1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-05 07:26:55 +00:00

feat: add chainsaw tests for global context crd validation (#9628)

* feat: add chainsaw tests for global context crd validation

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* feat: add globalcontext to standard conformance action

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

* fix: overlapping names

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>

---------

Signed-off-by: Vishal Choudhary <vishal.choudhary@nirmata.com>
This commit is contained in:
Vishal Choudhary 2024-02-04 22:45:55 +05:30 committed by GitHub
parent 63b03a8442
commit b5b925bf78
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 110 additions and 27 deletions

View file

@ -7,8 +7,8 @@ permissions: {}
on:
pull_request:
branches:
- 'main'
- 'release*'
- "main"
- "release*"
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
@ -104,6 +104,7 @@ jobs:
- ^generate$/^clusterpolicy$
- ^generate$/^policy$
- ^generate$/^validation$
- ^globalcontext$
- ^mutate$
- ^policy-validation$
- ^rangeoperators$
@ -645,7 +646,7 @@ jobs:
with:
version: main
k8s-version: ${{ matrix.k8s-version.version }}
knative-version: '1.10.0'
knative-version: "1.10.0"
- name: Create TUF values config map
run: |
set -e

View file

@ -0,0 +1,10 @@
## Description
This test creates the following global context entries:
1. A valid global context entry.
2. A context entry with both `kubernetesResource` and `apiCall`.
3. A context entry with neither `kubernetesResource` nor `apiCall`.
## Expected Behavior
1st global context entry should get created, 2nd and 3rd entries should return an error.

View file

@ -0,0 +1,28 @@
---
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
creationTimestamp: null
name: validate-global-context-crd
spec:
steps:
- name: step-01
try:
- apply:
file: valid-context.yaml
- assert:
file: valid-context-assert.yaml
- name: step-02
try:
- apply:
file: multiple-resources.yaml
expect:
- check:
($error != null): true
- name: step-03
try:
- apply:
file: no-resource.yaml
expect:
- check:
($error != null): true

View file

@ -0,0 +1,19 @@
---
apiVersion: kyverno.io/v2alpha1
kind: GlobalContextEntry
metadata:
name: ingress-2
spec:
apiCall:
service:
url: https://svc.kyverno/example
caBundle: |-
-----BEGIN CERTIFICATE-----
-----REDACTED-----
-----END CERTIFICATE-----
refreshInterval: 10ns
kubernetesResource:
group: apis/networking.k8s.io
version: v1
resource: ingresses
namespace: apps

View file

@ -0,0 +1,6 @@
---
apiVersion: kyverno.io/v2alpha1
kind: GlobalContextEntry
metadata:
name: ingress-3
spec: {}

View file

@ -0,0 +1,5 @@
---
apiVersion: kyverno.io/v2alpha1
kind: GlobalContextEntry
metadata:
name: ingress-1

View file

@ -0,0 +1,14 @@
---
apiVersion: kyverno.io/v2alpha1
kind: GlobalContextEntry
metadata:
name: ingress-1
spec:
apiCall:
service:
url: https://svc.kyverno/example
caBundle: |-
-----BEGIN CERTIFICATE-----
-----REDACTED-----
-----END CERTIFICATE-----
refreshInterval: 10ns