forked from redhat-best-practices-for-k8s/certsuite
-
Notifications
You must be signed in to change notification settings - Fork 0
/
expected_results.yaml
101 lines (101 loc) · 3.98 KB
/
expected_results.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
testCases:
pass:
- access-control-bpf-capability-check
- access-control-cluster-role-bindings
- access-control-container-host-port
- access-control-crd-roles
- access-control-ipc-lock-capability-check
- access-control-namespace
- access-control-namespace-resource-quota
- access-control-net-admin-capability-check
- access-control-net-raw-capability-check
- access-control-no-1337-uid
- access-control-one-process-per-container
- access-control-pod-automount-service-account-token
- access-control-pod-host-ipc
- access-control-pod-host-network
- access-control-pod-host-path
- access-control-pod-host-pid
- access-control-pod-role-bindings
- access-control-pod-service-account
- access-control-requests-and-limits
- access-control-security-context-non-root-user-check
- access-control-security-context-privilege-escalation
- access-control-service-type
- access-control-ssh-daemons
- access-control-sys-admin-capability-check
- access-control-sys-nice-realtime-capability
- affiliated-certification-operator-is-certified
- lifecycle-affinity-required-pods
- lifecycle-container-poststart
- lifecycle-container-prestop
- lifecycle-crd-scaling
- lifecycle-deployment-scaling
- lifecycle-image-pull-policy
- lifecycle-liveness-probe
- lifecycle-persistent-volume-reclaim-policy
- lifecycle-pod-high-availability
- lifecycle-pod-owner-type
- lifecycle-pod-recreation
- lifecycle-pod-scheduling
- lifecycle-pod-toleration-bypass
- lifecycle-readiness-probe
- lifecycle-startup-probe
- manageability-container-port-name-format
- manageability-containers-image-tag
- networking-dual-stack-service
- networking-icmpv4-connectivity
- networking-icmpv4-connectivity-multus
- networking-icmpv6-connectivity-multus
- networking-network-policy-deny-all
- networking-ocp-reserved-ports-usage
- networking-reserved-partner-ports
- networking-undeclared-container-ports-usage
- observability-container-logging
- observability-crd-status
- observability-pod-disruption-budget
- observability-termination-policy
- observability-compatibility-with-next-ocp-release
- operator-crd-openapi-schema
- operator-crd-versioning
- operator-install-source
- operator-install-status-no-privileges
- operator-install-status-succeeded
- operator-run-as-user-id
- operator-semantic-versioning
- operator-single-crd-owner
- performance-exclusive-cpu-pool
- performance-max-resources-exec-probes
- platform-alteration-isredhat-release
- platform-alteration-tainted-node-kernel
fail:
- access-control-security-context # test pod does not meet the security requirements
- affiliated-certification-container-is-certified-digest # test container image is not certified
- operator-read-only-file-system
- operator-run-as-non-root
- operator-automount-tokens
skip:
- access-control-sys-ptrace-capability
- affiliated-certification-helm-version
- affiliated-certification-helmchart-is-certified
- lifecycle-cpu-isolation
- lifecycle-statefulset-scaling
- lifecycle-storage-provisioner
- networking-dpdk-cpu-pinning-exec-probe
- networking-icmpv6-connectivity
- networking-restart-on-reboot-sriov-pod
- performance-exclusive-cpu-pool-rt-scheduling-policy
- performance-isolated-cpu-pool-rt-scheduling-policy
- performance-rt-apps-no-exec-probes
- performance-shared-cpu-pool-non-rt-scheduling-policy
- platform-alteration-base-image
- platform-alteration-boot-params
- platform-alteration-hugepages-config
- platform-alteration-hugepages-1g-only
- platform-alteration-hugepages-2m-only
- platform-alteration-hyperthread-enable
- platform-alteration-is-selinux-enforcing
- platform-alteration-ocp-lifecycle
- platform-alteration-ocp-node-os-lifecycle
- platform-alteration-service-mesh-usage
- platform-alteration-sysctl-config