Akash Manohar

**[Update]** Current output message structure is in the below screenshot. When making updates to container_sock_mounts test, I came across better message in the actual PolicyReport that can be used as...

[Update] Regarding the `disallow_helm_tiller` test * Renamed `disallow_helm_tiller` to `helm_tiller` * Moved the test from workload security to platform security (`platform:helm_tiller`)

Tests completed in the `kyverno-improvements` branch: * `container_sock_mounts` * Previously called `disallow_container_sock_mounts` * Added to `src/tasks/workload/security.cr` * `require_labels` * Added to `src/tasks/workload/configuration.cr` * `platform:helm_tiller` * Previously called `disallow_helm_tiller` * Added...

Added a comment with notes about changing Kyverno to a cli-based utility within the testsuite on another ticket (#1247). Updated the PR with appropriate changes too (#1266).

I reviewed the Kyverno policy files for all tests added in PR #1176. Below are my notes regarding certain tests. ## Tests that require discussion #### `restrict_image_registries` ([Kyverno policy file](https://raw.githubusercontent.com/kyverno/policies/main/best-practices/restrict_image_registries/restrict_image_registries.yaml))...

Should we generate results files for individual tests? Only groups of tests (like workload, microservice, all, platform) is what I would assume require results files.

The cause of the crash was fixed as a part of another ticket (#1342). This ticket can be of lower priority.

Kubescape was updated as a part of #1551. Was required to resolve #1440.

**Update** The root-cause of this issue was affecting a few other tests too. This has been fixed in PR #1606. The bug reported in this ticket should be resolved once...

Also found #1586 that needed to be fixed in order to resolve this issue. Changes for both the issues are in the same PR (1587).