From c1be682a939bd68e677685ddd4ab69dec38e0538 Mon Sep 17 00:00:00 2001 From: Jim Bugwadia Date: Sun, 10 Nov 2019 21:06:49 -0800 Subject: [PATCH] update require_pod_requests_limits --- pkg/testrunner/testrunner_test.go | 2 +- samples/RequirePodRequestsLimits.md | 4 ++-- samples/best_practices/require_pod_requests_limits.yaml | 4 ++-- ...requests_limits.yaml => require_pod_requests_limits.yaml} | 5 ++--- 4 files changed, 7 insertions(+), 8 deletions(-) rename test/scenarios/samples/best_practices/{scenario_validate_require_pod_requests_limits.yaml => require_pod_requests_limits.yaml} (58%) diff --git a/pkg/testrunner/testrunner_test.go b/pkg/testrunner/testrunner_test.go index 6262ef1bf2..915ec11934 100644 --- a/pkg/testrunner/testrunner_test.go +++ b/pkg/testrunner/testrunner_test.go @@ -97,7 +97,7 @@ func Test_validate_restrict_image_registries(t *testing.T) { } func Test_require_pod_requests_limits(t *testing.T) { - testScenario(t, "test/scenarios/samples/best_practices/scenario_validate_require_pod_requests_limits.yaml") + testScenario(t, "test/scenarios/samples/best_practices/require_pod_requests_limits.yaml") } func Test_require_probes(t *testing.T) { diff --git a/samples/RequirePodRequestsLimits.md b/samples/RequirePodRequestsLimits.md index 140ca0a0e4..69986ad42d 100644 --- a/samples/RequirePodRequestsLimits.md +++ b/samples/RequirePodRequestsLimits.md @@ -12,11 +12,11 @@ If a namespace level request or limit is specified, defaults will automatically apiVersion: kyverno.io/v1alpha1 kind: ClusterPolicy metadata: - name: check-resource + name: require-pod-requests-limits spec: validationFailureAction: "audit" rules: - - name: check-resource-request-limit + - name: validate-resources match: resources: kinds: diff --git a/samples/best_practices/require_pod_requests_limits.yaml b/samples/best_practices/require_pod_requests_limits.yaml index 4672f4362a..e2716bb485 100644 --- a/samples/best_practices/require_pod_requests_limits.yaml +++ b/samples/best_practices/require_pod_requests_limits.yaml @@ -1,7 +1,7 @@ apiVersion: kyverno.io/v1alpha1 kind: ClusterPolicy metadata: - name: check-resource + name: require-pod-requests-limits annotations: policies.kyverno.io/category: Resource Quota policies.kyverno.io/description: As application workloads share cluster resources, it is important @@ -11,7 +11,7 @@ metadata: spec: validationFailureAction: "audit" rules: - - name: check-resource-request-limit + - name: validate-resources match: resources: kinds: diff --git a/test/scenarios/samples/best_practices/scenario_validate_require_pod_requests_limits.yaml b/test/scenarios/samples/best_practices/require_pod_requests_limits.yaml similarity index 58% rename from test/scenarios/samples/best_practices/scenario_validate_require_pod_requests_limits.yaml rename to test/scenarios/samples/best_practices/require_pod_requests_limits.yaml index c0be0d175f..31fa5d4df0 100644 --- a/test/scenarios/samples/best_practices/scenario_validate_require_pod_requests_limits.yaml +++ b/test/scenarios/samples/best_practices/require_pod_requests_limits.yaml @@ -5,14 +5,13 @@ input: expected: validation: policyresponse: - policy: check-resource + policy: require-pod-requests-limits resource: kind: Pod apiVersion: v1 namespace: '' name: myapp-pod rules: - - name: check-resource-request-limit + - name: validate-resources type: Validation - message: "Validation error: CPU and memory resource requests and limits are required\nValidation rule 'check-resource-request-limit' failed at path '/spec/containers/0/resources/limits/cpu/'." success: false