diff --git a/tests_scripts/helm/base_network_policy.py b/tests_scripts/helm/base_network_policy.py index 20dcabd1..6e92d1b7 100644 --- a/tests_scripts/helm/base_network_policy.py +++ b/tests_scripts/helm/base_network_policy.py @@ -10,6 +10,11 @@ def __init__(self, test_obj=None, backend=None, kubernetes_obj=None, test_driver super(BaseNetworkPolicy, self).__init__(test_driver=test_driver, test_obj=test_obj, backend=backend, kubernetes_obj=kubernetes_obj) + self.helm_kwargs = { + "capabilities.vulnerabilityScan": "disable", + "capabilities.relevancy": "disable" + } + def validate_basic_metadata(self, actual_obj, expected_obj, namespace): """ Validate basic metadata of the object diff --git a/tests_scripts/helm/ks_microservice.py b/tests_scripts/helm/ks_microservice.py index bd728e25..782e2adf 100644 --- a/tests_scripts/helm/ks_microservice.py +++ b/tests_scripts/helm/ks_microservice.py @@ -445,6 +445,11 @@ def __init__(self, test_obj=None, backend=None, kubernetes_obj=None, test_driver super(ScanWithKubescapeAsServiceTest, self).__init__(test_obj=test_obj, backend=backend, kubernetes_obj=kubernetes_obj, test_driver=test_driver) + self.helm_kwargs = { + "capabilities.vulnerabilityScan": "disable", + "capabilities.relevancy": "disable" + } + def start(self): assert self.backend != None; f'the test {self.test_driver.test_name} must run with backend' @@ -467,7 +472,7 @@ def start(self): # 2.1 add and update armo in repo self.add_and_upgrade_armo_to_repo() # 2.2 install armo helm-chart - self.install_armo_helm_chart() + self.install_armo_helm_chart(helm_kwargs=self.helm_kwargs) # 1.3 verify installation self.verify_running_pods(namespace=statics.CA_NAMESPACE_FROM_HELM_NAME, timeout=240) diff --git a/tests_scripts/helm/network_policy.py b/tests_scripts/helm/network_policy.py index d086185f..d9b81906 100644 --- a/tests_scripts/helm/network_policy.py +++ b/tests_scripts/helm/network_policy.py @@ -114,6 +114,9 @@ def start(self): helm_kwargs = self.test_obj.get_arg("helm_kwargs") + if self.helm_kwargs is not None: + helm_kwargs.update(self.helm_kwargs) + Logger.logger.info('1. Install armo helm-chart') self.add_and_upgrade_armo_to_repo() self.install_armo_helm_chart(helm_kwargs=helm_kwargs) diff --git a/tests_scripts/helm/smart_remediation.py b/tests_scripts/helm/smart_remediation.py index 26acfec2..c0856293 100644 --- a/tests_scripts/helm/smart_remediation.py +++ b/tests_scripts/helm/smart_remediation.py @@ -139,7 +139,8 @@ def __init__( ) self.helm_kwargs = { - "capabilities.relevancy": "enable", + "capabilities.vulnerabilityScan": "disable", + "capabilities.relevancy": "disable", "capabilities.configurationScan": "enable", "capabilities.continuousScan": "disable", "capabilities.nodeScan": "disable", diff --git a/tests_scripts/helm/vuln_scan.py b/tests_scripts/helm/vuln_scan.py index ad284982..b83b7c7b 100644 --- a/tests_scripts/helm/vuln_scan.py +++ b/tests_scripts/helm/vuln_scan.py @@ -801,6 +801,12 @@ def __init__(self, test_obj=None, backend=None, kubernetes_obj=None, test_driver self.expected_layers = self.create_vulnerabilities_expected_results( expected_results=self.test_obj.kwargs['expected_layers']) + self.helm_kwargs = { + "capabilities.vulnerabilityScan": "disable", + "capabilities.relevancy": "disable" + } + + def start(self): # create registry scan cronjob and check # update both cronjob schedule and depth (in configmap) @@ -811,7 +817,7 @@ def start(self): Logger.logger.info(f'using helm branch from test definition: {helm_branch}') self.helm_branch = helm_branch - cluster, namespace = self.setup_helm_chart() + cluster, namespace = self.setup_helm_chart(helm_kwargs=self.helm_kwargs) secret_data, registry = self.setup_phase(cluster, namespace) Logger.logger.info('applying registry secret') self.apply_registry_secret(secret_data)