Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add test suites for second half of PSP policies #133

Merged
merged 3 commits into from
Dec 16, 2021
Merged

Add test suites for second half of PSP policies #133

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
71930ac
Add test suites for second half of PSP policies
maxsmythe Nov 12, 2021
aec606b
Add names to suites
maxsmythe Dec 15, 2021
6072179
Merge branch 'master' into add-tests
maxsmythe Dec 16, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add names to suites 
Signed-off-by: Max Smythe <smythe@google.com>
  • Loading branch information
@maxsmythe
maxsmythe committed Dec 15, 2021
commit aec606b7f0ecd6b9ac74ee04eca090712a94d735
2 changes: 2 additions & 0 deletions library/general/allowedrepos/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: allowedrepos
tests:
- name: allowed-repos
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/block-endpoint-edit-default-role/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: block-endpoint-edit-default-role
tests:
- name: block-endpoint-default-role
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/block-nodeport-services/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: block-nodeport-services
tests:
- name: block-nodeport-services
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/containerlimits/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: containerlimits
tests:
- name: container-limits
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/containerresourceratios/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: containerresourceratios
tests:
- name: block-endpoint-default-role
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/disallowedtags/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: disallowedtags
tests:
- name: block-endpoint-default-role
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/externalip/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: externalip
tests:
- name: block-endpoint-default-role
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/httpsonly/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: httpsonly
tests:
- name: block-endpoint-default-role
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/imagedigests/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: imagedigests
tests:
- name: block-endpoint-default-role
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/replicalimits/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: replicalimits
tests:
- name: block-endpoint-default-role
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/requiredannotations/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: requiredannotations
tests:
- name: block-endpoint-default-role
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/requiredlabels/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: requiredlabels
tests:
- name: block-endpoint-default-role
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/requiredprobes/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: requiredprobes
tests:
- name: block-endpoint-default-role
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/uniqueingresshost/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: uniqueingresshost
tests:
- name: block-endpoint-default-role
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/general/uniqueserviceselector/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: uniqueserviceselector
tests:
- name: block-endpoint-default-role
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/allow-privilege-escalation/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: allow-privilege-escalation
tests:
- name: allow-privilege-escalation
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/apparmor/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: apparmor
tests:
- name: apparmor
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/capabilities/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: capabilities
tests:
- name: capabilities
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/flexvolume-drivers/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: flexvolume-drivers
tests:
- name: flexvolume-drivers
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/forbidden-sysctls/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: forbidden-sysctls
tests:
- name: forbidden-sysctls
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/fsgroup/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: fsgroup
tests:
- name: fsgroup
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/host-filesystem/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: host-filesystem
tests:
- name: host-filesystem
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/host-namespaces/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: host-namespaces
tests:
- name: host-namespace
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/host-network-ports/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: host-network-ports
tests:
- name: use-of-host-networking-ports-blocked
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/privileged-containers/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: privileged-containers
tests:
- name: privileged-containers-disallowed
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/proc-mount/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: proc-mount
tests:
- name: default-proc-mount-required
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/read-only-root-filesystem/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: read-only-root-filesystem
tests:
- name:
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/seccomp/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: seccomp
tests:
- name: default-seccomp-required
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/selinux/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: selinux
tests:
- name: require-matching-selinux-options
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/users/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: users
tests:
- name: users-and-groups-together
template: template.yaml
Expand Down
2 changes: 2 additions & 0 deletions library/pod-security-policy/volumes/suite.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
kind: Suite
apiVersion: test.gatekeeper.sh/v1alpha1
metadata:
name: volumes
tests:
- name: host-path-disallowed
template: template.yaml
Expand Down