From 74689faa95450678feb1a78f7ed163806c8d54b9 Mon Sep 17 00:00:00 2001 From: Rajiv Senthilnathan Date: Mon, 2 Oct 2023 18:21:51 -0400 Subject: [PATCH] Add tests for CNV network policy (#804) Co-authored-by: Francisc Munteanu --- testsupport/tiers/checks.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/testsupport/tiers/checks.go b/testsupport/tiers/checks.go index e1f14fc29..8af54b7c5 100644 --- a/testsupport/tiers/checks.go +++ b/testsupport/tiers/checks.go @@ -159,7 +159,7 @@ func (a *baseTierChecks) GetNamespaceObjectChecks(nsType string) []namespaceObje case "stage": otherNamespaceKind = "dev" } - checks = append(checks, networkPolicyAllowFromCRW(), networkPolicyAllowFromOtherNamespace(otherNamespaceKind), numberOfNetworkPolicies(7)) + checks = append(checks, networkPolicyAllowFromCRW(), networkPolicyAllowFromVirtualizationNamespaces(), networkPolicyAllowFromOtherNamespace(otherNamespaceKind), numberOfNetworkPolicies(8)) return checks } @@ -229,7 +229,7 @@ func (a *base1nsTierChecks) GetNamespaceObjectChecks(_ string) []namespaceObject crtadminViewRoleBinding(), } checks = append(checks, commonNetworkPolicyChecks()...) - checks = append(checks, networkPolicyAllowFromCRW(), numberOfNetworkPolicies(6)) + checks = append(checks, networkPolicyAllowFromCRW(), networkPolicyAllowFromVirtualizationNamespaces(), numberOfNetworkPolicies(7)) return checks } @@ -1042,6 +1042,10 @@ func networkPolicyAllowFromConsoleNamespaces() namespaceObjectsCheck { return networkPolicyIngressFromPolicyGroup("allow-from-console-namespaces", "console") } +func networkPolicyAllowFromVirtualizationNamespaces() namespaceObjectsCheck { + return networkPolicyIngress("allow-from-openshift-virtualization-os-images", "kubernetes.io/metadata.name", "openshift-virtualization-os-images") +} + func networkPolicyAllowFromCRW() namespaceObjectsCheck { return networkPolicyIngressFromPolicyGroup("allow-from-codeready-workspaces-operator", "codeready-workspaces") }