mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-10 09:56:55 +00:00
25 lines
1.1 KiB
YAML
Executable file
25 lines
1.1 KiB
YAML
Executable file
apiVersion: chainsaw.kyverno.io/v1alpha1
|
|
kind: Test
|
|
metadata:
|
|
creationTimestamp: null
|
|
name: invalid-pod-security-rule
|
|
spec:
|
|
steps:
|
|
- name: Apply the first policy
|
|
try:
|
|
- script:
|
|
content: kubectl apply -f policy-1.yaml
|
|
check:
|
|
($error != null): true
|
|
# This check ensures the contents of stderr are exactly as shown.
|
|
($stderr): |-
|
|
Error from server: error when creating "policy-1.yaml": admission webhook "validate-policy.kyverno.svc" denied the request: spec.rules[0].podSecurity.exclude[0].values: Forbidden: values is required
|
|
- name: Apply the second policy
|
|
try:
|
|
- script:
|
|
content: kubectl apply -f policy-2.yaml
|
|
check:
|
|
($error != null): true
|
|
# This check ensures the contents of stderr are exactly as shown.
|
|
($stderr): |-
|
|
Error from server: error when creating "policy-2.yaml": admission webhook "validate-policy.kyverno.svc" denied the request: spec.rules[0].podSecurity.exclude[0].restrictedField: Forbidden: restrictedField is required
|