chore: use more chainsaw step templates (#11293)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

test/conformance/chainsaw/rangeoperators/standard/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: standard
 spec:
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-value
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/rangeoperators/standard/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-value
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/chainsaw-test.yaml

@@ -4,16 +4,23 @@ metadata:
   name: sigstore-image-verification
 spec:
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: sigstore-image-verification
   - name: step-02
     try:
     - apply:
         file: pod.yaml
     - assert:
         file: pod-assert.yaml
-

test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: sigstore-image-verification
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
-

test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: multi-signatures
 spec:
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate-yaml
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate-yaml
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/verify-manifests/multi-signatures/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: multi-signatures
 spec:
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate-yaml
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verify-manifests/multi-signatures/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate-yaml
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: single-signature
 spec:
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate-yaml
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate-yaml
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/verify-manifests/single-signature/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: single-signature
 spec:
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate-yaml
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verify-manifests/single-signature/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate-yaml
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: validate-signatures
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-test.yaml

@@ -4,15 +4,23 @@ metadata:
   name: multiple-attestors
 spec:
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: chainsaw-step-01-apply-1.yaml
-    - assert:
-        file: chainsaw-step-01-assert-1.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: validate-signatures
   - name: step-02
     try:
     - apply:
-        file: chainsaw-step-02-apply-1.yaml
+        file: pod.yaml
     - assert:
-        file: chainsaw-step-02-assert-1.yaml
+        file: pod-assert.yaml

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: verify-image-with-multi-keys
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-test.yaml

@@ -7,8 +7,18 @@ spec:
   - name: step-01
     try:
     - apply:
-        file: chainsaw-step-01-apply-1.yaml
-    - apply:
-        file: chainsaw-step-01-apply-2.yaml
-    - assert:
-        file: chainsaw-step-01-assert-1.yaml
+        file: cm.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: verify-image-with-multi-keys

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: empty-image
 spec:
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: keyed-basic-policy
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: keyed-basic-policy
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy.yaml

@@ -1,4 +1,3 @@
----
 apiVersion: kyverno.io/v1
 kind: ClusterPolicy
 metadata:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-ready.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: image-verify-polset-failurepolicy-ignore
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: image-verify-polset-failurepolicy-ignore
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-ready.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: image-verify-polset-failurepolicy-ignore
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: image-verify-polset-failurepolicy-ignore
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/chainsaw-test.yaml

@@ -10,12 +10,20 @@ spec:
         file: crd.yaml
     - assert:
         file: crd-ready.yaml
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-ready.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: tasks-keyless
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: tasks-keyless
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/chainsaw-test.yaml

@@ -10,12 +10,20 @@ spec:
         file: crd.yaml
     - assert:
         file: crd-ready.yaml
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-ready.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: tasks-complex
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: tasks-complex
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/chainsaw-test.yaml

@@ -10,12 +10,20 @@ spec:
         file: crd.yaml
     - assert:
         file: crd-ready.yaml
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-ready.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: tasks-no-extractor
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: tasks-no-extractor
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/chainsaw-test.yaml

@@ -10,12 +10,20 @@ spec:
         file: crd.yaml
     - assert:
         file: crd-ready.yaml
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-ready.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: tasks-simple
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: tasks-simple
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: keyed-basic-ns-selector-policy
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-test.yaml

@@ -12,10 +12,20 @@ spec:
         file: chainsaw-step-01-apply-1.yaml
     - apply:
         file: chainsaw-step-01-apply-2.yaml
-    - apply:
-        file: chainsaw-step-01-apply-3.yaml
-    - assert:
-        file: chainsaw-step-01-assert-1.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: keyed-basic-ns-selector-policy
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: keyed-basic-policy
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-test.yaml

@@ -9,11 +9,21 @@ spec:
   - name: step-01
     try:
     - apply:
-        file: chainsaw-step-01-apply-1.yaml
-    - apply:
-        file: chainsaw-step-01-apply-2.yaml
-    - assert:
-        file: chainsaw-step-01-assert-1.yaml
+        file: ns.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: keyed-basic-policy
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: keyed-basic-policy
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-test.yaml

@@ -10,10 +10,20 @@ spec:
     try:
     - apply:
         file: chainsaw-step-01-apply-1.yaml
-    - apply:
-        file: chainsaw-step-01-apply-2.yaml
-    - assert:
-        file: chainsaw-step-01-assert-1.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: keyed-basic-policy
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: secret-in-keys
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-test.yaml

@@ -12,12 +12,24 @@ spec:
         file: permissions.yaml
     - apply:
         file: chainsaw-step-01-apply-1.yaml
-    - apply:
-        file: chainsaw-step-01-apply-2.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: step-01
+    try:
     - apply:
         file: chainsaw-step-01-apply-3.yaml
-    - assert:
-        file: chainsaw-step-01-assert-1.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: secret-in-keys
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: keyed-tsa-policy
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-test.yaml

@@ -10,10 +10,20 @@ spec:
     try:
     - apply:
         file: chainsaw-step-01-apply-1.yaml
-    - apply:
-        file: chainsaw-step-01-apply-2.yaml
-    - assert:
-        file: chainsaw-step-01-assert-1.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: keyed-tsa-policy
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-invalid-attestors-in-attestations
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/policy-assert.yaml

@@ -1,7 +0,0 @@
----
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-invalid-attestors-in-attestations
-  annotations:
-    pod-policies.kyverno.io/autogen-controllers: none

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: policy.yaml
-    - assert:
-        file: policy-assert.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-invalid-attestors-in-attestations
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/policy-assert.yaml

@@ -1,7 +0,0 @@
----
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-invalid-attestors-in-attestations
-  annotations:
-    pod-policies.kyverno.io/autogen-controllers: none

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-slsa-attestations-pass-1
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: keyless-attestations-multiple-subjects-1
 spec:
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: chainsaw-step-01-apply-1.yaml
-    - assert:
-        file: chainsaw-step-01-assert-1.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-slsa-attestations-pass-1
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-slsa-attestations-pass-2
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: keyless-attestations-multiple-subjects-2
 spec:
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: chainsaw-step-01-apply-1.yaml
-    - assert:
-        file: chainsaw-step-01-assert-1.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-slsa-attestations-pass-2
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-slsa-attestations-fail-1
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: keyless-attestations-multiple-subjects-3
 spec:
   steps:
-  - name: step-01
-    try:
-    - apply:
-        file: chainsaw-step-01-apply-1.yaml
-    - assert:
-        file: chainsaw-step-01-assert-1.yaml
+  - name: create policy
+    use:
+      template: ../../../../_step-templates/create-policy.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-slsa-attestations-fail-1
   - name: step-02
     try:
     - apply: