feat: use more chainsaw test templates (#11281)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2024-12-14 11:57:48 +00:00 · 2024-10-01 22:46:10 +02:00 · 2024-10-01 22:46:10 +02:00 · 7113aa111a
commit 7113aa111a
parent 2bbce68f67
54 changed files with 422 additions and 424 deletions
--- a/test/conformance/chainsaw/_step-templates/policy-ready.yaml
+++ b/test/conformance/chainsaw/_step-templates/policy-ready.yaml
@ -0,0 +1,19 @@
+apiVersion: chainsaw.kyverno.io/v1alpha1
+kind: StepTemplate
+metadata:
+  name: policy-ready
+spec:
+  try:
+  - assert:
+      template: true
+      resource:
+        apiVersion: kyverno.io/v1
+        kind: Policy
+        metadata:
+          name: ($name)
+          namespace: ($namespace)
+        status:
+          conditions:
+          - reason: Succeeded
+            status: "True"
+            type: Ready
--- a/test/conformance/chainsaw/assert/allow-existing-violations/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/assert/allow-existing-violations/chainsaw-test.yaml
@ -4,30 +4,38 @@ metadata:
  name: check-old-object
 spec:
  steps:
-    - name: step-01
-      try:
-        - create:
-            file: ns.yaml
-        - assert:
-            file: ns-ready.yaml
-    - name: step-02
-      try:
-        - create:
-            file: policy.yaml
-        - assert:
-            file: policy-ready.yaml
-    - name: step-03
-      try:
-        - update:
-            file: ns-update.yaml
-    - name: step-04
-      try:
-        - update:
-            file: ns-update-good.yaml
-    - name: step-05
-      try:
-        - update:
-            file: ns-update-bad.yaml
-            expect:
-            - check:
-                ($error != null): true
+  - name: step-01
+    try:
+    - create:
+        file: ns.yaml
+    - assert:
+        file: ns-ready.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-old-object
+  - name: step-03
+    try:
+    - update:
+        file: ns-update.yaml
+  - name: step-04
+    try:
+    - update:
+        file: ns-update-good.yaml
+  - name: step-05
+    try:
+    - update:
+        file: ns-update-bad.yaml
+        expect:
+        - check:
+            ($error != null): true
--- a/test/conformance/chainsaw/assert/allow-existing-violations/policy-ready.yaml
+++ b/test/conformance/chainsaw/assert/allow-existing-violations/policy-ready.yaml
@ -1,4 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-old-object
--- a/test/conformance/chainsaw/assert/old-object-exists/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/assert/old-object-exists/chainsaw-test.yaml
@ -4,19 +4,27 @@ metadata:
  name: check-old-object
 spec:
  steps:
-    - name: step-01
-      try:
-        - create:
-            file: policy.yaml
-        - assert:
-            file: policy-ready.yaml
-    - name: step-02
-      try:
-        - create:
-            file: ns.yaml
-        - assert:
-            file: ns-ready.yaml
-    - name: step-03
-      try:
-        - update:
-            file: ns-update.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-old-object
+  - name: step-02
+    try:
+    - create:
+        file: ns.yaml
+    - assert:
+        file: ns-ready.yaml
+  - name: step-03
+    try:
+    - update:
+        file: ns-update.yaml
--- a/test/conformance/chainsaw/assert/old-object-exists/policy-ready.yaml
+++ b/test/conformance/chainsaw/assert/old-object-exists/policy-ready.yaml
@ -1,4 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-old-object
--- a/test/conformance/chainsaw/background-only/cluster-policy/no-admission-event-deprecated/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/background-only/cluster-policy/no-admission-event-deprecated/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: no-admission-event
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
  - name: step-02
    try:
    - apply:
--- a/test/conformance/chainsaw/background-only/cluster-policy/no-admission-event-deprecated/policy-assert.yaml
+++ b/test/conformance/chainsaw/background-only/cluster-policy/no-admission-event-deprecated/policy-assert.yaml
@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
--- a/test/conformance/chainsaw/background-only/cluster-policy/no-admission-event/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/background-only/cluster-policy/no-admission-event/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: no-admission-event
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
  - name: step-02
    try:
    - apply:
--- a/test/conformance/chainsaw/background-only/cluster-policy/no-admission-event/policy-assert.yaml
+++ b/test/conformance/chainsaw/background-only/cluster-policy/no-admission-event/policy-assert.yaml
@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
--- a/test/conformance/chainsaw/background-only/cluster-policy/no-admission-report-deprecated/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/background-only/cluster-policy/no-admission-report-deprecated/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: no-admission-report
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
  - name: step-02
    try:
    - apply:
--- a/test/conformance/chainsaw/background-only/cluster-policy/no-admission-report-deprecated/policy-assert.yaml
+++ b/test/conformance/chainsaw/background-only/cluster-policy/no-admission-report-deprecated/policy-assert.yaml
@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
--- a/test/conformance/chainsaw/background-only/cluster-policy/no-admission-report/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/background-only/cluster-policy/no-admission-report/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: no-admission-report
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
  - name: step-02
    try:
    - apply:
--- a/test/conformance/chainsaw/background-only/cluster-policy/no-admission-report/policy-assert.yaml
+++ b/test/conformance/chainsaw/background-only/cluster-policy/no-admission-report/policy-assert.yaml
@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
--- a/test/conformance/chainsaw/background-only/cluster-policy/not-rejected-deprecated/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/background-only/cluster-policy/not-rejected-deprecated/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: not-rejected
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
  - name: step-02
    try:
    - apply:
--- a/test/conformance/chainsaw/background-only/cluster-policy/not-rejected-deprecated/policy-assert.yaml
+++ b/test/conformance/chainsaw/background-only/cluster-policy/not-rejected-deprecated/policy-assert.yaml
@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
--- a/test/conformance/chainsaw/background-only/cluster-policy/not-rejected/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/background-only/cluster-policy/not-rejected/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: not-rejected
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
  - name: step-02
    try:
    - apply:
--- a/test/conformance/chainsaw/background-only/cluster-policy/not-rejected/policy-assert.yaml
+++ b/test/conformance/chainsaw/background-only/cluster-policy/not-rejected/policy-assert.yaml
@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
--- a/test/conformance/chainsaw/background-only/policy/no-admission-event-deprecated/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/background-only/policy/no-admission-event-deprecated/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: no-admission-event
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
  - name: step-02
    try:
    - apply:
--- a/test/conformance/chainsaw/background-only/policy/no-admission-event-deprecated/policy-assert.yaml
+++ b/test/conformance/chainsaw/background-only/policy/no-admission-event-deprecated/policy-assert.yaml
@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
--- a/test/conformance/chainsaw/background-only/policy/no-admission-event/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/background-only/policy/no-admission-event/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: no-admission-event
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
  - name: step-02
    try:
    - apply:
--- a/test/conformance/chainsaw/background-only/policy/no-admission-event/policy-assert.yaml
+++ b/test/conformance/chainsaw/background-only/policy/no-admission-event/policy-assert.yaml
@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
--- a/test/conformance/chainsaw/background-only/policy/no-admission-report-deprecated/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/background-only/policy/no-admission-report-deprecated/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: no-admission-report
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
  - name: step-02
    try:
    - apply:
--- a/test/conformance/chainsaw/background-only/policy/no-admission-report-deprecated/policy-assert.yaml
+++ b/test/conformance/chainsaw/background-only/policy/no-admission-report-deprecated/policy-assert.yaml
@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
--- a/test/conformance/chainsaw/background-only/policy/no-admission-report/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/background-only/policy/no-admission-report/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: no-admission-report
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
  - name: step-02
    try:
    - apply:
--- a/test/conformance/chainsaw/background-only/policy/no-admission-report/policy-assert.yaml
+++ b/test/conformance/chainsaw/background-only/policy/no-admission-report/policy-assert.yaml
@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
--- a/test/conformance/chainsaw/background-only/policy/not-rejected-deprecated/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/background-only/policy/not-rejected-deprecated/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: not-rejected
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
  - name: step-02
    try:
    - apply:
--- a/test/conformance/chainsaw/background-only/policy/not-rejected-deprecated/policy-assert.yaml
+++ b/test/conformance/chainsaw/background-only/policy/not-rejected-deprecated/policy-assert.yaml
@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
--- a/test/conformance/chainsaw/background-only/policy/not-rejected/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/background-only/policy/not-rejected/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: not-rejected
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate
  - name: step-02
    try:
    - apply:
--- a/test/conformance/chainsaw/background-only/policy/not-rejected/policy-assert.yaml
+++ b/test/conformance/chainsaw/background-only/policy/not-rejected/policy-assert.yaml
@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: validate
-spec: {}
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
--- a/test/conformance/chainsaw/webhooks/all-scale/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/webhooks/all-scale/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: all-scale
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
  - name: step-02
    try:
    - assert:
--- a/test/conformance/chainsaw/webhooks/all-scale/policy-assert.yaml
+++ b/test/conformance/chainsaw/webhooks/all-scale/policy-assert.yaml
@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready
--- a/test/conformance/chainsaw/webhooks/clusterpolicy/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/webhooks/clusterpolicy/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: clusterpolicy
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
  - name: step-02
    try:
    - assert:
--- a/test/conformance/chainsaw/webhooks/clusterpolicy/policy-assert.yaml
+++ b/test/conformance/chainsaw/webhooks/clusterpolicy/policy-assert.yaml
@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready
--- a/test/conformance/chainsaw/webhooks/double-wildcard/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/webhooks/double-wildcard/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: double-wildcard
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
  - name: step-02
    try:
    - assert:
--- a/test/conformance/chainsaw/webhooks/double-wildcard/policy-assert.yaml
+++ b/test/conformance/chainsaw/webhooks/double-wildcard/policy-assert.yaml
@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready
--- a/test/conformance/chainsaw/webhooks/dyn-op-mutate-multiple/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/webhooks/dyn-op-mutate-multiple/chainsaw-test.yaml
@ -5,12 +5,27 @@ metadata:
  name: dyn-op-mutate-multiple
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: add-apparmor-annotations
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: add-annotation
  - name: step-02
    try:
    - assert:
--- a/test/conformance/chainsaw/webhooks/dyn-op-mutate-multiple/policy-assert.yaml
+++ b/test/conformance/chainsaw/webhooks/dyn-op-mutate-multiple/policy-assert.yaml
@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: add-apparmor-annotations
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready
--- a/test/conformance/chainsaw/webhooks/dyn-op-mutate/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/webhooks/dyn-op-mutate/chainsaw-test.yaml
@ -5,12 +5,20 @@ metadata:
  name: dyn-op-mutate
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: add-apparmor-annotations
  - name: step-02
    try:
    - assert:
--- a/test/conformance/chainsaw/webhooks/dyn-op-mutate/policy-assert.yaml
+++ b/test/conformance/chainsaw/webhooks/dyn-op-mutate/policy-assert.yaml
@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: add-apparmor-annotations
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready
--- a/test/conformance/chainsaw/webhooks/dyn-op-validate/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/webhooks/dyn-op-validate/chainsaw-test.yaml
@ -5,12 +5,20 @@ metadata:
  name: dyn-op-validate
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
  - name: step-02
    try:
    - assert:
--- a/test/conformance/chainsaw/webhooks/dyn-op-validate/policy-assert.yaml
+++ b/test/conformance/chainsaw/webhooks/dyn-op-validate/policy-assert.yaml
@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready
--- a/test/conformance/chainsaw/webhooks/only-pod/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/webhooks/only-pod/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: only-pod
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
  - name: step-02
    try:
    - assert:
--- a/test/conformance/chainsaw/webhooks/only-pod/policy-assert.yaml
+++ b/test/conformance/chainsaw/webhooks/only-pod/policy-assert.yaml
@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready
--- a/test/conformance/chainsaw/webhooks/pod-all-subresources/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/webhooks/pod-all-subresources/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: pod-all-subresources
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
  - name: step-02
    try:
    - assert:
--- a/test/conformance/chainsaw/webhooks/pod-all-subresources/policy-assert.yaml
+++ b/test/conformance/chainsaw/webhooks/pod-all-subresources/policy-assert.yaml
@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready
--- a/test/conformance/chainsaw/webhooks/pod-exec-subresource/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/webhooks/pod-exec-subresource/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: pod-exec-subresource
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: std-shell
  - name: step-02
    try:
    - assert:
--- a/test/conformance/chainsaw/webhooks/pod-exec-subresource/policy-assert.yaml
+++ b/test/conformance/chainsaw/webhooks/pod-exec-subresource/policy-assert.yaml
@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: std-shell
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready
--- a/test/conformance/chainsaw/webhooks/policy-clusterpolicy-namespaced-clusterscoped-resources/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/webhooks/policy-clusterpolicy-namespaced-clusterscoped-resources/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: policy-clusterpolicy-namespaced-clusterscoped-resources
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: clusterpolicy.yaml
-    - assert:
-        file: clusterpolicy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: clusterpolicy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
  - name: step-02
    try:
    - assert:
--- a/test/conformance/chainsaw/webhooks/policy-clusterpolicy-namespaced-clusterscoped-resources/clusterpolicy-assert.yaml
+++ b/test/conformance/chainsaw/webhooks/policy-clusterpolicy-namespaced-clusterscoped-resources/clusterpolicy-assert.yaml
@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready
--- a/test/conformance/chainsaw/webhooks/policy-clusterscope-resource/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/webhooks/policy-clusterscope-resource/chainsaw-test.yaml
@ -7,7 +7,7 @@ spec:
    - name: step-01
      try:
        - apply:
+            file: policy.yaml
            expect:
              - check:
                  ($error != null): true
-            file: policy.yaml
--- a/test/conformance/chainsaw/webhooks/policy-wildcard-resource/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/webhooks/policy-wildcard-resource/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: policy-wildcard-resource
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
  - name: step-02
    try:
    - assert:
--- a/test/conformance/chainsaw/webhooks/policy-wildcard-resource/policy-assert.yaml
+++ b/test/conformance/chainsaw/webhooks/policy-wildcard-resource/policy-assert.yaml
@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready
--- a/test/conformance/chainsaw/webhooks/policy/chainsaw-test.yaml
+++ b/test/conformance/chainsaw/webhooks/policy/chainsaw-test.yaml
@ -4,12 +4,20 @@ metadata:
  name: policy
 spec:
  steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: require-labels
  - name: step-02
    try:
    - assert:
--- a/test/conformance/chainsaw/webhooks/policy/policy-assert.yaml
+++ b/test/conformance/chainsaw/webhooks/policy/policy-assert.yaml
@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: Policy
-metadata:
-  name: require-labels
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready