From 3e348e9768b176c7c37f075a41ea92f3846c4a9a Mon Sep 17 00:00:00 2001
From: Dan Mihai <dmihai@microsoft.com>
Date: Fri, 26 Jul 2024 17:41:00 +0000
Subject: [PATCH] tests: k8s: rename hard-coded policy test script

Rename k8s-exec-rejected.bats to k8s-policy-hard-coded.bats, getting
ready to test additional hard-coded policies using the same script.

Signed-off-by: Dan Mihai <dmihai@microsoft.com>
---
 ...{k8s-exec-rejected.bats => k8s-policy-hard-coded.bats} | 8 ++++----
 tests/integration/kubernetes/run_kubernetes_tests.sh      | 2 +-
 ...licy-exec-rejected.yaml => k8s-policy-hard-coded.yaml} | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)
 rename tests/integration/kubernetes/{k8s-exec-rejected.bats => k8s-policy-hard-coded.bats} (91%)
 rename tests/integration/kubernetes/runtimeclass_workloads/{k8s-policy-exec-rejected.yaml => k8s-policy-hard-coded.yaml} (93%)

diff --git a/tests/integration/kubernetes/k8s-exec-rejected.bats b/tests/integration/kubernetes/k8s-policy-hard-coded.bats
similarity index 91%
rename from tests/integration/kubernetes/k8s-exec-rejected.bats
rename to tests/integration/kubernetes/k8s-policy-hard-coded.bats
index e6dbe67c04..9246506739 100644
--- a/tests/integration/kubernetes/k8s-exec-rejected.bats
+++ b/tests/integration/kubernetes/k8s-policy-hard-coded.bats
@@ -12,16 +12,16 @@ setup() {
 	hard_coded_policy_tests_enabled || skip "Policy tests are disabled."
 
 	get_pod_config_dir
-	pod_name="policy-exec-rejected"
-	pod_yaml="${pod_config_dir}/k8s-policy-exec-rejected.yaml"
-	allow_all_except_exec_policy=$(base64 -w 0 "${pod_config_dir}/allow-all-except-exec-process.rego")
+	pod_name="hard-coded-policy-pod"
+	pod_yaml="${pod_config_dir}/k8s-policy-hard-coded.yaml"
 }
 
 @test "Kubectl exec rejected by policy" {
 	# Add to the YAML file a policy that rejects ExecProcessRequest.
+	allow_all_except_exec_policy=$(base64 -w 0 "${pod_config_dir}/allow-all-except-exec-process.rego")
 	yq -i \
 		".metadata.annotations.\"io.katacontainers.config.agent.policy\" = \"${allow_all_except_exec_policy}\"" \
-  "${pod_yaml}"
+		"${pod_yaml}"
 
 	# Create the pod
 	kubectl create -f "${pod_yaml}"
diff --git a/tests/integration/kubernetes/run_kubernetes_tests.sh b/tests/integration/kubernetes/run_kubernetes_tests.sh
index 7d2402ebbd..51f33ac482 100755
--- a/tests/integration/kubernetes/run_kubernetes_tests.sh
+++ b/tests/integration/kubernetes/run_kubernetes_tests.sh
@@ -41,7 +41,6 @@ else
 		"k8s-empty-dirs.bats" \
 		"k8s-env.bats" \
 		"k8s-exec.bats" \
-		"k8s-exec-rejected.bats" \
 		"k8s-file-volume.bats" \
 		"k8s-inotify.bats" \
 		"k8s-job.bats" \
@@ -56,6 +55,7 @@ else
 		"k8s-optional-empty-secret.bats" \
 		"k8s-pid-ns.bats" \
 		"k8s-pod-quota.bats" \
+		"k8s-policy-hard-coded.bats" \
 		"k8s-policy-job.bats" \
 		"k8s-policy-pod.bats" \
 		"k8s-policy-pvc.bats" \
diff --git a/tests/integration/kubernetes/runtimeclass_workloads/k8s-policy-exec-rejected.yaml b/tests/integration/kubernetes/runtimeclass_workloads/k8s-policy-hard-coded.yaml
similarity index 93%
rename from tests/integration/kubernetes/runtimeclass_workloads/k8s-policy-exec-rejected.yaml
rename to tests/integration/kubernetes/runtimeclass_workloads/k8s-policy-hard-coded.yaml
index e3c285d13f..10e8363a86 100644
--- a/tests/integration/kubernetes/runtimeclass_workloads/k8s-policy-exec-rejected.yaml
+++ b/tests/integration/kubernetes/runtimeclass_workloads/k8s-policy-hard-coded.yaml
@@ -6,7 +6,7 @@
 apiVersion: v1
 kind: Pod
 metadata:
-  name: policy-exec-rejected
+  name: hard-coded-policy-pod
 spec:
   terminationGracePeriodSeconds: 0
   shareProcessNamespace: true