diff --git a/test/conformance/chainsaw/rangeoperators/standard/chainsaw-test.yaml b/test/conformance/chainsaw/rangeoperators/standard/chainsaw-test.yaml index cdb029138a..cfb4a58f82 100755 --- a/test/conformance/chainsaw/rangeoperators/standard/chainsaw-test.yaml +++ b/test/conformance/chainsaw/rangeoperators/standard/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: standard spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-value - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/rangeoperators/standard/policy-assert.yaml b/test/conformance/chainsaw/rangeoperators/standard/policy-assert.yaml deleted file mode 100644 index ddf55734a6..0000000000 --- a/test/conformance/chainsaw/rangeoperators/standard/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-value -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready \ No newline at end of file diff --git a/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/chainsaw-test.yaml b/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/chainsaw-test.yaml index f980db01e5..8abbf46b55 100755 --- a/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/chainsaw-test.yaml +++ b/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/chainsaw-test.yaml @@ -4,16 +4,23 @@ metadata: name: sigstore-image-verification spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: sigstore-image-verification - name: step-02 try: - apply: file: pod.yaml - assert: file: pod-assert.yaml - diff --git a/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/policy-assert.yaml b/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/policy-assert.yaml deleted file mode 100755 index 05883ad591..0000000000 --- a/test/conformance/chainsaw/sigstore-custom-tuf/sigstore-image-verification-test/policy-assert.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: sigstore-image-verification -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready - diff --git a/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/chainsaw-test.yaml b/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/chainsaw-test.yaml index cf0e1ba89a..dfe100a101 100755 --- a/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: multi-signatures spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: validate-yaml - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/policy-assert.yaml b/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/policy-assert.yaml deleted file mode 100644 index 582ac4e67a..0000000000 --- a/test/conformance/chainsaw/verify-manifests/multi-signatures(deprecated)/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: validate-yaml -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verify-manifests/multi-signatures/chainsaw-test.yaml b/test/conformance/chainsaw/verify-manifests/multi-signatures/chainsaw-test.yaml index cf0e1ba89a..dfe100a101 100755 --- a/test/conformance/chainsaw/verify-manifests/multi-signatures/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verify-manifests/multi-signatures/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: multi-signatures spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: validate-yaml - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verify-manifests/multi-signatures/policy-assert.yaml b/test/conformance/chainsaw/verify-manifests/multi-signatures/policy-assert.yaml deleted file mode 100644 index 582ac4e67a..0000000000 --- a/test/conformance/chainsaw/verify-manifests/multi-signatures/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: validate-yaml -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/chainsaw-test.yaml b/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/chainsaw-test.yaml index 8e0df5b1c6..0eb02ed19e 100755 --- a/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: single-signature spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: validate-yaml - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/policy-assert.yaml b/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/policy-assert.yaml deleted file mode 100644 index 582ac4e67a..0000000000 --- a/test/conformance/chainsaw/verify-manifests/single-signature(deprecated)/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: validate-yaml -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verify-manifests/single-signature/chainsaw-test.yaml b/test/conformance/chainsaw/verify-manifests/single-signature/chainsaw-test.yaml index 8e0df5b1c6..0eb02ed19e 100755 --- a/test/conformance/chainsaw/verify-manifests/single-signature/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verify-manifests/single-signature/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: single-signature spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: validate-yaml - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verify-manifests/single-signature/policy-assert.yaml b/test/conformance/chainsaw/verify-manifests/single-signature/policy-assert.yaml deleted file mode 100644 index 582ac4e67a..0000000000 --- a/test/conformance/chainsaw/verify-manifests/single-signature/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: validate-yaml -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index a0c2dc8a1b..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: validate-signatures -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-test.yaml index 70c208b243..1cf32e27fe 100644 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-test.yaml @@ -4,15 +4,23 @@ metadata: name: multiple-attestors spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: validate-signatures - name: step-02 try: - apply: - file: chainsaw-step-02-apply-1.yaml + file: pod.yaml - assert: - file: chainsaw-step-02-assert-1.yaml + file: pod-assert.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-02-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/pod-assert.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-02-assert-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/pod-assert.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-02-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/pod.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-02-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/pod.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/cornercases/multiple-attestors/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index 8719f9010a..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: verify-image-with-multi-keys -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-test.yaml index 108512d346..bcb307608f 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-test.yaml @@ -7,8 +7,18 @@ spec: - name: step-01 try: - apply: - file: chainsaw-step-01-apply-1.yaml - - apply: - file: chainsaw-step-01-apply-2.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + file: cm.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: verify-image-with-multi-keys diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/cm.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/cm.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-apply-2.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/chainsaw-step-01-apply-2.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/configmap-context-lookup/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/chainsaw-test.yaml index f37cce9efa..342dd00314 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: empty-image spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyed-basic-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy-assert.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy-assert.yaml deleted file mode 100644 index a2d2cc907e..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyed-basic-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy.yaml index cb050cba98..eaf8a0b53a 100644 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/empty-image/policy.yaml @@ -1,4 +1,3 @@ ---- apiVersion: kyverno.io/v1 kind: ClusterPolicy metadata: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/chainsaw-test.yaml index 837fe246df..f8cbe63eef 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: image-verify-polset-failurepolicy-ignore - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/policy-ready.yaml deleted file mode 100644 index cfdc4c1e1c..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success-deprecated/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: image-verify-polset-failurepolicy-ignore -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/chainsaw-test.yaml index 837fe246df..f8cbe63eef 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: image-verify-polset-failurepolicy-ignore - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/policy-ready.yaml deleted file mode 100644 index cfdc4c1e1c..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/failure-policy-test-noconfigmap-diffimage-success/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: image-verify-polset-failurepolicy-ignore -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/chainsaw-test.yaml index d2d0c43028..939730554c 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/chainsaw-test.yaml @@ -10,12 +10,20 @@ spec: file: crd.yaml - assert: file: crd-ready.yaml - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: tasks-keyless - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/policy-ready.yaml deleted file mode 100644 index 058180242b..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex-keyless/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: tasks-keyless -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/chainsaw-test.yaml index ee4f8eecbf..97b6b6494d 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/chainsaw-test.yaml @@ -10,12 +10,20 @@ spec: file: crd.yaml - assert: file: crd-ready.yaml - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: tasks-complex - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/policy-ready.yaml deleted file mode 100644 index b585ce2dc6..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-complex/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: tasks-complex -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/chainsaw-test.yaml index 45cccab4ce..62db6bc380 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/chainsaw-test.yaml @@ -10,12 +10,20 @@ spec: file: crd.yaml - assert: file: crd-ready.yaml - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: tasks-no-extractor - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/policy-ready.yaml deleted file mode 100644 index 098aa82821..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-none/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: tasks-no-extractor -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/chainsaw-test.yaml index 5ed09a3252..b5c2da35a4 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/chainsaw-test.yaml @@ -10,12 +10,20 @@ spec: file: crd.yaml - assert: file: crd-ready.yaml - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: tasks-simple - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/policy-ready.yaml deleted file mode 100644 index 567f022953..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/imageExtractors-simple/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: tasks-simple -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index fcd09f08dd..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyed-basic-ns-selector-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-test.yaml index 5f1caf9fc7..5c5bd3a756 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-test.yaml @@ -12,10 +12,20 @@ spec: file: chainsaw-step-01-apply-1.yaml - apply: file: chainsaw-step-01-apply-2.yaml - - apply: - file: chainsaw-step-01-apply-3.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyed-basic-ns-selector-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-step-01-apply-3.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/chainsaw-step-01-apply-3.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic-namespace-selector/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index a2d2cc907e..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyed-basic-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-test.yaml index 943451205a..6d3e34cb9b 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-test.yaml @@ -9,11 +9,21 @@ spec: - name: step-01 try: - apply: - file: chainsaw-step-01-apply-1.yaml - - apply: - file: chainsaw-step-01-apply-2.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + file: ns.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyed-basic-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/ns.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/ns.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-apply-2.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/chainsaw-step-01-apply-2.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-basic/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index a2d2cc907e..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyed-basic-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-test.yaml index 943451205a..ffa2b65fb0 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-test.yaml @@ -10,10 +10,20 @@ spec: try: - apply: file: chainsaw-step-01-apply-1.yaml - - apply: - file: chainsaw-step-01-apply-2.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyed-basic-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-step-01-apply-2.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/chainsaw-step-01-apply-2.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-oci11/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index ca9cef7de7..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: secret-in-keys -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-test.yaml index 422149e159..a50b9ceca4 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-test.yaml @@ -12,12 +12,24 @@ spec: file: permissions.yaml - apply: file: chainsaw-step-01-apply-1.yaml - - apply: - file: chainsaw-step-01-apply-2.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: step-01 + try: - apply: file: chainsaw-step-01-apply-3.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: secret-in-keys - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-step-01-apply-2.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/chainsaw-step-01-apply-2.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-secret/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index a10d015439..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyed-tsa-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-test.yaml index 943451205a..df3fff4553 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-test.yaml @@ -10,10 +10,20 @@ spec: try: - apply: file: chainsaw-step-01-apply-1.yaml - - apply: - file: chainsaw-step-01-apply-2.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyed-tsa-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-step-01-apply-2.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/chainsaw-step-01-apply-2.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyed-tsa/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/chainsaw-test.yaml index 6813da934e..a5540f7296 100644 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-invalid-attestors-in-attestations - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/policy-assert.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/policy-assert.yaml deleted file mode 100644 index 0556cd0c33..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-invalid-attestor/policy-assert.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-invalid-attestors-in-attestations - annotations: - pod-policies.kyverno.io/autogen-controllers: none diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/chainsaw-test.yaml index 6813da934e..a5540f7296 100644 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-invalid-attestors-in-attestations - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/policy-assert.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/policy-assert.yaml deleted file mode 100644 index 0556cd0c33..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestation-regexp/policy-assert.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-invalid-attestors-in-attestations - annotations: - pod-policies.kyverno.io/autogen-controllers: none diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index 0377e9a1d5..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-slsa-attestations-pass-1 -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-test.yaml index 6a51e3afd0..99676e597b 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: keyless-attestations-multiple-subjects-1 spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-slsa-attestations-pass-1 - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-1/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index ab5f8349bc..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-slsa-attestations-pass-2 -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-test.yaml index 038fcebec7..14c714d8f4 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: keyless-attestations-multiple-subjects-2 spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-slsa-attestations-pass-2 - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-2/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index cb2b58a3b7..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-slsa-attestations-fail-1 -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-test.yaml index c48adc2115..ce69aff27e 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: keyless-attestations-multiple-subjects-3 spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-slsa-attestations-fail-1 - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-3/policy.yaml