UNCLASSIFIED - NO CUI

Skip to content

Support for Testing Policies with Kyverno CLI

Benjamin Garman requested to merge kyverno-cli-testing into main

In order to use these Kyverno Policy helm chart templates with the Kyverno CLI, in order to do testing in the way Kyverno recommends, as well as to support also using them in CI/CD using the Kyverno CLI, we needed some documentation around how to do that. This merge request does the following.

  1. Updates the docs/testing.md, so that both Helm Test and Kyverno CLI have sections with samples and instructions on how to use them.
  2. Adds in existing Kyverno CLI tests as folders "best-practices", "pod-security", and "pod-scheduling". Since the vendor Kyverno already provides working tests for many policies, that already work with the Kyverno CLI, and to allow for simplier maintenance from later updates from Kyverno, let's bring over the working tests that Kyverno provides, in the same folder structure they provide. We only brought over those policies that were either already included in this repo, or are going to be included but another merge request shortly.
  3. Adds a .gitignore, to ignore Mac DS files, and to allow for an optional custom values file and output directory, that can be used for testing, that will not be committed to the repo.
  4. Updated the chart version

Associated with this issue. #36 (closed)

Edited by Benjamin Garman

Merge request reports