Fixes after meetup

Author: nicholasdille

120_kubernetes/kyverno/cosign-test.yaml

@@ -2,11 +2,11 @@ name: cosign-test
 policies:
 - cosign-policy.yaml
 resources:
-- rekor.yaml
+- cosign-pod.yaml
 results:
 - policy: check-image
   rule: check-image
   namespace: default
-  kind: Deployment
-  resource: rekor-server
+  kind: Pod
+  resource: cosign
   result: pass

120_kubernetes/kyverno/cosign.demo

@@ -3,10 +3,10 @@
 # Apply policy for cosign
 kubectl apply -f cosign-policy.yaml
 
-# Test policy
-helm repo add sigstore https://sigstore.github.io/helm-charts
-helm template rekor sigstore/rekor >rekor.yaml
-kyverno test --file-name cosign-test.yaml .
+# Deploy pod
+kubectl apply -f cosign-pod.yaml
+kubectl get policyreport
+kubectl get policyreport cpol-check-image -o yaml
 
-# Succeed to deploy rekor
-helm upgrade --install rekor sigstore/rekor
+# Test policy
+kyverno test --file-name cosign-test.yaml .

120_kubernetes/kyverno/slides.md

@@ -40,3 +40,5 @@ Keyless image signatures using sigstore [](https://kyverno.io/docs/writing-polic
 ## Demo
 
 kyverno for the Pod Security Standards [](https://kyverno.io/docs/writing-policies/validate/#pod-security)
+
+kyverno for testing keyless image signatures