feat: use more chainsaw test templates (#11281) (#11283)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

test/conformance/chainsaw/_step-templates/policy-ready.yaml

@@ -0,0 +1,19 @@
+apiVersion: chainsaw.kyverno.io/v1alpha1
+kind: StepTemplate
+metadata:
+  name: policy-ready
+spec:
+  try:
+  - assert:
+      template: true
+      resource:
+        apiVersion: kyverno.io/v1
+        kind: Policy
+        metadata:
+          name: ($name)
+          namespace: ($namespace)
+        status:
+          conditions:
+          - reason: Succeeded
+            status: "True"
+            type: Ready

test/conformance/chainsaw/assert/allow-existing-violations/chainsaw-test.yaml

@@ -4,30 +4,38 @@ metadata:
   name: check-old-object
 spec:
   steps:
-    - name: step-01
+  - name: step-01
-      try:
+    try:
-        - create:
+    - create:
-            file: ns.yaml
+        file: ns.yaml
-        - assert:
+    - assert:
-            file: ns-ready.yaml
+        file: ns-ready.yaml
-    - name: step-02
+  - name: create policy
-      try:
+    use:
-        - create:
+      template: ../../_step-templates/create-policy.yaml
-            file: policy.yaml
+      with:
-        - assert:
+        bindings:
-            file: policy-ready.yaml
+        - name: file
-    - name: step-03
+          value: policy.yaml
-      try:
+  - name: wait policy ready
-        - update:
+    use:
-            file: ns-update.yaml
+      template: ../../_step-templates/cluster-policy-ready.yaml
-    - name: step-04
+      with:
-      try:
+        bindings:
-        - update:
+        - name: name
-            file: ns-update-good.yaml
+          value: check-old-object
-    - name: step-05
+  - name: step-03
-      try:
+    try:
-        - update:
+    - update:
-            file: ns-update-bad.yaml
+        file: ns-update.yaml
-            expect:
+  - name: step-04
-            - check:
+    try:
-                ($error != null): true
+    - update:
+        file: ns-update-good.yaml
+  - name: step-05
+    try:
+    - update:
+        file: ns-update-bad.yaml
+        expect:
+        - check:
+            ($error != null): true

test/conformance/chainsaw/assert/allow-existing-violations/policy-ready.yaml

@@ -1,4 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-old-object

test/conformance/chainsaw/assert/old-object-exists/chainsaw-test.yaml

@@ -4,19 +4,27 @@ metadata:
   name: check-old-object
 spec:
   steps:
-    - name: step-01
+  - name: create policy
-      try:
+    use:
-        - create:
+      template: ../../_step-templates/create-policy.yaml
-            file: policy.yaml
+      with:
-        - assert:
+        bindings:
-            file: policy-ready.yaml
+        - name: file
-    - name: step-02
+          value: policy.yaml
-      try:
+  - name: wait policy ready
-        - create:
+    use:
-            file: ns.yaml
+      template: ../../_step-templates/cluster-policy-ready.yaml
-        - assert:
+      with:
-            file: ns-ready.yaml
+        bindings:
-    - name: step-03
+        - name: name
-      try:
+          value: check-old-object
-        - update:
+  - name: step-02
-            file: ns-update.yaml
+    try:
+    - create:
+        file: ns.yaml
+    - assert:
+        file: ns-ready.yaml
+  - name: step-03
+    try:
+    - update:
+        file: ns-update.yaml

test/conformance/chainsaw/assert/old-object-exists/policy-ready.yaml

@@ -1,4 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-old-object

test/conformance/chainsaw/background-only/cluster-policy/no-admission-event-deprecated/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: no-admission-event
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/background-only/cluster-policy/no-admission-event-deprecated/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/background-only/cluster-policy/no-admission-event/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: no-admission-event
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/background-only/cluster-policy/no-admission-event/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/background-only/cluster-policy/no-admission-report-deprecated/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: no-admission-report
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/background-only/cluster-policy/no-admission-report-deprecated/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/background-only/cluster-policy/no-admission-report/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: no-admission-report
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/background-only/cluster-policy/no-admission-report/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/background-only/cluster-policy/not-rejected-deprecated/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: not-rejected
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/background-only/cluster-policy/not-rejected-deprecated/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/background-only/cluster-policy/not-rejected/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: not-rejected
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/background-only/cluster-policy/not-rejected/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/background-only/policy/no-admission-event-deprecated/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: no-admission-event
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/background-only/policy/no-admission-event-deprecated/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/background-only/policy/no-admission-event/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: no-admission-event
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/background-only/policy/no-admission-event/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/background-only/policy/no-admission-report-deprecated/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: no-admission-report
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/background-only/policy/no-admission-report-deprecated/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/background-only/policy/no-admission-report/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: no-admission-report
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/background-only/policy/no-admission-report/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/background-only/policy/not-rejected-deprecated/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: not-rejected
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/background-only/policy/not-rejected-deprecated/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/background-only/policy/not-rejected/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: not-rejected
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/background-only/policy/not-rejected/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/webhooks/all-scale/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: all-scale
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
   - name: step-02
     try:
     - assert:

test/conformance/chainsaw/webhooks/all-scale/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/webhooks/clusterpolicy/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: clusterpolicy
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
   - name: step-02
     try:
     - assert:

test/conformance/chainsaw/webhooks/clusterpolicy/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/webhooks/double-wildcard/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: double-wildcard
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
   - name: step-02
     try:
     - assert:

test/conformance/chainsaw/webhooks/double-wildcard/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/webhooks/dyn-op-mutate-multiple/chainsaw-test.yaml

@@ -5,12 +5,27 @@ metadata:
   name: dyn-op-mutate-multiple
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: add-apparmor-annotations
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: add-annotation
   - name: step-02
     try:
     - assert:

test/conformance/chainsaw/webhooks/dyn-op-mutate-multiple/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: add-apparmor-annotations
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/webhooks/dyn-op-mutate/chainsaw-test.yaml

@@ -5,12 +5,20 @@ metadata:
   name: dyn-op-mutate
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: add-apparmor-annotations
   - name: step-02
     try:
     - assert:

test/conformance/chainsaw/webhooks/dyn-op-mutate/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: add-apparmor-annotations
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/webhooks/dyn-op-validate/chainsaw-test.yaml

@@ -5,12 +5,20 @@ metadata:
   name: dyn-op-validate
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
   - name: step-02
     try:
     - assert:

test/conformance/chainsaw/webhooks/dyn-op-validate/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/webhooks/only-pod/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: only-pod
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
   - name: step-02
     try:
     - assert:

test/conformance/chainsaw/webhooks/only-pod/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/webhooks/pod-all-subresources/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: pod-all-subresources
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
   - name: step-02
     try:
     - assert:

test/conformance/chainsaw/webhooks/pod-all-subresources/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/webhooks/pod-exec-subresource/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: pod-exec-subresource
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: std-shell
   - name: step-02
     try:
     - assert:

test/conformance/chainsaw/webhooks/pod-exec-subresource/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: std-shell
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/webhooks/policy-clusterpolicy-namespaced-clusterscoped-resources/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: policy-clusterpolicy-namespaced-clusterscoped-resources
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../_step-templates/create-policy.yaml
-        file: clusterpolicy.yaml
+      with:
-    - assert:
+        bindings:
-        file: clusterpolicy-assert.yaml
+        - name: file
+          value: clusterpolicy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
   - name: step-02
     try:
     - assert:

test/conformance/chainsaw/webhooks/policy-clusterpolicy-namespaced-clusterscoped-resources/clusterpolicy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/webhooks/policy-clusterscope-resource/chainsaw-test.yaml

@@ -7,7 +7,7 @@ spec:
     - name: step-01
       try:
         - apply:
+            file: policy.yaml
             expect:
               - check:
                   ($error != null): true
-            file: policy.yaml

test/conformance/chainsaw/webhooks/policy-wildcard-resource/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: policy-wildcard-resource
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
   - name: step-02
     try:
     - assert:

test/conformance/chainsaw/webhooks/policy-wildcard-resource/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/webhooks/policy/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: policy
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
   - name: step-02
     try:
     - assert:

test/conformance/chainsaw/webhooks/policy/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready