From f6045d70355de4343f29a195bb6b5fc704007de1 Mon Sep 17 00:00:00 2001
From: Chip Zoller <chipzoller@gmail.com>
Date: Mon, 19 Jun 2023 11:17:24 -0400
Subject: [PATCH] Test policy library (#7568)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* first attempt at adding policy library to kuttl tests

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* fix checkout

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* use standard config

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* use config file in kyverno/policies

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* cd

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* fix run command

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

* fix debug failure uses

Signed-off-by: Chip Zoller <chipzoller@gmail.com>

---------

Signed-off-by: Chip Zoller <chipzoller@gmail.com>
Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---
 .github/workflows/conformance.yaml | 59 ++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)

diff --git a/.github/workflows/conformance.yaml b/.github/workflows/conformance.yaml
index 51a0c12ded..74a671e3f5 100644
--- a/.github/workflows/conformance.yaml
+++ b/.github/workflows/conformance.yaml
@@ -208,3 +208,62 @@ jobs:
       - name: Debug failure
         if: failure()
         uses: ./.github/actions/kyverno-logs
+
+  # runs conformance test suites with configuration:
+  policy-library:
+    strategy:
+      fail-fast: false
+      matrix:
+        config:
+          - name: policy-library
+            values:
+              - standard
+        k8s-version:
+          - name: v1.24
+            version: v1.24.12
+          - name: v1.25
+            version: v1.25.8
+          - name: v1.26
+            version: v1.26.3
+          - name: v1.27
+            version: v1.27.1
+        # tests:
+        #   - rbac
+    runs-on: ubuntu-latest
+    needs: prepare-images
+    name: ${{ matrix.k8s-version.name }} - ${{ matrix.config.name }}
+    steps:
+      - name: Checkout kyverno/kyverno
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - name: Checkout kyverno/policies
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+        with:
+          repository: kyverno/policies
+          path: policies
+      - name: Setup build env
+        uses: ./.github/actions/setup-build-env
+        with:
+          build-cache-key: run-conformance
+      - name: Create kind cluster
+        run: |
+          export KIND_IMAGE=kindest/node:${{ matrix.k8s-version.version }}
+          make kind-create-cluster
+      - name: Download kyverno images archive
+        uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+        with:
+          name: kyverno.tar
+      - name: Load kyverno images archive in kind cluster
+        run: make kind-load-image-archive
+      - name: Install kyverno
+        run: |
+          export USE_CONFIG=${{ join(matrix.config.values, ',') }}
+          make kind-install-kyverno
+      - name: Wait for kyverno ready
+        uses: ./.github/actions/kyverno-wait-ready
+      - name: Test policy library with kuttl
+        run: |
+          cd policies
+          ../.tools/kubectl-kuttl test . --config ./kuttl-test.yaml
+      - name: Debug failure
+        if: failure()
+        uses: ./.github/actions/kyverno-logs