plexsystems
diff --git a/‎.github/workflows/cron_e2e.yaml
Lines changed: 0 additions & 1 deletion b/‎.github/workflows/cron_e2e.yaml
Lines changed: 0 additions & 1 deletion
diff --git a/‎.github/workflows/pull_request.yaml
Lines changed: 0 additions & 1 deletion b/‎.github/workflows/pull_request.yaml
Lines changed: 0 additions & 1 deletion
diff --git a/‎acceptance.bats
Lines changed: 4 additions & 4 deletions b/‎acceptance.bats
Lines changed: 4 additions & 4 deletions
diff --git a/‎internal/commands/constraint_template.tpl
Lines changed: 14 additions & 5 deletions b/‎internal/commands/constraint_template.tpl
Lines changed: 14 additions & 5 deletions
diff --git a/‎internal/commands/create_test.go
Lines changed: 5 additions & 5 deletions b/‎internal/commands/create_test.go
Lines changed: 5 additions & 5 deletions
diff --git a/‎test/custom/constraint_Test.yaml
Lines changed: 0 additions & 82 deletions b/‎test/custom/constraint_Test.yaml
Lines changed: 0 additions & 82 deletions
diff --git a/‎test/output/custom/constraint_FullMetadata.yaml
Lines changed: 34 additions & 0 deletions b/‎test/output/custom/constraint_FullMetadata.yaml
Lines changed: 34 additions & 0 deletions
diff --git a/‎test/output/custom/constraint_NoMetadata.yaml
Lines changed: 6 additions & 0 deletions b/‎test/output/custom/constraint_NoMetadata.yaml
Lines changed: 6 additions & 0 deletions
diff --git a/‎test/output/custom/constraint_PartialMetadata.yaml
Lines changed: 11 additions & 0 deletions b/‎test/output/custom/constraint_PartialMetadata.yaml
Lines changed: 11 additions & 0 deletions
diff --git a/‎test/custom/template_Test.yaml renamed to ‎test/output/custom/template_FullMetadata.yaml
Lines changed: 3 additions & 3 deletions b/‎test/custom/template_Test.yaml renamed to ‎test/output/custom/template_FullMetadata.yaml
Lines changed: 3 additions & 3 deletions
@@ -65,7 +65,6 @@ jobs:
         run: |
           chmod +x ./konstraint
           ./konstraint create -o e2e-resources examples
-          ./konstraint create -o e2e-resources test
 
       - name: create kind cluster
         run: kind create cluster
 
@@ -196,7 +196,6 @@ jobs:
         run: |
           chmod +x ./konstraint
           ./konstraint create -o e2e-resources examples
-          ./konstraint create -o e2e-resources test
 
       - name: create kind cluster
         run: kind create cluster
 
@@ -19,13 +19,13 @@
 }
 
 @test "[CREATE] Creating constraints using --output matches expected output" {
-  run ./build/konstraint create test --output test
+  run ./build/konstraint create test/policies --output test/output/standard
   [ "$status" -eq 0 ]
-  git diff --quiet -- test/
+  git diff --quiet -- test/output/standard
 }
 
 @test "[CREATE] Creating constraints using --constraint-custom-template-file, --constraint-template-custom-template-file and --output matches expected output" {
-  run ./build/konstraint create test --constraint-custom-template-file internal/commands/constraint_template.tpl --constraint-template-custom-template-file internal/commands/constrainttemplate_template.tpl --partial-constraints --output test/custom
+  run ./build/konstraint create test/policies --constraint-custom-template-file internal/commands/constraint_template.tpl --constraint-template-custom-template-file internal/commands/constrainttemplate_template.tpl --partial-constraints --output test/output/custom
   [ "$status" -eq 0 ]
-  git diff --quiet -- test/custom
+  git diff --quiet -- test/output/custom
 }
@@ -10,12 +10,21 @@ metadata:
   {{- end }}
   name: {{ .Name }}
 spec:
-  {{- if .Matchers }}
-  match: {{- .GetAnnotation "matchers" | toIndentYAML 2 | nindent 4 }}
-  {{- end }}
   {{- if ne .Enforcement "deny" }}
   enforcementAction: {{ .Enforcement }}
   {{- end -}}
-  {{- if .AnnotationParameters }}
-  parameters: {{- .AnnotationParameters | toIndentYAML 2 | nindent 4 }}
+  {{- if or .AnnotationKindMatchers .AnnotationNamespaceMatchers .AnnotationExcludedNamespaceMatchers .AnnotationLabelSelectorMatcher }}
+  match:
+  {{- if .AnnotationExcludedNamespaceMatchers }}
+    excludedNamespaces: {{- .AnnotationExcludedNamespaceMatchers | toIndentYAML 2 | nindent 6 }}
+  {{- end }}
+  {{- if .AnnotationKindMatchers }}
+    kinds: {{- .AnnotationKindMatchers | toJSON | fromJSON | toIndentYAML 2 | nindent 6 }}
+  {{- end }}
+  {{- if .AnnotationLabelSelectorMatcher }}
+    labelSelector: {{- .AnnotationLabelSelectorMatcher | toJSON | fromJSON | toIndentYAML 2 | nindent 6 }}
+  {{- end }}
+  {{- if .AnnotationNamespaceMatchers }}
+    namespaces: {{- .AnnotationNamespaceMatchers | toIndentYAML 2 | nindent 6 }}
+  {{- end }}
   {{- end }}
@@ -19,7 +19,7 @@ func TestRenderConstraint(t *testing.T) {
 		t.Errorf("Error getting violations: %v", err)
 	}
 
-	expected, err := os.ReadFile("../../test/constraint_Test.yaml")
+	expected, err := os.ReadFile("../../test/output/standard/constraint_FullMetadata.yaml")
 	if err != nil {
 		t.Errorf("Error reading expected file: %v", err)
 	}
@@ -48,7 +48,7 @@ func TestRenderConstraintWithCustomTemplate(t *testing.T) {
 		t.Errorf("Error getting violations: %v", err)
 	}
 
-	expected, err := os.ReadFile("../../test/custom/constraint_Test.yaml")
+	expected, err := os.ReadFile("../../test/output/custom/constraint_FullMetadata.yaml")
 	if err != nil {
 		t.Errorf("Error reading expected file: %v", err)
 	}
@@ -77,7 +77,7 @@ func TestRenderConstraintTemplate(t *testing.T) {
 		t.Errorf("Error getting violations: %v", err)
 	}
 
-	expected, err := os.ReadFile("../../test/template_Test.yaml")
+	expected, err := os.ReadFile("../../test/output/standard/template_FullMetadata.yaml")
 	if err != nil {
 		t.Errorf("Error reading expected file: %v", err)
 	}
@@ -106,7 +106,7 @@ func TestRenderConstraintTemplateWithCustomTemplate(t *testing.T) {
 		t.Errorf("Error getting violations: %v", err)
 	}
 
-	expected, err := os.ReadFile("../../test/custom/template_Test.yaml")
+	expected, err := os.ReadFile("../../test/output/custom/template_FullMetadata.yaml")
 	if err != nil {
 		t.Errorf("Error reading expected file: %v", err)
 	}
@@ -129,7 +129,7 @@ func TestRenderConstraintTemplateWithCustomTemplate(t *testing.T) {
 }
 
 func GetViolations() ([]rego.Rego, error) {
-	violations, err := rego.GetViolations("../../test")
+	violations, err := rego.GetViolations("../../test/policies/")
 	if err != nil {
 		return nil, err
 	}
 
@@ -0,0 +1,34 @@
+# This is a custom template for constraints
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: FullMetadata
+metadata:
+  name: fullmetadata
+spec:
+  match:
+    excludedNamespaces:
+      - kube-system
+      - gatekeeper-system
+    kinds:
+      - apiGroups:
+          - ""
+        kinds:
+          - Pod
+      - apiGroups:
+          - apps
+        kinds:
+          - DaemonSet
+          - Deployment
+          - StatefulSet
+    labelSelector:
+      matchExpressions:
+        - key: foo
+          operator: In
+          values:
+            - bar
+            - baz
+        - key: doggos
+          operator: Exists
+    namespaces:
+      - dev
+      - stage
+      - prod
@@ -0,0 +1,6 @@
+# This is a custom template for constraints
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: NoMetadata
+metadata:
+  name: nometadata
+spec:
@@ -0,0 +1,11 @@
+# This is a custom template for constraints
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: PartialMetadata
+metadata:
+  name: partialmetadata
+spec:
+  match:
+    namespaces:
+      - dev
+      - stage
+      - prod
@@ -2,12 +2,12 @@
 apiVersion: templates.gatekeeper.sh/v1
 kind: ConstraintTemplate
 metadata:
-  name: test
+  name: fullmetadata
 spec:
   crd:
     spec:
       names:
-        kind: Test
+        kind: FullMetadata
       validation:
         openAPIV3Schema:
           properties:
@@ -25,7 +25,7 @@ spec:
     - |-
       package lib.libraryB
     rego: |-
-      package test
+      package test_fullmetadata
       
       import future.keywords.if
       import data.lib.libraryA
Original file line number	Diff line number	Diff line change
`@@ -19,13 +19,13 @@`
`19`	`19`	`}`
`20`	`20`
`21`	`21`	`@test "[CREATE] Creating constraints using --output matches expected output" {`
`22`		`- run ./build/konstraint create test --output test`
	`22`	`+ run ./build/konstraint create test/policies --output test/output/standard`
`23`	`23`	`[ "$status" -eq 0 ]`
`24`		`- git diff --quiet -- test/`
	`24`	`+ git diff --quiet -- test/output/standard`
`25`	`25`	`}`
`26`	`26`
`27`	`27`	`@test "[CREATE] Creating constraints using --constraint-custom-template-file, --constraint-template-custom-template-file and --output matches expected output" {`
`28`		`- run ./build/konstraint create test --constraint-custom-template-file internal/commands/constraint_template.tpl --constraint-template-custom-template-file internal/commands/constrainttemplate_template.tpl --partial-constraints --output test/custom`
	`28`	`+ run ./build/konstraint create test/policies --constraint-custom-template-file internal/commands/constraint_template.tpl --constraint-template-custom-template-file internal/commands/constrainttemplate_template.tpl --partial-constraints --output test/output/custom`
`29`	`29`	`[ "$status" -eq 0 ]`
`30`		`- git diff --quiet -- test/custom`
	`30`	`+ git diff --quiet -- test/output/custom`
`31`	`31`	`}`
Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@ func TestRenderConstraint(t *testing.T) {`
`19`	`19`	`t.Errorf("Error getting violations: %v", err)`
`20`	`20`	`}`
`21`	`21`
`22`		`- expected, err := os.ReadFile("../../test/constraint_Test.yaml")`
	`22`	`+ expected, err := os.ReadFile("../../test/output/standard/constraint_FullMetadata.yaml")`
`23`	`23`	`if err != nil {`
`24`	`24`	`t.Errorf("Error reading expected file: %v", err)`
`25`	`25`	`}`
`@@ -48,7 +48,7 @@ func TestRenderConstraintWithCustomTemplate(t *testing.T) {`
`48`	`48`	`t.Errorf("Error getting violations: %v", err)`
`49`	`49`	`}`
`50`	`50`
`51`		`- expected, err := os.ReadFile("../../test/custom/constraint_Test.yaml")`
	`51`	`+ expected, err := os.ReadFile("../../test/output/custom/constraint_FullMetadata.yaml")`
`52`	`52`	`if err != nil {`
`53`	`53`	`t.Errorf("Error reading expected file: %v", err)`
`54`	`54`	`}`
`@@ -77,7 +77,7 @@ func TestRenderConstraintTemplate(t *testing.T) {`
`77`	`77`	`t.Errorf("Error getting violations: %v", err)`
`78`	`78`	`}`
`79`	`79`
`80`		`- expected, err := os.ReadFile("../../test/template_Test.yaml")`
	`80`	`+ expected, err := os.ReadFile("../../test/output/standard/template_FullMetadata.yaml")`
`81`	`81`	`if err != nil {`
`82`	`82`	`t.Errorf("Error reading expected file: %v", err)`
`83`	`83`	`}`
`@@ -106,7 +106,7 @@ func TestRenderConstraintTemplateWithCustomTemplate(t *testing.T) {`
`106`	`106`	`t.Errorf("Error getting violations: %v", err)`
`107`	`107`	`}`
`108`	`108`
`109`		`- expected, err := os.ReadFile("../../test/custom/template_Test.yaml")`
	`109`	`+ expected, err := os.ReadFile("../../test/output/custom/template_FullMetadata.yaml")`
`110`	`110`	`if err != nil {`
`111`	`111`	`t.Errorf("Error reading expected file: %v", err)`
`112`	`112`	`}`
`@@ -129,7 +129,7 @@ func TestRenderConstraintTemplateWithCustomTemplate(t *testing.T) {`
`129`	`129`	`}`
`130`	`130`
`131`	`131`	`func GetViolations() ([]rego.Rego, error) {`
`132`		`- violations, err := rego.GetViolations("../../test")`
	`132`	`+ violations, err := rego.GetViolations("../../test/policies/")`
`133`	`133`	`if err != nil {`
`134`	`134`	`return nil, err`
`135`	`135`	`}`