feat: support expansion in gator verify #3650
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #3650 +/- ##
==========================================
- Coverage 54.49% 47.65% -6.85%
==========================================
Files 134 236 +102
Lines 12329 19777 +7448
==========================================
+ Hits 6719 9425 +2706
- Misses 5116 9465 +4349
- Partials 494 887 +393
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
|
Are we going to add |
David-Jaeyoon-Lee
force-pushed
the
davjlee/feature/gator-verify-expansion
branch
from
b15146f
to
f9e6699
Compare
There was a problem hiding this comment.
@David-Jaeyoon-Lee LGTM after gator tests are modified for expansion template, this might help adding those tests David-Jaeyoon-Lee#2.
I think I added similar tests in this pr already. Or am I misunderstanding something? What specifically do we want to modify? Edit: Nevermind I see |
Signed-off-by: David-Jaeyoon-Lee <[email protected]>
Signed-off-by: David-Jaeyoon-Lee <[email protected]>
Signed-off-by: David-Jaeyoon-Lee <[email protected]>
Signed-off-by: David-Jaeyoon-Lee <[email protected]>
Signed-off-by: David-Jaeyoon-Lee <[email protected]>
…or gator verify Signed-off-by: David-Jaeyoon-Lee <[email protected]>
David-Jaeyoon-Lee
force-pushed
the
davjlee/feature/gator-verify-expansion
branch
from
d3892b4
to
8339ab4
Compare
Signed-off-by: David-Jaeyoon-Lee <[email protected]>
…ator-verify-expansion
|
@David-Jaeyoon-Lee you will probably need to update docs as well to let users know how to use this. This is probably the best place to include that information - https://open-policy-agent.github.io/gatekeeper/website/docs/gator#the-gator-verify-subcommand. I am ok with a follow up PR to update the docs. @maxsmythe @ritazh @sozercan wdyt? |
Signed-off-by: David-Jaeyoon-Lee <[email protected]>
| @@ -128,7 +128,7 @@ gator test --filename=manifests-and-policies/ --output=json | |||
| `gator verify` organizes tests into three levels: Suites, Tests, and Cases: | |||
|
|
|||
| - A Suite is a file which defines Tests. | |||
| - A Test declares a ConstraintTemplate, a Constraint, and Cases to test the | |||
| - A Test declares a ConstraintTemplate, a Constraint, an ExpansionTemplate (optional), and Cases to test the | |||
There was a problem hiding this comment.
Is it necessary to add here or should it just be a separate section.
| @@ -162,6 +162,8 @@ ConstraintTemplate. It is an error for the Constraint to have a different type | |||
| than that defined in the ConstraintTemplate spec.crd.spec.names.kind, or for the | |||
| ConstraintTemplate to not compile. | |||
|
|
|||
| A Test can also optionally compile an ExpansionTemplate. | |||
| @@ -264,6 +266,25 @@ the `run` flag: | |||
| gator verify path/to/suites/... --run "disallowed" | |||
| ``` | |||
|
|
|||
| ### Validating Generated Resources with ExpansionTemplates | |||
There was a problem hiding this comment.
Not sure if this is too much or if its not enough (i.e. no example or a more complete example).
What this PR does / why we need it:
It allows for expansion in gator verify.
Which issue(s) this PR fixes (optional, using
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when the PR gets merged):Fixes #3432
Special notes for your reviewer: