mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-04-08 10:04:25 +00:00
Code Activity

updated test help

Browse source 
Signed-off-by: NoSkillGirl <singhpooja240393@gmail.com>
This commit is contained in:
NoSkillGirl 2021-10-14 02:37:11 +05:30
parent d62234d776
commit 9fbf2974f8
1 changed files with 45 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

72
pkg/kyverno/test/test_command.go
View file

@ -39,22 +39,36 @@ import (
)
var longHelp = `
Test command provides a facility to test policies on resources. User should provide the path of the folder containing test.yaml file.
kyverno test <path_to_folder_Contaning_test.yamls>
or
kyverno test <path_to_githubRepository>
The test.yaml have 4 parts:
"policies" --> list of policies which are applied
"resources" --> list of resources on which the policies are applied
"variables" --> variable file path (this is an optinal parameter)
"results" --> list of result expected on applying the policies on the resources
The test command provides a facility to test resources against policies by comparing expected results, declared ahead of time in a test.yaml file, to actual results reported by Kyverno. Users provide the path to the folder containing a test.yaml file where the location could be on a local filesystem or a remote git repository
`
var exampleHelp = `
test.yaml format:
kyverno test https://github.com/kyverno/policies/main
<snip>
Executing disallow-cri-sock-mount...
applying 1 policy to 1 resource...
# POLICY RULE RESOURCE RESULT
1 disallow-container-sock-mounts validate-docker-sock-mount pod-with-docker-sock-mount Pass
2 disallow-container-sock-mounts validate-containerd-sock-mount pod-with-docker-sock-mount Pass
3 disallow-container-sock-mounts validate-crio-sock-mount pod-with-docker-sock-mount Pass
<snip>
Test file structure:
The test.yaml has four parts:
"policies" --> List of policies which are applied.
"resources" --> List of resources on which the policies are applied.
"variables" --> Variable file path (optional).
"results" --> List of results expected after applying the policies on the resources.
Test file format:
For validate policies
For Validate Policy
- name: test-1
policies:
- <path>
@ -67,13 +81,14 @@ For Validate Policy
rule: <name>
resource: <name>
namespace: <name> (OPTIONAL)
kind: <name>
result: <pass/fail/skip>
kind: <name>
result: <pass|fail|skip>
For Mutate Policy
For mutate policies
Policy (Namespaced)
1) Policy (Namespaced-policy)
- name: test-1
policies:
- <path>
@ -86,11 +101,12 @@ For Mutate Policy
rule: <name>
resource: <name>
namespace: <name> (OPTIONAL)
kind: <name>
kind: <name>
patchedResource: <path>
result: <pass/fail/skip>
result: <pass|fail|skip>
ClusterPolicy (Cluster-wide)
2) ClusterPolicy(Cluster-wide policy)
- name: test-1
policies:
- <path>
@ -105,14 +121,15 @@ For Mutate Policy
namespace: <name> (OPTIONAL)
kind: <name>
patchedResource: <path>
result: <pass/fail/skip>
result: <pass|fail|skip>
Result description:
pass --> patched Resource generated from engine equals to patched Resource provided by the user.
fail --> patched Resource generated from engine is not equals to patched provided by the user.
skip --> rule is not applied.
Result descriptions:
For more visit --> https://kyverno.io/docs/kyverno-cli/#test
pass --> The patched resource generated by Kyverno equals the patched resource provided by the user.
fail --> The patched resource generated by Kyverno is not equal to the patched resource provided by the user.
skip --> The rule is not applied.
For more information visit https://kyverno.io/docs/kyverno-cli/#test
`
// Command returns version command
@ -120,7 +137,8 @@ func Command() *cobra.Command {
var cmd *cobra.Command
var valuesFile, fileName string
cmd = &cobra.Command{
Use: "test",
Use: "test <path_to_folder_Containing_test.yamls> [flags]\n kyverno test <path_to_gitRepository>",
Args: cobra.ExactArgs(1),
Short: "run tests from directory",
Long: longHelp,
Example: exampleHelp,