl.yaml => scenario_validate_sysctl_configs.yaml} | 4 ++--
 5 files changed, 5 insertions(+), 4 deletions(-)
 rename examples/best_practices/{policy_validate_disallow_sysctl.yaml => policy_validate_sysctl_configs.yaml} (100%)
 rename examples/best_practices/resources/{resource_disallow_sysctl.yaml => resource_validate_sysctl_configs.yaml} (100%)
 rename test/scenarios/test/{scenario_validate_disallow_sysctl.yaml => scenario_validate_sysctl_configs.yaml} (77%)

diff --git a/examples/best_practices/README.md b/examples/best_practices/README.md
index 8565ecdde3..d7f7a965ce 100644
--- a/examples/best_practices/README.md
+++ b/examples/best_practices/README.md
@@ -22,4 +22,5 @@
 | Allow an FSGroup that owns the pod's volumes      | [policy_validate_fsgroup.yaml](policy_validate_fsgroup.yaml)                                                                      |
 | Require SELinux level of the container      | [policy_validate_selinux_context.yaml](policy_validate_selinux_context.yaml)                                                                      |
 | Allow default Proc Mount type      | [policy_validate_default_proc_mount.yaml](policy_validate_default_proc_mount.yaml)                                                                      |
-| Allow certain capability to be added      | [policy_validate_container_capabilities.yaml](policy_validate_container_capabilities.yaml)                                                                      |
\ No newline at end of file
+| Allow certain capability to be added      | [policy_validate_container_capabilities.yaml](policy_validate_container_capabilities.yaml)                                                                      |
+| Allow local tcp/udp port range      | [policy_validate_sysctl_configs.yaml](policy_validate_sysctl_configs.yaml)                                                                      |
\ No newline at end of file
diff --git a/examples/best_practices/policy_validate_disallow_sysctl.yaml b/examples/best_practices/policy_validate_sysctl_configs.yaml
similarity index 100%
rename from examples/best_practices/policy_validate_disallow_sysctl.yaml
rename to examples/best_practices/policy_validate_sysctl_configs.yaml
diff --git a/examples/best_practices/resources/resource_disallow_sysctl.yaml b/examples/best_practices/resources/resource_validate_sysctl_configs.yaml
similarity index 100%
rename from examples/best_practices/resources/resource_disallow_sysctl.yaml
rename to examples/best_practices/resources/resource_validate_sysctl_configs.yaml
diff --git a/pkg/testrunner/testrunner_test.go b/pkg/testrunner/testrunner_test.go
index 07dde46266..e0d03810ff 100644
--- a/pkg/testrunner/testrunner_test.go
+++ b/pkg/testrunner/testrunner_test.go
@@ -129,5 +129,5 @@ func Test_validate_container_capabilities(t *testing.T) {
 }
 
 func Test_validate_disallow_sysctl(t *testing.T) {
-	testScenario(t, "test/scenarios/test/scenario_validate_disallow_sysctl.yaml")
+	testScenario(t, "test/scenarios/test/scenario_validate_sysctl_configs.yaml")
 }
diff --git a/test/scenarios/test/scenario_validate_disallow_sysctl.yaml b/test/scenarios/test/scenario_validate_sysctl_configs.yaml
similarity index 77%
rename from test/scenarios/test/scenario_validate_disallow_sysctl.yaml
rename to test/scenarios/test/scenario_validate_sysctl_configs.yaml
index 8b22077e7a..aa40f91538 100644
--- a/test/scenarios/test/scenario_validate_disallow_sysctl.yaml
+++ b/test/scenarios/test/scenario_validate_sysctl_configs.yaml
@@ -1,8 +1,8 @@
 
 # file path relative to project root
 input:
-  policy: examples/best_practices/policy_validate_disallow_sysctl.yaml
-  resource: examples/best_practices/resources/resource_disallow_sysctl.yaml
+  policy: examples/best_practices/policy_validate_sysctl_configs.yaml
+  resource: examples/best_practices/resources/resource_validate_sysctl_configs.yaml
 expected:
   validation:
     policyresponse: