tests: Set default policy before running sealed secrets tests

The test `Cannot get CDH resource when deny-all policy is set`
completes with a KBS policy set to deny-all. This affects the
future TEE test (e.g. k8s-sealed-secrets.bats) which makes a
request against KBS.
This commit introduces kbs_set_default_policy() and puts it to
the setup() in k8s-sealed-secrets.bats.

Signed-off-by: Hyounggyu Choi <Hyounggyu.Choi@ibm.com>

tests/integration/kubernetes/confidential_kbs.sh

@@ -39,6 +39,11 @@ kbs_set_allow_all_resources() {
 		"${COCO_KBS_DIR}/sample_policies/allow_all.rego"
 }
 
+kbs_set_default_policy() {
+	kbs_set_resources_policy \
+		"${COCO_KBS_DIR}/src/policy_engine/opa/default_policy.rego"
+}
+
 # Set "deny all" policy to resources.
 #
 kbs_set_deny_all_resources() {

tests/integration/kubernetes/k8s-sealed-secret.bats

@@ -70,6 +70,8 @@ setup() {
 
 	if ! is_confidential_hardware; then
 		kbs_set_allow_all_resources
+	else
+		kbs_set_default_policy
 	fi
 }