Kuttl tests for all policies

Question

Kuttl tests for all policies

Closed this issue a year ago · 3 comments

Kyverno conducts its end-to-end testing using a tool called kuttl which has been forked and significantly enhanced with features designed to test concerns that policy engines have. While the Kyverno project has a significant library of tests which cover various facets of Kyverno, there are no tests which cover each of the policies in the policy library here.

In this mentorship, you will learn the kuttl tool, which is quite simple to use, and provide coverage for all the policies in the kyverno/policies repository (some of which have already been done). As part of your application, please see the Cover Letter section and be prepared to answer the challenge.

Cover Letter

The Kyverno project receives many applicants for Linux Foundation mentorships. In order to select the most qualified and motivated candidate, in this mentorship we are asking you to read and respond to this challenge as a component of your cover letter. The response in your cover letter should not exceed more than one additional page in length.

Please also understand that this mentorship is full time in which the candidate is expected to deliver a 40-hour work week or show equivalent progress. If you cannot make this commitment, please do not apply.

The Challenge

The kuttl tool is simple to learn and understand as it allows a declarative approach to testing of Kubernetes applications and does not require any programming language to write or understand tests. Tests are simply a collection of Kubernetes manifests and, sometimes, potentially some commands or very simple scripts when manifests alone are insufficient.

After spending a small amount of time with kuttl, review the many example tests here and propose a test for this Kyverno policy below. Use the scaffolding directory here as template for the starter files necessary. If any additional test case files are needed, find them in its parent directory. Kyverno's fork of kuttl can be installed simply with go install github.com/kyverno/kuttl/cmd/kubectl-kuttl@main. The selected candidate will have the following as part of the cover letter's response.

The correct files in use.
A description of the test and why the test is needed.
Test cases, with an explanation, of the various angles needed to ensure that the policy works correctly in the majority of scenarios.
A link to a publicly-accessible git repo (GitHub suggested) containing all the files needed to test the cases.

apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
  name: lfx-add-labels
spec:
  rules:
  - name: lfx-mentorship
    match:
      any:
      - resources:
          kinds:
          - ConfigMap
          namespaces:
            - "team-*"
    mutate:
      patchStrategicMerge:
        metadata:
          labels:
            +(lfx-mentorship): kyverno

Answer 1 · 2023-05-10T11:46:37.000Z

For any applicant questions on preparing an application for this mentorship, please use Q & A Discussions category.

Answer 2 · 2023-05-11T13:16:05.000Z

I am interested

Answer 3 · 2023-10-10T12:25:20.000Z

Closed by the LFX Summer '23 mentorship.