From 72dee76c066bc145ed0f996890db4dd13a5ec8d4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Charles-Edouard=20Br=C3=A9t=C3=A9ch=C3=A9?=
 <charled.breteche@gmail.com>
Date: Thu, 10 Nov 2022 10:36:08 +0100
Subject: [PATCH] fix: image extractor kuttl tests (#5293)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---
 .../00-crd.yaml                               |  6 +++
 .../01-policy.yaml                            |  6 +++
 .../02-task.yaml                              | 15 +++---
 .../03-assert.yaml                            |  7 ---
 .../99-cleanup.yaml                           |  4 --
 .../crd-ready.yaml                            |  4 ++
 .../imageExtractors-complex-keyless/crd.yaml  | 24 +++++++++
 .../{01-assert.yaml => policy-ready.yaml}     |  0
 .../{01-manifests.yaml => policy.yaml}        | 32 +----------
 .../imageExtractors-complex-keyless/task.yaml |  8 +++
 .../imageExtractors-complex/00-crd.yaml       |  6 +++
 .../imageExtractors-complex/01-policy.yaml    |  6 +++
 .../imageExtractors-complex/03-errors.yaml    |  1 -
 .../imageExtractors-complex/99-cleanup.yaml   |  4 --
 .../imageExtractors-complex/badtask.yaml      |  1 -
 .../imageExtractors-complex/crd-ready.yaml    |  4 ++
 .../standard/imageExtractors-complex/crd.yaml | 24 +++++++++
 .../{01-assert.yaml => policy-ready.yaml}     |  0
 .../{01-manifests.yaml => policy.yaml}        | 30 -----------
 .../standard/imageExtractors-none/00-crd.yaml |  6 +++
 .../imageExtractors-none/01-manifests.yaml    | 54 -------------------
 .../imageExtractors-none/01-policy.yaml       |  6 +++
 .../imageExtractors-none/02-task.yaml         | 15 +++---
 .../imageExtractors-none/99-cleanup.yaml      |  4 --
 .../imageExtractors-none/crd-ready.yaml       |  4 ++
 .../standard/imageExtractors-none/crd.yaml    | 24 +++++++++
 .../{01-assert.yaml => policy-ready.yaml}     |  0
 .../standard/imageExtractors-none/policy.yaml | 24 +++++++++
 .../{03-assert.yaml => task.yaml}             |  5 +-
 .../imageExtractors-simple/00-crd.yaml        |  6 +++
 .../imageExtractors-simple/01-policy.yaml     |  6 +++
 .../imageExtractors-simple/03-errors.yaml     |  5 --
 .../imageExtractors-simple/99-cleanup.yaml    |  4 --
 .../imageExtractors-simple/badtask.yaml       |  1 -
 .../imageExtractors-simple/crd-ready.yaml     |  4 ++
 .../standard/imageExtractors-simple/crd.yaml  | 24 +++++++++
 .../{01-assert.yaml => policy-ready.yaml}     |  0
 .../{01-manifests.yaml => policy.yaml}        | 31 -----------
 38 files changed, 209 insertions(+), 196 deletions(-)
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/00-crd.yaml
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/01-policy.yaml
 delete mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/03-assert.yaml
 delete mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/99-cleanup.yaml
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/crd-ready.yaml
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/crd.yaml
 rename test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/{01-assert.yaml => policy-ready.yaml} (100%)
 rename test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/{01-manifests.yaml => policy.yaml} (56%)
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/task.yaml
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/00-crd.yaml
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/01-policy.yaml
 delete mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/99-cleanup.yaml
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/crd-ready.yaml
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/crd.yaml
 rename test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/{01-assert.yaml => policy-ready.yaml} (100%)
 rename test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/{01-manifests.yaml => policy.yaml} (57%)
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/00-crd.yaml
 delete mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/01-manifests.yaml
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/01-policy.yaml
 delete mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/99-cleanup.yaml
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/crd-ready.yaml
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/crd.yaml
 rename test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/{01-assert.yaml => policy-ready.yaml} (100%)
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/policy.yaml
 rename test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/{03-assert.yaml => task.yaml} (53%)
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/00-crd.yaml
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/01-policy.yaml
 delete mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/03-errors.yaml
 delete mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/99-cleanup.yaml
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/crd-ready.yaml
 create mode 100644 test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/crd.yaml
 rename test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/{01-assert.yaml => policy-ready.yaml} (100%)
 rename test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/{01-manifests.yaml => policy.yaml} (54%)

diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/00-crd.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/00-crd.yaml
new file mode 100644
index 0000000000..3bb734b3d1
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/00-crd.yaml
@@ -0,0 +1,6 @@
+apiVersion: kuttl.dev/v1beta1
+kind: TestStep
+apply:
+- crd.yaml
+assert:
+- crd-ready.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/01-policy.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/01-policy.yaml
new file mode 100644
index 0000000000..57ffd5631d
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/01-policy.yaml
@@ -0,0 +1,6 @@
+apiVersion: kuttl.dev/v1beta1
+kind: TestStep
+apply:
+- policy.yaml
+assert:
+- policy-ready.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/02-task.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/02-task.yaml
index 797d2f4dd9..9906380e82 100644
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/02-task.yaml
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/02-task.yaml
@@ -1,9 +1,6 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: example-task-name
-  namespace: tekton-test
-spec:
-  steps:
-    - name: cosign
-      image: ghcr.io/sigstore/cosign/cosign@sha256:33a6a55d2f1354bc989b791974cf4ee00a900ab9e4e54b393962321758eee3c6
\ No newline at end of file
+apiVersion: kuttl.dev/v1beta1
+kind: TestStep
+apply:
+- task.yaml
+assert:
+- task.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/03-assert.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/03-assert.yaml
deleted file mode 100644
index 00a796d516..0000000000
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/03-assert.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: example-task-name
-  namespace: tekton-test
-  annotations:
-    kyverno.io/verify-images: '{"ghcr.io/sigstore/cosign/cosign@sha256:33a6a55d2f1354bc989b791974cf4ee00a900ab9e4e54b393962321758eee3c6":true}'
\ No newline at end of file
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/99-cleanup.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/99-cleanup.yaml
deleted file mode 100644
index 901039dff1..0000000000
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/99-cleanup.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-apiVersion: kuttl.dev/v1beta1
-kind: TestStep
-commands:
-  - command: kubectl delete -f 01-manifests.yaml,02-task.yaml --force --wait=true --ignore-not-found=true
\ No newline at end of file
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/crd-ready.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/crd-ready.yaml
new file mode 100644
index 0000000000..f592e6b44d
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/crd-ready.yaml
@@ -0,0 +1,4 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: tasks.tekton.dev
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/crd.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/crd.yaml
new file mode 100644
index 0000000000..145b9e0120
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/crd.yaml
@@ -0,0 +1,24 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: tasks.tekton.dev
+spec:
+  group: tekton.dev
+  preserveUnknownFields: false
+  versions:
+  - name: v1beta1
+    served: true
+    storage: true
+    schema:
+      openAPIV3Schema:
+        type: object
+        x-kubernetes-preserve-unknown-fields: true
+    subresources:
+      status: {}
+  names:
+    kind: Task
+    plural: tasks
+    categories:
+    - tekton
+    - tekton-pipelines
+  scope: Namespaced
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/01-assert.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/policy-ready.yaml
similarity index 100%
rename from test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/01-assert.yaml
rename to test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/policy-ready.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/01-manifests.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/policy.yaml
similarity index 56%
rename from test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/01-manifests.yaml
rename to test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/policy.yaml
index bf239d5aae..c9bd3c8d53 100644
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/01-manifests.yaml
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/policy.yaml
@@ -1,33 +1,3 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: tekton-test
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: tasks.tekton.dev
-spec:
-  group: tekton.dev
-  preserveUnknownFields: false
-  versions:
-  - name: v1beta1
-    served: true
-    storage: true
-    schema:
-      openAPIV3Schema:
-        type: object
-        x-kubernetes-preserve-unknown-fields: true
-    subresources:
-      status: {}
-  names:
-    kind: Task
-    plural: tasks
-    categories:
-    - tekton
-    - tekton-pipelines
-  scope: Namespaced
----
 apiVersion: kyverno.io/v1
 kind: ClusterPolicy
 metadata:
@@ -60,4 +30,4 @@ spec:
             subject: "https://github.com/*"
             rekor:
               url: https://rekor.sigstore.dev
-      required: true
\ No newline at end of file
+      required: true
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/task.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/task.yaml
new file mode 100644
index 0000000000..d70f7c06f2
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/task.yaml
@@ -0,0 +1,8 @@
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: example-task-name
+spec:
+  steps:
+    - name: cosign
+      image: ghcr.io/sigstore/cosign/cosign@sha256:33a6a55d2f1354bc989b791974cf4ee00a900ab9e4e54b393962321758eee3c6
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/00-crd.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/00-crd.yaml
new file mode 100644
index 0000000000..3bb734b3d1
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/00-crd.yaml
@@ -0,0 +1,6 @@
+apiVersion: kuttl.dev/v1beta1
+kind: TestStep
+apply:
+- crd.yaml
+assert:
+- crd-ready.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/01-policy.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/01-policy.yaml
new file mode 100644
index 0000000000..57ffd5631d
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/01-policy.yaml
@@ -0,0 +1,6 @@
+apiVersion: kuttl.dev/v1beta1
+kind: TestStep
+apply:
+- policy.yaml
+assert:
+- policy-ready.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/03-errors.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/03-errors.yaml
index de1b3f099b..7d55f37d42 100644
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/03-errors.yaml
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/03-errors.yaml
@@ -2,4 +2,3 @@ apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
   name: example-task-name
-  namespace: tekton-test
\ No newline at end of file
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/99-cleanup.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/99-cleanup.yaml
deleted file mode 100644
index 15c3c49051..0000000000
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/99-cleanup.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-apiVersion: kuttl.dev/v1beta1
-kind: TestStep
-commands:
-  - command: kubectl delete -f 01-manifests.yaml --force --wait=true --ignore-not-found=true
\ No newline at end of file
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/badtask.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/badtask.yaml
index 192d130a6b..e7e28c800c 100644
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/badtask.yaml
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/badtask.yaml
@@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
   name: example-task-name
-  namespace: tekton-test
 spec:
   steps:
     - name: ubuntu-example
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/crd-ready.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/crd-ready.yaml
new file mode 100644
index 0000000000..f592e6b44d
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/crd-ready.yaml
@@ -0,0 +1,4 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: tasks.tekton.dev
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/crd.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/crd.yaml
new file mode 100644
index 0000000000..145b9e0120
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/crd.yaml
@@ -0,0 +1,24 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: tasks.tekton.dev
+spec:
+  group: tekton.dev
+  preserveUnknownFields: false
+  versions:
+  - name: v1beta1
+    served: true
+    storage: true
+    schema:
+      openAPIV3Schema:
+        type: object
+        x-kubernetes-preserve-unknown-fields: true
+    subresources:
+      status: {}
+  names:
+    kind: Task
+    plural: tasks
+    categories:
+    - tekton
+    - tekton-pipelines
+  scope: Namespaced
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/01-assert.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/policy-ready.yaml
similarity index 100%
rename from test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/01-assert.yaml
rename to test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/policy-ready.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/01-manifests.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/policy.yaml
similarity index 57%
rename from test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/01-manifests.yaml
rename to test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/policy.yaml
index a14488e3a1..03bb24770a 100644
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/01-manifests.yaml
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-complex/policy.yaml
@@ -1,33 +1,3 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: tekton-test
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: tasks.tekton.dev
-spec:
-  group: tekton.dev
-  preserveUnknownFields: false
-  versions:
-  - name: v1beta1
-    served: true
-    storage: true
-    schema:
-      openAPIV3Schema:
-        type: object
-        x-kubernetes-preserve-unknown-fields: true
-    subresources:
-      status: {}
-  names:
-    kind: Task
-    plural: tasks
-    categories:
-    - tekton
-    - tekton-pipelines
-  scope: Namespaced
----
 apiVersion: kyverno.io/v1
 kind: ClusterPolicy
 metadata:
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/00-crd.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/00-crd.yaml
new file mode 100644
index 0000000000..3bb734b3d1
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/00-crd.yaml
@@ -0,0 +1,6 @@
+apiVersion: kuttl.dev/v1beta1
+kind: TestStep
+apply:
+- crd.yaml
+assert:
+- crd-ready.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/01-manifests.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/01-manifests.yaml
deleted file mode 100644
index b643df8eb3..0000000000
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/01-manifests.yaml
+++ /dev/null
@@ -1,54 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: tekton-test
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: tasks.tekton.dev
-spec:
-  group: tekton.dev
-  preserveUnknownFields: false
-  versions:
-  - name: v1beta1
-    served: true
-    storage: true
-    schema:
-      openAPIV3Schema:
-        type: object
-        x-kubernetes-preserve-unknown-fields: true
-    subresources:
-      status: {}
-  names:
-    kind: Task
-    plural: tasks
-    categories:
-    - tekton
-    - tekton-pipelines
-  scope: Namespaced
----
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: tasks-no-extractor
-spec:
-  validationFailureAction: enforce
-  rules:
-  - name: verify-images
-    match:
-      any:
-      - resources:
-          kinds:
-          - tekton.dev/v1beta1/Task
-    preconditions:
-    - key: "{{request.operation}}"
-      operator: NotEquals
-      value: DELETE
-    verifyImages:
-    - image: "*"
-      key: |-
-        -----BEGIN PUBLIC KEY-----
-        MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE8nXRh950IZbRj8Ra/N9sbqOPZrfM
-        5/KAQN0/KjHcorm/J5yctVd7iEcnessRQjU917hmKO6JWVGHpDguIyakZA==
-        -----END PUBLIC KEY----- 
\ No newline at end of file
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/01-policy.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/01-policy.yaml
new file mode 100644
index 0000000000..57ffd5631d
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/01-policy.yaml
@@ -0,0 +1,6 @@
+apiVersion: kuttl.dev/v1beta1
+kind: TestStep
+apply:
+- policy.yaml
+assert:
+- policy-ready.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/02-task.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/02-task.yaml
index 192d130a6b..9906380e82 100644
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/02-task.yaml
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/02-task.yaml
@@ -1,9 +1,6 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: example-task-name
-  namespace: tekton-test
-spec:
-  steps:
-    - name: ubuntu-example
-      image: ubuntu:bionic
+apiVersion: kuttl.dev/v1beta1
+kind: TestStep
+apply:
+- task.yaml
+assert:
+- task.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/99-cleanup.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/99-cleanup.yaml
deleted file mode 100644
index 901039dff1..0000000000
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/99-cleanup.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-apiVersion: kuttl.dev/v1beta1
-kind: TestStep
-commands:
-  - command: kubectl delete -f 01-manifests.yaml,02-task.yaml --force --wait=true --ignore-not-found=true
\ No newline at end of file
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/crd-ready.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/crd-ready.yaml
new file mode 100644
index 0000000000..f592e6b44d
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/crd-ready.yaml
@@ -0,0 +1,4 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: tasks.tekton.dev
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/crd.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/crd.yaml
new file mode 100644
index 0000000000..145b9e0120
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/crd.yaml
@@ -0,0 +1,24 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: tasks.tekton.dev
+spec:
+  group: tekton.dev
+  preserveUnknownFields: false
+  versions:
+  - name: v1beta1
+    served: true
+    storage: true
+    schema:
+      openAPIV3Schema:
+        type: object
+        x-kubernetes-preserve-unknown-fields: true
+    subresources:
+      status: {}
+  names:
+    kind: Task
+    plural: tasks
+    categories:
+    - tekton
+    - tekton-pipelines
+  scope: Namespaced
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/01-assert.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/policy-ready.yaml
similarity index 100%
rename from test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/01-assert.yaml
rename to test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/policy-ready.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/policy.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/policy.yaml
new file mode 100644
index 0000000000..5a1a35c1c9
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/policy.yaml
@@ -0,0 +1,24 @@
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: tasks-no-extractor
+spec:
+  validationFailureAction: enforce
+  rules:
+  - name: verify-images
+    match:
+      any:
+      - resources:
+          kinds:
+          - tekton.dev/v1beta1/Task
+    preconditions:
+    - key: "{{request.operation}}"
+      operator: NotEquals
+      value: DELETE
+    verifyImages:
+    - image: "*"
+      key: |-
+        -----BEGIN PUBLIC KEY-----
+        MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE8nXRh950IZbRj8Ra/N9sbqOPZrfM
+        5/KAQN0/KjHcorm/J5yctVd7iEcnessRQjU917hmKO6JWVGHpDguIyakZA==
+        -----END PUBLIC KEY-----
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/03-assert.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/task.yaml
similarity index 53%
rename from test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/03-assert.yaml
rename to test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/task.yaml
index de1b3f099b..e7e28c800c 100644
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/03-assert.yaml
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-none/task.yaml
@@ -2,4 +2,7 @@ apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
   name: example-task-name
-  namespace: tekton-test
\ No newline at end of file
+spec:
+  steps:
+    - name: ubuntu-example
+      image: ubuntu:bionic
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/00-crd.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/00-crd.yaml
new file mode 100644
index 0000000000..3bb734b3d1
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/00-crd.yaml
@@ -0,0 +1,6 @@
+apiVersion: kuttl.dev/v1beta1
+kind: TestStep
+apply:
+- crd.yaml
+assert:
+- crd-ready.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/01-policy.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/01-policy.yaml
new file mode 100644
index 0000000000..57ffd5631d
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/01-policy.yaml
@@ -0,0 +1,6 @@
+apiVersion: kuttl.dev/v1beta1
+kind: TestStep
+apply:
+- policy.yaml
+assert:
+- policy-ready.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/03-errors.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/03-errors.yaml
deleted file mode 100644
index de1b3f099b..0000000000
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/03-errors.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-apiVersion: tekton.dev/v1beta1
-kind: Task
-metadata:
-  name: example-task-name
-  namespace: tekton-test
\ No newline at end of file
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/99-cleanup.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/99-cleanup.yaml
deleted file mode 100644
index 15c3c49051..0000000000
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/99-cleanup.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-apiVersion: kuttl.dev/v1beta1
-kind: TestStep
-commands:
-  - command: kubectl delete -f 01-manifests.yaml --force --wait=true --ignore-not-found=true
\ No newline at end of file
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/badtask.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/badtask.yaml
index 192d130a6b..e7e28c800c 100644
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/badtask.yaml
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/badtask.yaml
@@ -2,7 +2,6 @@ apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
   name: example-task-name
-  namespace: tekton-test
 spec:
   steps:
     - name: ubuntu-example
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/crd-ready.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/crd-ready.yaml
new file mode 100644
index 0000000000..f592e6b44d
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/crd-ready.yaml
@@ -0,0 +1,4 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: tasks.tekton.dev
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/crd.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/crd.yaml
new file mode 100644
index 0000000000..145b9e0120
--- /dev/null
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/crd.yaml
@@ -0,0 +1,24 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: tasks.tekton.dev
+spec:
+  group: tekton.dev
+  preserveUnknownFields: false
+  versions:
+  - name: v1beta1
+    served: true
+    storage: true
+    schema:
+      openAPIV3Schema:
+        type: object
+        x-kubernetes-preserve-unknown-fields: true
+    subresources:
+      status: {}
+  names:
+    kind: Task
+    plural: tasks
+    categories:
+    - tekton
+    - tekton-pipelines
+  scope: Namespaced
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/01-assert.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/policy-ready.yaml
similarity index 100%
rename from test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/01-assert.yaml
rename to test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/policy-ready.yaml
diff --git a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/01-manifests.yaml b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/policy.yaml
similarity index 54%
rename from test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/01-manifests.yaml
rename to test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/policy.yaml
index b59928742a..c6d77d0cb9 100644
--- a/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/01-manifests.yaml
+++ b/test/conformance/kuttl/verifyImages/clusterpolicy/standard/imageExtractors-simple/policy.yaml
@@ -1,33 +1,3 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: tekton-test
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: tasks.tekton.dev
-spec:
-  group: tekton.dev
-  preserveUnknownFields: false
-  versions:
-  - name: v1beta1
-    served: true
-    storage: true
-    schema:
-      openAPIV3Schema:
-        type: object
-        x-kubernetes-preserve-unknown-fields: true
-    subresources:
-      status: {}
-  names:
-    kind: Task
-    plural: tasks
-    categories:
-    - tekton
-    - tekton-pipelines
-  scope: Namespaced
----
 apiVersion: kyverno.io/v1
 kind: ClusterPolicy
 metadata:
@@ -55,4 +25,3 @@ spec:
         MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE8nXRh950IZbRj8Ra/N9sbqOPZrfM
         5/KAQN0/KjHcorm/J5yctVd7iEcnessRQjU917hmKO6JWVGHpDguIyakZA==
         -----END PUBLIC KEY----- 
----