mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-06 16:06:56 +00:00
01cc42e78a
* fix: add auth check to the admission controller for generate policies Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: enable auth check if sync=true Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: restict to list/get permissions Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: aggregate clusterrole to admission controller Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: aggregate clusterrole to admission controller Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: aggregate clusterrole to admission controller Signed-off-by: ShutingZhao <shuting@nirmata.com> * fix: aggregate clusterrole to admission controller Signed-off-by: ShutingZhao <shuting@nirmata.com> --------- Signed-off-by: ShutingZhao <shuting@nirmata.com>
59 lines
1.1 KiB
Go
59 lines
1.1 KiB
Go
package generate
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"testing"
|
|
|
|
kyverno "github.com/kyverno/kyverno/api/kyverno/v1"
|
|
"gotest.tools/assert"
|
|
)
|
|
|
|
func Test_Validate_Generate_HasAnchors(t *testing.T) {
|
|
var err error
|
|
rawGenerate := []byte(`
|
|
{
|
|
"kind": "NetworkPolicy",
|
|
"name": "defaultnetworkpolicy",
|
|
"data": {
|
|
"spec": {
|
|
"(podSelector)": {},
|
|
"policyTypes": [
|
|
"Ingress",
|
|
"Egress"
|
|
],
|
|
"ingress": [
|
|
{}
|
|
],
|
|
"egress": [
|
|
{}
|
|
]
|
|
}
|
|
}
|
|
}`)
|
|
|
|
var genRule kyverno.Generation
|
|
err = json.Unmarshal(rawGenerate, &genRule)
|
|
assert.NilError(t, err)
|
|
checker := NewFakeGenerate(genRule)
|
|
if _, _, err := checker.Validate(context.TODO(), nil); err != nil {
|
|
assert.Assert(t, err != nil)
|
|
}
|
|
|
|
rawGenerate = []byte(`
|
|
{
|
|
"kind": "ConfigMap",
|
|
"name": "copied-cm",
|
|
"clone": {
|
|
"^(namespace)": "default",
|
|
"name": "game"
|
|
}
|
|
}`)
|
|
|
|
err = json.Unmarshal(rawGenerate, &genRule)
|
|
assert.NilError(t, err)
|
|
checker = NewFakeGenerate(genRule)
|
|
if _, _, err := checker.Validate(context.TODO(), nil); err != nil {
|
|
assert.Assert(t, err != nil)
|
|
}
|
|
}
|