diff --git a/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/01-assert.yaml b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/01-assert.yaml new file mode 100644 index 0000000000..0bd6979f59 --- /dev/null +++ b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/01-assert.yaml @@ -0,0 +1,9 @@ +apiVersion: kyverno.io/v1 +kind: ClusterPolicy +metadata: + name: sync-secret-with-multi-clone +status: + conditions: + - reason: Succeeded + status: "True" + type: Ready diff --git a/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/01-manifests.yaml b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/01-manifests.yaml new file mode 100644 index 0000000000..d4b52d937e --- /dev/null +++ b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/01-manifests.yaml @@ -0,0 +1,54 @@ +apiVersion: kyverno.io/v1 +kind: ClusterPolicy +metadata: + name: sync-secret-with-multi-clone +spec: + generateExistingOnPolicyUpdate: true + rules: + - name: sync-secret + match: + any: + - resources: + kinds: + - Namespace + exclude: + any: + - resources: + namespaces: + - kube-system + - default + - kube-public + - kyverno + generate: + namespace: "{{request.object.metadata.name}}" + synchronize : true + cloneList: + namespace: default + kinds: + - v1/Secret + - v1/ConfigMap + selector: + matchLabels: + allowedToBeCloned: "true" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: bootstap-config + namespace: default + labels: + allowedToBeCloned: "true" +data: + initial_lives: "15" +--- +apiVersion: v1 +kind: Secret +metadata: + name: image-secret + namespace: default + labels: + allowedToBeCloned: "true" +type: kubernetes.io/basic-auth +stringData: + username: admin + password: t0p-Secret-super diff --git a/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/02-assert.yaml b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/02-assert.yaml new file mode 100644 index 0000000000..ae058e2b30 --- /dev/null +++ b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/02-assert.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: image-secret + namespace: prod +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: bootstap-config + namespace: prod diff --git a/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/02-ns.yaml b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/02-ns.yaml new file mode 100644 index 0000000000..f1ded585a8 --- /dev/null +++ b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/02-ns.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: prod \ No newline at end of file diff --git a/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/README.md b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/README.md new file mode 100644 index 0000000000..acfc8d8ea8 --- /dev/null +++ b/test/conformance/kuttl/generate/clusterpolicy/standard/clone/sync/cpol-clone-list-sync-create/README.md @@ -0,0 +1,11 @@ +## Description + +This test ensures that creation of a multiple target resource created by a ClusterPolicy `generate.cloneList` rule. If it is not generated, the test fails. + +## Expected Behavior + +The cloned Secret and ConfigMap from the default namespace should exists in newly created namespace. + +## Reference Issue(s) + +N/A \ No newline at end of file