kyverno/test/cli/registry/kyverno-test.yaml

apiVersion: cli.kyverno.io/v1alpha1
kind: Test
metadata:
  name: kyverno-test.yaml
policies:
- image-example.yaml
resources:
- resources.yaml
results:
- kind: Pod
  policy: check-image-base
  resources:
  - test-pod-with-trusted-registry
  result: pass
  rule: check-image-base-rule
- kind: Pod
  policy: check-manifest-list
  resources:
  - test-pod-with-single-arch-no-index
  result: fail
  rule: check-manifest-list-rule
- kind: Pod
  policy: check-manifest-list
  resources:
  - test-pod-with-trusted-registry
  - test-pod-with-single-arch-index
  result: pass
  rule: check-manifest-list-rule
- kind: Pod
  policy: images
  resources:
  - test-pod-with-non-root-user-image
  - test-pod-with-trusted-registry
  result: pass
  rule: only-allow-trusted-images