Add more acceptance tests

plexsystems · jalseth · Mar 1, 2025 · Feb 25, 2025 · Feb 20, 2025 · Feb 25, 2025
commit 6c46674c5ddbd9de40642c43b6b5d087171a5be6
diff --git a/acceptance.bats b/acceptance.bats
@@ -19,13 +19,13 @@
 }
 
 @test "[CREATE] Creating constraints using --output matches expected output" {
-  run ./build/konstraint create test --output test
+  run ./build/konstraint create test/policies --output test/output/standard
   [ "$status" -eq 0 ]
-  git diff --quiet -- test/
+  git diff --quiet -- test/output/standard
 }
 
 @test "[CREATE] Creating constraints using --constraint-custom-template-file, --constraint-template-custom-template-file and --output matches expected output" {
-  run ./build/konstraint create test --constraint-custom-template-file internal/commands/constraint_template.tpl --constraint-template-custom-template-file internal/commands/constrainttemplate_template.tpl --partial-constraints --output test/custom
+  run ./build/konstraint create test/policies --constraint-custom-template-file internal/commands/constraint_template.tpl --constraint-template-custom-template-file internal/commands/constrainttemplate_template.tpl --partial-constraints --output test/output/custom
   [ "$status" -eq 0 ]
-  git diff --quiet -- test/custom
+  git diff --quiet -- test/output/custom
 }
diff --git a/test/output/custom/constraint_FullMetadata.yaml b/test/output/custom/constraint_FullMetadata.yaml
@@ -0,0 +1,34 @@
+# This is a custom template for constraints
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: FullMetadata
+metadata:
+  name: fullmetadata
+spec:
+  match:
+    excludedNamespaces:
+      - kube-system
+      - gatekeeper-system
+    kinds:
+      - apiGroups:
+          - ""
+        kinds:
+          - Pod
+      - apiGroups:
+          - apps
+        kinds:
+          - DaemonSet
+          - Deployment
+          - StatefulSet
+    labelSelector:
+      matchExpressions:
+        - key: foo
+          operator: In
+          values:
+            - bar
+            - baz
+        - key: doggos
+          operator: Exists
+    namespaces:
+      - dev
+      - stage
+      - prod
diff --git a/test/output/custom/constraint_NoMetadata.yaml b/test/output/custom/constraint_NoMetadata.yaml
@@ -0,0 +1,6 @@
+# This is a custom template for constraints
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: NoMetadata
+metadata:
+  name: nometadata
+spec:
diff --git a/test/output/custom/constraint_PartialMetadata.yaml b/test/output/custom/constraint_PartialMetadata.yaml
@@ -0,0 +1,11 @@
+# This is a custom template for constraints
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: PartialMetadata
+metadata:
+  name: partialmetadata
+spec:
+  match:
+    namespaces:
+      - dev
+      - stage
+      - prod
diff --git a/test/output/custom/constraint_Policies.yaml b/test/output/custom/constraint_Policies.yaml
@@ -0,0 +1,34 @@
+# This is a custom template for constraints
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: Policies
+metadata:
+  name: policies
+spec:
+  match:
+    excludedNamespaces:
+      - kube-system
+      - gatekeeper-system
+    kinds:
+      - apiGroups:
+          - ""
+        kinds:
+          - Pod
+      - apiGroups:
+          - apps
+        kinds:
+          - DaemonSet
+          - Deployment
+          - StatefulSet
+    labelSelector:
+      matchExpressions:
+        - key: foo
+          operator: In
+          values:
+            - bar
+            - baz
+        - key: doggos
+          operator: Exists
+    namespaces:
+      - dev
+      - stage
+      - prod
diff --git a/test/custom/constraint_Test.yaml → test/output/custom/constraint_Test.yaml b/test/custom/constraint_Test.yaml → test/output/custom/constraint_Test.yaml
diff --git a/test/output/custom/template_FullMetadata.yaml b/test/output/custom/template_FullMetadata.yaml
@@ -0,0 +1,38 @@
+# This is a custom template for a constraint template
+apiVersion: templates.gatekeeper.sh/v1
+kind: ConstraintTemplate
+metadata:
+  name: fullmetadata
+spec:
+  crd:
+    spec:
+      names:
+        kind: FullMetadata
+      validation:
+        openAPIV3Schema:
+          properties:
+            super:
+              description: |-
+                super duper cool parameter with a description
+                on two lines.
+              type: string
+  targets:
+  - libs:
+    - |-
+      package lib.libraryA
+
+      import data.lib.libraryB
+    - |-
+      package lib.libraryB
+    rego: |-
+      package test
+
+      import future.keywords.if
+      import data.lib.libraryA
+
+      policyID := "P123456"
+
+      violation if {
+          true # some comment
+      }
+    target: admission.k8s.gatekeeper.sh
diff --git a/test/output/custom/template_NoMetadata.yaml b/test/output/custom/template_NoMetadata.yaml
@@ -0,0 +1,30 @@
+# This is a custom template for a constraint template
+apiVersion: templates.gatekeeper.sh/v1
+kind: ConstraintTemplate
+metadata:
+  name: nometadata
+spec:
+  crd:
+    spec:
+      names:
+        kind: NoMetadata
+  targets:
+  - libs:
+    - |-
+      package lib.libraryA
+
+      import data.lib.libraryB
+    - |-
+      package lib.libraryB
+    rego: |-
+      package test_nometadata
+
+      import future.keywords.if
+      import data.lib.libraryA
+
+      policyID := "P123456"
+
+      violation if {
+          true # some comment
+      }
+    target: admission.k8s.gatekeeper.sh
diff --git a/test/output/custom/template_PartialMetadata.yaml b/test/output/custom/template_PartialMetadata.yaml
@@ -0,0 +1,30 @@
+# This is a custom template for a constraint template
+apiVersion: templates.gatekeeper.sh/v1
+kind: ConstraintTemplate
+metadata:
+  name: partialmetadata
+spec:
+  crd:
+    spec:
+      names:
+        kind: PartialMetadata
+  targets:
+  - libs:
+    - |-
+      package lib.libraryA
+
+      import data.lib.libraryB
+    - |-
+      package lib.libraryB
+    rego: |-
+      package test_partial_metadata
+
+      import future.keywords.if
+      import data.lib.libraryA
+
+      policyID := "P123456"
+
+      violation if {
+          true # some comment
+      }
+    target: admission.k8s.gatekeeper.sh
diff --git a/test/output/custom/template_Policies.yaml b/test/output/custom/template_Policies.yaml
@@ -0,0 +1,38 @@
+# This is a custom template for a constraint template
+apiVersion: templates.gatekeeper.sh/v1
+kind: ConstraintTemplate
+metadata:
+  name: policies
+spec:
+  crd:
+    spec:
+      names:
+        kind: Policies
+      validation:
+        openAPIV3Schema:
+          properties:
+            super:
+              description: |-
+                super duper cool parameter with a description
+                on two lines.
+              type: string
+  targets:
+  - libs:
+    - |-
+      package lib.libraryA
+
+      import data.lib.libraryB
+    - |-
+      package lib.libraryB
+    rego: |-
+      package test
+
+      import future.keywords.if
+      import data.lib.libraryA
+
+      policyID := "P123456"
+
+      violation if {
+          true # some comment
+      }
+    target: admission.k8s.gatekeeper.sh
diff --git a/test/custom/template_Test.yaml → test/output/custom/template_Test.yaml b/test/custom/template_Test.yaml → test/output/custom/template_Test.yaml
diff --git a/test/output/standard/constraint_NoMetadata.yaml b/test/output/standard/constraint_NoMetadata.yaml
@@ -0,0 +1,4 @@
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: NoMetadata
+metadata:
+  name: nometadata
diff --git a/test/output/standard/constraint_PartialMetadata.yaml b/test/output/standard/constraint_PartialMetadata.yaml
@@ -0,0 +1,10 @@
+apiVersion: constraints.gatekeeper.sh/v1beta1
+kind: PartialMetadata
+metadata:
+  name: partialmetadata
+spec:
+  match:
+    namespaces:
+    - dev
+    - stage
+    - prod
diff --git a/test/constraint_Test.yaml → test/output/standard/constraint_Test.yaml b/test/constraint_Test.yaml → test/output/standard/constraint_Test.yaml
diff --git a/test/output/standard/template_FullMetadata.yaml b/test/output/standard/template_FullMetadata.yaml
@@ -0,0 +1,38 @@
+apiVersion: templates.gatekeeper.sh/v1beta1
+kind: ConstraintTemplate
+metadata:
+  creationTimestamp: null
+  name: fullmetadata
+spec:
+  crd:
+    spec:
+      names:
+        kind: FullMetadata
+      validation:
+        openAPIV3Schema:
+          properties:
+            super:
+              description: |-
+                super duper cool parameter with a description
+                on two lines.
+              type: string
+  targets:
+  - libs:
+    - |-
+      package lib.libraryA
+
+      import data.lib.libraryB
+    - package lib.libraryB
+    rego: |-
+      package test
+
+      import future.keywords.if
+      import data.lib.libraryA
+
+      policyID := "P123456"
+
+      violation if {
+          true # some comment
+      }
+    target: admission.k8s.gatekeeper.sh
+status: {}
diff --git a/test/output/standard/template_NoMetadata.yaml b/test/output/standard/template_NoMetadata.yaml
@@ -0,0 +1,30 @@
+apiVersion: templates.gatekeeper.sh/v1beta1
+kind: ConstraintTemplate
+metadata:
+  creationTimestamp: null
+  name: nometadata
+spec:
+  crd:
+    spec:
+      names:
+        kind: NoMetadata
+  targets:
+  - libs:
+    - |-
+      package lib.libraryA
+
+      import data.lib.libraryB
+    - package lib.libraryB
+    rego: |-
+      package test_nometadata
+
+      import future.keywords.if
+      import data.lib.libraryA
+
+      policyID := "P123456"
+
+      violation if {
+          true # some comment
+      }
+    target: admission.k8s.gatekeeper.sh
+status: {}
diff --git a/test/output/standard/template_PartialMetadata.yaml b/test/output/standard/template_PartialMetadata.yaml
@@ -0,0 +1,30 @@
+apiVersion: templates.gatekeeper.sh/v1beta1
+kind: ConstraintTemplate
+metadata:
+  creationTimestamp: null
+  name: partialmetadata
+spec:
+  crd:
+    spec:
+      names:
+        kind: PartialMetadata
+  targets:
+  - libs:
+    - |-
+      package lib.libraryA
+
+      import data.lib.libraryB
+    - package lib.libraryB
+    rego: |-
+      package test_partial_metadata
+
+      import future.keywords.if
+      import data.lib.libraryA
+
+      policyID := "P123456"
+
+      violation if {
+          true # some comment
+      }
+    target: admission.k8s.gatekeeper.sh
+status: {}