kyverno

mirror of https://github.com/kyverno/kyverno.git synced 2025-03-11 10:26:54 +00:00

History

Charles-Edouard Brétéché 6a43ec4bcf chore: fix policies (#8449 ) Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>		2023-09-19 10:28:58 +00:00
..
01-policy.yaml	Migrate validate e2e tests to kuttl tests (#5483 )	2022-11-28 14:04:21 +00:00
02-create-good.yaml	Migrate validate e2e tests to kuttl tests (#5483 )	2022-11-28 14:04:21 +00:00
03-create-bad.yaml	chore: improve a few kuttl tests using shouldFail instead of commands (#6791 )	2023-04-05 15:47:01 +00:00
bad.yaml	Migrate validate e2e tests to kuttl tests (#5483 )	2022-11-28 14:04:21 +00:00
policy-ready.yaml	Migrate validate e2e tests to kuttl tests (#5483 )	2022-11-28 14:04:21 +00:00
policy.yaml	chore: fix policies (#8449 )	2023-09-19 10:28:58 +00:00
README.md	Migrate validate e2e tests to kuttl tests (#5483 )	2022-11-28 14:04:21 +00:00

README.md

Description

This test is migrated from e2e. It tests an imageRegistry context lookup for a "real" image and states that an image built to run as root can only come from GHCR.

Expected Behavior

If an image is built to run as root user and it does NOT come from GHCR, the Pod is blocked. If it either isn't built to run as root OR it is built to run as root and does come from GHCR, it is allowed.

Reference Issue(s)

N/A