From 3efbff13ac22749627d22172bda4df3cc175b485 Mon Sep 17 00:00:00 2001
From: Chandan-DK <chandandk468@gmail.com>
Date: Sun, 26 May 2024 16:52:21 +0000
Subject: [PATCH] remove require-tekton-namespace-pipelinerun

Removing this cel policy because issue
https://github.com/kyverno/kyverno/issues/10313
causes CI failure

Signed-off-by: Chandan-DK <chandandk468@gmail.com>
---
 .../.chainsaw-test/bad-pipelinerun.yaml       | 11 ------
 .../.chainsaw-test/chainsaw-test.yaml         | 37 -------------------
 .../crd-pipelinerun-assert.yaml               | 12 ------
 .../.chainsaw-test/good-pipelinerun.yaml      |  9 -----
 .../.chainsaw-test/ns.yaml                    |  5 ---
 .../.chainsaw-test/policy-ready.yaml          |  6 ---
 .../.kyverno-test/kyverno-test.yaml           | 22 -----------
 .../artifacthub-pkg.yml                       | 23 ------------
 .../require-tekton-namespace-pipelinerun.yaml | 32 ----------------
 9 files changed, 157 deletions(-)
 delete mode 100644 tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/bad-pipelinerun.yaml
 delete mode 100755 tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/chainsaw-test.yaml
 delete mode 100755 tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/crd-pipelinerun-assert.yaml
 delete mode 100644 tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/good-pipelinerun.yaml
 delete mode 100644 tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/ns.yaml
 delete mode 100755 tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/policy-ready.yaml
 delete mode 100644 tekton-cel/require-tekton-namespace-pipelinerun/.kyverno-test/kyverno-test.yaml
 delete mode 100644 tekton-cel/require-tekton-namespace-pipelinerun/artifacthub-pkg.yml
 delete mode 100644 tekton-cel/require-tekton-namespace-pipelinerun/require-tekton-namespace-pipelinerun.yaml

diff --git a/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/bad-pipelinerun.yaml b/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/bad-pipelinerun.yaml
deleted file mode 100644
index 1230a1815..000000000
--- a/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/bad-pipelinerun.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-apiVersion: tekton.dev/v1
-kind: PipelineRun
-metadata:
-  name: badpipelinerun01
-  namespace: default
-spec:
-  pipelineSpec:
-    tasks:
-      - name: task1
-        taskRef:
-          name: mytask
\ No newline at end of file
diff --git a/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/chainsaw-test.yaml b/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/chainsaw-test.yaml
deleted file mode 100755
index 5f5127cff..000000000
--- a/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/chainsaw-test.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-# yaml-language-server: $schema=https://raw.githubusercontent.com/kyverno/chainsaw/main/.schemas/json/test-chainsaw-v1alpha1.json
-apiVersion: chainsaw.kyverno.io/v1alpha1
-kind: Test
-metadata:
-  creationTimestamp: null
-  name: require-tekton-namespace-pipelinerun
-spec:
-  steps:
-  - name: step-00
-    try:
-    - assert:
-        file: crd-pipelinerun-assert.yaml
-  - name: step-01
-    try:
-    - apply:
-        file: ns.yaml
-    - apply:
-        file: ../require-tekton-namespace-pipelinerun.yaml
-    - patch:
-        resource:
-          apiVersion: kyverno.io/v1
-          kind: ClusterPolicy
-          metadata:
-            name: require-tekton-namespace-pipelinerun
-          spec:
-            validationFailureAction: Enforce
-    - assert:
-        file: policy-ready.yaml
-  - name: step-02
-    try:
-    - apply:
-        file: good-pipelinerun.yaml
-    - apply:
-        expect:
-        - check:
-            ($error != null): true
-        file: bad-pipelinerun.yaml
diff --git a/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/crd-pipelinerun-assert.yaml b/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/crd-pipelinerun-assert.yaml
deleted file mode 100755
index 81ab957e7..000000000
--- a/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/crd-pipelinerun-assert.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: pipelineruns.tekton.dev
-spec: {}
-status:
-  acceptedNames:
-    kind: PipelineRun
-    plural: pipelineruns
-    singular: pipelinerun
-  storedVersions:
-  - v1
diff --git a/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/good-pipelinerun.yaml b/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/good-pipelinerun.yaml
deleted file mode 100644
index 5e7317ad0..000000000
--- a/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/good-pipelinerun.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-apiVersion: tekton.dev/v1
-kind: PipelineRun
-metadata:
-  name: goodpipelinerun01
-  namespace: req-tekton-ns
-spec:
-  pipelineRef:
-    name: mypipeline
-    bundle: docker.io/foo/bar
\ No newline at end of file
diff --git a/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/ns.yaml b/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/ns.yaml
deleted file mode 100644
index 19081fe64..000000000
--- a/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/ns.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: req-tekton-ns
-spec: {}
diff --git a/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/policy-ready.yaml b/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/policy-ready.yaml
deleted file mode 100755
index 42c3f3219..000000000
--- a/tekton-cel/require-tekton-namespace-pipelinerun/.chainsaw-test/policy-ready.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-tekton-namespace-pipelinerun
-status:
-  ready: true
diff --git a/tekton-cel/require-tekton-namespace-pipelinerun/.kyverno-test/kyverno-test.yaml b/tekton-cel/require-tekton-namespace-pipelinerun/.kyverno-test/kyverno-test.yaml
deleted file mode 100644
index 141034c08..000000000
--- a/tekton-cel/require-tekton-namespace-pipelinerun/.kyverno-test/kyverno-test.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-apiVersion: cli.kyverno.io/v1alpha1
-kind: Test
-metadata:
-  name: require-tekton-namespace-pipelinerun
-policies:
-- ../require-tekton-namespace-pipelinerun.yaml
-resources:
-- ../.chainsaw-test/bad-pipelinerun.yaml
-- ../.chainsaw-test/good-pipelinerun.yaml
-results:
-- policy: require-tekton-namespace-pipelinerun
-  rule: check-pipelinerun-namespace
-  kind: PipelineRun
-  resources:
-  - badpipelinerun01
-  result: fail
-- policy: require-tekton-namespace-pipelinerun
-  rule: check-pipelinerun-namespace
-  kind: PipelineRun
-  resources:
-  - goodpipelinerun01
-  result: pass
diff --git a/tekton-cel/require-tekton-namespace-pipelinerun/artifacthub-pkg.yml b/tekton-cel/require-tekton-namespace-pipelinerun/artifacthub-pkg.yml
deleted file mode 100644
index 0c358cec3..000000000
--- a/tekton-cel/require-tekton-namespace-pipelinerun/artifacthub-pkg.yml
+++ /dev/null
@@ -1,23 +0,0 @@
-name: require-tekton-namespace-pipelinerun-cel
-version: 1.0.0
-displayName: Require Namespace for Tekton PipelineRun in CEL expressions
-description: >-
-  A Namespace is required for a PipelineRun and may not be set to `default`.
-install: |-
-  ```shell
-  kubectl apply -f https://raw.githubusercontent.com/kyverno/policies/main/tekton-cel/require-tekton-namespace-pipelinerun/require-tekton-namespace-pipelinerun.yaml
-  ```
-keywords:
-  - kyverno
-  - Tekton
-  - CEL Expressions
-readme: |
-  A Namespace is required for a PipelineRun and may not be set to `default`.
-  
-  Refer to the documentation for more details on Kyverno annotations: https://artifacthub.io/docs/topics/annotations/kyverno/
-annotations:
-  kyverno/category: "Tekton in CEL"
-  kyverno/kubernetesVersion: "1.26-1.27"
-  kyverno/subject: "PipelineRun"
-digest: 97176bef33e282d3fb0b48144d5b18840eecadb4cb3e4f0be5eafc6de2a7b495
-createdAt: "2024-05-24T04:32:01Z"
diff --git a/tekton-cel/require-tekton-namespace-pipelinerun/require-tekton-namespace-pipelinerun.yaml b/tekton-cel/require-tekton-namespace-pipelinerun/require-tekton-namespace-pipelinerun.yaml
deleted file mode 100644
index 84f3cc0a9..000000000
--- a/tekton-cel/require-tekton-namespace-pipelinerun/require-tekton-namespace-pipelinerun.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: kyverno.io/v1
-kind: ClusterPolicy
-metadata:
-  name: require-tekton-namespace-pipelinerun
-  annotations:
-    policies.kyverno.io/title: Require Namespace for Tekton PipelineRun in CEL expressions
-    policies.kyverno.io/category: Tekton in CEL 
-    policies.kyverno.io/severity: medium
-    policies.kyverno.io/subject: PipelineRun
-    kyverno.io/kyverno-version: 1.12.1
-    kyverno.io/kubernetes-version: "1.26-1.27"
-    policies.kyverno.io/description: >- 
-      A Namespace is required for a PipelineRun and may not be set to `default`.
-spec:
-  validationFailureAction: Audit
-  background: true
-  rules:
-  - name: check-pipelinerun-namespace
-    match:
-      any:
-      - resources:
-          kinds:
-          - PipelineRun
-    celPreconditions:
-      - name: "operation-should-be-create"
-        expression: "request.operation == 'CREATE'"
-    validate:
-      cel:
-        expressions:
-          - expression: "namespaceObject.metadata.name != 'default'"
-            message: "A namespace is required and may not be set to default."
-