mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-15 20:20:22 +00:00
chore: bump chainsaw (#9114)
* chore: bump chainsaw Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * remove sleeps Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché
GitHub
parent
2ceac72f62
commit
b9b4b3e484
24 changed files with 70 additions and 145 deletions
108
.github/workflows/conformance.yaml
vendored
108
.github/workflows/conformance.yaml
vendored
|
|
@ -125,7 +125,7 @@ jobs:
|
||||||
- name: Install chainsaw
|
- name: Install chainsaw
|
||||||
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
||||||
with:
|
with:
|
||||||
release: v0.0.8
|
release: v0.0.9-alpha.4
|
||||||
# create cluster
|
# create cluster
|
||||||
- name: Create kind cluster
|
- name: Create kind cluster
|
||||||
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
||||||
|
|
@ -196,7 +196,7 @@ jobs:
|
||||||
- name: Install chainsaw
|
- name: Install chainsaw
|
||||||
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
||||||
with:
|
with:
|
||||||
release: v0.0.8
|
release: v0.0.9-alpha.4
|
||||||
# create cluster
|
# create cluster
|
||||||
- name: Create kind cluster
|
- name: Create kind cluster
|
||||||
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
||||||
|
|
@ -267,7 +267,7 @@ jobs:
|
||||||
- name: Install chainsaw
|
- name: Install chainsaw
|
||||||
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
||||||
with:
|
with:
|
||||||
release: v0.0.8
|
release: v0.0.9-alpha.4
|
||||||
# create cluster
|
# create cluster
|
||||||
- name: Create kind cluster
|
- name: Create kind cluster
|
||||||
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
||||||
|
|
@ -340,7 +340,7 @@ jobs:
|
||||||
- name: Install chainsaw
|
- name: Install chainsaw
|
||||||
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
||||||
with:
|
with:
|
||||||
release: v0.0.8
|
release: v0.0.9-alpha.4
|
||||||
# create cluster
|
# create cluster
|
||||||
- name: Create kind cluster
|
- name: Create kind cluster
|
||||||
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
||||||
|
|
@ -411,7 +411,7 @@ jobs:
|
||||||
- name: Install chainsaw
|
- name: Install chainsaw
|
||||||
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
||||||
with:
|
with:
|
||||||
release: v0.0.8
|
release: v0.0.9-alpha.4
|
||||||
# create cluster
|
# create cluster
|
||||||
- name: Create kind cluster
|
- name: Create kind cluster
|
||||||
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
||||||
|
|
@ -489,7 +489,7 @@ jobs:
|
||||||
- name: Install chainsaw
|
- name: Install chainsaw
|
||||||
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
||||||
with:
|
with:
|
||||||
release: v0.0.8
|
release: v0.0.9-alpha.4
|
||||||
# create cluster
|
# create cluster
|
||||||
- name: Create kind cluster
|
- name: Create kind cluster
|
||||||
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
||||||
|
|
@ -566,7 +566,7 @@ jobs:
|
||||||
- name: Install chainsaw
|
- name: Install chainsaw
|
||||||
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
||||||
with:
|
with:
|
||||||
release: v0.0.8
|
release: v0.0.9-alpha.4
|
||||||
# create cluster
|
# create cluster
|
||||||
- name: Create kind cluster
|
- name: Create kind cluster
|
||||||
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
||||||
|
|
@ -634,21 +634,21 @@ jobs:
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||||
- name: Setup caches
|
# install tools
|
||||||
uses: ./.github/actions/setup-caches
|
- name: Install helm
|
||||||
timeout-minutes: 5
|
id: helm
|
||||||
continue-on-error: true
|
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5
|
||||||
with:
|
with:
|
||||||
build-cache-key: run-conformance
|
token: ${{ secrets.GITHUB_TOKEN }}
|
||||||
- name: Install kind
|
- name: Install crane
|
||||||
shell: bash
|
uses: imjasonh/setup-crane@00c9e93efa4e1138c9a7a5c594acd6c75a2fbf0c
|
||||||
run: |
|
- name: Install Cosign
|
||||||
# For AMD64 / x86_64
|
uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8
|
||||||
[ $(uname -m) = x86_64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.20.0/kind-linux-amd64
|
- name: Install chainsaw
|
||||||
# For ARM64
|
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
||||||
[ $(uname -m) = aarch64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.20.0/kind-linux-arm64
|
with:
|
||||||
chmod +x ./kind
|
release: v0.0.9-alpha.4
|
||||||
sudo mv ./kind /usr/local/bin/kind
|
# create cluster
|
||||||
- name: Create kind cluster and setup Sigstore Scaffolding
|
- name: Create kind cluster and setup Sigstore Scaffolding
|
||||||
uses: sigstore/scaffolding/actions/setup@9e5583eaf47855103a9acd6eaa2b1da85f28e28e
|
uses: sigstore/scaffolding/actions/setup@9e5583eaf47855103a9acd6eaa2b1da85f28e28e
|
||||||
with:
|
with:
|
||||||
|
|
@ -657,9 +657,11 @@ jobs:
|
||||||
knative-version: '1.10.0'
|
knative-version: '1.10.0'
|
||||||
- name: Create TUF values config map
|
- name: Create TUF values config map
|
||||||
run: |
|
run: |
|
||||||
|
set -e
|
||||||
kubectl create namespace kyverno
|
kubectl create namespace kyverno
|
||||||
kubectl -n kyverno create configmap tufvalues --from-literal=TUF_MIRROR=$TUF_MIRROR --from-literal=FULCIO_URL=$FULCIO_URL --from-literal=REKOR_URL=$REKOR_URL --from-literal=CTLOG_URL=$CTLOG_URL --from-literal=ISSUER_URL=$ISSUER_URL
|
kubectl -n kyverno create configmap tufvalues --from-literal=TUF_MIRROR=$TUF_MIRROR --from-literal=FULCIO_URL=$FULCIO_URL --from-literal=REKOR_URL=$REKOR_URL --from-literal=CTLOG_URL=$CTLOG_URL --from-literal=ISSUER_URL=$ISSUER_URL
|
||||||
kubectl -n tuf-system get secrets tuf-root -oyaml | sed 's/namespace: .*/namespace: kyverno/' | kubectl create -f -
|
kubectl -n tuf-system get secrets tuf-root -oyaml | sed 's/namespace: .*/namespace: kyverno/' | kubectl create -f -
|
||||||
|
# deploy kyverno
|
||||||
- name: Download kyverno images archive
|
- name: Download kyverno images archive
|
||||||
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
|
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
|
||||||
with:
|
with:
|
||||||
|
|
@ -668,17 +670,17 @@ jobs:
|
||||||
shell: bash
|
shell: bash
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
make kind-load-image-archive
|
kind load image-archive kyverno.tar --name kind
|
||||||
- name: Install kyverno
|
- name: Install kyverno
|
||||||
shell: bash
|
shell: bash
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
|
export HELM=${{ steps.helm.outputs.helm-path }}
|
||||||
export USE_CONFIG=${{ join(matrix.config.values, ',') }}
|
export USE_CONFIG=${{ join(matrix.config.values, ',') }}
|
||||||
make kind-install-kyverno
|
make kind-install-kyverno
|
||||||
- name: Install crane
|
- name: Wait for kyverno ready
|
||||||
uses: imjasonh/setup-crane@00c9e93efa4e1138c9a7a5c594acd6c75a2fbf0c
|
uses: ./.github/actions/kyverno-wait-ready
|
||||||
- name: Install Cosign
|
# prepare test image
|
||||||
uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8
|
|
||||||
- name: Create test image
|
- name: Create test image
|
||||||
shell: bash
|
shell: bash
|
||||||
run: |
|
run: |
|
||||||
|
|
@ -689,12 +691,7 @@ jobs:
|
||||||
cosign initialize --mirror $TUF_MIRROR --root $TUF_MIRROR/root.json
|
cosign initialize --mirror $TUF_MIRROR --root $TUF_MIRROR/root.json
|
||||||
COSIGN_EXPERIMENTAL=1 cosign sign --rekor-url $REKOR_URL --fulcio-url $FULCIO_URL $TEST_IMAGE_URL --identity-token `curl -s $ISSUER_URL` -y
|
COSIGN_EXPERIMENTAL=1 cosign sign --rekor-url $REKOR_URL --fulcio-url $FULCIO_URL $TEST_IMAGE_URL --identity-token `curl -s $ISSUER_URL` -y
|
||||||
echo "TEST_IMAGE_URL=$TEST_IMAGE_URL" >> $GITHUB_ENV
|
echo "TEST_IMAGE_URL=$TEST_IMAGE_URL" >> $GITHUB_ENV
|
||||||
- name: Wait for kyverno ready
|
# run tests
|
||||||
uses: ./.github/actions/kyverno-wait-ready
|
|
||||||
- name: Install Chainsaw
|
|
||||||
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
|
||||||
with:
|
|
||||||
release: v0.0.8
|
|
||||||
- name: Test with Chainsaw
|
- name: Test with Chainsaw
|
||||||
shell: bash
|
shell: bash
|
||||||
env:
|
env:
|
||||||
|
|
@ -742,7 +739,7 @@ jobs:
|
||||||
- name: Install chainsaw
|
- name: Install chainsaw
|
||||||
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
||||||
with:
|
with:
|
||||||
release: v0.0.8
|
release: v0.0.9-alpha.4
|
||||||
# create cluster
|
# create cluster
|
||||||
- name: Create kind cluster
|
- name: Create kind cluster
|
||||||
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
||||||
|
|
@ -844,25 +841,16 @@ jobs:
|
||||||
with:
|
with:
|
||||||
repository: kyverno/policies
|
repository: kyverno/policies
|
||||||
path: policies
|
path: policies
|
||||||
- name: Setup caches
|
# install tools
|
||||||
uses: ./.github/actions/setup-caches
|
- name: Install helm
|
||||||
timeout-minutes: 5
|
id: helm
|
||||||
continue-on-error: true
|
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5
|
||||||
with:
|
with:
|
||||||
build-cache-key: run-conformance
|
token: ${{ secrets.GITHUB_TOKEN }}
|
||||||
- name: Setup build env
|
- name: Install chainsaw
|
||||||
uses: ./.github/actions/setup-build-env
|
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
||||||
timeout-minutes: 10
|
|
||||||
- name: Create kind cluster
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
set -e
|
|
||||||
export KIND_IMAGE=kindest/node:${{ matrix.k8s-version.version }}
|
|
||||||
make kind-create-cluster
|
|
||||||
- name: Download kyverno images archive
|
|
||||||
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
|
|
||||||
with:
|
with:
|
||||||
name: kyverno.tar
|
release: v0.0.9-alpha.4
|
||||||
- name: Download kyverno CLI archive
|
- name: Download kyverno CLI archive
|
||||||
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
|
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
|
||||||
with:
|
with:
|
||||||
|
|
@ -873,23 +861,33 @@ jobs:
|
||||||
set -e
|
set -e
|
||||||
chmod +x kubectl-kyverno && mv kubectl-kyverno ./cmd/cli/kubectl-kyverno/kyverno
|
chmod +x kubectl-kyverno && mv kubectl-kyverno ./cmd/cli/kubectl-kyverno/kyverno
|
||||||
echo "$PWD/cmd/cli/kubectl-kyverno" >> $GITHUB_PATH
|
echo "$PWD/cmd/cli/kubectl-kyverno" >> $GITHUB_PATH
|
||||||
|
# create cluster
|
||||||
|
- name: Create kind cluster
|
||||||
|
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0
|
||||||
|
with:
|
||||||
|
node_image: kindest/node:${{ matrix.k8s-version.version }}
|
||||||
|
cluster_name: kind
|
||||||
|
config: ./scripts/config/kind/default.yaml
|
||||||
|
# deploy kyverno
|
||||||
|
- name: Download kyverno images archive
|
||||||
|
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
|
||||||
|
with:
|
||||||
|
name: kyverno.tar
|
||||||
- name: Load kyverno images archive in kind cluster
|
- name: Load kyverno images archive in kind cluster
|
||||||
shell: bash
|
shell: bash
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
make kind-load-image-archive
|
kind load image-archive kyverno.tar --name kind
|
||||||
- name: Install kyverno
|
- name: Install kyverno
|
||||||
shell: bash
|
shell: bash
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
|
export HELM=${{ steps.helm.outputs.helm-path }}
|
||||||
export USE_CONFIG=${{ join(matrix.config.values, ',') }}
|
export USE_CONFIG=${{ join(matrix.config.values, ',') }}
|
||||||
make kind-install-kyverno
|
make kind-install-kyverno
|
||||||
- name: Wait for kyverno ready
|
- name: Wait for kyverno ready
|
||||||
uses: ./.github/actions/kyverno-wait-ready
|
uses: ./.github/actions/kyverno-wait-ready
|
||||||
- name: Install Chainsaw
|
# run tests
|
||||||
uses: kyverno/chainsaw/.github/actions/install@5d6585b843b48eaf1940a8333bb828fd6a3385e3 # v0.0.8
|
|
||||||
with:
|
|
||||||
release: v0.0.9-alpha.3
|
|
||||||
- name: Install CRDs
|
- name: Install CRDs
|
||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
|
|
|
||||||
|
|
@ -11,3 +11,4 @@ spec:
|
||||||
failFast: false
|
failFast: false
|
||||||
excludeTestRegex: '_.+'
|
excludeTestRegex: '_.+'
|
||||||
forceTerminationGracePeriod: 5s
|
forceTerminationGracePeriod: 5s
|
||||||
|
delayBeforeCleanup: 3s
|
||||||
|
|
|
||||||
|
|
@ -21,10 +21,6 @@ spec:
|
||||||
file: policy.yaml
|
file: policy.yaml
|
||||||
- assert:
|
- assert:
|
||||||
file: policy.yaml
|
file: policy.yaml
|
||||||
- name: step-04
|
|
||||||
try:
|
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
- name: step-05
|
- name: step-05
|
||||||
try:
|
try:
|
||||||
- error:
|
- error:
|
||||||
|
|
|
||||||
|
|
@ -21,10 +21,6 @@ spec:
|
||||||
file: policy.yaml
|
file: policy.yaml
|
||||||
- assert:
|
- assert:
|
||||||
file: policy.yaml
|
file: policy.yaml
|
||||||
- name: step-04
|
|
||||||
try:
|
|
||||||
- sleep:
|
|
||||||
duration: 1m5s
|
|
||||||
- name: step-05
|
- name: step-05
|
||||||
try:
|
try:
|
||||||
- error:
|
- error:
|
||||||
|
|
|
||||||
|
|
@ -15,6 +15,3 @@ spec:
|
||||||
content: kubectl run -n $NAMESPACE test-sigstore --image=$TEST_IMAGE_URL
|
content: kubectl run -n $NAMESPACE test-sigstore --image=$TEST_IMAGE_URL
|
||||||
- assert:
|
- assert:
|
||||||
file: pod-assert.yaml
|
file: pod-assert.yaml
|
||||||
finally:
|
|
||||||
- sleep:
|
|
||||||
duration: 3s
|
|
||||||
|
|
|
||||||
|
|
@ -21,10 +21,6 @@ spec:
|
||||||
try:
|
try:
|
||||||
- apply:
|
- apply:
|
||||||
file: resource.yaml
|
file: resource.yaml
|
||||||
- name: step-04
|
|
||||||
try:
|
|
||||||
- sleep:
|
|
||||||
duration: 3s
|
|
||||||
- name: step-05
|
- name: step-05
|
||||||
try:
|
try:
|
||||||
- assert:
|
- assert:
|
||||||
|
|
|
||||||
|
|
@ -15,10 +15,6 @@ spec:
|
||||||
try:
|
try:
|
||||||
- apply:
|
- apply:
|
||||||
file: resource.yaml
|
file: resource.yaml
|
||||||
- name: step-03
|
|
||||||
try:
|
|
||||||
- sleep:
|
|
||||||
duration: 3s
|
|
||||||
- name: step-04
|
- name: step-04
|
||||||
try:
|
try:
|
||||||
- assert:
|
- assert:
|
||||||
|
|
|
||||||
|
|
@ -27,9 +27,8 @@ spec:
|
||||||
namespace: exeter
|
namespace: exeter
|
||||||
- name: step-04
|
- name: step-04
|
||||||
try:
|
try:
|
||||||
- script:
|
- sleep:
|
||||||
content: sleep 6
|
duration: 6s
|
||||||
timeout: 10s
|
|
||||||
- name: step-05
|
- name: step-05
|
||||||
try:
|
try:
|
||||||
- assert:
|
- assert:
|
||||||
|
|
|
||||||
|
|
@ -25,10 +25,6 @@ spec:
|
||||||
file: policy.yaml
|
file: policy.yaml
|
||||||
- assert:
|
- assert:
|
||||||
file: policy-assert.yaml
|
file: policy-assert.yaml
|
||||||
- name: step-03
|
|
||||||
try:
|
|
||||||
- sleep:
|
|
||||||
duration: 3s
|
|
||||||
- name: step-04
|
- name: step-04
|
||||||
try:
|
try:
|
||||||
- assert:
|
- assert:
|
||||||
|
|
|
||||||
|
|
@ -5,10 +5,7 @@ metadata:
|
||||||
name: invalid-label
|
name: invalid-label
|
||||||
spec:
|
spec:
|
||||||
steps:
|
steps:
|
||||||
- finally:
|
- name: step-01
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
name: step-01
|
|
||||||
try:
|
try:
|
||||||
- apply:
|
- apply:
|
||||||
file: pod.yaml
|
file: pod.yaml
|
||||||
|
|
|
||||||
|
|
@ -9,10 +9,7 @@ spec:
|
||||||
try:
|
try:
|
||||||
- apply:
|
- apply:
|
||||||
file: pod.yaml
|
file: pod.yaml
|
||||||
- finally:
|
- name: step-02
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
name: step-02
|
|
||||||
try:
|
try:
|
||||||
- error:
|
- error:
|
||||||
file: pod-assert.yaml
|
file: pod-assert.yaml
|
||||||
|
|
|
||||||
|
|
@ -11,10 +11,7 @@ spec:
|
||||||
file: policy.yaml
|
file: policy.yaml
|
||||||
- assert:
|
- assert:
|
||||||
file: policy-assert.yaml
|
file: policy-assert.yaml
|
||||||
- finally:
|
- name: step-02
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
name: step-02
|
|
||||||
try:
|
try:
|
||||||
- apply:
|
- apply:
|
||||||
file: pod-pass.yaml
|
file: pod-pass.yaml
|
||||||
|
|
|
||||||
|
|
@ -26,7 +26,3 @@ spec:
|
||||||
- check:
|
- check:
|
||||||
($error != null): true
|
($error != null): true
|
||||||
file: deployments-fail.yaml
|
file: deployments-fail.yaml
|
||||||
- name: step-04
|
|
||||||
try:
|
|
||||||
- sleep:
|
|
||||||
duration: 3s
|
|
||||||
|
|
|
||||||
|
|
@ -17,10 +17,7 @@ spec:
|
||||||
file: policy.yaml
|
file: policy.yaml
|
||||||
- assert:
|
- assert:
|
||||||
file: policy-assert.yaml
|
file: policy-assert.yaml
|
||||||
- finally:
|
- name: step-03
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
name: step-03
|
|
||||||
try:
|
try:
|
||||||
- apply:
|
- apply:
|
||||||
file: statefulset-pass.yaml
|
file: statefulset-pass.yaml
|
||||||
|
|
|
||||||
|
|
@ -29,10 +29,7 @@ spec:
|
||||||
file: policy.yaml
|
file: policy.yaml
|
||||||
- assert:
|
- assert:
|
||||||
file: policy-assert.yaml
|
file: policy-assert.yaml
|
||||||
- finally:
|
- name: step-05
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
name: step-05
|
|
||||||
try:
|
try:
|
||||||
- apply:
|
- apply:
|
||||||
file: deployment-pass.yaml
|
file: deployment-pass.yaml
|
||||||
|
|
|
||||||
|
|
@ -29,10 +29,7 @@ spec:
|
||||||
file: policy.yaml
|
file: policy.yaml
|
||||||
- assert:
|
- assert:
|
||||||
file: policy-assert.yaml
|
file: policy-assert.yaml
|
||||||
- finally:
|
- name: step-05
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
name: step-05
|
|
||||||
try:
|
try:
|
||||||
- apply:
|
- apply:
|
||||||
file: statefulset-pass.yaml
|
file: statefulset-pass.yaml
|
||||||
|
|
|
||||||
|
|
@ -15,14 +15,10 @@ spec:
|
||||||
file: chainsaw-step-01-apply-1-3.yaml
|
file: chainsaw-step-01-apply-1-3.yaml
|
||||||
- assert:
|
- assert:
|
||||||
file: chainsaw-step-01-assert-1-1.yaml
|
file: chainsaw-step-01-assert-1-1.yaml
|
||||||
- finally:
|
- name: step-02
|
||||||
|
try:
|
||||||
- sleep:
|
- sleep:
|
||||||
duration: 5s
|
duration: 5s
|
||||||
name: step-02
|
|
||||||
try:
|
|
||||||
- script:
|
|
||||||
content: sleep 5
|
|
||||||
timeout: 10s
|
|
||||||
- script:
|
- script:
|
||||||
content: ./api-initiated-eviction.sh
|
content: ./api-initiated-eviction.sh
|
||||||
timeout: 30s
|
timeout: 30s
|
||||||
|
|
|
||||||
|
|
@ -15,10 +15,7 @@ spec:
|
||||||
file: chainsaw-step-01-apply-1-3.yaml
|
file: chainsaw-step-01-apply-1-3.yaml
|
||||||
- assert:
|
- assert:
|
||||||
file: chainsaw-step-01-assert-1-1.yaml
|
file: chainsaw-step-01-assert-1-1.yaml
|
||||||
- finally:
|
- name: step-02
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
name: step-02
|
|
||||||
try:
|
try:
|
||||||
- script:
|
- script:
|
||||||
content: "if kubectl -n test-validate exec nginx -it -- sh 2>&1 | grep -q
|
content: "if kubectl -n test-validate exec nginx -it -- sh 2>&1 | grep -q
|
||||||
|
|
|
||||||
|
|
@ -21,10 +21,7 @@ spec:
|
||||||
file: chainsaw-step-01-assert-1-2.yaml
|
file: chainsaw-step-01-assert-1-2.yaml
|
||||||
- assert:
|
- assert:
|
||||||
file: chainsaw-step-01-assert-1-3.yaml
|
file: chainsaw-step-01-assert-1-3.yaml
|
||||||
- finally:
|
- name: step-02
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
name: step-02
|
|
||||||
try:
|
try:
|
||||||
- script:
|
- script:
|
||||||
content: "if kubectl scale deployment nginx-test --replicas=1 -n test-validate
|
content: "if kubectl scale deployment nginx-test --replicas=1 -n test-validate
|
||||||
|
|
|
||||||
|
|
@ -17,10 +17,7 @@ spec:
|
||||||
file: chainsaw-step-01-assert-1-1.yaml
|
file: chainsaw-step-01-assert-1-1.yaml
|
||||||
- assert:
|
- assert:
|
||||||
file: chainsaw-step-01-assert-1-2.yaml
|
file: chainsaw-step-01-assert-1-2.yaml
|
||||||
- finally:
|
- name: step-02
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
name: step-02
|
|
||||||
try:
|
try:
|
||||||
- script:
|
- script:
|
||||||
content: "if kubectl scale deployment nginx-test --replicas=1 -n test-validate
|
content: "if kubectl scale deployment nginx-test --replicas=1 -n test-validate
|
||||||
|
|
|
||||||
|
|
@ -5,10 +5,7 @@ metadata:
|
||||||
name: validating-admission-policy-fail
|
name: validating-admission-policy-fail
|
||||||
spec:
|
spec:
|
||||||
steps:
|
steps:
|
||||||
- finally:
|
- name: step-01
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
name: step-01
|
|
||||||
try:
|
try:
|
||||||
- apply:
|
- apply:
|
||||||
file: deployment.yaml
|
file: deployment.yaml
|
||||||
|
|
|
||||||
|
|
@ -5,10 +5,7 @@ metadata:
|
||||||
name: validating-admission-policy-pass
|
name: validating-admission-policy-pass
|
||||||
spec:
|
spec:
|
||||||
steps:
|
steps:
|
||||||
- finally:
|
- name: step-01
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
name: step-01
|
|
||||||
try:
|
try:
|
||||||
- apply:
|
- apply:
|
||||||
file: deployment.yaml
|
file: deployment.yaml
|
||||||
|
|
|
||||||
|
|
@ -5,10 +5,7 @@ metadata:
|
||||||
name: events
|
name: events
|
||||||
spec:
|
spec:
|
||||||
steps:
|
steps:
|
||||||
- finally:
|
- name: step-01
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
name: step-01
|
|
||||||
try:
|
try:
|
||||||
- apply:
|
- apply:
|
||||||
file: deployment.yaml
|
file: deployment.yaml
|
||||||
|
|
|
||||||
|
|
@ -21,16 +21,10 @@ spec:
|
||||||
file: deployment_new.yaml
|
file: deployment_new.yaml
|
||||||
- assert:
|
- assert:
|
||||||
file: deployment-assert.yaml
|
file: deployment-assert.yaml
|
||||||
finally:
|
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
- name: step-03
|
- name: step-03
|
||||||
try:
|
try:
|
||||||
- script:
|
- script:
|
||||||
content: kubectl -n verify-images rollout undo deployment nginx-deployment
|
content: kubectl -n verify-images rollout undo deployment nginx-deployment
|
||||||
finally:
|
|
||||||
- sleep:
|
|
||||||
duration: 5s
|
|
||||||
- name: step-04
|
- name: step-04
|
||||||
try:
|
try:
|
||||||
- assert:
|
- assert:
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue