From 97f2d25aaaab8536baa72cde17e45ed4b9610d97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Charles-Edouard=20Br=C3=A9t=C3=A9ch=C3=A9?= Date: Thu, 3 Oct 2024 08:10:11 +0200 Subject: [PATCH] chore: use more chainsaw step templates (#11296) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Charles-Edouard Brétéché --- .../chainsaw-step-01-assert-1.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- ...insaw-step-01-apply-1.yaml => policy.yaml} | 0 .../chainsaw-step-01-assert-1.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- ...insaw-step-01-apply-1.yaml => policy.yaml} | 0 .../chainsaw-step-01-assert-1.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- ...insaw-step-01-apply-1.yaml => policy.yaml} | 0 .../chainsaw-step-01-assert-1.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- ...insaw-step-01-apply-1.yaml => policy.yaml} | 0 .../chainsaw-test.yaml | 20 +++++--- .../policy-assert.yaml | 7 --- .../chainsaw-step-01-assert-1.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- ...insaw-step-01-apply-1.yaml => policy.yaml} | 0 .../chainsaw-step-01-assert-1.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- ...insaw-step-01-apply-1.yaml => policy.yaml} | 0 .../chainsaw-step-01-assert-1.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- ...insaw-step-01-apply-1.yaml => policy.yaml} | 0 .../chainsaw-test.yaml | 20 +++++--- .../policy-ready.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- .../policy-ready.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- .../policy-ready.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- .../policy-ready.yaml | 9 ---- .../chainsaw-step-01-assert-1.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- ...insaw-step-01-apply-1.yaml => policy.yaml} | 0 .../chainsaw-test.yaml | 20 +++++--- .../policy-ready.yaml | 9 ---- .../chainsaw-step-01-assert-1.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- ...insaw-step-01-apply-1.yaml => policy.yaml} | 0 .../chainsaw-test.yaml | 20 +++++--- .../policy-ready.yaml | 9 ---- .../chainsaw-step-02-apply-1.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- ...insaw-step-01-apply-3.yaml => policy.yaml} | 0 .../chainsaw-test.yaml | 20 +++++--- .../policy-ready.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- .../policy-ready.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- .../policy-assert.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- .../policy-assert.yaml | 10 ---- .../chainsaw-test.yaml | 20 +++++--- .../policy-assert.yaml | 10 ---- .../skip-image-reference/chainsaw-test.yaml | 20 +++++--- .../skip-image-reference/policy-ready.yaml | 9 ---- .../chainsaw-test.yaml | 20 +++++--- .../policy-assert.yaml | 9 ---- .../chainsaw-step-01-assert-1.yaml | 9 ---- .../chainsaw-test.yaml | 20 ++++++-- ...{chainsaw-step-01-apply-1.yaml => ns.yaml} | 0 ...insaw-step-01-apply-2.yaml => policy.yaml} | 0 .../chainsaw-step-01-assert-1.yaml | 9 ---- .../chainsaw-test.yaml | 20 ++++++-- ...{chainsaw-step-01-apply-1.yaml => ns.yaml} | 0 ...insaw-step-01-apply-2.yaml => policy.yaml} | 0 .../chainsaw-step-02-assert-1.yaml | 9 ---- .../chainsaw-test.yaml | 22 ++++++--- ...{chainsaw-step-01-apply-1.yaml => ns.yaml} | 0 ...insaw-step-02-apply-1.yaml => policy.yaml} | 0 .../standard/with-mutation/chainsaw-test.yaml | 49 ++++++++++++------- .../with-mutation/img-cpol-assert.yaml | 9 ---- .../with-mutation/mut-cpol-assert.yaml | 9 ---- .../standard/with-mutation/mut-cpol.yaml | 22 --------- .../{img-cpol.yaml => policy.yaml} | 23 +++++++++ 75 files changed, 435 insertions(+), 462 deletions(-) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/{chainsaw-step-01-apply-1.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/{chainsaw-step-01-apply-1.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/{chainsaw-step-01-apply-1.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/{chainsaw-step-01-apply-1.yaml => policy.yaml} (100%) delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-image-invalid-attestor/policy-assert.yaml delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/{chainsaw-step-01-apply-1.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/{chainsaw-step-01-apply-1.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/{chainsaw-step-01-apply-1.yaml => policy.yaml} (100%) delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-fail/policy-ready.yaml delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-pass/policy-ready.yaml delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-fail/policy-ready.yaml delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-pass/policy-ready.yaml delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/{chainsaw-step-01-apply-1.yaml => policy.yaml} (100%) delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/noconfigmap-diffimage-success/policy-ready.yaml delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/{chainsaw-step-01-apply-1.yaml => policy.yaml} (100%) delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-attestation-verification/policy-ready.yaml delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/chainsaw-step-02-apply-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/{chainsaw-step-01-apply-3.yaml => policy.yaml} (100%) delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification/policy-ready.yaml delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/rollback-image-verification/policy-ready.yaml delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-regexp/policy-assert.yaml delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-test/policy-assert.yaml delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-image-verification-test/policy-assert.yaml delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/skip-image-reference/policy-ready.yaml delete mode 100644 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/update-multi-containers/policy-assert.yaml delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/{chainsaw-step-01-apply-1.yaml => ns.yaml} (100%) rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/{chainsaw-step-01-apply-2.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-step-01-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/{chainsaw-step-01-apply-1.yaml => ns.yaml} (100%) rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/{chainsaw-step-01-apply-2.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-step-02-assert-1.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/{chainsaw-step-01-apply-1.yaml => ns.yaml} (100%) rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/{chainsaw-step-02-apply-1.yaml => policy.yaml} (100%) delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/img-cpol-assert.yaml delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/mut-cpol-assert.yaml delete mode 100755 test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/mut-cpol.yaml rename test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/{img-cpol.yaml => policy.yaml} (63%) diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index e61e72b07b..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-slsa-attestations-pass-4 -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/chainsaw-test.yaml index 23b6254f84..5176ebd77e 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: keyless-attestations-multiple-subjects-4 spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-slsa-attestations-pass-4 - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index 73fe2f59e3..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-slsa-attestations-pass-3 -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/chainsaw-test.yaml index df78e6a4e7..ac34f49c33 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: keyless-attestations-multiple-subjects-counts-1 spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-slsa-attestations-pass-3 - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index 05b4f2c4d8..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-slsa-attestations-fail-2 -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/chainsaw-test.yaml index e5ce7fa29b..8acce39632 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: keyless-attestations-multiple-subjects-counts-2 spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-slsa-attestations-fail-2 - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index 1df5237d8d..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-slsa-attestations-fail-3 -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/chainsaw-test.yaml index 94bd76eaac..c548171e31 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: keyless-attestations-multiple-subjects-counts-3 spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-slsa-attestations-fail-3 - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-image-invalid-attestor/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-image-invalid-attestor/chainsaw-test.yaml index 1eef4164af..186493bfe8 100644 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-image-invalid-attestor/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-image-invalid-attestor/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-invalid-attestors - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-image-invalid-attestor/policy-assert.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-image-invalid-attestor/policy-assert.yaml deleted file mode 100644 index 8d90e075d1..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-image-invalid-attestor/policy-assert.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: check-invalid-attestors - annotations: - pod-policies.kyverno.io/autogen-controllers: none diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index efc7fb59b4..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyless-mutatedigest-verifydigest-required -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/chainsaw-test.yaml index fcee27d090..91ea392e6d 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: keyless-mutatedigest-verifydigest-required spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyless-mutatedigest-verifydigest-required - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index 1ef915c783..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyless-nomutatedigest-noverifydigest-norequired -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/chainsaw-test.yaml index 9427bb41f3..adfd8244b4 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: keyless-nomutatedigest-noverifydigest-norequired spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyless-nomutatedigest-noverifydigest-norequired - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index 090b115c1b..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyless-nomutatedigest-noverifydigest-required -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/chainsaw-test.yaml index 5bc005d473..bbc065fb06 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: keyless-nomutatedigest-noverifydigest-required spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyless-nomutatedigest-noverifydigest-required - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-fail/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-fail/chainsaw-test.yaml index 116c40d2b1..b87f86d1b3 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-fail/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-fail/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-image-attestation - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-fail/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-fail/policy-ready.yaml deleted file mode 100644 index 83c51e7057..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-fail/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v2beta1 -kind: ClusterPolicy -metadata: - name: check-image-attestation -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready \ No newline at end of file diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-pass/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-pass/chainsaw-test.yaml index b5c79acaa8..08912c9f20 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-pass/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-pass/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-image-attestation - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-pass/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-pass/policy-ready.yaml deleted file mode 100644 index 83c51e7057..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-pass/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v2beta1 -kind: ClusterPolicy -metadata: - name: check-image-attestation -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready \ No newline at end of file diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-fail/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-fail/chainsaw-test.yaml index 5c00052d7f..09a9b19bc8 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-fail/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-fail/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-image-attestation - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-fail/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-fail/policy-ready.yaml deleted file mode 100644 index 83c51e7057..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-fail/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v2beta1 -kind: ClusterPolicy -metadata: - name: check-image-attestation -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready \ No newline at end of file diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-pass/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-pass/chainsaw-test.yaml index 9a2b59ef4d..ae003f345c 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-pass/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-pass/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-image-attestation - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-pass/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-pass/policy-ready.yaml deleted file mode 100644 index 83c51e7057..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-pass/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v2beta1 -kind: ClusterPolicy -metadata: - name: check-image-attestation -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready \ No newline at end of file diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index 3a68a73a0b..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: mutatedigest-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/chainsaw-test.yaml index d200cc79ce..b83aa34590 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: mutatedigest-noverifydigest-norequired spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: mutatedigest-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/noconfigmap-diffimage-success/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/noconfigmap-diffimage-success/chainsaw-test.yaml index a7fd63eb92..b9caba9a82 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/noconfigmap-diffimage-success/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/noconfigmap-diffimage-success/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: image-verify-polset - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/noconfigmap-diffimage-success/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/noconfigmap-diffimage-success/policy-ready.yaml deleted file mode 100644 index cc9949b4f2..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/noconfigmap-diffimage-success/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: image-verify-polset -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index 3a68a73a0b..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: mutatedigest-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/chainsaw-test.yaml index 6973b11b79..5c726c8657 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: nomutatedigest-verifydigest-norequired spec: steps: - - name: step-01 - try: - - apply: - file: chainsaw-step-01-apply-1.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: mutatedigest-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-attestation-verification/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-attestation-verification/chainsaw-test.yaml index f7c3a1fabd..dc09d8e5fd 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-attestation-verification/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-attestation-verification/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-image-attestation - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-attestation-verification/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-attestation-verification/policy-ready.yaml deleted file mode 100644 index 83c51e7057..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-attestation-verification/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v2beta1 -kind: ClusterPolicy -metadata: - name: check-image-attestation -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready \ No newline at end of file diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/chainsaw-step-02-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/chainsaw-step-02-apply-1.yaml deleted file mode 100755 index 7120012a26..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/chainsaw-step-02-apply-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: secret-in-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/chainsaw-test.yaml index 08a7dc43a5..5a862f92e7 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/chainsaw-test.yaml @@ -12,12 +12,20 @@ spec: file: chainsaw-step-01-apply-1.yaml - apply: file: chainsaw-step-01-apply-2.yaml - - apply: - file: chainsaw-step-01-apply-3.yaml - - name: step-02 - try: - - apply: - file: chainsaw-step-02-apply-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: secret-in-policy - name: step-03 try: - script: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/chainsaw-step-01-apply-3.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/chainsaw-step-01-apply-3.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification/chainsaw-test.yaml index 7586fac33d..bcd57261f0 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-image-notary - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification/policy-ready.yaml deleted file mode 100644 index b3ad396d26..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v2beta1 -kind: ClusterPolicy -metadata: - name: check-image-notary -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready \ No newline at end of file diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/rollback-image-verification/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/rollback-image-verification/chainsaw-test.yaml index 8eabe35a9e..4a29693bd6 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/rollback-image-verification/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/rollback-image-verification/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: check-image - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/rollback-image-verification/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/rollback-image-verification/policy-ready.yaml deleted file mode 100644 index b4fc505a22..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/rollback-image-verification/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v2beta1 -kind: ClusterPolicy -metadata: - name: check-image -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready \ No newline at end of file diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-regexp/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-regexp/chainsaw-test.yaml index 2110e2eadb..84ab448fb3 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-regexp/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-regexp/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: sigstore-attestation-verification-regexp spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: sigstore-attestation-verification-regexp - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-regexp/policy-assert.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-regexp/policy-assert.yaml deleted file mode 100755 index 3ebf4fa6a3..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-regexp/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: sigstore-attestation-verification-regexp -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-test/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-test/chainsaw-test.yaml index d7ed461144..f98570c6e2 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-test/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-test/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: sigstore-attestation-verification spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: sigstore-attestation-verification - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-test/policy-assert.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-test/policy-assert.yaml deleted file mode 100755 index 2c0e207bd0..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-test/policy-assert.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: sigstore-attestation-verification -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready - diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-image-verification-test/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-image-verification-test/chainsaw-test.yaml index f980db01e5..e860131914 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-image-verification-test/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-image-verification-test/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: sigstore-image-verification spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: sigstore-image-verification - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-image-verification-test/policy-assert.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-image-verification-test/policy-assert.yaml deleted file mode 100755 index 05883ad591..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-image-verification-test/policy-assert.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: sigstore-image-verification -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready - diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/skip-image-reference/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/skip-image-reference/chainsaw-test.yaml index 345ed2fd1f..525f3dfab4 100644 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/skip-image-reference/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/skip-image-reference/chainsaw-test.yaml @@ -6,12 +6,20 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-ready.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: verify-exclude-refs - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/skip-image-reference/policy-ready.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/skip-image-reference/policy-ready.yaml deleted file mode 100644 index 56444a2e18..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/skip-image-reference/policy-ready.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v2beta1 -kind: ClusterPolicy -metadata: - name: verify-exclude-refs -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready \ No newline at end of file diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/update-multi-containers/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/update-multi-containers/chainsaw-test.yaml index 7fc4f6e314..a85937a60a 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/update-multi-containers/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/update-multi-containers/chainsaw-test.yaml @@ -4,12 +4,20 @@ metadata: name: update-multi-containers spec: steps: - - name: step-01 - try: - - apply: - file: policy.yaml - - assert: - file: policy-assert.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: verify-image-signature - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/update-multi-containers/policy-assert.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/update-multi-containers/policy-assert.yaml deleted file mode 100644 index 5a37fb4321..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/update-multi-containers/policy-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v2beta1 -kind: ClusterPolicy -metadata: - name: verify-image-signature -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready \ No newline at end of file diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index a2d2cc907e..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyed-basic-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-test.yaml index b817f34ad3..627cf320a8 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-test.yaml @@ -9,11 +9,21 @@ spec: - name: step-01 try: - apply: - file: chainsaw-step-01-apply-1.yaml - - apply: - file: chainsaw-step-01-apply-2.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + file: ns.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyed-basic-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/ns.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/ns.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-step-01-apply-2.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-step-01-apply-2.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-step-01-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-step-01-assert-1.yaml deleted file mode 100755 index a2d2cc907e..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-step-01-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyed-basic-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-test.yaml index 6cced9946c..9169bb3fa5 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-test.yaml @@ -9,11 +9,21 @@ spec: - name: step-01 try: - apply: - file: chainsaw-step-01-apply-1.yaml - - apply: - file: chainsaw-step-01-apply-2.yaml - - assert: - file: chainsaw-step-01-assert-1.yaml + file: ns.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyed-basic-policy - name: step-02 try: - apply: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/ns.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/ns.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-step-01-apply-2.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-step-01-apply-2.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-step-02-assert-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-step-02-assert-1.yaml deleted file mode 100755 index a2d2cc907e..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-step-02-assert-1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: keyed-basic-policy -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-test.yaml index f0ccb3ec56..fa6fde463a 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-test.yaml @@ -9,17 +9,25 @@ spec: - name: step-01 try: - apply: - file: chainsaw-step-01-apply-1.yaml + file: ns.yaml - apply: file: chainsaw-step-01-apply-2.yaml - assert: file: chainsaw-step-01-assert-1.yaml - - name: step-02 - try: - - apply: - file: chainsaw-step-02-apply-1.yaml - - assert: - file: chainsaw-step-02-assert-1.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: keyed-basic-policy - name: step-03 try: - assert: diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-step-01-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/ns.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-step-01-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/ns.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-step-02-apply-1.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/policy.yaml similarity index 100% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-step-02-apply-1.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/policy.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/chainsaw-test.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/chainsaw-test.yaml index 30ac0d45e7..9a1bec94f0 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/chainsaw-test.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/chainsaw-test.yaml @@ -6,21 +6,34 @@ spec: timeouts: delete: 2m steps: - - name: step-01 - try: - - apply: - file: ns.yaml - - apply: - file: mut-cpol.yaml - - assert: - file: mut-cpol-assert.yaml - - apply: - file: img-cpol.yaml - - assert: - file: img-cpol-assert.yaml - - name: step-02 - try: - - apply: - file: test-pod.yaml - - assert: - file: test-pod-assert.yaml + - name: step-01 + try: + - apply: + file: ns.yaml + - name: create policy + use: + template: ../../../../_step-templates/create-policy.yaml + with: + bindings: + - name: file + value: policy.yaml + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: with-mutation-img + - name: wait policy ready + use: + template: ../../../../_step-templates/cluster-policy-ready.yaml + with: + bindings: + - name: name + value: with-mutation-mut + - name: step-02 + try: + - apply: + file: test-pod.yaml + - assert: + file: test-pod-assert.yaml diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/img-cpol-assert.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/img-cpol-assert.yaml deleted file mode 100755 index a1e604427d..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/img-cpol-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: with-mutation-img -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/mut-cpol-assert.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/mut-cpol-assert.yaml deleted file mode 100755 index 8498e5fe2e..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/mut-cpol-assert.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: with-mutation-mut -status: - conditions: - - reason: Succeeded - status: "True" - type: Ready diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/mut-cpol.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/mut-cpol.yaml deleted file mode 100755 index 676f7a0731..0000000000 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/mut-cpol.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: with-mutation-mut -spec: - background: false - failurePolicy: Fail - rules: - - match: - any: - - resources: - kinds: - - Pod - name: with-mutation-rule - mutate: - patchStrategicMerge: - spec: - containers: - - (name): test-secret - image: "ghcr.io/kyverno/test-verify-image:signed" - validationFailureAction: Enforce - webhookTimeoutSeconds: 30 diff --git a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/img-cpol.yaml b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/policy.yaml similarity index 63% rename from test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/img-cpol.yaml rename to test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/policy.yaml index f4822b3bbb..1e2b3cf7e1 100755 --- a/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/img-cpol.yaml +++ b/test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/policy.yaml @@ -28,3 +28,26 @@ spec: - ghcr.io/kyverno/test-verify-image:* validationFailureAction: Enforce webhookTimeoutSeconds: 30 +--- +apiVersion: kyverno.io/v1 +kind: ClusterPolicy +metadata: + name: with-mutation-mut +spec: + background: false + failurePolicy: Fail + rules: + - match: + any: + - resources: + kinds: + - Pod + name: with-mutation-rule + mutate: + patchStrategicMerge: + spec: + containers: + - (name): test-secret + image: "ghcr.io/kyverno/test-verify-image:signed" + validationFailureAction: Enforce + webhookTimeoutSeconds: 30