added configs

Signed-off-by: hackeramitkumar <[email protected]>

Author: hackeramitkumar

Deployment1.yml

@@ -1,4 +1,4 @@
-# verified
+#verified
 apiVersion: apps/v1
 kind: Deployment
 metadata:

cli-tests/kuttl-tests/policy.yaml

@@ -0,0 +1,28 @@
+apiVersion: kyverno.io/v1
+kind: ClusterPolicy
+metadata:
+  name: check-image
+spec:
+  validationFailureAction: Enforce
+  background: false
+  webhookTimeoutSeconds: 30
+  failurePolicy: Fail
+  rules:
+    - name: check-image
+      match:
+        any:
+        - resources:
+            kinds:
+              - Deployment
+      verifyImages:
+      - imageReferences:
+        - "ghcr.io/hackeramitkumar*"
+        attestors:
+        - count: 1
+          entries:
+          - keys:
+              publicKeys: |-
+                -----BEGIN PUBLIC KEY-----
+                MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFN8gGjQua2g8N+aLx3Eff+/j5HxL
+                bV+H2z50/0A4d8XyMUvizPQBtcgei43pqLj1850m3wSwI08z2+6zT1QaEg==
+                -----END PUBLIC KEY-----

cli-tests/kuttl-tests/resource_01.yaml

@@ -0,0 +1,20 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: nginx
+  name: nginx-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - image: ghcr.io/hackeramitkumar/test5:app
+        name: nginx
+        resources: {}

cli-tests/kuttl-tests/resource_02.yaml

@@ -0,0 +1,20 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: nginx
+  name: nginx-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - image: ghcr.io/hackeramitkumar/test5:app2
+        name: nginx
+        resources: {}

cli-tests/resources.yaml

@@ -7,7 +7,7 @@ spec:
     - name: signed
       image: ghcr.io/hackeramitkumar/test5:app
     - name: unsigned
-      image: ghcr.io/hackeramitkumar/test5:app2
+      image: ghcr.io/hackeramitkumar/test6:app
 ---
 apiVersion: v1
 kind: Pod

kubeconfig

@@ -0,0 +1,17 @@
+clusters:
+- cluster:
+    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUMvakNDQWVhZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJek1EY3dOakV3TXpRMU4xb1hEVE16TURjd016RXdNelExTjFvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTzFFClpXaElHSm9YYk9VbkxoYWN4YVQ1VXh6cktPYUZIdytMdnpwRHR5SlRHVC9Ba0w4bWFDZE1jR0ZxdVpXZUxKSlcKc1ZGSDRrQmpnVmlmQ3QveHFCUVJxL0VoWUFBQUs5elBhMGFhUFlVdmdGYlllSDhaK2kxY2NLa0JzRlZlK2tReQpLcjNHdjI0VGxqNlo3d3c1b2l6Yzcxa0ExUW8wQnR6VUZMeFN3Q2lnaVI5SW9GeEMzWXFFLzJOell0S3lUY2dJCmUwOW9NYWw3Mys3Z0dKM1RLSDBETFNtUnp1dWxNREs5VVR3OVIyQmdkSkVrd3JpSC9xaXVIb0pnMXF3cHZxVmUKOC9qSS9FeEFhL2Y1REJXTlQ1dTNiRkFWY1J1RzY1T0lLZVlzZ2Jnd2FQRTZkeEtkZ2g1TUx3bERrbHBXSlZ4Lwp3UHd0UmR6YzVYMzJBQml5dUFjQ0F3RUFBYU5aTUZjd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZCM2M4cUErT2JJcGFlNHJqc091WGhPMjQ4RExNQlVHQTFVZEVRUU8KTUF5Q0NtdDFZbVZ5Ym1WMFpYTXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSlJDU2FPcWhCZUVYN3NxUUJKOQozQzMzTzFkOWVaaGM1cnNuYWJ3ZDNUREdSN3Z0U09kUENyb1ByNHNtT1BBME5Ic2wyTjNoNEsyZVdEdDVGOXNrCnhCMEdPVEhHTGdCNVFxSUxLSkFaVXlxb2d0akg3UnpZMU90U0pwNGNYbGVtbHA4NTllUE9kekZzMjNlR3pJenkKT2FBcEptcVM4OERlWWZTM1VxZlFKcStkRTlwWWZHOGtuUXJtb1hZbXdDVUh5V1N6a0tIOGszUThxcElOREYwdgpCbEVJYXdoVEhNOXhiREJJZDc2LzlNOEZkUVFJS1F5TVIzMGFpV3YrMEcxMVdMM3J4blNaWkk3L05helNHcDBMCktmQXFDUE1JY1RaWGJlZEZNSFQ3OTZvck11Y3YzdTFIbzQ0VU9maDk3bkl0K2hSWGtOZkhESG0zRjNFa1g2Y3YKMXo0PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+    server: https://127.0.0.1:35381
+  name: cluster
+contexts:
+- context:
+    cluster: cluster
+    user: user
+  name: cluster
+current-context: cluster
+preferences: {}
+users:
+- name: user
+  user:
+    client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURJVENDQWdtZ0F3SUJBZ0lJSi94TWxmMVlSRHN3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TXpBM01EWXhNRE0wTlRkYUZ3MHlOREEzTURVeE1ETTBOVGxhTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXdZNXFFdk1MQzJ1VlZPTjYKZWVONm4rdVdHbUFkdnNQOEpBY0lscjErNy9RUE5DcVcwZ2lPUkdzaVhiYU9SM04wZExLSzhDKzhrcU9NRzNDRgoyUHFiOG1SeXlIUUNaZTFqRVA2dzVockpYWUlmbGlnRHY0azh2bWJLUkNzaFB2OUJIYXhPYjFJU0xLa0VyVmIrCjcxelpmQXlnQi9vZG5XWCtNVjNVa1dmS1k3RTg3c1VVcTlhMTRoSnU2MmxMc3hjcktqakpScEhBc1pSMHpUbisKM0FMOVhQMDdrVk5NWjhNelJjakRUNmkwNHRGWC9YN1IzRU5lSUNYbFk1dHdzMnhucitBT2Z6aDA3eStDVkJlQQp4MVBHVkxiYWVOcXlSZzExb3pKdjBndEsvUDFRbHQrS0R0S1JXZXhyWTFxZytKV2QzajZjTldLbWNVVmxYM2lNCndwdWV2d0lEQVFBQm8xWXdWREFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RBWURWUjBUQVFIL0JBSXdBREFmQmdOVkhTTUVHREFXZ0JRZDNQS2dQam15S1dudUs0N0RybDRUdHVQQQp5ekFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBSlo2aGR6azh1R3RWMkY2SzVuQVN6dlJrakxYekpZZVlUbFo3ClpJMGVKelMzcVI3NkFBeU5IQ29MdlY4MnVqV3pCWTN0dUxxQWZLejlpNm5xeFNpcjFQQ3U0ZGhyVEM1bVhUNE8KQ3FwdHhHbFUwTEwwemk3ZkNOUVVwQzVmSEtQemJIOXBhMTlTTzhJMGcrcWlWVGY5WENOU2RGSTF2TmxhUTlpSwpSZlA4R005WWo4QzdSR1RhWTNZOHovaE9qRnpJNDFGOHRabXNZWEFjVkxWcEJKT29wM3h5WGJVTy9OWWEvNGJwCllwdEsrU3E5Rjh3L1pGdlZ5NFhVd1FYTkFtMXlpYTV6a3pPV055R1h1ckdTSDQ4U1JabnhHT1BkQk56RVVmZWQKVGV0YUd1NXZ3a1J6UTZSVnM4VEdtS3NxRnJnRGw2aFhpdWNCYXVBVUhXa3NkeDMyd0E9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+    client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcGdJQkFBS0NBUUVBd1k1cUV2TUxDMnVWVk9ONmVlTjZuK3VXR21BZHZzUDhKQWNJbHIxKzcvUVBOQ3FXCjBnaU9SR3NpWGJhT1IzTjBkTEtLOEMrOGtxT01HM0NGMlBxYjhtUnl5SFFDWmUxakVQNnc1aHJKWFlJZmxpZ0QKdjRrOHZtYktSQ3NoUHY5QkhheE9iMUlTTEtrRXJWYis3MXpaZkF5Z0Ivb2RuV1grTVYzVWtXZktZN0U4N3NVVQpxOWExNGhKdTYybExzeGNyS2pqSlJwSEFzWlIwelRuKzNBTDlYUDA3a1ZOTVo4TXpSY2pEVDZpMDR0RlgvWDdSCjNFTmVJQ1hsWTV0d3MyeG5yK0FPZnpoMDd5K0NWQmVBeDFQR1ZMYmFlTnF5UmcxMW96SnYwZ3RLL1AxUWx0K0sKRHRLUldleHJZMXFnK0pXZDNqNmNOV0ttY1VWbFgzaU13cHVldndJREFRQUJBb0lCQVFDenl5TnpXTHFBc0QyMQo3ZHllRHBXZ3FZajBGU1pzUnNjWGZFVVpLUXNadi83RGVYQkJ4OXJIYVRFeUZkclNPa2dLQXJPVzZ2RGkwZkxhCnBrcGV4R1JKNDg3UHJ4dHZMUFNpRzhPYzYzTHpYbVVTNlRhYUc5UUdGWnQ3ZVFqWDZPbkdzNERrWFRzdXF3NEMKS2xhRGFCOUo0THhpekkzbjRJOGZza1k3ajByc0VGM2pNNy92Zko2UnkzU09lQW9ua1lZS21VdmU0VDlQc09hdgpDOW5lZFJhMEoxZmQvWXJwMTRjaXpkcjg2UmcxM1NqR2E5RXlxa3RZNG1RNUxlWGVqYU14SEQ5REVNZ2JEUHh5CkNRazVKS1BrbUtyNjk4VGtIZjFhSmRJTmlIRHBOMUY1SnlGYUlBbHh6bGpkMVFwQzc5Mm9NcHBtN2RoK085MEMKVTViNTNBS1pBb0dCQVBwQkRkMVAwNFpMRmdNeDd2TlMrNGs2RVNBaTdLUjREVDdPaUhES3pOdkFuTzVjZTVIMApGQlZFc0lXTFNPd0VqQWZ0VVJTbTl1eHNqTkliV0JKNnR5OHZLSzlFUkNjT3BrR2FMaDJHNk9KY0tUKzJJWkRaCjl5TFQvZW5EeDk1WVFsOWVMSDV2M0pKdnBpRm5HZUs0L29VMGQ2bVk4bm1YSEtkM245K1lzZjdiQW9HQkFNWUEKR2U3SStyN3VRODEzWU1pTDdXK1ZvdldjTFpvUzh1SXRVN1pJMDAzZnJ6WkxpbWRMOEZnYks5SlNMRlZnZFQvVgpPQ0c2TDJISHFHbEd0eEx1QVN3Q25QUVBOMEVtRGw3ZWR5Z1RSbmtyb2FDVkNPTVJadzJOcVlVWWJ3V2tpa0JtCk00cWxlQXd2K2dWSjEreUcxN1R0blVXS0krdW5oLzg3am9xcXBHcnRBb0dCQU91WVJ2Y3M2WlFxS0NVRjQxRUwKdEdaeVZpRU0vLyt1VGJudE1pSU5xbUxQcUczMmZ4YmUwL0ZaNDEwMXpZYjBtT2Yxa1RtQ0hrQmh5UWtjV1FPOApwNnd5RjNrNUtYZ2pvSDF1S3kvOURFM2VPYThUUmZKYVlRRlcxbG8yeUhrWVdoUHlVcTBObm5mMXlFNzJBemFnCnRteXRBbUtWN09CdlZMaU1NK1NLbWplMUFvR0JBSVJrV3ZLMFJoMVdtZFdRQmhIeXBqK2ZVWWhpOW9iNE5wbVAKYjFNS1hPZk1NbzdlY2R2aUJnSVRvUGlQNDM3dThWZE9UYXNYb0VrRVJKS29LdytvUHZaYmhQRVlIMzBiWWk2RApHQytldTllWG1nb1N2UTkvZW1Xd25ISVhSVjBEaVVISVZKeFhTZTcwUVh3NXhQd3RxWndiNmJZdXlSZndQRm9vClM0WmkxVzk5QW9HQkFKd1Nic1NNc3I2aVIwLzVKbEV3WW1qMTcrUXhDWVFoV0MyOHJBcFpvVG9IQWpJTURPOHUKS3B5RHgrTWFVdm5FaldZK2hpeUtld3pxUXhhMVVBbFZyeFdCdFlBczFVVEFiSlJJWHN3dUYzWW9iNkg0VkxqdwpIVHRRNHBYTTNYVkFPRHZaNzJpTUhINzBiZmxmbnd6QmhNbHgzUzZNaTUwRTQ2RXhJcnJlM2djUAotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=

policy3.yml

@@ -14,7 +14,6 @@ spec:
         - resources:
             kinds:
               - Deployment
-              - Pod
       verifyImages:
       - imageReferences:
         - "ghcr.io/hackeramitkumar*"
@@ -26,4 +25,4 @@ spec:
                 -----BEGIN PUBLIC KEY-----
                 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFN8gGjQua2g8N+aLx3Eff+/j5HxL
                 bV+H2z50/0A4d8XyMUvizPQBtcgei43pqLj1850m3wSwI08z2+6zT1QaEg==
-                -----END PUBLIC KEY-----                
+                -----END PUBLIC KEY-----