mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-05 15:37:19 +00:00
a43a20adb9
* feat: add cli values schema Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * docs Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * makefile Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * v1alpha1 Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * nits Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
109 lines
2.8 KiB
Go
109 lines
2.8 KiB
Go
package common
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/apis/v1alpha1"
|
|
"gotest.tools/assert"
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
)
|
|
|
|
var policyNamespaceSelector = []byte(`{
|
|
"apiVersion": "kyverno.io/v1",
|
|
"kind": "ClusterPolicy",
|
|
"metadata": {
|
|
"name": "enforce-pod-name"
|
|
},
|
|
"spec": {
|
|
"validationFailureAction": "audit",
|
|
"background": true,
|
|
"rules": [
|
|
{
|
|
"name": "validate-name",
|
|
"match": {
|
|
"resources": {
|
|
"kinds": [
|
|
"Pod"
|
|
],
|
|
"namespaceSelector": {
|
|
"matchExpressions": [
|
|
{
|
|
"key": "foo.com/managed-state",
|
|
"operator": "In",
|
|
"values": [
|
|
"managed"
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"validate": {
|
|
"message": "The Pod must end with -nginx",
|
|
"pattern": {
|
|
"metadata": {
|
|
"name": "*-nginx"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
`)
|
|
|
|
func Test_GetGitBranchOrPolicyPaths(t *testing.T) {
|
|
type TestCase struct {
|
|
gitBranch string
|
|
repoURL string
|
|
policyPath string
|
|
desiredBranch, actualBranch string
|
|
desiredPathToYAMLs, actualPathToYAMLs string
|
|
}
|
|
testcases := []TestCase{
|
|
{
|
|
gitBranch: "main",
|
|
repoURL: "https://github.com/kyverno/policies",
|
|
policyPath: "https://github.com/kyverno/policies/openshift/team-validate-ns-name/",
|
|
desiredBranch: "main",
|
|
desiredPathToYAMLs: "/openshift/team-validate-ns-name/",
|
|
},
|
|
{
|
|
gitBranch: "",
|
|
repoURL: "https://github.com/kyverno/policies",
|
|
policyPath: "https://github.com/kyverno/policies/",
|
|
desiredBranch: "main",
|
|
desiredPathToYAMLs: "/",
|
|
},
|
|
{
|
|
gitBranch: "",
|
|
repoURL: "https://github.com/kyverno/policies",
|
|
policyPath: "https://github.com/kyverno/policies",
|
|
desiredBranch: "main",
|
|
desiredPathToYAMLs: "/",
|
|
},
|
|
}
|
|
|
|
for _, tc := range testcases {
|
|
tc.actualBranch, tc.actualPathToYAMLs = GetGitBranchOrPolicyPaths(tc.gitBranch, tc.repoURL, tc.policyPath)
|
|
if tc.actualBranch != tc.desiredBranch || tc.actualPathToYAMLs != tc.desiredPathToYAMLs {
|
|
t.Errorf("Want %q got %q OR Want %q got %q", tc.desiredBranch, tc.actualBranch, tc.desiredPathToYAMLs, tc.actualPathToYAMLs)
|
|
}
|
|
}
|
|
}
|
|
|
|
func Test_getSubresourceKind(t *testing.T) {
|
|
podAPIResource := metav1.APIResource{Name: "pods", SingularName: "", Namespaced: true, Kind: "Pod"}
|
|
podEvictionAPIResource := metav1.APIResource{Name: "pods/eviction", SingularName: "", Namespaced: true, Group: "policy", Version: "v1", Kind: "Eviction"}
|
|
|
|
subresources := []v1alpha1.Subresource{
|
|
{
|
|
Subresource: podEvictionAPIResource,
|
|
ParentResource: podAPIResource,
|
|
},
|
|
}
|
|
|
|
subresourceKind, err := getSubresourceKind("", "Pod", "eviction", subresources)
|
|
assert.NilError(t, err)
|
|
assert.Equal(t, subresourceKind, "Eviction")
|
|
}
|