| 498 | } |
| 499 | |
| 500 | func TestRun_SetupBreakdown(t *testing.T) { |
| 501 | tmpDir := t.TempDir() |
| 502 | |
| 503 | // Write template |
| 504 | templateFile := filepath.Join(tmpDir, "template.yaml") |
| 505 | err := os.WriteFile(templateFile, []byte(` |
| 506 | apiVersion: templates.gatekeeper.sh/v1 |
| 507 | kind: ConstraintTemplate |
| 508 | metadata: |
| 509 | name: k8srequiredlabels |
| 510 | spec: |
| 511 | crd: |
| 512 | spec: |
| 513 | names: |
| 514 | kind: K8sRequiredLabels |
| 515 | targets: |
| 516 | - target: admission.k8s.gatekeeper.sh |
| 517 | rego: | |
| 518 | package k8srequiredlabels |
| 519 | violation[{"msg": msg}] { |
| 520 | msg := "test" |
| 521 | } |
| 522 | `), 0o600) |
| 523 | if err != nil { |
| 524 | t.Fatalf("failed to write template file: %v", err) |
| 525 | } |
| 526 | |
| 527 | // Write constraint |
| 528 | constraintFile := filepath.Join(tmpDir, "constraint.yaml") |
| 529 | err = os.WriteFile(constraintFile, []byte(` |
| 530 | apiVersion: constraints.gatekeeper.sh/v1beta1 |
| 531 | kind: K8sRequiredLabels |
| 532 | metadata: |
| 533 | name: require-team-label |
| 534 | `), 0o600) |
| 535 | if err != nil { |
| 536 | t.Fatalf("failed to write constraint file: %v", err) |
| 537 | } |
| 538 | |
| 539 | // Write object |
| 540 | objectFile := filepath.Join(tmpDir, "pod.yaml") |
| 541 | err = os.WriteFile(objectFile, []byte(` |
| 542 | apiVersion: v1 |
| 543 | kind: Pod |
| 544 | metadata: |
| 545 | name: test-pod |
| 546 | `), 0o600) |
| 547 | if err != nil { |
| 548 | t.Fatalf("failed to write object file: %v", err) |
| 549 | } |
| 550 | |
| 551 | results, err := Run(&Opts{ |
| 552 | Filenames: []string{tmpDir}, |
| 553 | Iterations: 2, |
| 554 | Warmup: 0, |
| 555 | Engine: EngineRego, |
| 556 | }) |
| 557 | if err != nil { |