update require_probes

pkg/testrunner/testrunner_test.go

@@ -101,7 +101,7 @@ func Test_require_pod_requests_limits(t *testing.T) {
 }
 
 func Test_require_probes(t *testing.T) {
-	testScenario(t, "test/scenarios/samples/best_practices/scenario_validate_probes.yaml")
+	testScenario(t, "test/scenarios/samples/best_practices/require_probes.yaml")
 }
 
 func Test_validate_disallow_bind_mounts_fail(t *testing.T) {

samples/RequirePodProbes.md

@@ -1,8 +1,8 @@
 # Require `livenessProbe` and `readinessProbe`
 
-For each pod, a `livenessProbe` is carried out by the kubelet to determine if containers are running and when to restart the pod. A `readinessProbe` is used by services and deployments to determine if the pod is ready to recieve network traffic. 
+Liveness and readiness probes need to be configured to correctly manage a pods lifecycle during deployments, restarts, and upgrades.
 
-Both liveness and readiness probes need to be configured to manage the pod lifecycle during restarts and upgrades.
+For each pod, a periodic `livenessProbe` is performed by the kubelet to determine if the pod's containers are running or need to be restarted. A `readinessProbe` is used by services and deployments to determine if the pod is ready to recieve network traffic.
 
 ## Policy YAML 
 
@@ -12,10 +12,10 @@ Both liveness and readiness probes need to be configured to manage the pod lifec
 apiVersion: kyverno.io/v1alpha1
 kind: ClusterPolicy
 metadata:
-  name: validate-probes
+  name: require-pod-probes
 spec:
   rules:
-  - name: check-probes
+  - name: validate-livenessProbe-readinessProbe
     match:
       resources:
         kinds:

samples/best_practices/require_probes.yaml

@@ -1,16 +1,17 @@
 apiVersion: kyverno.io/v1alpha1
 kind: ClusterPolicy
 metadata:
-  name: validate-probes
+  name: require-pod-probes
   annotations:
-    policies.kyverno.io/category: Health Check
-    policies.kyverno.io/description: For each pod, a 'livenessProbe' is carried out by the kubelet to 
-      determine when to restart a container. A 'readinessProbe' is used by services and deployments to 
-      determine if the pod is ready to recieve network traffic. Both liveness and readiness probes 
-      need to be configured to manage the pod lifecycle during restarts and upgrades.
+    policies.kyverno.io/category: Health
+    policies.kyverno.io/description: Liveness and readiness probes need to be configured to 
+      correctly manage a pods lifecycle during deployments, restarts, and upgrades. For each 
+      pod, a periodic `livenessProbe` is performed by the kubelet to determine if the pod's 
+      containers are running or need to be restarted. A `readinessProbe` is used by services 
+      and deployments to determine if the pod is ready to recieve network traffic.
 spec:
   rules:
-  - name: check-probes
+  - name: validate-livenessProbe-readinessProbe
     match:
       resources:
         kinds:

test/scenarios/samples/best_practices/require_probes.yaml

@@ -5,14 +5,13 @@ input:
 expected:
   validation:
     policyresponse:
-      policy: validate-probes
+      policy: require-pod-probes
       resource:
         kind: Pod
         apiVersion: v1
         namespace: ''
         name: myapp-pod
       rules:
-        - name: check-probes
+        - name: validate-livenessProbe-readinessProbe
           type: Validation
-          message: "Validation error: Liveness and readiness probes are required\nValidation rule 'check-probes' failed at path '/spec/containers/0/livenessProbe/'."
           success: false