[VC-48226] Enable default NetworkPolicies in best-practice installation e2e tests by wallrj-cyberark · Pull Request #8387 · cert-manager/cert-manager

wallrj-cyberark · 2026-01-09T16:14:54Z

I've updated the NetworkPolicy recommendations on cert-manager.io "release-next" branch, to use the new NetworkPolicy Helm chart values.
This PR ensures that those new recommended values are used in our daily "best-practice" E2E tests.
Building upon these previous PRs:

/kind cleanup

NONE

CyberArk tracker: VC-48411

Testing

I triggered the best-practice E2E tests on this branch and they passed. See test results below.

wallrj-cyberark · 2026-01-09T16:15:53Z

/test pull-cert-manager-master-e2e-v1-35-bestpractice-install

wallrj-cyberark · 2026-01-09T16:39:46Z

pull-cert-manager-master-e2e-v1-35-bestpractice-install failed, but it might be a flake. Retrying:

/home/prow/go/src/github.com/cert-manager/cert-manager/_bin/tools/kubectl apply --server-side -f make/config/kyverno/policy.yaml >/dev/null
Error from server (InternalError): Internal error occurred: failed calling webhook "mutate-policy.kyverno.svc": failed to call webhook: Post "https://kyverno-svc.kyverno.svc:443/policymutate?timeout=10s": dial tcp 10.0.9.135:443: connect: connection refused
Error from server (InternalError): Internal error occurred: failed calling webhook "mutate-policy.kyverno.svc": failed to call webhook: Post "https://kyverno-svc.kyverno.svc:443/policymutate?timeout=10s": dial tcp 10.0.9.135:443: connect: connection refused

https://prow.infra.cert-manager.io/view/gs/cert-manager-prow-artifacts/pr-logs/pull/cert-manager_cert-manager/8387/pull-cert-manager-master-e2e-v1-35-bestpractice-install/2009661521742794752

/retest

wallrj-cyberark · 2026-01-09T17:48:42Z

/test pull-cert-manager-master-e2e-v1-35-bestpractice-install

wallrj-cyberark · 2026-01-14T15:20:45Z

/test pull-cert-manager-master-e2e-v1-35-bestpractice-install

wallrj-cyberark · 2026-01-14T16:09:56Z

/test pull-cert-manager-master-make-test

wallrj-cyberark · 2026-01-15T17:34:35Z

/test pull-cert-manager-master-e2e-v1-35-bestpractice-install

wallrj-cyberark · 2026-01-15T17:47:13Z

/retest

wallrj-cyberark · 2026-01-16T09:14:54Z

/retest

wallrj-cyberark · 2026-01-16T17:32:03Z

/test pull-cert-manager-master-e2e-v1-35-bestpractice-install

wallrj-cyberark · 2026-01-16T18:14:03Z

/test pull-cert-manager-master-e2e-v1-35-bestpractice-install

… tests Signed-off-by: Richard Wall <richard.wall@cyberark.com>

wallrj-cyberark · 2026-01-19T07:26:47Z

/test pull-cert-manager-master-e2e-v1-35-bestpractice-install

erikgb

Thanks, @wallrj-cyberark! In a follow-up PR, we could try to configure Renovate to maintain the website commit SHA.

/lgtm
/approve

cert-manager-prow · 2026-01-20T09:45:29Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: erikgb

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

~~OWNERS~~ [erikgb]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

wallrj-cyberark mentioned this pull request Jan 9, 2026

[VC-48226]: document default NetworkPolicy and example values cert-manager/website#1911

Merged

wallrj-cyberark force-pushed the networkpolicies-enabled-e2e-tests branch from a8bcea4 to 91376d1 Compare January 9, 2026 16:44

wallrj-cyberark mentioned this pull request Jan 9, 2026

Bump kyverno images to v1.16.2 and chart to 3.6.2 #8389

Merged

wallrj-cyberark force-pushed the networkpolicies-enabled-e2e-tests branch from 91376d1 to f92a24d Compare January 9, 2026 17:47

cert-manager-prow bot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jan 9, 2026

wallrj-cyberark added the cybr Used by CyberArk-employed maintainers to report to line management what's being worked on. label Jan 13, 2026

wallrj-cyberark force-pushed the networkpolicies-enabled-e2e-tests branch from f92a24d to 76b08e8 Compare January 14, 2026 15:20

cert-manager-prow bot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels Jan 14, 2026

wallrj-cyberark force-pushed the networkpolicies-enabled-e2e-tests branch from 76b08e8 to 3e8848d Compare January 15, 2026 17:33

wallrj-cyberark mentioned this pull request Jan 16, 2026

feat(deploy/chart): optional networkPolicy for more containers #8370

Merged

wallrj-cyberark force-pushed the networkpolicies-enabled-e2e-tests branch from 3e8848d to 42613a8 Compare January 16, 2026 17:20

cert-manager-prow bot added size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jan 16, 2026

[VC-48226] Use the latest best-practices Helm chart values in the E2E…

198e4fa

… tests Signed-off-by: Richard Wall <richard.wall@cyberark.com>

wallrj-cyberark force-pushed the networkpolicies-enabled-e2e-tests branch from 42613a8 to 198e4fa Compare January 19, 2026 07:22

wallrj-cyberark requested a review from erikgb January 20, 2026 09:39

erikgb reviewed Jan 20, 2026

View reviewed changes

cert-manager-prow bot added the lgtm Indicates that a PR is ready to be merged. label Jan 20, 2026

cert-manager-prow bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jan 20, 2026

cert-manager-prow bot merged commit 00c743d into cert-manager:master Jan 20, 2026
7 checks passed

wallrj-cyberark deleted the networkpolicies-enabled-e2e-tests branch January 20, 2026 10:01

Conversation

wallrj-cyberark commented Jan 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Testing

Uh oh!

wallrj-cyberark commented Jan 9, 2026

Uh oh!

wallrj-cyberark commented Jan 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

wallrj-cyberark commented Jan 9, 2026

Uh oh!

wallrj-cyberark commented Jan 14, 2026

Uh oh!

wallrj-cyberark commented Jan 14, 2026

Uh oh!

wallrj-cyberark commented Jan 15, 2026

Uh oh!

wallrj-cyberark commented Jan 15, 2026

Uh oh!

wallrj-cyberark commented Jan 16, 2026

Uh oh!

wallrj-cyberark commented Jan 16, 2026

Uh oh!

wallrj-cyberark commented Jan 16, 2026

Uh oh!

wallrj-cyberark commented Jan 19, 2026

Uh oh!

erikgb left a comment • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

cert-manager-prow bot commented Jan 20, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

wallrj-cyberark commented Jan 9, 2026 •

edited

Loading

wallrj-cyberark commented Jan 9, 2026 •

edited

Loading

erikgb left a comment •

edited

Loading