Feature Request: help with the creation of fake requests for e2e testing of policies

[flavio]

Is your feature request related to a problem?

When testing a policy with a kwctl run, one needs to provide a pre-recorded admission request to be evaluated. The creation of this object is tedious. Currently there are two approaches:

• Take an admission request created by someone else and change it. This is error prone
• Use the echo policy to create a request object. This produces 100% accurate results, but it's time consuming. The user must have a Kubernetes cluster with Kubewarden running. Then deploy the echo policy with the proper configuration and then perform manually a kubernetes operation that triggers the echo policy (like creating a new object to obtain the recording of a CREATE request)

Solution you'd like

I think the majority of the policies focus on the CREATE event. I think we should prioritize a solution for that use case.

As a user, I would like to define the object about to be evaluated via a regular Kubernetes yaml definition. For example, assuming I'm writing a policy that validates PersistentVolume creation, I would write the definition of a PersistentVolume inside of a yml file. Then I would ask kwctl to fake the creation event of the resource defined inside of the file.

This is somehow similar to what the audit scanner does to create the fake evaluation requests.

Alternatives you've considered

The proposed solution describes from a really high POV what I would like to do. We have to decide whether this becomes a new dedicated kwctl subcommand or if we want to extend the run command to allow the generation of fake requests.

Anything else?

No response