Specify parameters in gator Suites

[mac-chaffee]

Describe the solution you'd like Looks like gator Suites don't have a field for specifying parameters to pass to the template: https://github.com/open-policy-agent/gatekeeper/blob/8393e15b909cafe95dd745edfd8c6842cd64baee/pkg/gator/suite.go#L37-L54

The way this is worked around currently is that people will just put a default parameter inside the constraint.yaml file, and then just never test any other parameter values: https://github.com/open-policy-agent/gatekeeper-library/blob/master/library/general/disallowanonymous/samples/no-anonymous-bindings/constraint.yaml

You could workaround this issue by creating a new constraint2.yaml file and a new file named suite2.yaml (apparently adding a second Suite inside the same yaml file will be ignored, maybe another issue to consider) which references it, but that causes extra duplication. Seems like allowing this extra convenience might help encourage more thorough testing of constraints that accept parameters. Thoughts?

Environment:

• Gatekeeper version: alpha
• Kubernetes version: (use kubectl version): n/a

[maxsmythe]

Suite files should be able to accept multiple constraints to test against:

https://github.com/open-policy-agent/gatekeeper-library/blob/6e3d6b48a51274af1e120204f534ccbd2ac517d9/library/general/uniqueingresshost/suite.yaml

Might be worth exploring how to denormalize things further, but that would depend on relative benefit vs. maintaining enough syntax to denormalize things properly.

It also might be cool to embed the resource contents directly into the suite.yaml to avoid the need for separate files.

Making it as easy as possible to enumerate/test many scenarios is definitely the goal. Also, suite.yaml can be useful for generating examples for documentation.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 14 days if no further activity occurs. Thank you for your contributions.