diff --git a/pkg/engine/validation_test.go b/pkg/engine/validation_test.go index 9dc487ded8..e35a6a6043 100644 --- a/pkg/engine/validation_test.go +++ b/pkg/engine/validation_test.go @@ -1817,8 +1817,8 @@ func TestValidate_image_tag_fail(t *testing.T) { resourceUnstructured, err := ConvertToUnstructured(rawResource) assert.NilError(t, err) msgs := []string{ - "Validation rule 'validate-tag' succesfully validated", - "Validation rule 'validate-latest' failed at '/spec/containers/0/imagePullPolicy/' for resource Pod//myapp-pod. imagePullPolicy 'Always' required with tag 'latest'.", + "Validation rule 'validate-tag' succeeded for Pod//myapp-pod.", + "Validation error: imagePullPolicy 'Always' required with tag 'latest'\nValidation rule 'validate-latest' failed at path '/spec/containers/0/imagePullPolicy/' for Pod//myapp-pod.", } er := Validate(policy, *resourceUnstructured) for index, r := range er.PolicyResponse.Rules { @@ -1915,8 +1915,8 @@ func TestValidate_image_tag_pass(t *testing.T) { resourceUnstructured, err := ConvertToUnstructured(rawResource) assert.NilError(t, err) msgs := []string{ - "Validation rule 'validate-tag' succesfully validated", - "Validation rule 'validate-latest' succesfully validated", + "Validation rule 'validate-tag' succeeded for Pod//myapp-pod.", + "Validation rule 'validate-latest' succeeded for Pod//myapp-pod.", } er := Validate(policy, *resourceUnstructured) for index, r := range er.PolicyResponse.Rules { @@ -1992,7 +1992,7 @@ func TestValidate_Fail_anyPattern(t *testing.T) { resourceUnstructured, err := ConvertToUnstructured(rawResource) assert.NilError(t, err) er := Validate(policy, *resourceUnstructured) - msgs := []string{"Validation rule 'check-default-namespace' failed to validate patterns defined in anyPattern. A namespace is required.; anyPattern[0] failed at path /metadata/namespace/; anyPattern[1] failed at path /metadata/namespace/"} + msgs := []string{"Validation error: A namespace is required\nValidation rule check-default-namespace anyPattern[0] failed at path /metadata/namespace/ for Pod//myapp-pod.\nValidation rule check-default-namespace anyPattern[1] failed at path /metadata/namespace/ for Pod//myapp-pod."} for index, r := range er.PolicyResponse.Rules { assert.Equal(t, r.Message, msgs[index]) } @@ -2073,7 +2073,7 @@ func TestValidate_host_network_port(t *testing.T) { resourceUnstructured, err := ConvertToUnstructured(rawResource) assert.NilError(t, err) er := Validate(policy, *resourceUnstructured) - msgs := []string{"Validation rule 'validate-host-network-port' failed at '/spec/containers/0/ports/0/hostPort/' for resource Pod//nginx-host-network. Host network and port are not allowed."} + msgs := []string{"Validation error: Host network and port are not allowed\nValidation rule 'validate-host-network-port' failed at path '/spec/containers/0/ports/0/hostPort/' for Pod//nginx-host-network."} for index, r := range er.PolicyResponse.Rules { assert.Equal(t, r.Message, msgs[index]) @@ -2162,7 +2162,7 @@ func TestValidate_anchor_arraymap_pass(t *testing.T) { resourceUnstructured, err := ConvertToUnstructured(rawResource) assert.NilError(t, err) er := Validate(policy, *resourceUnstructured) - msgs := []string{"Validation rule 'validate-host-path' succesfully validated"} + msgs := []string{"Validation rule 'validate-host-path' succeeded for Pod//image-with-hostpath."} for index, r := range er.PolicyResponse.Rules { assert.Equal(t, r.Message, msgs[index]) @@ -2250,7 +2250,7 @@ func TestValidate_anchor_arraymap_fail(t *testing.T) { resourceUnstructured, err := ConvertToUnstructured(rawResource) assert.NilError(t, err) er := Validate(policy, *resourceUnstructured) - msgs := []string{"Validation rule 'validate-host-path' failed at '/spec/volumes/0/hostPath/path/' for resource Pod//image-with-hostpath. Host path '/var/lib/' is not allowed."} + msgs := []string{"Validation error: Host path '/var/lib/' is not allowed\nValidation rule 'validate-host-path' failed at path '/spec/volumes/0/hostPath/path/' for Pod//image-with-hostpath."} for index, r := range er.PolicyResponse.Rules { assert.Equal(t, r.Message, msgs[index]) @@ -2319,7 +2319,7 @@ func TestValidate_anchor_map_notfound(t *testing.T) { resourceUnstructured, err := ConvertToUnstructured(rawResource) assert.NilError(t, err) er := Validate(policy, *resourceUnstructured) - msgs := []string{"Validation rule 'pod rule 2' succesfully validated"} + msgs := []string{"Validation rule 'pod rule 2' succeeded for Pod//myapp-pod."} for index, r := range er.PolicyResponse.Rules { assert.Equal(t, r.Message, msgs[index]) @@ -2391,7 +2391,7 @@ func TestValidate_anchor_map_found_valid(t *testing.T) { resourceUnstructured, err := ConvertToUnstructured(rawResource) assert.NilError(t, err) er := Validate(policy, *resourceUnstructured) - msgs := []string{"Validation rule 'pod rule 2' succesfully validated"} + msgs := []string{"Validation rule 'pod rule 2' succeeded for Pod//myapp-pod."} for index, r := range er.PolicyResponse.Rules { assert.Equal(t, r.Message, msgs[index]) @@ -2463,7 +2463,7 @@ func TestValidate_anchor_map_found_invalid(t *testing.T) { resourceUnstructured, err := ConvertToUnstructured(rawResource) assert.NilError(t, err) er := Validate(policy, *resourceUnstructured) - msgs := []string{"Validation rule 'pod rule 2' failed at '/spec/securityContext/runAsNonRoot/' for resource Pod//myapp-pod. pod: validate run as non root user."} + msgs := []string{"Validation error: pod: validate run as non root user\nValidation rule 'pod rule 2' failed at path '/spec/securityContext/runAsNonRoot/' for Pod//myapp-pod."} for index, r := range er.PolicyResponse.Rules { assert.Equal(t, r.Message, msgs[index]) @@ -2537,7 +2537,7 @@ func TestValidate_AnchorList_pass(t *testing.T) { resourceUnstructured, err := ConvertToUnstructured(rawResource) assert.NilError(t, err) er := Validate(policy, *resourceUnstructured) - msgs := []string{"Validation rule 'pod image rule' succesfully validated"} + msgs := []string{"Validation rule 'pod image rule' succeeded for Pod//myapp-pod."} for index, r := range er.PolicyResponse.Rules { t.Log(r.Message) @@ -2760,7 +2760,7 @@ func TestValidate_existenceAnchor_pass(t *testing.T) { resourceUnstructured, err := ConvertToUnstructured(rawResource) assert.NilError(t, err) er := Validate(policy, *resourceUnstructured) - msgs := []string{"Validation rule 'pod image rule' succesfully validated"} + msgs := []string{"Validation rule 'pod image rule' succeeded for Pod//myapp-pod."} for index, r := range er.PolicyResponse.Rules { assert.Equal(t, r.Message, msgs[index]) @@ -2847,7 +2847,7 @@ func TestValidate_negationAnchor_deny(t *testing.T) { resourceUnstructured, err := ConvertToUnstructured(rawResource) assert.NilError(t, err) er := Validate(policy, *resourceUnstructured) - msgs := []string{"Validation rule 'validate-host-path' failed at '/spec/volumes/0/hostPath/' for resource Pod//image-with-hostpath. Host path is not allowed."} + msgs := []string{"Validation error: Host path is not allowed\nValidation rule 'validate-host-path' failed at path '/spec/volumes/0/hostPath/' for Pod//image-with-hostpath."} for index, r := range er.PolicyResponse.Rules { assert.Equal(t, r.Message, msgs[index]) @@ -2933,7 +2933,7 @@ func TestValidate_negationAnchor_pass(t *testing.T) { resourceUnstructured, err := ConvertToUnstructured(rawResource) assert.NilError(t, err) er := Validate(policy, *resourceUnstructured) - msgs := []string{"Validation rule 'validate-host-path' succesfully validated"} + msgs := []string{"Validation rule 'validate-host-path' succeeded for Pod//image-with-hostpath."} for index, r := range er.PolicyResponse.Rules { assert.Equal(t, r.Message, msgs[index])