mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00
Code Activity
kyverno/documentation/testing-policies.md
Jim Bugwadia 2619d7ba85 - make dir case consistent 
- move files
2019-05-23 00:37:20 -07:00

1.7 KiB
Raw Blame History

documentation / Testing Policies

Testing Policies

The resources definitions for testing are located in /test directory. Each test contains a pair of files: one is the resource definition, and the second is the kyverno policy for this definition.

Test using kubectl

To do this you should install kyverno to the cluster.

For example, to test the simplest kyverno policy for ConfigMap, create the policy and then the resource itself via kubectl:

cd test/ConfigMap
kubectl create -f policy-CM.yaml
kubectl create -f CM.yaml

Then compare the original resource definition in CM.yaml with the actual one:

kubectl get -f CM.yaml -o yaml

Test using the Kyverno CLI

The Kyverno Command Line Interface (CLI) tool enables writing and testing policies without requiring Kubernetes clusters and without having to apply local policy changes to a cluster.

Building the CLI

You will need a Go environment setup.

  1. Clone the Kyverno repo
git clone https://github.com/nirmata/kyverno/
  1. Build the CLI
cd kyverno/cmd/kyverno
go build

Or, you can directly build and install the CLI using go get:

go get -u https://github.com/nirmata/kyverno/cmd/kyverno

Using the CLI

To test a policy using the CLI type:

kyverno <policy> <resource YAML file or folder>

For example:

kyverno ../../examples/cli/policy-deployment.yaml ../../examples/cli/resources

In future releases, the CLI will support complete validation of policies and will allow testing policies against resources in Kubernetes clusters.