diff --git a/other-cel/prevent-cr8escape/.chainsaw-test/pods-good.yaml b/other-cel/prevent-cr8escape/.chainsaw-test/pods-good.yaml index 584456add..2281fcfca 100644 --- a/other-cel/prevent-cr8escape/.chainsaw-test/pods-good.yaml +++ b/other-cel/prevent-cr8escape/.chainsaw-test/pods-good.yaml @@ -18,11 +18,11 @@ kind: Pod metadata: name: goodpod02 spec: - securityContext: - allowPrivilegeEscalation: false containers: - name: busybox image: ghcr.io/kyverno/test-busybox:1.35 + securityContext: + allowPrivilegeEscalation: false --- apiVersion: v1 kind: Pod @@ -31,5 +31,4 @@ metadata: spec: containers: - name: busybox - image: ghcr.io/kyverno/test-busybox:1.35 - + image: ghcr.io/kyverno/test-busybox:1.35 \ No newline at end of file diff --git a/other-cel/restrict-ingress-classes/.chainsaw-test/ingress-bad.yaml b/other-cel/restrict-ingress-classes/.chainsaw-test/ingress-bad.yaml index bbacc6aa1..a0472832c 100644 --- a/other-cel/restrict-ingress-classes/.chainsaw-test/ingress-bad.yaml +++ b/other-cel/restrict-ingress-classes/.chainsaw-test/ingress-bad.yaml @@ -7,7 +7,7 @@ metadata: spec: rules: - host: endpoint01 - https: + http: paths: - backend: service: @@ -27,7 +27,7 @@ metadata: spec: rules: - host: endpoint01 - https: + http: paths: - path: /testpath pathType: Prefix diff --git a/other-cel/restrict-ingress-classes/.chainsaw-test/ingress-good.yaml b/other-cel/restrict-ingress-classes/.chainsaw-test/ingress-good.yaml index 997bb6f42..7e1eda7a6 100644 --- a/other-cel/restrict-ingress-classes/.chainsaw-test/ingress-good.yaml +++ b/other-cel/restrict-ingress-classes/.chainsaw-test/ingress-good.yaml @@ -8,7 +8,7 @@ metadata: spec: rules: - host: endpoint01 - https: + http: paths: - backend: service: @@ -28,7 +28,7 @@ metadata: spec: rules: - host: endpoint01 - https: + http: paths: - path: /testpath pathType: Prefix diff --git a/other-cel/restrict-ingress-defaultbackend/.chainsaw-test/ingress-good.yaml b/other-cel/restrict-ingress-defaultbackend/.chainsaw-test/ingress-good.yaml index e35151a01..039aa593b 100644 --- a/other-cel/restrict-ingress-defaultbackend/.chainsaw-test/ingress-good.yaml +++ b/other-cel/restrict-ingress-defaultbackend/.chainsaw-test/ingress-good.yaml @@ -5,7 +5,7 @@ metadata: spec: rules: - host: endpoint01 - https: + http: paths: - backend: service: @@ -22,7 +22,7 @@ metadata: spec: rules: - host: endpoint01 - https: + http: paths: - path: /testpath pathType: Prefix diff --git a/other-cel/restrict-ingress-wildcard/.chainsaw-test/ingress-bad.yaml b/other-cel/restrict-ingress-wildcard/.chainsaw-test/ingress-bad.yaml index f54f1e3bf..c69567878 100644 --- a/other-cel/restrict-ingress-wildcard/.chainsaw-test/ingress-bad.yaml +++ b/other-cel/restrict-ingress-wildcard/.chainsaw-test/ingress-bad.yaml @@ -5,7 +5,7 @@ metadata: spec: rules: - host: "*.foo.bar" - https: + http: paths: - backend: service: @@ -22,7 +22,7 @@ metadata: spec: rules: - host: foo-bar - https: + http: paths: - path: /testpath pathType: Prefix @@ -32,7 +32,7 @@ spec: port: number: 80 - host: "*.example.com" - https: + http: paths: - path: /testpath pathType: Prefix @@ -49,7 +49,7 @@ metadata: spec: rules: - host: "*.bar" - https: + http: paths: - path: /testpath pathType: Prefix @@ -59,7 +59,7 @@ spec: port: number: 80 - host: foo-bar - https: + http: paths: - path: /testpath pathType: Prefix diff --git a/other-cel/restrict-ingress-wildcard/.chainsaw-test/ingress-good.yaml b/other-cel/restrict-ingress-wildcard/.chainsaw-test/ingress-good.yaml index aa30b1149..e9a9e1222 100644 --- a/other-cel/restrict-ingress-wildcard/.chainsaw-test/ingress-good.yaml +++ b/other-cel/restrict-ingress-wildcard/.chainsaw-test/ingress-good.yaml @@ -5,7 +5,7 @@ metadata: spec: rules: - host: endpoint01 - https: + http: paths: - backend: service: @@ -22,7 +22,7 @@ metadata: spec: rules: - host: endpoint02 - https: + http: paths: - path: /testpath pathType: Prefix @@ -32,7 +32,7 @@ spec: port: number: 80 - host: endpoint01 - https: + http: paths: - path: /testpath pathType: Prefix diff --git a/other-cel/restrict-node-affinity/.chainsaw-test/pod-good.yaml b/other-cel/restrict-node-affinity/.chainsaw-test/pod-good.yaml index 9a580464e..1d308f3ec 100644 --- a/other-cel/restrict-node-affinity/.chainsaw-test/pod-good.yaml +++ b/other-cel/restrict-node-affinity/.chainsaw-test/pod-good.yaml @@ -14,14 +14,16 @@ metadata: spec: affinity: podAffinity: - prefferedDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: bar - operator: In - values: - - bar - topologyKey: topology.kubernetes.io/zone + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: bar + operator: In + values: + - bar + topologyKey: topology.kubernetes.io/zone podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 @@ -35,5 +37,4 @@ spec: topologyKey: topology.kubernetes.io/zone containers: - name: busybox - image: ghcr.io/kyverno/test-busybox:1.35 - + image: ghcr.io/kyverno/test-busybox:1.35 \ No newline at end of file diff --git a/other-cel/restrict-node-affinity/.chainsaw-test/podcontroller-bad.yaml b/other-cel/restrict-node-affinity/.chainsaw-test/podcontroller-bad.yaml index 91480ac42..6740a7267 100644 --- a/other-cel/restrict-node-affinity/.chainsaw-test/podcontroller-bad.yaml +++ b/other-cel/restrict-node-affinity/.chainsaw-test/podcontroller-bad.yaml @@ -52,5 +52,4 @@ spec: containers: - name: busybox image: ghcr.io/kyverno/test-busybox:1.35 - restartPolicy: OnFailure - + restartPolicy: OnFailure \ No newline at end of file diff --git a/other-cel/restrict-node-affinity/.chainsaw-test/podcontroller-good.yaml b/other-cel/restrict-node-affinity/.chainsaw-test/podcontroller-good.yaml index 52bce5597..bd3d0113a 100644 --- a/other-cel/restrict-node-affinity/.chainsaw-test/podcontroller-good.yaml +++ b/other-cel/restrict-node-affinity/.chainsaw-test/podcontroller-good.yaml @@ -17,14 +17,16 @@ spec: spec: affinity: podAffinity: - prefferedDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: bar - operator: In - values: - - bar - topologyKey: topology.kubernetes.io/zone + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: bar + operator: In + values: + - bar + topologyKey: topology.kubernetes.io/zone containers: - name: busybox image: ghcr.io/kyverno/test-busybox:1.35 @@ -42,5 +44,4 @@ spec: containers: - name: busybox image: ghcr.io/kyverno/test-busybox:1.35 - restartPolicy: OnFailure - + restartPolicy: OnFailure \ No newline at end of file diff --git a/other-cel/restrict-node-affinity/.kyverno-test/resource.yaml b/other-cel/restrict-node-affinity/.kyverno-test/resource.yaml index d3f7d1d9f..3ff3f7add 100644 --- a/other-cel/restrict-node-affinity/.kyverno-test/resource.yaml +++ b/other-cel/restrict-node-affinity/.kyverno-test/resource.yaml @@ -88,5 +88,4 @@ spec: cpu: "500m" limits: memory: "256Mi" - cpu: "500m" - + cpu: "500m" \ No newline at end of file