tests: add kuttl tests for multiple clone generate (#5280)

* tests: add kuttl tests for multiple clone generate Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * bump kuttl version v1.13.1 Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * fix review comments Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> * remove cleanup of image-verify tests Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com> Signed-off-by: prateekpandey14 <prateek.pandey@nirmata.com>
2025-03-28 02:18:15 +00:00 · 2022-11-10 18:35:39 +05:30 · 2022-11-10 18:35:39 +05:30 · d86faa5832
commit d86faa5832
parent ef421a33ed
5 changed files with 89 additions and 0 deletions
--- a/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/01-assert.yaml
+++ b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/01-assert.yaml
@ -0,0 +1,9 @@
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: sync-secret-with-multi-clone
+status:
+  conditions:
+  - reason: Succeeded
+    status: "True"
+    type: Ready
--- a/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/01-manifests.yaml
+++ b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/01-manifests.yaml
@ -0,0 +1,54 @@
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: sync-secret-with-multi-clone
+spec:
+  generateExistingOnPolicyUpdate: true
+  rules:
+  - name: sync-secret
+    match:
+      any:
+      - resources:
+          kinds:
+          - Namespace
+    exclude:
+      any:
+      - resources:
+          namespaces:
+          - kube-system
+          - default
+          - kube-public
+          - kyverno
+    generate:
+      namespace: "{{request.object.metadata.name}}"
+      synchronize : true
+      cloneList:
+        namespace: default
+        kinds:
+          - v1/Secret
+          - v1/ConfigMap
+        selector:
+          matchLabels:
+            allowedToBeCloned: "true"
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: bootstap-config
+  namespace: default
+  labels:
+    allowedToBeCloned:  "true"
+data:
+  initial_lives: "15"
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: image-secret
+  namespace: default
+  labels:
+    allowedToBeCloned:  "true"
+type: kubernetes.io/basic-auth
+stringData:
+  username: admin
+  password: t0p-Secret-super
--- a/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/02-assert.yaml
+++ b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/02-assert.yaml
@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: image-secret
+  namespace: prod
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: bootstap-config
+  namespace: prod
--- a/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/02-ns.yaml
+++ b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/02-ns.yaml
@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: prod
--- a/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/README.md
+++ b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/README.md
@ -0,0 +1,11 @@
+## Description
+
+This test ensures that creation of a multiple target resource created by a ClusterPolicy `generate.cloneList` rule. If it is not generated, the test fails.
+
+## Expected Behavior
+
+The cloned Secret and ConfigMap from the default namespace should exists in newly created namespace.
+
+## Reference Issue(s)
+
+N/A