From 202e589429028ca8405a8e702e11c5f17d0e84ec Mon Sep 17 00:00:00 2001 From: "gcp-cherry-pick-bot[bot]" <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com> Date: Wed, 2 Oct 2024 19:54:51 +0000 Subject: [PATCH] chore: use more chainsaw step templates (#11293) (#11295) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Charles-Edouard Brétéché Co-authored-by: Charles-Edouard Brétéché --- .../standard/chainsaw-test.yaml | 20 +++++++++++----- .../standard/policy-assert.yaml | 9 ------- .../chainsaw-test.yaml | 21 ++++++++++------ .../policy-assert.yaml | 10 -------- .../chainsaw-test.yaml | 20 +++++++++++----- .../policy-assert.yaml | 9 ------- .../multi-signatures/chainsaw-test.yaml | 20 +++++++++++----- .../multi-signatures/policy-assert.yaml | 9 ------- .../chainsaw-test.yaml | 20 +++++++++++----- .../policy-assert.yaml | 9 ------- .../single-signature/chainsaw-test.yaml | 20 +++++++++++----- .../single-signature/policy-assert.yaml | 9 ------- .../chainsaw-step-01-assert-1.yaml | 9 ------- .../multiple-attestors/chainsaw-test.yaml | 24 ++++++++++++------- ...-step-02-assert-1.yaml => pod-assert.yaml} | 0 ...chainsaw-step-02-apply-1.yaml => pod.yaml} | 0 ...insaw-step-01-apply-1.yaml => policy.yaml} | 0 .../chainsaw-step-01-assert-1.yaml | 9 ------- .../chainsaw-test.yaml | 20 ++++++++++++---- ...{chainsaw-step-01-apply-1.yaml => cm.yaml} | 0 ...insaw-step-01-apply-2.yaml => policy.yaml} | 0 .../standard/empty-image/chainsaw-test.yaml | 20 +++++++++++----- .../standard/empty-image/policy-assert.yaml | 9 ------- .../standard/empty-image/policy.yaml | 1 - .../chainsaw-test.yaml | 20 +++++++++++----- .../policy-ready.yaml | 9 ------- .../chainsaw-test.yaml | 20 +++++++++++----- .../policy-ready.yaml | 9 ------- .../chainsaw-test.yaml | 20 +++++++++++----- .../policy-ready.yaml | 9 ------- .../chainsaw-test.yaml | 20 +++++++++++----- .../imageExtractors-complex/policy-ready.yaml | 9 ------- .../imageExtractors-none/chainsaw-test.yaml | 20 +++++++++++----- .../imageExtractors-none/policy-ready.yaml | 9 ------- .../imageExtractors-simple/chainsaw-test.yaml | 20 +++++++++++----- .../imageExtractors-simple/policy-ready.yaml | 9 ------- .../chainsaw-step-01-assert-1.yaml | 9 ------- .../chainsaw-test.yaml | 18 ++++++++++---- ...insaw-step-01-apply-3.yaml => policy.yaml} | 0 .../chainsaw-step-01-assert-1.yaml | 9 ------- .../standard/keyed-basic/chainsaw-test.yaml | 20 ++++++++++++---- ...{chainsaw-step-01-apply-1.yaml => ns.yaml} | 0 ...insaw-step-01-apply-2.yaml => policy.yaml} | 0 .../chainsaw-step-01-assert-1.yaml | 9 ------- .../standard/keyed-oci11/chainsaw-test.yaml | 18 ++++++++++---- ...insaw-step-01-apply-2.yaml => policy.yaml} | 0 .../chainsaw-step-01-assert-1.yaml | 9 ------- .../standard/keyed-secret/chainsaw-test.yaml | 20 ++++++++++++---- ...insaw-step-01-apply-2.yaml => policy.yaml} | 0 .../keyed-tsa/chainsaw-step-01-assert-1.yaml | 9 ------- .../standard/keyed-tsa/chainsaw-test.yaml | 18 ++++++++++---- ...insaw-step-01-apply-2.yaml => policy.yaml} | 0 .../chainsaw-test.yaml | 20 +++++++++++----- .../policy-assert.yaml | 7 ------ .../chainsaw-test.yaml | 20 +++++++++++----- .../policy-assert.yaml | 7 ------ .../chainsaw-step-01-assert-1.yaml | 9 ------- .../chainsaw-test.yaml | 20 +++++++++++----- ...insaw-step-01-apply-1.yaml => policy.yaml} | 0 .../chainsaw-step-01-assert-1.yaml | 9 ------- .../chainsaw-test.yaml | 20 +++++++++++----- ...insaw-step-01-apply-1.yaml => policy.yaml} | 0 .../chainsaw-step-01-assert-1.yaml | 9 ------- .../chainsaw-test.yaml | 20 +++++++++++----- ...insaw-step-01-apply-1.yaml => policy.yaml} | 0 65 files changed, 356 insertions(+), 366 deletions(-) delete mode 100644 test/conformance/chainsaw/rangeoperators/standard/policy-assert.yaml delete mode 100755 test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/verify-manifests/multi-signatures/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/verify-manifests/single-signature/policy-assert.yaml delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/{chainsaw-step-02-assert-1.yaml => pod-assert.yaml} (100%) rename test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/{chainsaw-step-02-apply-1.yaml => pod.yaml} (100%) rename test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/{chainsaw-step-01-apply-1.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/{chainsaw-step-01-apply-1.yaml => cm.yaml} (100%) rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/{chainsaw-step-01-apply-2.yaml => policy.yaml} (100%) delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/policy-ready.yaml delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/policy-ready.yaml delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/policy-ready.yaml delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/policy-ready.yaml delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/policy-ready.yaml delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/policy-ready.yaml delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/{chainsaw-step-01-apply-3.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/{chainsaw-step-01-apply-1.yaml => ns.yaml} (100%) rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/{chainsaw-step-01-apply-2.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/{chainsaw-step-01-apply-2.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/{chainsaw-step-01-apply-2.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/{chainsaw-step-01-apply-2.yaml => policy.yaml} (100%) delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/policy-assert.yaml delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/{chainsaw-step-01-apply-1.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/{chainsaw-step-01-apply-1.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/{chainsaw-step-01-apply-1.yaml => policy.yaml} (100%) diff --git a/test/conformance/chainsaw/rangeoperators/standard/chainsaw-test.yaml b/test/conformance/chainsaw/rangeoperators/standard/chainsaw-test.yaml index cdb029138a..cfb4a58f82 100755 --- a/test/conformance/chainsaw/rangeoperators/standard/chainsaw-test.yaml +++ b/test/conformance/chainsaw/rangeoperators/standard/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: standard spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-value - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/rangeoperators/standard/policy-assert.yaml b/test/conformance/chainsaw/rangeoperators/standard/policy-assert.yaml deleted file mode 100644 index ddf55734a6..0000000000 --- a/test/conformance/chainsaw/rangeoperators/standard/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-value -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready \ No newline at end of file diff --git a/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/chainsaw-test.yaml b/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/chainsaw-test.yaml index f980db01e5..8abbf46b55 100755 --- a/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/chainsaw-test.yaml +++ b/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/chainsaw-test.yaml @@ -4,16 +4,23 @@ metadata: name: sigstore-image-verification spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: sigstore-image-verification - name: step-02 try: - apply: file: pod.yaml - assert: file: pod-assert.yaml - diff --git a/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/policy-assert.yaml b/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/policy-assert.yaml deleted file mode 100755 index 05883ad591..0000000000 --- a/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/policy-assert.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: sigstore-image-verification -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready - diff --git a/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/chainsaw-test.yaml b/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/chainsaw-test.yaml index cf0e1ba89a..dfe100a101 100755 --- a/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: multi-signatures spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: validate-yaml - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/policy-assert.yaml b/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/policy-assert.yaml deleted file mode 100644 index 582ac4e67a..0000000000 --- a/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: validate-yaml -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verify-manifests/multi-signatures/chainsaw-test.yaml b/test/conformance/chainsaw/verify-manifests/multi-signatures/chainsaw-test.yaml index cf0e1ba89a..dfe100a101 100755 --- a/test/conformance/chainsaw/verify-manifests/multi-signatures/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verify-manifests/multi-signatures/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: multi-signatures spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: validate-yaml - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verify-manifests/multi-signatures/policy-assert.yaml b/test/conformance/chainsaw/verify-manifests/multi-signatures/policy-assert.yaml deleted file mode 100644 index 582ac4e67a..0000000000 --- a/test/conformance/chainsaw/verify-manifests/multi-signatures/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: validate-yaml -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/chainsaw-test.yaml b/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/chainsaw-test.yaml index 8e0df5b1c6..0eb02ed19e 100755 --- a/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: single-signature spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: validate-yaml - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/policy-assert.yaml b/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/policy-assert.yaml deleted file mode 100644 index 582ac4e67a..0000000000 --- a/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: validate-yaml -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verify-manifests/single-signature/chainsaw-test.yaml b/test/conformance/chainsaw/verify-manifests/single-signature/chainsaw-test.yaml index 8e0df5b1c6..0eb02ed19e 100755 --- a/test/conformance/chainsaw/verify-manifests/single-signature/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verify-manifests/single-signature/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: single-signature spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: validate-yaml - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verify-manifests/single-signature/policy-assert.yaml b/test/conformance/chainsaw/verify-manifests/single-signature/policy-assert.yaml deleted file mode 100644 index 582ac4e67a..0000000000 --- a/test/conformance/chainsaw/verify-manifests/single-signature/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: validate-yaml -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index a0c2dc8a1b..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: validate-signatures -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-test.yaml index 70c208b243..1cf32e27fe 100644 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-test.yaml @@ -4,15 +4,23 @@ metadata: name: multiple-attestors spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: validate-signatures - name: step-02 try: - apply: - file: chainsaw-step-02-apply-1.yaml + file: pod.yaml - assert: - file: chainsaw-step-02-assert-1.yaml + file: pod-assert.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-02-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/pod-assert.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-02-assert-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/pod-assert.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-02-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/pod.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-02-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/pod.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index 8719f9010a..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: verify-image-with-multi-keys -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-test.yaml index 108512d346..bcb307608f 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-test.yaml @@ -7,8 +7,18 @@ spec: - name: step-01 try: - apply: - file: chainsaw-step-01-apply-1.yaml - - apply: - file: chainsaw-step-01-apply-2.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + file: cm.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: verify-image-with-multi-keys diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/cm.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/cm.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-apply-2.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-apply-2.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/chainsaw-test.yaml index f37cce9efa..342dd00314 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: empty-image spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyed-basic-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy-assert.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy-assert.yaml deleted file mode 100644 index a2d2cc907e..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyed-basic-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy.yaml index cb050cba98..eaf8a0b53a 100644 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy.yaml @@ -1,4 +1,3 @@ ---- apiVersion: kyverno.io/v1 kind: ClusterPolicy metadata: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/chainsaw-test.yaml index 837fe246df..f8cbe63eef 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: image-verify-polset-failurepolicy-ignore - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/policy-ready.yaml deleted file mode 100644 index cfdc4c1e1c..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: image-verify-polset-failurepolicy-ignore -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/chainsaw-test.yaml index 837fe246df..f8cbe63eef 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: image-verify-polset-failurepolicy-ignore - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/policy-ready.yaml deleted file mode 100644 index cfdc4c1e1c..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: image-verify-polset-failurepolicy-ignore -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/chainsaw-test.yaml index d2d0c43028..939730554c 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/chainsaw-test.yaml @@ -10,12 +10,20 @@ spec: file: crd.yaml - assert: file: crd-ready.yaml - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: tasks-keyless - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/policy-ready.yaml deleted file mode 100644 index 058180242b..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: tasks-keyless -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/chainsaw-test.yaml index ee4f8eecbf..97b6b6494d 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/chainsaw-test.yaml @@ -10,12 +10,20 @@ spec: file: crd.yaml - assert: file: crd-ready.yaml - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: tasks-complex - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/policy-ready.yaml deleted file mode 100644 index b585ce2dc6..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: tasks-complex -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/chainsaw-test.yaml index 45cccab4ce..62db6bc380 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/chainsaw-test.yaml @@ -10,12 +10,20 @@ spec: file: crd.yaml - assert: file: crd-ready.yaml - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: tasks-no-extractor - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/policy-ready.yaml deleted file mode 100644 index 098aa82821..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: tasks-no-extractor -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/chainsaw-test.yaml index 5ed09a3252..b5c2da35a4 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/chainsaw-test.yaml @@ -10,12 +10,20 @@ spec: file: crd.yaml - assert: file: crd-ready.yaml - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: tasks-simple - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/policy-ready.yaml deleted file mode 100644 index 567f022953..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: tasks-simple -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index fcd09f08dd..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyed-basic-ns-selector-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-test.yaml index 5f1caf9fc7..5c5bd3a756 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-test.yaml @@ -12,10 +12,20 @@ spec: file: chainsaw-step-01-apply-1.yaml - apply: file: chainsaw-step-01-apply-2.yaml - - apply: - file: chainsaw-step-01-apply-3.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyed-basic-ns-selector-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-step-01-apply-3.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-step-01-apply-3.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index a2d2cc907e..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyed-basic-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-test.yaml index 943451205a..6d3e34cb9b 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-test.yaml @@ -9,11 +9,21 @@ spec: - name: step-01 try: - apply: - file: chainsaw-step-01-apply-1.yaml - - apply: - file: chainsaw-step-01-apply-2.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + file: ns.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyed-basic-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/ns.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/ns.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-apply-2.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-apply-2.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index a2d2cc907e..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyed-basic-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-test.yaml index 943451205a..ffa2b65fb0 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-test.yaml @@ -10,10 +10,20 @@ spec: try: - apply: file: chainsaw-step-01-apply-1.yaml - - apply: - file: chainsaw-step-01-apply-2.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyed-basic-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-step-01-apply-2.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-step-01-apply-2.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index ca9cef7de7..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: secret-in-keys -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-test.yaml index 422149e159..a50b9ceca4 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-test.yaml @@ -12,12 +12,24 @@ spec: file: permissions.yaml - apply: file: chainsaw-step-01-apply-1.yaml - - apply: - file: chainsaw-step-01-apply-2.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: step-01 + try: - apply: file: chainsaw-step-01-apply-3.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: secret-in-keys - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-step-01-apply-2.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-step-01-apply-2.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index a10d015439..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyed-tsa-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-test.yaml index 943451205a..df3fff4553 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-test.yaml @@ -10,10 +10,20 @@ spec: try: - apply: file: chainsaw-step-01-apply-1.yaml - - apply: - file: chainsaw-step-01-apply-2.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyed-tsa-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-step-01-apply-2.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-step-01-apply-2.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/chainsaw-test.yaml index 6813da934e..a5540f7296 100644 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-invalid-attestors-in-attestations - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/policy-assert.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/policy-assert.yaml deleted file mode 100644 index 0556cd0c33..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/policy-assert.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-invalid-attestors-in-attestations - annotations: - pod-policies.kyverno.io/autogen-controllers: none diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/chainsaw-test.yaml index 6813da934e..a5540f7296 100644 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-invalid-attestors-in-attestations - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/policy-assert.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/policy-assert.yaml deleted file mode 100644 index 0556cd0c33..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/policy-assert.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-invalid-attestors-in-attestations - annotations: - pod-policies.kyverno.io/autogen-controllers: none diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index 0377e9a1d5..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-slsa-attestations-pass-1 -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-test.yaml index 6a51e3afd0..99676e597b 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: keyless-attestations-multiple-subjects-1 spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-slsa-attestations-pass-1 - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index ab5f8349bc..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-slsa-attestations-pass-2 -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-test.yaml index 038fcebec7..14c714d8f4 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: keyless-attestations-multiple-subjects-2 spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-slsa-attestations-pass-2 - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index cb2b58a3b7..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-slsa-attestations-fail-1 -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-test.yaml index c48adc2115..ce69aff27e 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: keyless-attestations-multiple-subjects-3 spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-slsa-attestations-fail-1 - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/policy.yaml