[
  [],
  [],
  [],
  [
    "tests/kata/data/k8s-policy-rc/policy.rego:1046: CreateSandboxRequest: i_pidns = false"
  ],
  [],
  [
    "tests/kata/data/k8s-policy-rc/policy.rego:57: ======== CreateContainerRequest: trying next policy container",
    "tests/kata/data/k8s-policy-rc/policy.rego:61: CreateContainerRequest: p_pidns = false i_pidns = false",
    "tests/kata/data/k8s-policy-rc/policy.rego:66: CreateContainerRequest: p Version = 1.1.0 i Version = 1.1.0",
    "tests/kata/data/k8s-policy-rc/policy.rego:69: CreateContainerRequest: p Readonly = true i Readonly = true",
    "tests/kata/data/k8s-policy-rc/policy.rego:84: allow_anno 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:91: allow_anno 2: p Annotations = {\"io.katacontainers.pkg.oci.bundle_path\": \"/run/containerd/io.containerd.runtime.v2.task/k8s.io/$(bundle-id)\", \"io.katacontainers.pkg.oci.container_type\": \"pod_sandbox\", \"io.kubernetes.cri.container-type\": \"sandbox\", \"io.kubernetes.cri.sandbox-id\": \"^[a-z0-9]{64}$\", \"io.kubernetes.cri.sandbox-log-directory\": \"^/var/log/pods/$(sandbox-namespace)_$(sandbox-name)_[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$\", \"io.kubernetes.cri.sandbox-namespace\": \"kata-containers-k8s-tests\", \"nerdctl/network-namespace\": \"^/var/run/netns/cni-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:92: allow_anno 2: i Annotations = {\"io.katacontainers.pkg.oci.bundle_path\": \"/run/containerd/io.containerd.runtime.v2.task/k8s.io/c469f18bb1c58dab6be747450b77c3321e43ba5dd26d62d19a599b82bdb0ddc5\", \"io.katacontainers.pkg.oci.container_type\": \"pod_sandbox\", \"io.kubernetes.cri.container-type\": \"sandbox\", \"io.kubernetes.cri.sandbox-cpu-period\": \"100000\", \"io.kubernetes.cri.sandbox-cpu-quota\": \"0\", \"io.kubernetes.cri.sandbox-cpu-shares\": \"2\", \"io.kubernetes.cri.sandbox-id\": \"c469f18bb1c58dab6be747450b77c3321e43ba5dd26d62d19a599b82bdb0ddc5\", \"io.kubernetes.cri.sandbox-log-directory\": \"/var/log/pods/kata-containers-k8s-tests_policy-rc-test-674df_eeb60852-0dcd-4387-b0f9-eebd63ddb7a8\", \"io.kubernetes.cri.sandbox-memory\": \"0\", \"io.kubernetes.cri.sandbox-name\": \"policy-rc-test-674df\", \"io.kubernetes.cri.sandbox-namespace\": \"kata-containers-k8s-tests\", \"io.kubernetes.cri.sandbox-uid\": \"eeb60852-0dcd-4387-b0f9-eebd63ddb7a8\", \"nerdctl/network-namespace\": \"/var/run/netns/cni-939f1f21-5cec-1599-6804-471950c9c843\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:95: allow_anno 2: i keys = {\"io.katacontainers.pkg.oci.bundle_path\", \"io.katacontainers.pkg.oci.container_type\", \"io.kubernetes.cri.container-type\", \"io.kubernetes.cri.sandbox-cpu-period\", \"io.kubernetes.cri.sandbox-cpu-quota\", \"io.kubernetes.cri.sandbox-cpu-shares\", \"io.kubernetes.cri.sandbox-id\", \"io.kubernetes.cri.sandbox-log-directory\", \"io.kubernetes.cri.sandbox-memory\", \"io.kubernetes.cri.sandbox-name\", \"io.kubernetes.cri.sandbox-namespace\", \"io.kubernetes.cri.sandbox-uid\", \"nerdctl/network-namespace\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.katacontainers.pkg.oci.bundle_path",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.katacontainers.pkg.oci.bundle_path",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.katacontainers.pkg.oci.container_type",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.katacontainers.pkg.oci.container_type",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.container-type",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.container-type",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.sandbox-cpu-period",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.sandbox-cpu-period",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.sandbox-cpu-quota",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.sandbox-cpu-quota",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.sandbox-cpu-shares",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.sandbox-cpu-shares",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.sandbox-id",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.sandbox-id",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.sandbox-log-directory",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.sandbox-log-directory",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.sandbox-memory",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.sandbox-memory",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.sandbox-name",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.sandbox-name",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.sandbox-namespace",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.sandbox-namespace",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.sandbox-uid",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.sandbox-uid",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = nerdctl/network-namespace",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = nerdctl/network-namespace",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:101: allow_anno 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:123: allow_by_anno 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:130: allow_by_anno 1: i_s_name = policy-rc-test-674df",
    "tests/kata/data/k8s-policy-rc/policy.rego:152: allow_by_sandbox_name: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:158: allow_by_sandbox_name: p_namespace = kata-containers-k8s-tests i_namespace = kata-containers-k8s-tests",
    "tests/kata/data/k8s-policy-rc/policy.rego:190: allow_by_container_types: checking io.kubernetes.cri.container-type",
    "tests/kata/data/k8s-policy-rc/policy.rego:196: allow_by_container_types: p_cri_type = sandbox i_cri_type = sandbox",
    "tests/kata/data/k8s-policy-rc/policy.rego:205: allow_by_container_type 1: i_cri_type = sandbox",
    "tests/kata/data/k8s-policy-rc/policy.rego:209: allow_by_container_type 1: i_kata_type = pod_sandbox",
    "tests/kata/data/k8s-policy-rc/policy.rego:236: allow_sandbox_container_name: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:252: container_annotation_missing: io.kubernetes.cri.container-name",
    "tests/kata/data/k8s-policy-rc/policy.rego:257: container_annotation_missing: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:240: allow_sandbox_container_name: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:274: allow_sandbox_net_namespace: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:280: allow_sandbox_net_namespace: p_namespace = ^/var/run/netns/cni-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$ i_namespace = /var/run/netns/cni-939f1f21-5cec-1599-6804-471950c9c843",
    "tests/kata/data/k8s-policy-rc/policy.rego:284: allow_sandbox_net_namespace: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:300: allow_sandbox_log_directory: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:307: allow_sandbox_log_directory: regex2 = ^/var/log/pods/kata-containers-k8s-tests_policy-rc-test-674df_[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:310: allow_sandbox_log_directory: i_dir = /var/log/pods/kata-containers-k8s-tests_policy-rc-test-674df_eeb60852-0dcd-4387-b0f9-eebd63ddb7a8",
    "tests/kata/data/k8s-policy-rc/policy.rego:314: allow_sandbox_log_directory: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:216: allow_by_container_type 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:220: allow_by_container_type 2: i_cri_type = sandbox",
    "tests/kata/data/k8s-policy-rc/policy.rego:201: allow_by_container_types: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:430: allow_by_bundle_or_sandbox_id: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:440: allow_by_bundle_or_sandbox_id: sandbox_id = c469f18bb1c58dab6be747450b77c3321e43ba5dd26d62d19a599b82bdb0ddc5 regex = ^[a-z0-9]{64}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:701: allow_root_path: i_path = /run/kata-containers/shared/containers/c469f18bb1c58dab6be747450b77c3321e43ba5dd26d62d19a599b82bdb0ddc5/rootfs p_path1 = $(cpath)/$(bundle-id)/rootfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:704: allow_root_path: p_path2 = /run/kata-containers/shared/containers/$(bundle-id)/rootfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:707: allow_root_path: p_path3 = /run/kata-containers/shared/containers/c469f18bb1c58dab6be747450b77c3321e43ba5dd26d62d19a599b82bdb0ddc5/rootfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:711: allow_root_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:730: check_mount 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = proc",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = proc",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"ro\", \"nosuid\", \"nodev\", \"noexec\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:730: check_mount 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = tmpfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = tmpfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"ro\", \"nosuid\", \"nodev\", \"noexec\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:730: check_mount 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = devpts",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = devpts",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"ro\", \"nosuid\", \"nodev\", \"noexec\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:730: check_mount 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = mqueue",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = mqueue",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"ro\", \"nosuid\", \"nodev\", \"noexec\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:730: check_mount 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = sysfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = sysfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"ro\", \"nosuid\", \"nodev\", \"noexec\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:730: check_mount 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = /run/kata-containers/sandbox/shm",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = /run/kata-containers/sandbox/shm",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"ro\", \"nosuid\", \"nodev\", \"noexec\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"ro\", \"nosuid\", \"nodev\", \"noexec\"], \"source\": \"/run/kata-containers/shared/containers/c469f18bb1c58dab6be747450b77c3321e43ba5dd26d62d19a599b82bdb0ddc5-e1c85415dcc483c7-resolv.conf\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"ro\", \"nosuid\", \"nodev\", \"noexec\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = ^/run/kata-containers/shared/containers/c469f18bb1c58dab6be747450b77c3321e43ba5dd26d62d19a599b82bdb0ddc5-[a-z0-9]{16}-resolv.conf$",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = ^/run/kata-containers/shared/containers/$(bundle-id)-[a-z0-9]{16}-resolv.conf$",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:452: allow_by_bundle_or_sandbox_id: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:459: allow_process: i terminal = false p terminal = false",
    "tests/kata/data/k8s-policy-rc/policy.rego:462: allow_process: i cwd = / i cwd = /",
    "tests/kata/data/k8s-policy-rc/policy.rego:465: allow_process: i noNewPrivileges = true p noNewPrivileges = true",
    "tests/kata/data/k8s-policy-rc/policy.rego:982: allow_caps: policy Ambient = []",
    "tests/kata/data/k8s-policy-rc/policy.rego:983: allow_caps: input Ambient = []",
    "tests/kata/data/k8s-policy-rc/policy.rego:1004: match_caps 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1008: match_caps 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:1011: match_caps 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1022: match_caps 3: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:986: allow_caps: policy Bounding = [\"$(default_caps)\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:987: allow_caps: input Bounding = [\"CAP_CHOWN\", \"CAP_DAC_OVERRIDE\", \"CAP_FSETID\", \"CAP_FOWNER\", \"CAP_MKNOD\", \"CAP_NET_RAW\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_SETFCAP\", \"CAP_SETPCAP\", \"CAP_NET_BIND_SERVICE\", \"CAP_SYS_CHROOT\", \"CAP_KILL\", \"CAP_AUDIT_WRITE\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:1004: match_caps 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1011: match_caps 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1016: match_caps 2: default_caps = [\"CAP_CHOWN\", \"CAP_DAC_OVERRIDE\", \"CAP_FSETID\", \"CAP_FOWNER\", \"CAP_MKNOD\", \"CAP_NET_RAW\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_SETFCAP\", \"CAP_SETPCAP\", \"CAP_NET_BIND_SERVICE\", \"CAP_SYS_CHROOT\", \"CAP_KILL\", \"CAP_AUDIT_WRITE\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:1019: match_caps 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:1022: match_caps 3: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:990: allow_caps: policy Effective = [\"$(default_caps)\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:991: allow_caps: input Effective = [\"CAP_CHOWN\", \"CAP_DAC_OVERRIDE\", \"CAP_FSETID\", \"CAP_FOWNER\", \"CAP_MKNOD\", \"CAP_NET_RAW\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_SETFCAP\", \"CAP_SETPCAP\", \"CAP_NET_BIND_SERVICE\", \"CAP_SYS_CHROOT\", \"CAP_KILL\", \"CAP_AUDIT_WRITE\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:1004: match_caps 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1011: match_caps 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1016: match_caps 2: default_caps = [\"CAP_CHOWN\", \"CAP_DAC_OVERRIDE\", \"CAP_FSETID\", \"CAP_FOWNER\", \"CAP_MKNOD\", \"CAP_NET_RAW\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_SETFCAP\", \"CAP_SETPCAP\", \"CAP_NET_BIND_SERVICE\", \"CAP_SYS_CHROOT\", \"CAP_KILL\", \"CAP_AUDIT_WRITE\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:1019: match_caps 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:1022: match_caps 3: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:994: allow_caps: policy Inheritable = []",
    "tests/kata/data/k8s-policy-rc/policy.rego:995: allow_caps: input Inheritable = []",
    "tests/kata/data/k8s-policy-rc/policy.rego:1004: match_caps 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1008: match_caps 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:1011: match_caps 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1022: match_caps 3: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:998: allow_caps: policy Permitted = [\"$(default_caps)\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:999: allow_caps: input Permitted = [\"CAP_CHOWN\", \"CAP_DAC_OVERRIDE\", \"CAP_FSETID\", \"CAP_FOWNER\", \"CAP_MKNOD\", \"CAP_NET_RAW\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_SETFCAP\", \"CAP_SETPCAP\", \"CAP_NET_BIND_SERVICE\", \"CAP_SYS_CHROOT\", \"CAP_KILL\", \"CAP_AUDIT_WRITE\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:1004: match_caps 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1011: match_caps 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1016: match_caps 2: default_caps = [\"CAP_CHOWN\", \"CAP_DAC_OVERRIDE\", \"CAP_FSETID\", \"CAP_FOWNER\", \"CAP_MKNOD\", \"CAP_NET_RAW\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_SETFCAP\", \"CAP_SETPCAP\", \"CAP_NET_BIND_SERVICE\", \"CAP_SYS_CHROOT\", \"CAP_KILL\", \"CAP_AUDIT_WRITE\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:1019: match_caps 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:1022: match_caps 3: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:497: allow_args 1: no args",
    "tests/kata/data/k8s-policy-rc/policy.rego:505: allow_args 2: policy args = [\"/pause\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:506: allow_args 2: input args = [\"/pause\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:518: allow_arg 1: i = 0 i_arg = /pause p_arg = /pause",
    "tests/kata/data/k8s-policy-rc/policy.rego:523: allow_arg 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:527: allow_arg 2: i = 0 i_arg = /pause p_arg = /pause",
    "tests/kata/data/k8s-policy-rc/policy.rego:536: allow_arg 3: i = 0 i_arg = /pause p_arg = /pause",
    "tests/kata/data/k8s-policy-rc/policy.rego:540: allow_arg 3: p_arg3 = /pause",
    "tests/kata/data/k8s-policy-rc/policy.rego:543: allow_arg 3: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:514: allow_args 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:548: allow_env: p env = [\"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:549: allow_env: i env = [\"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:552: allow_env: i_var = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:563: allow_var 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:574: allow_var 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^HOSTNAME=[a-zA-Z0-9_\\.\\-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PROTO=tcp$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_ADDR=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_HOST=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT_[a-zA-Z0-9_\\.\\-]+=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_CLIENT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_TENANT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_FEDERATED_TOKEN_FILE=/var/run/secrets/azure/tokens/azure-identity-token$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_AUTHORITY_HOST=https://login\\.microsoftonline\\.com/$",
    "tests/kata/data/k8s-policy-rc/policy.rego:556: allow_env: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:473: allow_process: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:165: allow_by_sandbox_name: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:134: allow_by_anno 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:137: allow_by_anno 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:330: allow_linux: p namespaces = [{\"Path\": \"\", \"Type\": \"ipc\"}, {\"Path\": \"\", \"Type\": \"uts\"}, {\"Path\": \"\", \"Type\": \"mount\"}]",
    "tests/kata/data/k8s-policy-rc/policy.rego:333: allow_linux: i namespaces = [{\"Path\": \"\", \"Type\": \"ipc\"}, {\"Path\": \"\", \"Type\": \"uts\"}, {\"Path\": \"\", \"Type\": \"mount\"}]",
    "tests/kata/data/k8s-policy-rc/policy.rego:345: allow_masked_paths 1: p_paths = [\"/proc/acpi\", \"/proc/asound\", \"/proc/kcore\", \"/proc/keys\", \"/proc/latency_stats\", \"/proc/timer_list\", \"/proc/timer_stats\", \"/proc/sched_debug\", \"/sys/firmware\", \"/proc/scsi\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:348: allow_masked_paths 1: i_paths = [\"/proc/acpi\", \"/proc/asound\", \"/proc/kcore\", \"/proc/keys\", \"/proc/latency_stats\", \"/proc/timer_list\", \"/proc/timer_stats\", \"/proc/sched_debug\", \"/sys/firmware\", \"/sys/devices/virtual/powercap\", \"/proc/scsi\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/acpi",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/asound",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/kcore",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/keys",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/latency_stats",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/timer_list",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/timer_stats",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/sched_debug",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /sys/firmware",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/scsi",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:352: allow_masked_paths 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:355: allow_masked_paths 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:382: allow_readonly_paths 1: p_paths = [\"/proc/bus\", \"/proc/fs\", \"/proc/irq\", \"/proc/sys\", \"/proc/sysrq-trigger\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:385: allow_readonly_paths 1: i_paths = [\"/proc/bus\", \"/proc/fs\", \"/proc/irq\", \"/proc/sys\", \"/proc/sysrq-trigger\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:411: allow_readonly_path 1: p_elem = /proc/bus",
    "tests/kata/data/k8s-policy-rc/policy.rego:416: allow_readonly_path 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:419: allow_readonly_path 2: p_elem = /proc/bus",
    "tests/kata/data/k8s-policy-rc/policy.rego:411: allow_readonly_path 1: p_elem = /proc/fs",
    "tests/kata/data/k8s-policy-rc/policy.rego:416: allow_readonly_path 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:419: allow_readonly_path 2: p_elem = /proc/fs",
    "tests/kata/data/k8s-policy-rc/policy.rego:411: allow_readonly_path 1: p_elem = /proc/irq",
    "tests/kata/data/k8s-policy-rc/policy.rego:416: allow_readonly_path 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:419: allow_readonly_path 2: p_elem = /proc/irq",
    "tests/kata/data/k8s-policy-rc/policy.rego:411: allow_readonly_path 1: p_elem = /proc/sys",
    "tests/kata/data/k8s-policy-rc/policy.rego:416: allow_readonly_path 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:419: allow_readonly_path 2: p_elem = /proc/sys",
    "tests/kata/data/k8s-policy-rc/policy.rego:411: allow_readonly_path 1: p_elem = /proc/sysrq-trigger",
    "tests/kata/data/k8s-policy-rc/policy.rego:416: allow_readonly_path 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:419: allow_readonly_path 2: p_elem = /proc/sysrq-trigger",
    "tests/kata/data/k8s-policy-rc/policy.rego:389: allow_readonly_paths 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:392: allow_readonly_paths 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:340: allow_linux: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:79: CreateContainerRequest: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:57: ======== CreateContainerRequest: trying next policy container",
    "tests/kata/data/k8s-policy-rc/policy.rego:61: CreateContainerRequest: p_pidns = false i_pidns = false",
    "tests/kata/data/k8s-policy-rc/policy.rego:66: CreateContainerRequest: p Version = 1.1.0 i Version = 1.1.0",
    "tests/kata/data/k8s-policy-rc/policy.rego:69: CreateContainerRequest: p Readonly = false i Readonly = true"
  ],
  [],
  [],
  [],
  [],
  [],
  [
    "tests/kata/data/k8s-policy-rc/policy.rego:57: ======== CreateContainerRequest: trying next policy container",
    "tests/kata/data/k8s-policy-rc/policy.rego:61: CreateContainerRequest: p_pidns = false i_pidns = false",
    "tests/kata/data/k8s-policy-rc/policy.rego:66: CreateContainerRequest: p Version = 1.1.0 i Version = 1.1.0",
    "tests/kata/data/k8s-policy-rc/policy.rego:69: CreateContainerRequest: p Readonly = true i Readonly = false",
    "tests/kata/data/k8s-policy-rc/policy.rego:57: ======== CreateContainerRequest: trying next policy container",
    "tests/kata/data/k8s-policy-rc/policy.rego:61: CreateContainerRequest: p_pidns = false i_pidns = false",
    "tests/kata/data/k8s-policy-rc/policy.rego:66: CreateContainerRequest: p Version = 1.1.0 i Version = 1.1.0",
    "tests/kata/data/k8s-policy-rc/policy.rego:69: CreateContainerRequest: p Readonly = false i Readonly = false",
    "tests/kata/data/k8s-policy-rc/policy.rego:84: allow_anno 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:91: allow_anno 2: p Annotations = {\"io.katacontainers.pkg.oci.bundle_path\": \"/run/containerd/io.containerd.runtime.v2.task/k8s.io/$(bundle-id)\", \"io.katacontainers.pkg.oci.container_type\": \"pod_container\", \"io.kubernetes.cri.container-name\": \"nginxtest\", \"io.kubernetes.cri.container-type\": \"container\", \"io.kubernetes.cri.image-name\": \"quay.io/sjenning/nginx:1.15-alpine\", \"io.kubernetes.cri.sandbox-id\": \"^[a-z0-9]{64}$\", \"io.kubernetes.cri.sandbox-namespace\": \"kata-containers-k8s-tests\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:92: allow_anno 2: i Annotations = {\"io.katacontainers.pkg.oci.bundle_path\": \"/run/containerd/io.containerd.runtime.v2.task/k8s.io/432a988cdb7fd4798e112d1a27a272d86e665dbfbdc4fc6937af127120b3a03e\", \"io.katacontainers.pkg.oci.container_type\": \"pod_container\", \"io.kubernetes.cri.container-name\": \"nginxtest\", \"io.kubernetes.cri.container-type\": \"container\", \"io.kubernetes.cri.image-name\": \"quay.io/sjenning/nginx:1.15-alpine\", \"io.kubernetes.cri.sandbox-id\": \"c469f18bb1c58dab6be747450b77c3321e43ba5dd26d62d19a599b82bdb0ddc5\", \"io.kubernetes.cri.sandbox-name\": \"policy-rc-test-674df\", \"io.kubernetes.cri.sandbox-namespace\": \"kata-containers-k8s-tests\", \"io.kubernetes.cri.sandbox-uid\": \"eeb60852-0dcd-4387-b0f9-eebd63ddb7a8\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:95: allow_anno 2: i keys = {\"io.katacontainers.pkg.oci.bundle_path\", \"io.katacontainers.pkg.oci.container_type\", \"io.kubernetes.cri.container-name\", \"io.kubernetes.cri.container-type\", \"io.kubernetes.cri.image-name\", \"io.kubernetes.cri.sandbox-id\", \"io.kubernetes.cri.sandbox-name\", \"io.kubernetes.cri.sandbox-namespace\", \"io.kubernetes.cri.sandbox-uid\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.katacontainers.pkg.oci.bundle_path",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.katacontainers.pkg.oci.bundle_path",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.katacontainers.pkg.oci.container_type",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.katacontainers.pkg.oci.container_type",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.container-name",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.container-name",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.container-type",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.container-type",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.image-name",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.image-name",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.sandbox-id",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.sandbox-id",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.sandbox-name",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.sandbox-name",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.sandbox-namespace",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.sandbox-namespace",
    "tests/kata/data/k8s-policy-rc/policy.rego:117: allow_anno_key 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:105: allow_anno_key 1: i key = io.kubernetes.cri.sandbox-uid",
    "tests/kata/data/k8s-policy-rc/policy.rego:109: allow_anno_key 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:112: allow_anno_key 2: i key = io.kubernetes.cri.sandbox-uid",
    "tests/kata/data/k8s-policy-rc/policy.rego:101: allow_anno 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:123: allow_by_anno 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:130: allow_by_anno 1: i_s_name = policy-rc-test-674df",
    "tests/kata/data/k8s-policy-rc/policy.rego:152: allow_by_sandbox_name: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:158: allow_by_sandbox_name: p_namespace = kata-containers-k8s-tests i_namespace = kata-containers-k8s-tests",
    "tests/kata/data/k8s-policy-rc/policy.rego:190: allow_by_container_types: checking io.kubernetes.cri.container-type",
    "tests/kata/data/k8s-policy-rc/policy.rego:196: allow_by_container_types: p_cri_type = container i_cri_type = container",
    "tests/kata/data/k8s-policy-rc/policy.rego:205: allow_by_container_type 1: i_cri_type = container",
    "tests/kata/data/k8s-policy-rc/policy.rego:220: allow_by_container_type 2: i_cri_type = container",
    "tests/kata/data/k8s-policy-rc/policy.rego:224: allow_by_container_type 2: i_kata_type = pod_container",
    "tests/kata/data/k8s-policy-rc/policy.rego:244: allow_container_name: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:261: allow_container_annotation: key = io.kubernetes.cri.container-name",
    "tests/kata/data/k8s-policy-rc/policy.rego:265: allow_container_annotation: p_value = nginxtest i_value = nginxtest",
    "tests/kata/data/k8s-policy-rc/policy.rego:269: allow_container_annotation: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:248: allow_container_name: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:288: allow_net_namespace: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:295: allow_net_namespace: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:318: allow_log_directory: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:325: allow_log_directory: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:231: allow_by_container_type 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:201: allow_by_container_types: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:430: allow_by_bundle_or_sandbox_id: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:440: allow_by_bundle_or_sandbox_id: sandbox_id = c469f18bb1c58dab6be747450b77c3321e43ba5dd26d62d19a599b82bdb0ddc5 regex = ^[a-z0-9]{64}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:701: allow_root_path: i_path = /run/kata-containers/shared/containers/432a988cdb7fd4798e112d1a27a272d86e665dbfbdc4fc6937af127120b3a03e/rootfs p_path1 = $(cpath)/$(bundle-id)/rootfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:704: allow_root_path: p_path2 = /run/kata-containers/shared/containers/$(bundle-id)/rootfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:707: allow_root_path: p_path3 = /run/kata-containers/shared/containers/432a988cdb7fd4798e112d1a27a272d86e665dbfbdc4fc6937af127120b3a03e/rootfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:711: allow_root_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:730: check_mount 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = proc",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = proc",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hosts$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)termination-log$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hostname$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)serviceaccount$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/azure/tokens\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)tokens$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"^$(cpath)/$(sandbox-id)/rootfs/local/host-empty-vol$\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:730: check_mount 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = tmpfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = tmpfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hosts$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)termination-log$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hostname$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)serviceaccount$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/azure/tokens\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)tokens$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"^$(cpath)/$(sandbox-id)/rootfs/local/host-empty-vol$\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:730: check_mount 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = devpts",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = devpts",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hosts$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)termination-log$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hostname$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)serviceaccount$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/azure/tokens\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)tokens$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"^$(cpath)/$(sandbox-id)/rootfs/local/host-empty-vol$\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:730: check_mount 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = mqueue",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = mqueue",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hosts$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)termination-log$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hostname$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)serviceaccount$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/azure/tokens\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)tokens$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"^$(cpath)/$(sandbox-id)/rootfs/local/host-empty-vol$\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:730: check_mount 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = sysfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = sysfs",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hosts$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)termination-log$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hostname$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)serviceaccount$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/azure/tokens\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)tokens$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"^$(cpath)/$(sandbox-id)/rootfs/local/host-empty-vol$\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:730: check_mount 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = cgroup",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = cgroup",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hosts$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)termination-log$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hostname$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)serviceaccount$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/azure/tokens\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)tokens$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"^$(cpath)/$(sandbox-id)/rootfs/local/host-empty-vol$\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"/run/kata-containers/shared/containers/c469f18bb1c58dab6be747450b77c3321e43ba5dd26d62d19a599b82bdb0ddc5/rootfs/local/host-empty-vol\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hosts$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)termination-log$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hostname$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)serviceaccount$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/azure/tokens\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)tokens$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"^$(cpath)/$(sandbox-id)/rootfs/local/host-empty-vol$\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = ^/run/kata-containers/shared/containers/$(sandbox-id)/rootfs/local/host-empty-vol$",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = ^/run/kata-containers/shared/containers/c469f18bb1c58dab6be747450b77c3321e43ba5dd26d62d19a599b82bdb0ddc5/rootfs/local/host-empty-vol$",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"/run/kata-containers/shared/containers/432a988cdb7fd4798e112d1a27a272d86e665dbfbdc4fc6937af127120b3a03e-01336f00e960a39f-hosts\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hosts$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = ^/run/kata-containers/shared/containers/432a988cdb7fd4798e112d1a27a272d86e665dbfbdc4fc6937af127120b3a03e-[a-z0-9]{16}-hosts$",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = ^/run/kata-containers/shared/containers/$(bundle-id)-[a-z0-9]{16}-hosts$",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)termination-log$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hostname$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)serviceaccount$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/azure/tokens\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)tokens$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"^$(cpath)/$(sandbox-id)/rootfs/local/host-empty-vol$\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"/run/kata-containers/shared/containers/432a988cdb7fd4798e112d1a27a272d86e665dbfbdc4fc6937af127120b3a03e-90afc9ee3516c39f-termination-log\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hosts$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)termination-log$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = ^/run/kata-containers/shared/containers/432a988cdb7fd4798e112d1a27a272d86e665dbfbdc4fc6937af127120b3a03e-[a-z0-9]{16}-termination-log$",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = ^/run/kata-containers/shared/containers/$(bundle-id)-[a-z0-9]{16}-termination-log$",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hostname$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)serviceaccount$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/azure/tokens\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)tokens$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"^$(cpath)/$(sandbox-id)/rootfs/local/host-empty-vol$\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"/run/kata-containers/shared/containers/432a988cdb7fd4798e112d1a27a272d86e665dbfbdc4fc6937af127120b3a03e-094a24e380ead97f-hostname\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hosts$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)termination-log$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hostname$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = ^/run/kata-containers/shared/containers/432a988cdb7fd4798e112d1a27a272d86e665dbfbdc4fc6937af127120b3a03e-[a-z0-9]{16}-hostname$",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = ^/run/kata-containers/shared/containers/$(bundle-id)-[a-z0-9]{16}-hostname$",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)serviceaccount$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/azure/tokens\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)tokens$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"^$(cpath)/$(sandbox-id)/rootfs/local/host-empty-vol$\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"/run/kata-containers/shared/containers/432a988cdb7fd4798e112d1a27a272d86e665dbfbdc4fc6937af127120b3a03e-530431b992f6d296-resolv.conf\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hosts$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)termination-log$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hostname$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = ^/run/kata-containers/shared/containers/432a988cdb7fd4798e112d1a27a272d86e665dbfbdc4fc6937af127120b3a03e-[a-z0-9]{16}-resolv.conf$",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = ^/run/kata-containers/shared/containers/$(bundle-id)-[a-z0-9]{16}-resolv.conf$",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)serviceaccount$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/azure/tokens\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)tokens$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"^$(cpath)/$(sandbox-id)/rootfs/local/host-empty-vol$\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:730: check_mount 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = /run/kata-containers/sandbox/shm",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = /run/kata-containers/sandbox/shm",
    "tests/kata/data/k8s-policy-rc/policy.rego:762: mount_source_allows 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hosts$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)termination-log$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hostname$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)serviceaccount$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/azure/tokens\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)tokens$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"^$(cpath)/$(sandbox-id)/rootfs/local/host-empty-vol$\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:716: allow_mount: i_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"/run/kata-containers/shared/containers/432a988cdb7fd4798e112d1a27a272d86e665dbfbdc4fc6937af127120b3a03e-cb7632a83c5a9dc3-serviceaccount\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/proc\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"proc\", \"type_\": \"proc\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev\", \"options\": [\"nosuid\", \"strictatime\", \"mode=755\", \"size=65536k\"], \"source\": \"tmpfs\", \"type_\": \"tmpfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/pts\", \"options\": [\"nosuid\", \"noexec\", \"newinstance\", \"ptmxmode=0666\", \"mode=0620\", \"gid=5\"], \"source\": \"devpts\", \"type_\": \"devpts\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/shm\", \"options\": [\"rbind\"], \"source\": \"/run/kata-containers/sandbox/shm\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/mqueue\", \"options\": [\"nosuid\", \"noexec\", \"nodev\"], \"source\": \"mqueue\", \"type_\": \"mqueue\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"ro\"], \"source\": \"sysfs\", \"type_\": \"sysfs\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/sys/fs/cgroup\", \"options\": [\"nosuid\", \"noexec\", \"nodev\", \"relatime\", \"ro\"], \"source\": \"cgroup\", \"type_\": \"cgroup\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hosts\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hosts$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/dev/termination-log\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)termination-log$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/hostname\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)hostname$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/etc/resolv.conf\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"$(sfprefix)resolv.conf$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/kubernetes.io/serviceaccount\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)serviceaccount$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:748: mount_source_allows 1: regex4 = ^/run/kata-containers/shared/containers/432a988cdb7fd4798e112d1a27a272d86e665dbfbdc4fc6937af127120b3a03e-[a-z0-9]{16}-serviceaccount$",
    "tests/kata/data/k8s-policy-rc/policy.rego:751: mount_source_allows 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:759: mount_source_allows 2: regex4 = ^/run/kata-containers/shared/containers/$(bundle-id)-[a-z0-9]{16}-serviceaccount$",
    "tests/kata/data/k8s-policy-rc/policy.rego:739: check_mount 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:725: allow_mount: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/var/run/secrets/azure/tokens\", \"options\": [\"rbind\", \"rprivate\", \"ro\"], \"source\": \"$(sfprefix)tokens$\", \"type_\": \"bind\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:719: allow_mount: p_mount = {\"destination\": \"/host/cache\", \"options\": [\"rbind\", \"rprivate\", \"rw\"], \"source\": \"^$(cpath)/$(sandbox-id)/rootfs/local/host-empty-vol$\", \"type_\": \"local\"}",
    "tests/kata/data/k8s-policy-rc/policy.rego:452: allow_by_bundle_or_sandbox_id: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:459: allow_process: i terminal = false p terminal = false",
    "tests/kata/data/k8s-policy-rc/policy.rego:462: allow_process: i cwd = / i cwd = /",
    "tests/kata/data/k8s-policy-rc/policy.rego:465: allow_process: i noNewPrivileges = false p noNewPrivileges = false",
    "tests/kata/data/k8s-policy-rc/policy.rego:982: allow_caps: policy Ambient = []",
    "tests/kata/data/k8s-policy-rc/policy.rego:983: allow_caps: input Ambient = []",
    "tests/kata/data/k8s-policy-rc/policy.rego:1004: match_caps 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1008: match_caps 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:1011: match_caps 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1022: match_caps 3: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:986: allow_caps: policy Bounding = [\"$(default_caps)\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:987: allow_caps: input Bounding = [\"CAP_CHOWN\", \"CAP_DAC_OVERRIDE\", \"CAP_FSETID\", \"CAP_FOWNER\", \"CAP_MKNOD\", \"CAP_NET_RAW\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_SETFCAP\", \"CAP_SETPCAP\", \"CAP_NET_BIND_SERVICE\", \"CAP_SYS_CHROOT\", \"CAP_KILL\", \"CAP_AUDIT_WRITE\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:1004: match_caps 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1011: match_caps 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1016: match_caps 2: default_caps = [\"CAP_CHOWN\", \"CAP_DAC_OVERRIDE\", \"CAP_FSETID\", \"CAP_FOWNER\", \"CAP_MKNOD\", \"CAP_NET_RAW\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_SETFCAP\", \"CAP_SETPCAP\", \"CAP_NET_BIND_SERVICE\", \"CAP_SYS_CHROOT\", \"CAP_KILL\", \"CAP_AUDIT_WRITE\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:1019: match_caps 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:1022: match_caps 3: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:990: allow_caps: policy Effective = [\"$(default_caps)\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:991: allow_caps: input Effective = [\"CAP_CHOWN\", \"CAP_DAC_OVERRIDE\", \"CAP_FSETID\", \"CAP_FOWNER\", \"CAP_MKNOD\", \"CAP_NET_RAW\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_SETFCAP\", \"CAP_SETPCAP\", \"CAP_NET_BIND_SERVICE\", \"CAP_SYS_CHROOT\", \"CAP_KILL\", \"CAP_AUDIT_WRITE\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:1004: match_caps 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1011: match_caps 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1016: match_caps 2: default_caps = [\"CAP_CHOWN\", \"CAP_DAC_OVERRIDE\", \"CAP_FSETID\", \"CAP_FOWNER\", \"CAP_MKNOD\", \"CAP_NET_RAW\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_SETFCAP\", \"CAP_SETPCAP\", \"CAP_NET_BIND_SERVICE\", \"CAP_SYS_CHROOT\", \"CAP_KILL\", \"CAP_AUDIT_WRITE\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:1019: match_caps 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:1022: match_caps 3: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:994: allow_caps: policy Inheritable = []",
    "tests/kata/data/k8s-policy-rc/policy.rego:995: allow_caps: input Inheritable = []",
    "tests/kata/data/k8s-policy-rc/policy.rego:1004: match_caps 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1008: match_caps 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:1011: match_caps 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1022: match_caps 3: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:998: allow_caps: policy Permitted = [\"$(default_caps)\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:999: allow_caps: input Permitted = [\"CAP_CHOWN\", \"CAP_DAC_OVERRIDE\", \"CAP_FSETID\", \"CAP_FOWNER\", \"CAP_MKNOD\", \"CAP_NET_RAW\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_SETFCAP\", \"CAP_SETPCAP\", \"CAP_NET_BIND_SERVICE\", \"CAP_SYS_CHROOT\", \"CAP_KILL\", \"CAP_AUDIT_WRITE\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:1004: match_caps 1: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1011: match_caps 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:1016: match_caps 2: default_caps = [\"CAP_CHOWN\", \"CAP_DAC_OVERRIDE\", \"CAP_FSETID\", \"CAP_FOWNER\", \"CAP_MKNOD\", \"CAP_NET_RAW\", \"CAP_SETGID\", \"CAP_SETUID\", \"CAP_SETFCAP\", \"CAP_SETPCAP\", \"CAP_NET_BIND_SERVICE\", \"CAP_SYS_CHROOT\", \"CAP_KILL\", \"CAP_AUDIT_WRITE\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:1019: match_caps 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:1022: match_caps 3: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:497: allow_args 1: no args",
    "tests/kata/data/k8s-policy-rc/policy.rego:505: allow_args 2: policy args = [\"nginx\", \"-g\", \"daemon off;\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:506: allow_args 2: input args = [\"nginx\", \"-g\", \"daemon off;\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:518: allow_arg 1: i = 0 i_arg = nginx p_arg = nginx",
    "tests/kata/data/k8s-policy-rc/policy.rego:523: allow_arg 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:527: allow_arg 2: i = 0 i_arg = nginx p_arg = nginx",
    "tests/kata/data/k8s-policy-rc/policy.rego:536: allow_arg 3: i = 0 i_arg = nginx p_arg = nginx",
    "tests/kata/data/k8s-policy-rc/policy.rego:540: allow_arg 3: p_arg3 = nginx",
    "tests/kata/data/k8s-policy-rc/policy.rego:543: allow_arg 3: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:518: allow_arg 1: i = 1 i_arg = -g p_arg = -g",
    "tests/kata/data/k8s-policy-rc/policy.rego:523: allow_arg 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:527: allow_arg 2: i = 1 i_arg = -g p_arg = -g",
    "tests/kata/data/k8s-policy-rc/policy.rego:536: allow_arg 3: i = 1 i_arg = -g p_arg = -g",
    "tests/kata/data/k8s-policy-rc/policy.rego:540: allow_arg 3: p_arg3 = -g",
    "tests/kata/data/k8s-policy-rc/policy.rego:543: allow_arg 3: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:518: allow_arg 1: i = 2 i_arg = daemon off; p_arg = daemon off;",
    "tests/kata/data/k8s-policy-rc/policy.rego:523: allow_arg 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:527: allow_arg 2: i = 2 i_arg = daemon off; p_arg = daemon off;",
    "tests/kata/data/k8s-policy-rc/policy.rego:536: allow_arg 3: i = 2 i_arg = daemon off; p_arg = daemon off;",
    "tests/kata/data/k8s-policy-rc/policy.rego:540: allow_arg 3: p_arg3 = daemon off;",
    "tests/kata/data/k8s-policy-rc/policy.rego:543: allow_arg 3: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:514: allow_args 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:548: allow_env: p env = [\"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\", \"NGINX_VERSION=1.15.12\", \"HOSTNAME=$(host-name)\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:549: allow_env: i env = [\"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\", \"HOSTNAME=policy-rc-test-674df\", \"NGINX_VERSION=1.15.12\", \"KUBERNETES_PORT_443_TCP=tcp://10.0.0.1:443\", \"KUBERNETES_PORT_443_TCP_PROTO=tcp\", \"KUBERNETES_PORT_443_TCP_PORT=443\", \"KUBERNETES_PORT_443_TCP_ADDR=10.0.0.1\", \"KUBERNETES_SERVICE_HOST=10.0.0.1\", \"KUBERNETES_SERVICE_PORT=443\", \"KUBERNETES_SERVICE_PORT_HTTPS=443\", \"KUBERNETES_PORT=tcp://10.0.0.1:443\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:552: allow_env: i_var = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:563: allow_var 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:574: allow_var 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^HOSTNAME=[a-zA-Z0-9_\\.\\-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PROTO=tcp$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_ADDR=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_HOST=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT_[a-zA-Z0-9_\\.\\-]+=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_CLIENT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_TENANT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_FEDERATED_TOKEN_FILE=/var/run/secrets/azure/tokens/azure-identity-token$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_AUTHORITY_HOST=https://login\\.microsoftonline\\.com/$",
    "tests/kata/data/k8s-policy-rc/policy.rego:552: allow_env: i_var = HOSTNAME=policy-rc-test-674df",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^HOSTNAME=[a-zA-Z0-9_\\.\\-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:588: allow_var 3: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PROTO=tcp$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_ADDR=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_HOST=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT_[a-zA-Z0-9_\\.\\-]+=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_CLIENT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_TENANT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_FEDERATED_TOKEN_FILE=/var/run/secrets/azure/tokens/azure-identity-token$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_AUTHORITY_HOST=https://login\\.microsoftonline\\.com/$",
    "tests/kata/data/k8s-policy-rc/policy.rego:619: allow_var 5: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:552: allow_env: i_var = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:563: allow_var 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:574: allow_var 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^HOSTNAME=[a-zA-Z0-9_\\.\\-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PROTO=tcp$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_ADDR=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_HOST=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT_[a-zA-Z0-9_\\.\\-]+=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_CLIENT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_TENANT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_FEDERATED_TOKEN_FILE=/var/run/secrets/azure/tokens/azure-identity-token$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_AUTHORITY_HOST=https://login\\.microsoftonline\\.com/$",
    "tests/kata/data/k8s-policy-rc/policy.rego:552: allow_env: i_var = KUBERNETES_PORT_443_TCP=tcp://10.0.0.1:443",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^HOSTNAME=[a-zA-Z0-9_\\.\\-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:588: allow_var 3: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PROTO=tcp$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_ADDR=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_HOST=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT_[a-zA-Z0-9_\\.\\-]+=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_CLIENT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_TENANT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_FEDERATED_TOKEN_FILE=/var/run/secrets/azure/tokens/azure-identity-token$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_AUTHORITY_HOST=https://login\\.microsoftonline\\.com/$",
    "tests/kata/data/k8s-policy-rc/policy.rego:552: allow_env: i_var = KUBERNETES_PORT_443_TCP_PROTO=tcp",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^HOSTNAME=[a-zA-Z0-9_\\.\\-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PROTO=tcp$",
    "tests/kata/data/k8s-policy-rc/policy.rego:588: allow_var 3: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_ADDR=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_HOST=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT_[a-zA-Z0-9_\\.\\-]+=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_CLIENT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_TENANT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_FEDERATED_TOKEN_FILE=/var/run/secrets/azure/tokens/azure-identity-token$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_AUTHORITY_HOST=https://login\\.microsoftonline\\.com/$",
    "tests/kata/data/k8s-policy-rc/policy.rego:552: allow_env: i_var = KUBERNETES_PORT_443_TCP_PORT=443",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^HOSTNAME=[a-zA-Z0-9_\\.\\-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PROTO=tcp$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:588: allow_var 3: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_ADDR=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_HOST=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT_[a-zA-Z0-9_\\.\\-]+=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_CLIENT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_TENANT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_FEDERATED_TOKEN_FILE=/var/run/secrets/azure/tokens/azure-identity-token$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_AUTHORITY_HOST=https://login\\.microsoftonline\\.com/$",
    "tests/kata/data/k8s-policy-rc/policy.rego:552: allow_env: i_var = KUBERNETES_PORT_443_TCP_ADDR=10.0.0.1",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^HOSTNAME=[a-zA-Z0-9_\\.\\-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PROTO=tcp$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_ADDR=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:588: allow_var 3: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_HOST=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT_[a-zA-Z0-9_\\.\\-]+=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_CLIENT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_TENANT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_FEDERATED_TOKEN_FILE=/var/run/secrets/azure/tokens/azure-identity-token$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_AUTHORITY_HOST=https://login\\.microsoftonline\\.com/$",
    "tests/kata/data/k8s-policy-rc/policy.rego:654: allow_pod_ip_var: var_name = KUBERNETES_PORT_443_TCP_ADDR p_var = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:654: allow_pod_ip_var: var_name = KUBERNETES_PORT_443_TCP_ADDR p_var = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:654: allow_pod_ip_var: var_name = KUBERNETES_PORT_443_TCP_ADDR p_var = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:666: allow_host_ip_var: var_name = KUBERNETES_PORT_443_TCP_ADDR p_var = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:666: allow_host_ip_var: var_name = KUBERNETES_PORT_443_TCP_ADDR p_var = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:666: allow_host_ip_var: var_name = KUBERNETES_PORT_443_TCP_ADDR p_var = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:552: allow_env: i_var = KUBERNETES_SERVICE_HOST=10.0.0.1",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^HOSTNAME=[a-zA-Z0-9_\\.\\-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PROTO=tcp$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_ADDR=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_HOST=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:588: allow_var 3: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT_[a-zA-Z0-9_\\.\\-]+=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_CLIENT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_TENANT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_FEDERATED_TOKEN_FILE=/var/run/secrets/azure/tokens/azure-identity-token$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_AUTHORITY_HOST=https://login\\.microsoftonline\\.com/$",
    "tests/kata/data/k8s-policy-rc/policy.rego:654: allow_pod_ip_var: var_name = KUBERNETES_SERVICE_HOST p_var = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:654: allow_pod_ip_var: var_name = KUBERNETES_SERVICE_HOST p_var = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:654: allow_pod_ip_var: var_name = KUBERNETES_SERVICE_HOST p_var = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:666: allow_host_ip_var: var_name = KUBERNETES_SERVICE_HOST p_var = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:666: allow_host_ip_var: var_name = KUBERNETES_SERVICE_HOST p_var = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:666: allow_host_ip_var: var_name = KUBERNETES_SERVICE_HOST p_var = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:552: allow_env: i_var = KUBERNETES_SERVICE_PORT=443",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^HOSTNAME=[a-zA-Z0-9_\\.\\-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PROTO=tcp$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_ADDR=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_HOST=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:588: allow_var 3: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT_[a-zA-Z0-9_\\.\\-]+=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_CLIENT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_TENANT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_FEDERATED_TOKEN_FILE=/var/run/secrets/azure/tokens/azure-identity-token$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_AUTHORITY_HOST=https://login\\.microsoftonline\\.com/$",
    "tests/kata/data/k8s-policy-rc/policy.rego:552: allow_env: i_var = KUBERNETES_SERVICE_PORT_HTTPS=443",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^HOSTNAME=[a-zA-Z0-9_\\.\\-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PROTO=tcp$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_ADDR=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_HOST=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT_[a-zA-Z0-9_\\.\\-]+=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:588: allow_var 3: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_CLIENT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_TENANT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_FEDERATED_TOKEN_FILE=/var/run/secrets/azure/tokens/azure-identity-token$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_AUTHORITY_HOST=https://login\\.microsoftonline\\.com/$",
    "tests/kata/data/k8s-policy-rc/policy.rego:552: allow_env: i_var = KUBERNETES_PORT=tcp://10.0.0.1:443",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = NGINX_VERSION=1.15.12",
    "tests/kata/data/k8s-policy-rc/policy.rego:571: allow_var 2: p_var2 = HOSTNAME=$(host-name)",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^HOSTNAME=[a-zA-Z0-9_\\.\\-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PROTO=tcp$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT_[0-9]{1,5}_TCP_ADDR=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_HOST=(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_SERVICE_PORT_[a-zA-Z0-9_\\.\\-]+=[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^[A-Z_\\.\\-]+_PORT=tcp://(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]):[0-9]{1,5}$",
    "tests/kata/data/k8s-policy-rc/policy.rego:588: allow_var 3: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_CLIENT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_TENANT_ID=[A-Fa-f0-9-]+$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_FEDERATED_TOKEN_FILE=/var/run/secrets/azure/tokens/azure-identity-token$",
    "tests/kata/data/k8s-policy-rc/policy.rego:585: allow_var 3: p_regex5 = ^AZURE_AUTHORITY_HOST=https://login\\.microsoftonline\\.com/$",
    "tests/kata/data/k8s-policy-rc/policy.rego:556: allow_env: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:473: allow_process: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:165: allow_by_sandbox_name: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:134: allow_by_anno 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:137: allow_by_anno 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:330: allow_linux: p namespaces = [{\"Path\": \"\", \"Type\": \"ipc\"}, {\"Path\": \"\", \"Type\": \"uts\"}, {\"Path\": \"\", \"Type\": \"mount\"}]",
    "tests/kata/data/k8s-policy-rc/policy.rego:333: allow_linux: i namespaces = [{\"Path\": \"\", \"Type\": \"ipc\"}, {\"Path\": \"\", \"Type\": \"uts\"}, {\"Path\": \"\", \"Type\": \"mount\"}]",
    "tests/kata/data/k8s-policy-rc/policy.rego:345: allow_masked_paths 1: p_paths = [\"/proc/acpi\", \"/proc/kcore\", \"/proc/keys\", \"/proc/latency_stats\", \"/proc/timer_list\", \"/proc/timer_stats\", \"/proc/sched_debug\", \"/proc/scsi\", \"/sys/firmware\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:348: allow_masked_paths 1: i_paths = [\"/proc/asound\", \"/proc/acpi\", \"/proc/kcore\", \"/proc/keys\", \"/proc/latency_stats\", \"/proc/timer_list\", \"/proc/timer_stats\", \"/proc/sched_debug\", \"/proc/scsi\", \"/sys/firmware\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/acpi",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/kcore",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/keys",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/latency_stats",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/timer_list",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/timer_stats",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/sched_debug",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /proc/scsi",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:372: allow_masked_path: p_elem = /sys/firmware",
    "tests/kata/data/k8s-policy-rc/policy.rego:377: allow_masked_path: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:352: allow_masked_paths 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:355: allow_masked_paths 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:382: allow_readonly_paths 1: p_paths = [\"/proc/asound\", \"/proc/bus\", \"/proc/fs\", \"/proc/irq\", \"/proc/sys\", \"/proc/sysrq-trigger\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:385: allow_readonly_paths 1: i_paths = [\"/proc/bus\", \"/proc/fs\", \"/proc/irq\", \"/proc/sys\", \"/proc/sysrq-trigger\"]",
    "tests/kata/data/k8s-policy-rc/policy.rego:411: allow_readonly_path 1: p_elem = /proc/asound",
    "tests/kata/data/k8s-policy-rc/policy.rego:419: allow_readonly_path 2: p_elem = /proc/asound",
    "tests/kata/data/k8s-policy-rc/policy.rego:424: allow_readonly_path 2: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:411: allow_readonly_path 1: p_elem = /proc/bus",
    "tests/kata/data/k8s-policy-rc/policy.rego:416: allow_readonly_path 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:419: allow_readonly_path 2: p_elem = /proc/bus",
    "tests/kata/data/k8s-policy-rc/policy.rego:411: allow_readonly_path 1: p_elem = /proc/fs",
    "tests/kata/data/k8s-policy-rc/policy.rego:416: allow_readonly_path 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:419: allow_readonly_path 2: p_elem = /proc/fs",
    "tests/kata/data/k8s-policy-rc/policy.rego:411: allow_readonly_path 1: p_elem = /proc/irq",
    "tests/kata/data/k8s-policy-rc/policy.rego:416: allow_readonly_path 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:419: allow_readonly_path 2: p_elem = /proc/irq",
    "tests/kata/data/k8s-policy-rc/policy.rego:411: allow_readonly_path 1: p_elem = /proc/sys",
    "tests/kata/data/k8s-policy-rc/policy.rego:416: allow_readonly_path 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:419: allow_readonly_path 2: p_elem = /proc/sys",
    "tests/kata/data/k8s-policy-rc/policy.rego:411: allow_readonly_path 1: p_elem = /proc/sysrq-trigger",
    "tests/kata/data/k8s-policy-rc/policy.rego:416: allow_readonly_path 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:419: allow_readonly_path 2: p_elem = /proc/sysrq-trigger",
    "tests/kata/data/k8s-policy-rc/policy.rego:389: allow_readonly_paths 1: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:392: allow_readonly_paths 2: start",
    "tests/kata/data/k8s-policy-rc/policy.rego:340: allow_linux: true",
    "tests/kata/data/k8s-policy-rc/policy.rego:79: CreateContainerRequest: true"
  ],
  [],
  [],
  [],
  [],
  []
]