chore: use more chainsaw step templates (#11296)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-slsa-attestations-pass-4
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-4/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: keyless-attestations-multiple-subjects-4
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: chainsaw-step-01-apply-1.yaml
+      with:
-    - assert:
+        bindings:
-        file: chainsaw-step-01-assert-1.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-slsa-attestations-pass-4
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-slsa-attestations-pass-3
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-1/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: keyless-attestations-multiple-subjects-counts-1
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: chainsaw-step-01-apply-1.yaml
+      with:
-    - assert:
+        bindings:
-        file: chainsaw-step-01-assert-1.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-slsa-attestations-pass-3
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-slsa-attestations-fail-2
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-2/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: keyless-attestations-multiple-subjects-counts-2
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: chainsaw-step-01-apply-1.yaml
+      with:
-    - assert:
+        bindings:
-        file: chainsaw-step-01-assert-1.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-slsa-attestations-fail-2
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-slsa-attestations-fail-3
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-attestations-multiple-subjects-counts-3/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: keyless-attestations-multiple-subjects-counts-3
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: chainsaw-step-01-apply-1.yaml
+      with:
-    - assert:
+        bindings:
-        file: chainsaw-step-01-assert-1.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-slsa-attestations-fail-3
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-image-invalid-attestor/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-invalid-attestors
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-image-invalid-attestor/policy-assert.yaml

@@ -1,7 +0,0 @@
----
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: check-invalid-attestors
-  annotations:
-    pod-policies.kyverno.io/autogen-controllers: none

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: keyless-mutatedigest-verifydigest-required
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-mutatedigest-verifydigest-required/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: keyless-mutatedigest-verifydigest-required
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: chainsaw-step-01-apply-1.yaml
+      with:
-    - assert:
+        bindings:
-        file: chainsaw-step-01-assert-1.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: keyless-mutatedigest-verifydigest-required
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: keyless-nomutatedigest-noverifydigest-norequired
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-norequired/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: keyless-nomutatedigest-noverifydigest-norequired
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: chainsaw-step-01-apply-1.yaml
+      with:
-    - assert:
+        bindings:
-        file: chainsaw-step-01-assert-1.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: keyless-nomutatedigest-noverifydigest-norequired
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: keyless-nomutatedigest-noverifydigest-required
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/keyless-nomutatedigest-noverifydigest-required/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: keyless-nomutatedigest-noverifydigest-required
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: chainsaw-step-01-apply-1.yaml
+      with:
-    - assert:
+        bindings:
-        file: chainsaw-step-01-assert-1.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: keyless-nomutatedigest-noverifydigest-required
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-fail/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-ready.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-image-attestation
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-fail/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v2beta1
-kind: ClusterPolicy
-metadata:
-  name: check-image-attestation
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-pass/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-ready.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-image-attestation
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-pass/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v2beta1
-kind: ClusterPolicy
-metadata:
-  name: check-image-attestation
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-fail/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-ready.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-image-attestation
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-fail/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v2beta1
-kind: ClusterPolicy
-metadata:
-  name: check-image-attestation
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-pass/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-ready.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-image-attestation
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/multiple-image-verification-attestations-trivy-vex-pass/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v2beta1
-kind: ClusterPolicy
-metadata:
-  name: check-image-attestation
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: mutatedigest-policy
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/mutateDigest-noverifyDigest-norequired/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: mutatedigest-noverifydigest-norequired
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: chainsaw-step-01-apply-1.yaml
+      with:
-    - assert:
+        bindings:
-        file: chainsaw-step-01-assert-1.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: mutatedigest-policy
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/noconfigmap-diffimage-success/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-ready.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: image-verify-polset
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/noconfigmap-diffimage-success/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: image-verify-polset
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: mutatedigest-policy
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/nomutateDigest-verifyDigest-norequired/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: nomutatedigest-verifydigest-norequired
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: chainsaw-step-01-apply-1.yaml
+      with:
-    - assert:
+        bindings:
-        file: chainsaw-step-01-assert-1.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: mutatedigest-policy
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-attestation-verification/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-ready.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-image-attestation
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-attestation-verification/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v2beta1
-kind: ClusterPolicy
-metadata:
-  name: check-image-attestation
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/chainsaw-step-02-apply-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: secret-in-policy
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification-secret-from-policy/chainsaw-test.yaml

@@ -12,12 +12,20 @@ spec:
         file: chainsaw-step-01-apply-1.yaml
     - apply:
         file: chainsaw-step-01-apply-2.yaml
-    - apply:
+  - name: create policy
-        file: chainsaw-step-01-apply-3.yaml
+    use:
-  - name: step-02
+      template: ../../../../_step-templates/create-policy.yaml
-    try:
+      with:
-    - apply:
+        bindings:
-        file: chainsaw-step-02-apply-1.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: secret-in-policy
   - name: step-03
     try:
     - script:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-ready.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-image-notary
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/notary-image-verification/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v2beta1
-kind: ClusterPolicy
-metadata:
-  name: check-image-notary
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/rollback-image-verification/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-ready.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: check-image
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/rollback-image-verification/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v2beta1
-kind: ClusterPolicy
-metadata:
-  name: check-image
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-regexp/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: sigstore-attestation-verification-regexp
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: sigstore-attestation-verification-regexp
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-regexp/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: sigstore-attestation-verification-regexp
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-test/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: sigstore-attestation-verification
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: sigstore-attestation-verification
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-attestation-verification-test/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: sigstore-attestation-verification
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
-

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-image-verification-test/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: sigstore-image-verification
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: sigstore-image-verification
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/sigstore-image-verification-test/policy-assert.yaml

@@ -1,10 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: sigstore-image-verification
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready
-

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/skip-image-reference/chainsaw-test.yaml

@@ -6,12 +6,20 @@ spec:
   timeouts:
     delete: 2m
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-ready.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: verify-exclude-refs
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/skip-image-reference/policy-ready.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v2beta1
-kind: ClusterPolicy
-metadata:
-  name: verify-exclude-refs
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/update-multi-containers/chainsaw-test.yaml

@@ -4,12 +4,20 @@ metadata:
   name: update-multi-containers
 spec:
   steps:
-  - name: step-01
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: policy.yaml
+      with:
-    - assert:
+        bindings:
-        file: policy-assert.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: verify-image-signature
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/update-multi-containers/policy-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v2beta1
-kind: ClusterPolicy
-metadata:
-  name: verify-image-signature
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: keyed-basic-policy
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-audit/chainsaw-test.yaml

@@ -9,11 +9,21 @@ spec:
   - name: step-01
     try:
     - apply:
-        file: chainsaw-step-01-apply-1.yaml
+        file: ns.yaml
-    - apply:
+  - name: create policy
-        file: chainsaw-step-01-apply-2.yaml
+    use:
-    - assert:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: chainsaw-step-01-assert-1.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: keyed-basic-policy
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-step-01-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: keyed-basic-policy
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-basic/chainsaw-test.yaml

@@ -9,11 +9,21 @@ spec:
   - name: step-01
     try:
     - apply:
-        file: chainsaw-step-01-apply-1.yaml
+        file: ns.yaml
-    - apply:
+  - name: create policy
-        file: chainsaw-step-01-apply-2.yaml
+    use:
-    - assert:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: chainsaw-step-01-assert-1.yaml
+      with:
+        bindings:
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: keyed-basic-policy
   - name: step-02
     try:
     - apply:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-step-02-assert-1.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: keyed-basic-policy
-status:
-  conditions:
-  - reason: Succeeded
-    status: "True"
-    type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/verify-image-background-existing/chainsaw-test.yaml

@@ -9,17 +9,25 @@ spec:
   - name: step-01
     try:
     - apply:
-        file: chainsaw-step-01-apply-1.yaml
+        file: ns.yaml
     - apply:
         file: chainsaw-step-01-apply-2.yaml
     - assert:
         file: chainsaw-step-01-assert-1.yaml
-  - name: step-02
+  - name: create policy
-    try:
+    use:
-    - apply:
+      template: ../../../../_step-templates/create-policy.yaml
-        file: chainsaw-step-02-apply-1.yaml
+      with:
-    - assert:
+        bindings:
-        file: chainsaw-step-02-assert-1.yaml
+        - name: file
+          value: policy.yaml
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: keyed-basic-policy
   - name: step-03
     try:
     - assert:

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/chainsaw-test.yaml

@@ -6,21 +6,34 @@ spec:
   timeouts:
     delete: 2m
   steps:
-    - name: step-01
+  - name: step-01
-      try:
+    try:
-        - apply:
+      - apply:
-            file: ns.yaml
+          file: ns.yaml
-        - apply:
+  - name: create policy
-            file: mut-cpol.yaml
+    use:
-        - assert:
+      template: ../../../../_step-templates/create-policy.yaml
-            file: mut-cpol-assert.yaml
+      with:
-        - apply:
+        bindings:
-            file: img-cpol.yaml
+        - name: file
-        - assert:
+          value: policy.yaml
-            file: img-cpol-assert.yaml
+  - name: wait policy ready
-    - name: step-02
+    use:
-      try:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
-        - apply:
+      with:
-            file: test-pod.yaml
+        bindings:
-        - assert:
+        - name: name
-            file: test-pod-assert.yaml
+          value: with-mutation-img
+  - name: wait policy ready
+    use:
+      template: ../../../../_step-templates/cluster-policy-ready.yaml
+      with:
+        bindings:
+        - name: name
+          value: with-mutation-mut
+  - name: step-02
+    try:
+      - apply:
+          file: test-pod.yaml
+      - assert:
+          file: test-pod-assert.yaml

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/img-cpol-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: with-mutation-img
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/mut-cpol-assert.yaml

@@ -1,9 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: with-mutation-mut
-status:
-  conditions:
-    - reason: Succeeded
-      status: "True"
-      type: Ready

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/mut-cpol.yaml

@@ -1,22 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: with-mutation-mut
-spec:
-  background: false
-  failurePolicy: Fail
-  rules:
-    - match:
-        any:
-          - resources:
-              kinds:
-                - Pod
-      name: with-mutation-rule
-      mutate:
-        patchStrategicMerge:
-          spec:
-            containers:
-              - (name): test-secret
-                image: "ghcr.io/kyverno/test-verify-image:signed"
-  validationFailureAction: Enforce
-  webhookTimeoutSeconds: 30

test/conformance/chainsaw/verifyImages/clusterpolicy/standard/with-mutation/policy.yaml

@@ -28,3 +28,26 @@ spec:
             - ghcr.io/kyverno/test-verify-image:*
   validationFailureAction: Enforce
   webhookTimeoutSeconds: 30
+---
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: with-mutation-mut
+spec:
+  background: false
+  failurePolicy: Fail
+  rules:
+    - match:
+        any:
+          - resources:
+              kinds:
+                - Pod
+      name: with-mutation-rule
+      mutate:
+        patchStrategicMerge:
+          spec:
+            containers:
+              - (name): test-secret
+                image: "ghcr.io/kyverno/test-verify-image:signed"
+  validationFailureAction: Enforce
+  webhookTimeoutSeconds: 30