From a31f9c383d5d66b66c7a60fc10a512b9d6c52b57 Mon Sep 17 00:00:00 2001
From: shivkumar dudhani <shivkumar@nirmata.com>
Date: Fri, 30 Aug 2019 00:22:37 -0700
Subject: [PATCH] scneario file test runner

---
 examples/resource_mutate_imagePullPolicy.yaml |  2 +-
 examples/resource_validate_healthChecks.yaml  |  3 +-
 pkg/testrunner/testrunner_test.go             |  4 ---
 test/output/output_mutate_endpoint.yaml       | 15 +++++++++
 .../output/output_mutate_imagePullPolicy.yaml | 20 ++++++++++++
 test/output/output_mutate_validate_qos.yaml   | 27 ++++++++++++++++
 .../test/scenario_mutate_endPpoint.yaml       | 19 +++++++++++
 .../test/scenario_mutate_imagePullPolicy.yaml | 19 +++++++++++
 .../test/scenario_mutate_validate_qos.yaml    | 32 +++++++++++++++++++
 ...rio_validate_containerSecurityContext.yaml | 18 +++++++++++
 .../test/scenario_validate_healthChecks.yaml  | 22 +++++++++++++
 .../scenario_validate_imageRegistries.yaml    | 18 +++++++++++
 .../test/scenario_validate_nonRootUser.yaml   | 18 +++++++++++
 13 files changed, 211 insertions(+), 6 deletions(-)
 create mode 100644 test/output/output_mutate_endpoint.yaml
 create mode 100644 test/output/output_mutate_imagePullPolicy.yaml
 create mode 100644 test/output/output_mutate_validate_qos.yaml
 create mode 100644 test/scenarios/test/scenario_mutate_endPpoint.yaml
 create mode 100644 test/scenarios/test/scenario_mutate_imagePullPolicy.yaml
 create mode 100644 test/scenarios/test/scenario_mutate_validate_qos.yaml
 create mode 100644 test/scenarios/test/scenario_validate_containerSecurityContext.yaml
 create mode 100644 test/scenarios/test/scenario_validate_healthChecks.yaml
 create mode 100644 test/scenarios/test/scenario_validate_imageRegistries.yaml
 create mode 100644 test/scenarios/test/scenario_validate_nonRootUser.yaml

diff --git a/examples/resource_mutate_imagePullPolicy.yaml b/examples/resource_mutate_imagePullPolicy.yaml
index 37ba98737c..2deff48fef 100644
--- a/examples/resource_mutate_imagePullPolicy.yaml
+++ b/examples/resource_mutate_imagePullPolicy.yaml
@@ -17,4 +17,4 @@ spec:
       containers:
       - name: nginx
         image: nginx:latest
-        # imagePullPolicy: IfNotPresent
+        imagePullPolicy: Always
diff --git a/examples/resource_validate_healthChecks.yaml b/examples/resource_validate_healthChecks.yaml
index 92d861ac3e..8599a904b3 100644
--- a/examples/resource_validate_healthChecks.yaml
+++ b/examples/resource_validate_healthChecks.yaml
@@ -13,7 +13,7 @@ spec:
     - -c
     - touch /tmp/healthy; sleep 30; rm -rf /tmp/healthy; sleep 600
     readinessProbe:
-      # successThreshold: 3
+      successThreshold: 3
       exec:
         command:
         - cat
@@ -26,6 +26,7 @@ spec:
       httpGet:
         path: /healthz
         port: 8080
+        scheme: HTTP
         httpHeaders:
         - name: Custom-Header
           value: Awesome
diff --git a/pkg/testrunner/testrunner_test.go b/pkg/testrunner/testrunner_test.go
index 5d47ab1f79..63268b8c00 100644
--- a/pkg/testrunner/testrunner_test.go
+++ b/pkg/testrunner/testrunner_test.go
@@ -7,10 +7,6 @@ import "testing"
 // 	runner(t, "/test/scenarios/cli")
 // }
 
-func Test_Devlop(t *testing.T) {
-	testScenario(t, "/test/scenarios/test/s1.yaml")
-}
-
 func Test_Mutate_EndPoint(t *testing.T) {
 	testScenario(t, "/test/scenarios/test/scenario_mutate_endPpoint.yaml")
 }
diff --git a/test/output/output_mutate_endpoint.yaml b/test/output/output_mutate_endpoint.yaml
new file mode 100644
index 0000000000..f9b5a195b0
--- /dev/null
+++ b/test/output/output_mutate_endpoint.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Endpoints
+metadata:
+  creationTimestamp: 
+  labels:
+    isMutated: 'true'
+    label: test
+  name: test-endpoint
+subsets:
+- addresses:
+  - ip: 192.168.10.171
+  ports:
+  - name: secure-connection
+    port: 9663
+    protocol: TCP
\ No newline at end of file
diff --git a/test/output/output_mutate_imagePullPolicy.yaml b/test/output/output_mutate_imagePullPolicy.yaml
new file mode 100644
index 0000000000..b69909f3db
--- /dev/null
+++ b/test/output/output_mutate_imagePullPolicy.yaml
@@ -0,0 +1,20 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-deployment
+  labels:
+    app: nginxlatest
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginxlatest
+  template:
+    metadata:
+      labels:
+        app: nginxlatest
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:latest
+        imagePullPolicy: IfNotPresent
diff --git a/test/output/output_mutate_validate_qos.yaml b/test/output/output_mutate_validate_qos.yaml
new file mode 100644
index 0000000000..daa89079de
--- /dev/null
+++ b/test/output/output_mutate_validate_qos.yaml
@@ -0,0 +1,27 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  creationTimestamp: 
+  labels:
+    test: qos
+  name: qos-demo
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx
+  strategy: {}
+  template:
+    metadata:
+      creationTimestamp: 
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - image: nginx:latest
+        name: nginx
+        resources:
+          limits:
+            cpu: 50m
+            memory: 300Mi
+status: {}
\ No newline at end of file
diff --git a/test/scenarios/test/scenario_mutate_endPpoint.yaml b/test/scenarios/test/scenario_mutate_endPpoint.yaml
new file mode 100644
index 0000000000..44af7cab65
--- /dev/null
+++ b/test/scenarios/test/scenario_mutate_endPpoint.yaml
@@ -0,0 +1,19 @@
+# file path relative to project root
+input:
+  policy: examples/policy_mutate_endpoint.yaml
+  resource: examples/resource_mutate_endpoint.yaml
+expected:
+  mutation:
+    patchedresource: test/output/output_mutate_endpoint.yaml
+    policyresponse:
+      policy: policy-endpoints
+      resource:
+        kind: Endpoints
+        apiVersion: v1
+        namespace: ''
+        name: test-endpoint
+      rules:
+        - name: pEP
+          type: Mutation
+          success: true
+          message: succesfully process JSON patches
diff --git a/test/scenarios/test/scenario_mutate_imagePullPolicy.yaml b/test/scenarios/test/scenario_mutate_imagePullPolicy.yaml
new file mode 100644
index 0000000000..6889311d5d
--- /dev/null
+++ b/test/scenarios/test/scenario_mutate_imagePullPolicy.yaml
@@ -0,0 +1,19 @@
+# file path relative to project root
+input:
+  policy: examples/policy_mutate_imagePullPolicy.yaml
+  resource: examples/resource_mutate_imagePullPolicy.yaml
+expected:
+  mutation:
+    patchedresource: test/output/output_mutate_endpoint.yaml
+    policyresponse:
+      policy: image-pull-policy
+      resource:
+        kind: Deployment
+        apiVersion: apps/v1
+        namespace: ''
+        name: nginx-deployment
+      rules:
+        - name: image-pull-policy
+          type: Mutation
+          success: true
+          message: succesfully process JSON patches
diff --git a/test/scenarios/test/scenario_mutate_validate_qos.yaml b/test/scenarios/test/scenario_mutate_validate_qos.yaml
new file mode 100644
index 0000000000..f90d476753
--- /dev/null
+++ b/test/scenarios/test/scenario_mutate_validate_qos.yaml
@@ -0,0 +1,32 @@
+# file path relative to project root
+input:
+  policy: examples/policy_mutate_validate_qos.yaml
+  resource: examples/resource_mutate_validate_qos.yaml
+expected:
+  mutation:
+    patchedresource: test/output/output_mutate_validate_qos.yaml
+    policyresponse:
+      policy: policy-qos
+      resource:
+        kind: Deployment
+        apiVersion: apps/v1
+        namespace: ''
+        name: qos-demo
+      rules:
+        - name: add-memory-limit
+          type: Mutation
+          success: true
+          message: succesfully process JSON patches
+  validation:
+    policyresponse:
+      policy: policy-qos
+      resource:
+        kind: Deployment
+        apiVersion: apps/v1
+        namespace: ''
+        name: qos-demo
+      rules:
+        - name: check-cpu-memory-limits
+          type: Validation
+          meesage: validation pattern succesfully validated
+          success: true     
\ No newline at end of file
diff --git a/test/scenarios/test/scenario_validate_containerSecurityContext.yaml b/test/scenarios/test/scenario_validate_containerSecurityContext.yaml
new file mode 100644
index 0000000000..e87042a7b0
--- /dev/null
+++ b/test/scenarios/test/scenario_validate_containerSecurityContext.yaml
@@ -0,0 +1,18 @@
+# file path relative to project root
+input:
+  policy: examples/policy_validate_containerSecurityContext.yaml
+  resource: examples/resource_validate_containerSecurityContext.yaml
+expected:
+  validation:
+    policyresponse:
+      policy: container-security-context
+      resource:
+        kind: Deployment
+        apiVersion: apps/v1
+        namespace: ''
+        name: csc-demo-unprivileged
+      rules:
+        - name: validate-user-privilege
+          type: Validation
+          meesage: validation pattern succesfully validated
+          success: true     
\ No newline at end of file
diff --git a/test/scenarios/test/scenario_validate_healthChecks.yaml b/test/scenarios/test/scenario_validate_healthChecks.yaml
new file mode 100644
index 0000000000..13957ef080
--- /dev/null
+++ b/test/scenarios/test/scenario_validate_healthChecks.yaml
@@ -0,0 +1,22 @@
+# file path relative to project root
+input:
+  policy: examples/policy_validate_healthChecks.yaml
+  resource: examples/resource_validate_healthChecks.yaml
+expected:
+  validation:
+    policyresponse:
+      policy: check-probe-exists
+      resource:
+        kind: Pod
+        apiVersion: v1
+        namespace: ''
+        name: probe
+      rules:
+        - name: check-readinessProbe-exists
+          type: Validation
+          meesage: validation pattern succesfully validated
+          success: true     
+        - name: check-livenessProbe-exists
+          type: Validation
+          meesage: validation pattern succesfully validated
+          success: true     
diff --git a/test/scenarios/test/scenario_validate_imageRegistries.yaml b/test/scenarios/test/scenario_validate_imageRegistries.yaml
new file mode 100644
index 0000000000..577b038604
--- /dev/null
+++ b/test/scenarios/test/scenario_validate_imageRegistries.yaml
@@ -0,0 +1,18 @@
+# file path relative to project root
+input:
+  policy: examples/policy_validate_imageRegistries.yaml
+  resource: examples/resource_validate_imageRegistries.yaml
+expected:
+  validation:
+    policyresponse:
+      policy: check-registries
+      resource:
+        kind: Deployment
+        apiVersion: apps/v1
+        namespace: ''
+        name: nirmata-nginx
+      rules:
+        - name: check-registries
+          type: Validation
+          meesage: validation pattern succesfully validated
+          success: true
\ No newline at end of file
diff --git a/test/scenarios/test/scenario_validate_nonRootUser.yaml b/test/scenarios/test/scenario_validate_nonRootUser.yaml
new file mode 100644
index 0000000000..b9ccf16b4b
--- /dev/null
+++ b/test/scenarios/test/scenario_validate_nonRootUser.yaml
@@ -0,0 +1,18 @@
+# file path relative to project root
+input:
+  policy: examples/policy_validate_nonRootUser.yaml
+  resource: examples/resource_validate_nonRootUser.yaml
+expected:
+  validation:
+    policyresponse:
+      policy: check-container-security-context
+      resource:
+        kind: Pod
+        apiVersion: v1
+        namespace: ''
+        name: sec-ctx-unprivileged
+      rules:
+        - name: check-root-user
+          type: Validation
+          meesage: 1/2 patterns succesfully validated
+          success: true
\ No newline at end of file