update images to use GHCR instead of DockerHub

Signed-off-by: Jim Bugwadia <jim@nirmata.com>

Author: JimBugwadia

best-practices-cel/disallow-cri-sock-mount/.chainsaw-test/pod-emptydir-vol.yaml

@@ -5,7 +5,7 @@ metadata:
 spec:
   containers:
   - name: busybox
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     command:
     - sleep
     - "3600"

best-practices-cel/disallow-cri-sock-mount/.chainsaw-test/pod-no-volumes.yaml

@@ -6,7 +6,7 @@ spec:
   automountServiceAccountToken: false
   containers:
   - name: busybox
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     command:
     - sleep
     - "3600"

best-practices-cel/disallow-default-namespace/.chainsaw-test/deploy-default.yaml

@@ -16,7 +16,7 @@ spec:
         app: busybox
     spec:
       containers:
-      - image: busybox:v1.35
+      - image: ghcr.io/kyverno/test-busybox:1.35
         name: busybox
         command:
         - "sleep"

best-practices-cel/disallow-default-namespace/.chainsaw-test/ds-default.yaml

@@ -13,7 +13,7 @@ spec:
         name: good-daemonset
     spec:
       containers:
-      - image: busybox:v1.35
+      - image: ghcr.io/kyverno/test-busybox:1.35
         name: busybox
         command:
         - "sleep"

best-practices-cel/disallow-default-namespace/.chainsaw-test/good-resources.yaml

@@ -29,7 +29,7 @@ spec:
         app: busybox
     spec:
       containers:
-      - image: busybox:v1.35
+      - image: ghcr.io/kyverno/test-busybox:1.35
         name: busybox
         command:
         - "sleep"
@@ -50,7 +50,7 @@ spec:
         name: good-daemonset
     spec:
       containers:
-      - image: busybox:v1.35
+      - image: ghcr.io/kyverno/test-busybox:1.35
         name: busybox
         command:
         - "sleep"
@@ -65,7 +65,7 @@ spec:
   template:
     spec:
       containers:
-      - image: busybox:v1.35
+      - image: ghcr.io/kyverno/test-busybox:1.35
         name: busybox
         command:
         - "sleep"
@@ -90,7 +90,7 @@ spec:
         app: busybox
     spec:
       containers:
-      - image: busybox:v1.35
+      - image: ghcr.io/kyverno/test-busybox:1.35
         name: busybox
         command:
         - "sleep"

best-practices-cel/disallow-default-namespace/.chainsaw-test/job-default.yaml

@@ -7,7 +7,7 @@ spec:
   template:
     spec:
       containers:
-      - image: busybox:v1.35
+      - image: ghcr.io/kyverno/test-busybox:1.35
         name: busybox
         command:
         - "sleep"

best-practices-cel/disallow-default-namespace/.chainsaw-test/ss-default.yaml

@@ -16,7 +16,7 @@ spec:
         app: busybox
     spec:
       containers:
-      - image: busybox:v1.35
+      - image: ghcr.io/kyverno/test-busybox:1.35
         name: busybox
         command:
         - "sleep"

best-practices-cel/disallow-helm-tiller/.chainsaw-test/bad-deploy.yaml

@@ -15,7 +15,7 @@ spec:
         app: busybox
     spec:
       containers:
-      - image: busybox
+      - image: ghcr.io/kyverno/test-busybox
         name: busybox
       - image: docker.io/tiller:latest
         name: helm-tiller

best-practices-cel/disallow-helm-tiller/.chainsaw-test/bad-pod-fail-first.yaml

@@ -7,5 +7,5 @@ spec:
   - name: helm-tiller
     image: docker.io/tiller:latest
   - name: somebox
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
 

best-practices-cel/disallow-helm-tiller/.chainsaw-test/bad-pod-success-first.yaml

@@ -5,7 +5,7 @@ metadata:
 spec:
   containers:
   - name: somebox
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
   - name: helm-tiller
     image: docker.io/tiller:latest
 

best-practices-cel/disallow-helm-tiller/.chainsaw-test/good-deploy.yaml

@@ -15,7 +15,7 @@ spec:
         app: busybox
     spec:
       containers:
-      - image: busybox:v1.35
+      - image: ghcr.io/kyverno/test-busybox:1.35
         name: busybox
         command: ["sleep", "3600"]
 

best-practices-cel/disallow-helm-tiller/.chainsaw-test/good-pod.yaml

@@ -5,7 +5,7 @@ metadata:
 spec:
   containers:
   - name: busybox
-    image: busybox:v1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
   - name: nothelmbox
-    image: busybox:v1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
 

best-practices-cel/disallow-latest-tag/.chainsaw-test/bad-pod-latest-fail-first.yaml

@@ -5,7 +5,7 @@ metadata:
 spec:
   containers:
   - name: busybox
-    image: busybox:latest
+    image: ghcr.io/kyverno/test-busybox:latest
   - name: nginx
-    image: nginx:1.35
+    image: ghcr.io/kyverno/test-nginx:1.35
 

best-practices-cel/disallow-latest-tag/.chainsaw-test/bad-pod-latest-success-first.yaml

@@ -5,7 +5,7 @@ metadata:
 spec:
   containers:
   - name: nginx
-    image: nginx:1.35
+    image: ghcr.io/kyverno/test-nginx:1.35
   - name: busybox
-    image: busybox:latest
+    image: ghcr.io/kyverno/test-busybox:latest
 

best-practices-cel/disallow-latest-tag/.chainsaw-test/bad-pod-no-tag.yaml

@@ -5,9 +5,9 @@ metadata:
 spec:
   containers:
   - name: busybox
-    image: busybox
+    image: ghcr.io/kyverno/test-busybox
   - name: nginx
-    image: nginx:1.35
+    image: ghcr.io/kyverno/test-nginx:1.35
 ---
 apiVersion: v1
 kind: Pod
@@ -16,9 +16,9 @@ metadata:
 spec:
   containers:
   - name: nginx
-    image: nginx:1.35
+    image: ghcr.io/kyverno/test-nginx:1.35
   - name: busybox
-    image: busybox
+    image: ghcr.io/kyverno/test-busybox
 ---
 apiVersion: v1
 kind: Pod
@@ -27,7 +27,7 @@ metadata:
 spec:
   containers:
   - name: busybox
-    image: busybox
+    image: ghcr.io/kyverno/test-busybox
   - name: nginx
-    image: nginx:latest
+    image: ghcr.io/kyverno/test-nginx:latest
 

best-practices-cel/disallow-latest-tag/.chainsaw-test/good-pod.yaml

@@ -5,5 +5,5 @@ metadata:
 spec:
   containers:
   - name: busybox
-    image: busybox:v1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
 

best-practices-cel/require-drop-all/.chainsaw-test/bad-pod-containers.yaml

@@ -5,29 +5,29 @@ metadata:
 spec:
   initContainers:
   - name: init
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]
         drop:
           - ALL
   - name: init2
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]
         drop:
           - ALL
   containers:
   - name: add-capabilities
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]
         drop:
           - ALL
   - name: add-capabilities-again
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
 ---
 apiVersion: v1
 kind: Pod
@@ -36,24 +36,24 @@ metadata:
 spec:
   initContainers:
   - name: init
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]
         drop:
           - ALL
   - name: init2
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]
         drop:
           - ALL
   containers:
   - name: add-capabilities-again
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
   - name: add-capabilities
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]

best-practices-cel/require-drop-all/.chainsaw-test/bad-pod-corner.yaml

@@ -5,14 +5,14 @@ metadata:
 spec:
   containers:
   - name: add-capabilities
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]
         drop:
           - ALL
   - name: add-capabilities-again
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]
@@ -26,12 +26,12 @@ metadata:
 spec:
   containers:
   - name: add-capabilities
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]
   - name: add-capabilities-again
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]
@@ -45,11 +45,11 @@ metadata:
 spec:
   containers:
   - name: init
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         drop:
           - ALL
   - name: init-again
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
 

best-practices-cel/require-drop-all/.chainsaw-test/bad-pod-initcontainers.yaml

@@ -5,17 +5,17 @@ metadata:
 spec:
   initContainers:
   - name: init
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]
         drop:
           - ALL
   - name: init2
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
   containers:
   - name: add-capabilities
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]
@@ -29,17 +29,17 @@ metadata:
 spec:
   initContainers:
   - name: init
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
   - name: init2
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]
         drop:
           - ALL
   containers:
   - name: add-capabilities
-    image: busybox:1.35
+    image: ghcr.io/kyverno/test-busybox:1.35
     securityContext:
       capabilities:
         add: ["SYS_TIME"]