Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Chainsaw Tests] Add Chainsaw test for Bare Pods #1057

Merged
merged 9 commits into from
Jul 14, 2024
Merged

[Chainsaw Tests] Add Chainsaw test for Bare Pods #1057

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
e097b3d
Added chainsaw tests for bare pods. Created a test pod and the corres…
Jay179-sudo Jun 29, 2024
7cb9097
Reduced scheduled time from five minutes to one
Jay179-sudo Jul 2, 2024
300473c
Created a separate test policy referenced by the chainsaw test. Undid…
Jay179-sudo Jul 2, 2024
bf311b4
Update cleanup/cleanup-bare-pods/clusterrole.yaml
chipzoller Jul 2, 2024
e98d9d3
Update cleanup/cleanup-bare-pods/clusterrole.yaml
chipzoller Jul 2, 2024
b7f07de
Cleaned up and moved the clusterrole file. Applied a patch to reduce …
Jay179-sudo Jul 2, 2024
2a515a1
fixed file name to cluster-role
Jay179-sudo Jul 5, 2024
6c94376
minor fix
Jay179-sudo Jul 6, 2024
41e97a0
Merge branch 'main' into bare-pods-test
chipzoller Jul 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 30 additions & 0 deletions cleanup/cleanup-bare-pods/.chainsaw-test/chainsaw-test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
apiVersion: chainsaw.kyverno.io/v1alpha1
kind: Test
metadata:
name: cleanup-bare-pods
spec:
steps:
- name: apply clusterrole
try:
- apply:
file: ../clusterrole.yaml
- name: create a bare pod
try:
- apply:
file: pod.yaml
- assert:
file: pod.yaml
- name: apply cleanup policy
try:
- apply:
file: ../cleanup-bare-pods.yaml
- assert:
file: ../cleanup-bare-pods.yaml
- name: wait for scheduled deletion
try:
- sleep:
duration: 1m30s
- name: check for bare pod
try:
- error:
file: pod.yaml
8 changes: 8 additions & 0 deletions cleanup/cleanup-bare-pods/.chainsaw-test/pod.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
apiVersion: v1
kind: Pod
metadata:
name: bare-pod
spec:
containers:
- name: nginx
image: nginx:1.14.1
2 changes: 1 addition & 1 deletion cleanup/cleanup-bare-pods/cleanup-bare-pods.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,4 +28,4 @@ spec:
- key: "{{ target.metadata.ownerReferences[] || `[]` }}"
operator: Equals
value: []
schedule: "*/5 * * * *"
schedule: "*/1 * * * *"
Jay179-sudo marked this conversation as resolved.
Show resolved Hide resolved
20 changes: 20 additions & 0 deletions cleanup/cleanup-bare-pods/clusterrole.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
namespace: kyverno
labels:
app.kubernetes.io/component: cleanup-controller
app.kubernetes.io/instance: kyverno
app.kubernetes.io/part-of: kyverno
name: kyverno:cleanup-controller:temp
chipzoller marked this conversation as resolved.
Show resolved Hide resolved
rules:
- apiGroups:
- ""
resources:
- "pods"
chipzoller marked this conversation as resolved.
Show resolved Hide resolved
verbs:
- get
- watch
- list
- delete