diff --git a/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/chainsaw-test.yaml b/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/chainsaw-test.yaml index 11b41de5b2..6fb2c5e786 100644 --- a/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/chainsaw-test.yaml +++ b/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/chainsaw-test.yaml @@ -4,10 +4,6 @@ metadata: name: default spec: steps: - - name: step-01 - try: - - apply: - file: ns-bad.yaml - name: create policy use: template: ../../../../../_step-templates/create-policy.yaml @@ -32,4 +28,4 @@ spec: expect: - check: ($error != null): true - file: pod-bad.yaml \ No newline at end of file + file: pod-bad.yaml diff --git a/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/ns-bad.yaml b/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/ns-bad.yaml deleted file mode 100644 index ea5dfc890e..0000000000 --- a/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/ns-bad.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: not-default \ No newline at end of file diff --git a/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/pod-bad.yaml b/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/pod-bad.yaml index 765e64e70d..659614130c 100644 --- a/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/pod-bad.yaml +++ b/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/pod-bad.yaml @@ -1,9 +1,8 @@ apiVersion: v1 kind: Pod metadata: - name: example - namespace: default + name: bad-pod spec: containers: - - image: nginx:latest - name: example \ No newline at end of file + - image: nginx + name: example diff --git a/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/pod.yaml b/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/pod.yaml index 765e64e70d..2060b8fa0f 100644 --- a/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/pod.yaml +++ b/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/pod.yaml @@ -2,8 +2,7 @@ apiVersion: v1 kind: Pod metadata: name: example - namespace: default spec: containers: - image: nginx:latest - name: example \ No newline at end of file + name: example diff --git a/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/policy.yaml b/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/policy.yaml index 4acf797a9b..89fc446225 100644 --- a/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/policy.yaml +++ b/test/conformance/chainsaw/validate/clusterpolicy/standard/apicalls/default/policy.yaml @@ -12,31 +12,27 @@ spec: - Pod operations: - CREATE + - UPDATE context: - - name: testString + - name: podname apiCall: urlPath: "/api/v1/namespaces/{{ request.namespace }}/invalid" jmesPath: metadata.name - default: default + default: example - name: testJSON apiCall: urlPath: "/api/v1/namespaces/{{ request.namespace }}/invalid" - default: '{"metadata": {"name": "default"}}' - - name: testInteger - apiCall: - urlPath: "/api/v1/namespaces/{{ request.namespace }}/invalid" - jmesPath: metadata.resourceVersion - default: 1 + default: + metadata: + name: example validate: + failureAction: Enforce deny: conditions: all: - - key: "{{ testString }}" - operator: Equals - value: "{{ request.namespace }}" + - key: "{{ podname }}" + operator: NotEquals + value: "{{ request.object.metadata.name }}" - key: "{{ testJSON.metadata.name }}" - operator: Equals - value: "{{ request.namespace }}" - - key: "{{ testInteger }}" - operator: GreaterThan - value: 2 \ No newline at end of file + operator: NotEquals + value: "{{ request.object.metadata.name }}"