From ca569208a62073945b76178f5d00bb3abad65453 Mon Sep 17 00:00:00 2001
From: Ved Ratan <vedratan8@gmail.com>
Date: Thu, 2 May 2024 20:01:01 +0530
Subject: [PATCH] added chainsaw tests for nimbus-kyverno-adapter

Signed-off-by: Ved Ratan <vedratan8@gmail.com>
---
 .../controllers/nimbuspolicy/delete/README.md |  69 ++++++------
 .../controllers/nimbuspolicy/update/README.md |  69 ++++++------
 tests/controllers/securityintent/README.md    |  33 +++---
 .../securityintentbinding/create/README.md    |  69 ++++++------
 .../securityintentbinding/delete/README.md    |  57 +++++-----
 .../securityintentbinding/update/README.md    |  57 +++++-----
 .../controllers/sis-and-sibs/create/README.md |  81 +++++++-------
 .../controllers/sis-and-sibs/delete/README.md |  81 +++++++-------
 .../controllers/sis-and-sibs/update/README.md | 105 +++++++++---------
 tests/e2e/escape-to-host/create/README.md     |  90 +++++++++++++++
 .../escape-to-host/create/chainsaw-test.yaml  |  52 +++++++++
 tests/e2e/escape-to-host/delete/README.md     |  78 +++++++++++++
 .../escape-to-host/delete/chainsaw-test.yaml  |  52 +++++++++
 tests/e2e/escape-to-host/kyverno-policy.yaml  |  40 +++++++
 .../escape-to-host/nimbus-policy-assert.yaml  |  28 +++++
 .../e2e/escape-to-host/np-status-assert.yaml  |  16 +++
 .../e2e/escape-to-host/sib-status-assert.yaml |  13 +++
 tests/e2e/escape-to-host/update/README.md     |  78 +++++++++++++
 .../escape-to-host/update/chainsaw-test.yaml  |  42 +++++++
 .../updated-kyverno-policy.yaml               |  34 ++++++
 .../namespaced/escape-to-host-si.yaml         |  12 ++
 .../namespaced/escape-to-host-sib.yaml        |  17 +++
 22 files changed, 876 insertions(+), 297 deletions(-)
 create mode 100644 tests/e2e/escape-to-host/create/README.md
 create mode 100644 tests/e2e/escape-to-host/create/chainsaw-test.yaml
 create mode 100644 tests/e2e/escape-to-host/delete/README.md
 create mode 100644 tests/e2e/escape-to-host/delete/chainsaw-test.yaml
 create mode 100644 tests/e2e/escape-to-host/kyverno-policy.yaml
 create mode 100644 tests/e2e/escape-to-host/nimbus-policy-assert.yaml
 create mode 100644 tests/e2e/escape-to-host/np-status-assert.yaml
 create mode 100644 tests/e2e/escape-to-host/sib-status-assert.yaml
 create mode 100644 tests/e2e/escape-to-host/update/README.md
 create mode 100644 tests/e2e/escape-to-host/update/chainsaw-test.yaml
 create mode 100644 tests/e2e/escape-to-host/updated-kyverno-policy.yaml
 create mode 100644 tests/e2e/resources/namespaced/escape-to-host-si.yaml
 create mode 100644 tests/e2e/resources/namespaced/escape-to-host-sib.yaml

diff --git a/tests/controllers/nimbuspolicy/delete/README.md b/tests/controllers/nimbuspolicy/delete/README.md
index 579076a0..c3fb5eac 100644
--- a/tests/controllers/nimbuspolicy/delete/README.md
+++ b/tests/controllers/nimbuspolicy/delete/README.md
@@ -3,62 +3,65 @@
 This test validates that when a NimbusPolicy is directly deleted, nimbus automatically re-creates the deleted NimbusPolicy or not.
 
 
-### Steps
+## Steps
 
-| # | Name | Try | Catch | Finally |
-|:-:|---|:-:|:-:|:-:|
-| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 1 | 0 | 0 |
-| 2 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 1 | 0 | 0 |
-| 3 | [Verity NimbusPolicy creation](#step-Verity NimbusPolicy creation) | 1 | 0 | 0 |
-| 4 | [Delete existing NimbusPolicy](#step-Delete existing NimbusPolicy) | 1 | 0 | 0 |
-| 5 | [Verify NimbusPolicy recreation](#step-Verify NimbusPolicy recreation) | 1 | 0 | 0 |
+| # | Name | Bindings | Try | Catch | Finally |
+|:-:|---|:-:|:-:|:-:|:-:|
+| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 0 | 1 | 0 | 0 |
+| 2 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 3 | [Verity NimbusPolicy creation](#step-Verity NimbusPolicy creation) | 0 | 1 | 0 | 0 |
+| 4 | [Delete existing NimbusPolicy](#step-Delete existing NimbusPolicy) | 0 | 1 | 0 | 0 |
+| 5 | [Verify NimbusPolicy recreation](#step-Verify NimbusPolicy recreation) | 0 | 1 | 0 | 0 |
 
-## Step: `Create a SecurityIntent`
+### Step: `Create a SecurityIntent`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Create a SecurityIntentBinding`
+### Step: `Create a SecurityIntentBinding`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Verity NimbusPolicy creation`
+### Step: `Verity NimbusPolicy creation`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
 
-## Step: `Delete existing NimbusPolicy`
+### Step: `Delete existing NimbusPolicy`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `delete` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `delete` | 0 | 0 | *No description* |
 
-## Step: `Verify NimbusPolicy recreation`
+### Step: `Verify NimbusPolicy recreation`
 
 *No description*
 
-### Try
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+---
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
diff --git a/tests/controllers/nimbuspolicy/update/README.md b/tests/controllers/nimbuspolicy/update/README.md
index a7341ff3..b4618d41 100644
--- a/tests/controllers/nimbuspolicy/update/README.md
+++ b/tests/controllers/nimbuspolicy/update/README.md
@@ -3,62 +3,65 @@
 This test validates that direct updates to a NimbusPolicy resource are ignored, to maintain consistency and  prevent unintended modifications.
 
 
-### Steps
+## Steps
 
-| # | Name | Try | Catch | Finally |
-|:-:|---|:-:|:-:|:-:|
-| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 1 | 0 | 0 |
-| 2 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 1 | 0 | 0 |
-| 3 | [Verity NimbusPolicy creation](#step-Verity NimbusPolicy creation) | 1 | 0 | 0 |
-| 4 | [Update existing NimbusPolicy](#step-Update existing NimbusPolicy) | 1 | 0 | 0 |
-| 5 | [Verify discarding of changes to NimbusPolicy](#step-Verify discarding of changes to NimbusPolicy) | 1 | 0 | 0 |
+| # | Name | Bindings | Try | Catch | Finally |
+|:-:|---|:-:|:-:|:-:|:-:|
+| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 0 | 1 | 0 | 0 |
+| 2 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 3 | [Verity NimbusPolicy creation](#step-Verity NimbusPolicy creation) | 0 | 1 | 0 | 0 |
+| 4 | [Update existing NimbusPolicy](#step-Update existing NimbusPolicy) | 0 | 1 | 0 | 0 |
+| 5 | [Verify discarding of changes to NimbusPolicy](#step-Verify discarding of changes to NimbusPolicy) | 0 | 1 | 0 | 0 |
 
-## Step: `Create a SecurityIntent`
+### Step: `Create a SecurityIntent`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Create a SecurityIntentBinding`
+### Step: `Create a SecurityIntentBinding`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Verity NimbusPolicy creation`
+### Step: `Verity NimbusPolicy creation`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
 
-## Step: `Update existing NimbusPolicy`
+### Step: `Update existing NimbusPolicy`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Verify discarding of changes to NimbusPolicy`
+### Step: `Verify discarding of changes to NimbusPolicy`
 
 *No description*
 
-### Try
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+---
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
diff --git a/tests/controllers/securityintent/README.md b/tests/controllers/securityintent/README.md
index cfbeb4b4..6234ccde 100644
--- a/tests/controllers/securityintent/README.md
+++ b/tests/controllers/securityintent/README.md
@@ -3,29 +3,32 @@
 This test validates that the created SecurityIntent status subresource contains the ID and action  fields with the corresponding intent values.
 
 
-### Steps
+## Steps
 
-| # | Name | Try | Catch | Finally |
-|:-:|---|:-:|:-:|:-:|
-| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 1 | 0 | 0 |
-| 2 | [Verify status of created SecurityIntent](#step-Verify status of created SecurityIntent) | 1 | 0 | 0 |
+| # | Name | Bindings | Try | Catch | Finally |
+|:-:|---|:-:|:-:|:-:|:-:|
+| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 0 | 1 | 0 | 0 |
+| 2 | [Verify status of created SecurityIntent](#step-Verify status of created SecurityIntent) | 0 | 1 | 0 | 0 |
 
-## Step: `Create a SecurityIntent`
+### Step: `Create a SecurityIntent`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Verify status of created SecurityIntent`
+### Step: `Verify status of created SecurityIntent`
 
 *No description*
 
-### Try
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+---
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
diff --git a/tests/controllers/securityintentbinding/create/README.md b/tests/controllers/securityintentbinding/create/README.md
index 054b5c43..34bcf274 100644
--- a/tests/controllers/securityintentbinding/create/README.md
+++ b/tests/controllers/securityintentbinding/create/README.md
@@ -3,63 +3,66 @@
 This test validates the automated creation of a NimbusPolicy resource when a corresponding SecurityIntent  and SecurityIntentBinding are created.
 
 
-### Steps
+## Steps
 
-| # | Name | Try | Catch | Finally |
-|:-:|---|:-:|:-:|:-:|
-| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 1 | 0 | 0 |
-| 2 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 1 | 0 | 0 |
-| 3 | [Verity NimbusPolicy creation](#step-Verity NimbusPolicy creation) | 1 | 0 | 0 |
-| 4 | [Verify status of created SecurityIntentBinding](#step-Verify status of created SecurityIntentBinding) | 1 | 0 | 0 |
-| 5 | [Verify status of created NimbusPolicy](#step-Verify status of created NimbusPolicy) | 1 | 0 | 0 |
+| # | Name | Bindings | Try | Catch | Finally |
+|:-:|---|:-:|:-:|:-:|:-:|
+| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 0 | 1 | 0 | 0 |
+| 2 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 3 | [Verity NimbusPolicy creation](#step-Verity NimbusPolicy creation) | 0 | 1 | 0 | 0 |
+| 4 | [Verify status of created SecurityIntentBinding](#step-Verify status of created SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 5 | [Verify status of created NimbusPolicy](#step-Verify status of created NimbusPolicy) | 0 | 1 | 0 | 0 |
 
-## Step: `Create a SecurityIntent`
+### Step: `Create a SecurityIntent`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Create a SecurityIntentBinding`
+### Step: `Create a SecurityIntentBinding`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Verity NimbusPolicy creation`
+### Step: `Verity NimbusPolicy creation`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
 
-## Step: `Verify status of created SecurityIntentBinding`
+### Step: `Verify status of created SecurityIntentBinding`
 
 Verify the created SecurityIntentBinding status subresource includes the number and names of bound intents,  along with the generated NimbusPolicy name.
 
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
 
-## Step: `Verify status of created NimbusPolicy`
+### Step: `Verify status of created NimbusPolicy`
 
 *No description*
 
-### Try
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+---
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
diff --git a/tests/controllers/securityintentbinding/delete/README.md b/tests/controllers/securityintentbinding/delete/README.md
index 549e4de6..9b589cd6 100644
--- a/tests/controllers/securityintentbinding/delete/README.md
+++ b/tests/controllers/securityintentbinding/delete/README.md
@@ -3,51 +3,54 @@
 This test validates the expected behavior of NimbusPolicy deletion upon the removal of a corresponding SecurityIntentBinding resource.
 
 
-### Steps
+## Steps
 
-| # | Name | Try | Catch | Finally |
-|:-:|---|:-:|:-:|:-:|
-| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 1 | 0 | 0 |
-| 2 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 1 | 0 | 0 |
-| 3 | [Delete existing SecurityIntentBinding](#step-Delete existing SecurityIntentBinding) | 1 | 0 | 0 |
-| 4 | [Verify the NimbusPolicy deletion](#step-Verify the NimbusPolicy deletion) | 1 | 0 | 0 |
+| # | Name | Bindings | Try | Catch | Finally |
+|:-:|---|:-:|:-:|:-:|:-:|
+| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 0 | 1 | 0 | 0 |
+| 2 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 3 | [Delete existing SecurityIntentBinding](#step-Delete existing SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 4 | [Verify the NimbusPolicy deletion](#step-Verify the NimbusPolicy deletion) | 0 | 1 | 0 | 0 |
 
-## Step: `Create a SecurityIntent`
+### Step: `Create a SecurityIntent`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Create a SecurityIntentBinding`
+### Step: `Create a SecurityIntentBinding`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Delete existing SecurityIntentBinding`
+### Step: `Delete existing SecurityIntentBinding`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `delete` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `delete` | 0 | 0 | *No description* |
 
-## Step: `Verify the NimbusPolicy deletion`
+### Step: `Verify the NimbusPolicy deletion`
 
 *No description*
 
-### Try
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `script` | 0 | 0 | *No description* |
+
+---
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `script` | *No description* |
diff --git a/tests/controllers/securityintentbinding/update/README.md b/tests/controllers/securityintentbinding/update/README.md
index 32fd9790..584cc692 100644
--- a/tests/controllers/securityintentbinding/update/README.md
+++ b/tests/controllers/securityintentbinding/update/README.md
@@ -2,51 +2,54 @@
 
 This test validates the propagation of changes from a SecurityIntentBinding to the corresponding NimbusPolicy.
 
-### Steps
+## Steps
 
-| # | Name | Try | Catch | Finally |
-|:-:|---|:-:|:-:|:-:|
-| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 1 | 0 | 0 |
-| 2 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 1 | 0 | 0 |
-| 3 | [Update existing SecurityIntentBinding](#step-Update existing SecurityIntentBinding) | 1 | 0 | 0 |
-| 4 | [Verify the NimbusPolicy update](#step-Verify the NimbusPolicy update) | 1 | 0 | 0 |
+| # | Name | Bindings | Try | Catch | Finally |
+|:-:|---|:-:|:-:|:-:|:-:|
+| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 0 | 1 | 0 | 0 |
+| 2 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 3 | [Update existing SecurityIntentBinding](#step-Update existing SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 4 | [Verify the NimbusPolicy update](#step-Verify the NimbusPolicy update) | 0 | 1 | 0 | 0 |
 
-## Step: `Create a SecurityIntent`
+### Step: `Create a SecurityIntent`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Create a SecurityIntentBinding`
+### Step: `Create a SecurityIntentBinding`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Update existing SecurityIntentBinding`
+### Step: `Update existing SecurityIntentBinding`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Verify the NimbusPolicy update`
+### Step: `Verify the NimbusPolicy update`
 
 *No description*
 
-### Try
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+---
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
diff --git a/tests/controllers/sis-and-sibs/create/README.md b/tests/controllers/sis-and-sibs/create/README.md
index a4315f51..a1754fd2 100644
--- a/tests/controllers/sis-and-sibs/create/README.md
+++ b/tests/controllers/sis-and-sibs/create/README.md
@@ -3,74 +3,77 @@
 This test verifies the independent creation of SecurityIntent and SecurityIntentBinding custom resources. It ensures users can create these custom resources individually without requiring one to exist beforehand.
 
 
-### Steps
+## Steps
 
-| # | Name | Try | Catch | Finally |
-|:-:|---|:-:|:-:|:-:|
-| 1 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 1 | 0 | 0 |
-| 2 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 1 | 0 | 0 |
-| 3 | [Verity NimbusPolicy creation](#step-Verity NimbusPolicy creation) | 1 | 0 | 0 |
-| 4 | [Verify status of created SecurityIntentBinding](#step-Verify status of created SecurityIntentBinding) | 1 | 0 | 0 |
-| 5 | [Verify status of created SecurityIntent](#step-Verify status of created SecurityIntent) | 1 | 0 | 0 |
-| 6 | [Verify status of created NimbusPolicy](#step-Verify status of created NimbusPolicy) | 1 | 0 | 0 |
+| # | Name | Bindings | Try | Catch | Finally |
+|:-:|---|:-:|:-:|:-:|:-:|
+| 1 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 2 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 0 | 1 | 0 | 0 |
+| 3 | [Verity NimbusPolicy creation](#step-Verity NimbusPolicy creation) | 0 | 1 | 0 | 0 |
+| 4 | [Verify status of created SecurityIntentBinding](#step-Verify status of created SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 5 | [Verify status of created SecurityIntent](#step-Verify status of created SecurityIntent) | 0 | 1 | 0 | 0 |
+| 6 | [Verify status of created NimbusPolicy](#step-Verify status of created NimbusPolicy) | 0 | 1 | 0 | 0 |
 
-## Step: `Create a SecurityIntentBinding`
+### Step: `Create a SecurityIntentBinding`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Create a SecurityIntent`
+### Step: `Create a SecurityIntent`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Verity NimbusPolicy creation`
+### Step: `Verity NimbusPolicy creation`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
 
-## Step: `Verify status of created SecurityIntentBinding`
+### Step: `Verify status of created SecurityIntentBinding`
 
 Verify the created SecurityIntentBinding status subresource includes the number and names of bound intents,  along with the generated NimbusPolicy name.
 
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
 
-## Step: `Verify status of created SecurityIntent`
+### Step: `Verify status of created SecurityIntent`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
 
-## Step: `Verify status of created NimbusPolicy`
+### Step: `Verify status of created NimbusPolicy`
 
 *No description*
 
-### Try
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+---
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
diff --git a/tests/controllers/sis-and-sibs/delete/README.md b/tests/controllers/sis-and-sibs/delete/README.md
index 99a45920..6d6e86ca 100644
--- a/tests/controllers/sis-and-sibs/delete/README.md
+++ b/tests/controllers/sis-and-sibs/delete/README.md
@@ -3,74 +3,77 @@
 This test verifies that when a SecurityIntent is the only one referenced by a SecurityIntentBinding, and that  SecurityIntent is deleted, the corresponding NimbusPolicy is also automatically deleted.
 
 
-### Steps
+## Steps
 
-| # | Name | Try | Catch | Finally |
-|:-:|---|:-:|:-:|:-:|
-| 1 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 1 | 0 | 0 |
-| 2 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 1 | 0 | 0 |
-| 3 | [Verify NimbusPolicy creation](#step-Verify NimbusPolicy creation) | 1 | 0 | 0 |
-| 4 | [Delete previously created SecurityIntent](#step-Delete previously created SecurityIntent) | 1 | 0 | 0 |
-| 5 | [Verify the NimbusPolicy deletion](#step-Verify the NimbusPolicy deletion) | 1 | 0 | 0 |
-| 6 | [Verify status of SecurityIntentBinding](#step-Verify status of SecurityIntentBinding) | 1 | 0 | 0 |
+| # | Name | Bindings | Try | Catch | Finally |
+|:-:|---|:-:|:-:|:-:|:-:|
+| 1 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 2 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 0 | 1 | 0 | 0 |
+| 3 | [Verify NimbusPolicy creation](#step-Verify NimbusPolicy creation) | 0 | 1 | 0 | 0 |
+| 4 | [Delete previously created SecurityIntent](#step-Delete previously created SecurityIntent) | 0 | 1 | 0 | 0 |
+| 5 | [Verify the NimbusPolicy deletion](#step-Verify the NimbusPolicy deletion) | 0 | 1 | 0 | 0 |
+| 6 | [Verify status of SecurityIntentBinding](#step-Verify status of SecurityIntentBinding) | 0 | 1 | 0 | 0 |
 
-## Step: `Create a SecurityIntentBinding`
+### Step: `Create a SecurityIntentBinding`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Create a SecurityIntent`
+### Step: `Create a SecurityIntent`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Verify NimbusPolicy creation`
+### Step: `Verify NimbusPolicy creation`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
 
-## Step: `Delete previously created SecurityIntent`
+### Step: `Delete previously created SecurityIntent`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `delete` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `delete` | 0 | 0 | *No description* |
 
-## Step: `Verify the NimbusPolicy deletion`
+### Step: `Verify the NimbusPolicy deletion`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `script` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `script` | 0 | 0 | *No description* |
 
-## Step: `Verify status of SecurityIntentBinding`
+### Step: `Verify status of SecurityIntentBinding`
 
 This verifies that upon deletion of a NimbusPolicy, the corresponding SecurityIntentBinding's status subresource is updated to reflect the current information.
 
 
-### Try
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+---
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
diff --git a/tests/controllers/sis-and-sibs/update/README.md b/tests/controllers/sis-and-sibs/update/README.md
index c6959bc3..39fd926b 100644
--- a/tests/controllers/sis-and-sibs/update/README.md
+++ b/tests/controllers/sis-and-sibs/update/README.md
@@ -3,96 +3,99 @@
 This test verifies that modifying a SecurityIntent triggers the desired updates in corresponding SecurityIntentBinding's  status subresource and related NimbusPolicy.
 
 
-### Steps
+## Steps
 
-| # | Name | Try | Catch | Finally |
-|:-:|---|:-:|:-:|:-:|
-| 1 | [Create a SecurityIntentBinding for multiple SecurityIntents](#step-Create a SecurityIntentBinding for multiple SecurityIntents) | 1 | 0 | 0 |
-| 2 | [Create multiple SecurityIntents](#step-Create multiple SecurityIntents) | 1 | 0 | 0 |
-| 3 | [Verity NimbusPolicy creation](#step-Verity NimbusPolicy creation) | 1 | 0 | 0 |
-| 4 | [Update one SecurityIntent](#step-Update one SecurityIntent) | 1 | 0 | 0 |
-| 5 | [Verify NimbusPolicy update](#step-Verify NimbusPolicy update) | 1 | 0 | 0 |
-| 6 | [Update SecurityIntentBinding to remove one SecurityIntent](#step-Update SecurityIntentBinding to remove one SecurityIntent) | 1 | 0 | 0 |
-| 7 | [Verify the NimbusPolicy update after removal of SecurityIntent](#step-Verify the NimbusPolicy update after removal of SecurityIntent) | 1 | 0 | 0 |
-| 8 | [Verify status of SecurityIntentBinding after update](#step-Verify status of SecurityIntentBinding after update) | 1 | 0 | 0 |
+| # | Name | Bindings | Try | Catch | Finally |
+|:-:|---|:-:|:-:|:-:|:-:|
+| 1 | [Create a SecurityIntentBinding for multiple SecurityIntents](#step-Create a SecurityIntentBinding for multiple SecurityIntents) | 0 | 1 | 0 | 0 |
+| 2 | [Create multiple SecurityIntents](#step-Create multiple SecurityIntents) | 0 | 1 | 0 | 0 |
+| 3 | [Verity NimbusPolicy creation](#step-Verity NimbusPolicy creation) | 0 | 1 | 0 | 0 |
+| 4 | [Update one SecurityIntent](#step-Update one SecurityIntent) | 0 | 1 | 0 | 0 |
+| 5 | [Verify NimbusPolicy update](#step-Verify NimbusPolicy update) | 0 | 1 | 0 | 0 |
+| 6 | [Update SecurityIntentBinding to remove one SecurityIntent](#step-Update SecurityIntentBinding to remove one SecurityIntent) | 0 | 1 | 0 | 0 |
+| 7 | [Verify the NimbusPolicy update after removal of SecurityIntent](#step-Verify the NimbusPolicy update after removal of SecurityIntent) | 0 | 1 | 0 | 0 |
+| 8 | [Verify status of SecurityIntentBinding after update](#step-Verify status of SecurityIntentBinding after update) | 0 | 1 | 0 | 0 |
 
-## Step: `Create a SecurityIntentBinding for multiple SecurityIntents`
+### Step: `Create a SecurityIntentBinding for multiple SecurityIntents`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Create multiple SecurityIntents`
+### Step: `Create multiple SecurityIntents`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Verity NimbusPolicy creation`
+### Step: `Verity NimbusPolicy creation`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
 
-## Step: `Update one SecurityIntent`
+### Step: `Update one SecurityIntent`
 
 Update the action of one of the previously created SecurityIntents
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Verify NimbusPolicy update`
+### Step: `Verify NimbusPolicy update`
 
 Verify the update of rule.action for corresponding SecurityIntent update
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
 
-## Step: `Update SecurityIntentBinding to remove one SecurityIntent`
+### Step: `Update SecurityIntentBinding to remove one SecurityIntent`
 
 Remove one of the previously created SecurityIntents from the SecurityIntentBinding
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `apply` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
 
-## Step: `Verify the NimbusPolicy update after removal of SecurityIntent`
+### Step: `Verify the NimbusPolicy update after removal of SecurityIntent`
 
 *No description*
 
-### Try
+#### Try
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
 
-## Step: `Verify status of SecurityIntentBinding after update`
+### Step: `Verify status of SecurityIntentBinding after update`
 
 This verifies that upon deletion of a NimbusPolicy, the corresponding SecurityIntentBinding's status subresource is updated to reflect the current information.
 
 
-### Try
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+---
 
-| # | Operation | Description |
-|:-:|---|---|
-| 1 | `assert` | *No description* |
diff --git a/tests/e2e/escape-to-host/create/README.md b/tests/e2e/escape-to-host/create/README.md
new file mode 100644
index 00000000..9c5f0e1c
--- /dev/null
+++ b/tests/e2e/escape-to-host/create/README.md
@@ -0,0 +1,90 @@
+# Test: `kyverno-adapter-policy-creation`
+
+This test validates that creating a `escapeToHost` SecurityIntent with SecurityIntentBinding generates the expected Kyverno Policy.
+
+
+## Steps
+
+| # | Name | Bindings | Try | Catch | Finally |
+|:-:|---|:-:|:-:|:-:|:-:|
+| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 0 | 1 | 0 | 0 |
+| 2 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 3 | [Verify NimbusPolicy creation](#step-Verify NimbusPolicy creation) | 0 | 1 | 0 | 0 |
+| 4 | [Verify KyvernoPolicy creation](#step-Verify KyvernoPolicy creation) | 0 | 1 | 0 | 0 |
+| 5 | [Verify status of created SecurityIntentBinding](#step-Verify status of created SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 6 | [Verify status of created NimbusPolicy](#step-Verify status of created NimbusPolicy) | 0 | 1 | 0 | 0 |
+| 7 | [Verify that the corresponding NimbusPolicy status has been updated with the generated Kyverno Policy](#step-Verify that the corresponding NimbusPolicy status has been updated with the generated Kyverno Policy) | 0 | 1 | 0 | 0 |
+
+### Step: `Create a SecurityIntent`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
+
+### Step: `Create a SecurityIntentBinding`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
+
+### Step: `Verify NimbusPolicy creation`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+### Step: `Verify KyvernoPolicy creation`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+### Step: `Verify status of created SecurityIntentBinding`
+
+Verify the created SecurityIntentBinding status subresource includes the number and names of bound intents,  along with the generated NimbusPolicy name.
+
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+### Step: `Verify status of created NimbusPolicy`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+### Step: `Verify that the corresponding NimbusPolicy status has been updated with the generated Kyverno Policy`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `script` | 0 | 0 | *No description* |
+
+---
+
diff --git a/tests/e2e/escape-to-host/create/chainsaw-test.yaml b/tests/e2e/escape-to-host/create/chainsaw-test.yaml
new file mode 100644
index 00000000..0f337001
--- /dev/null
+++ b/tests/e2e/escape-to-host/create/chainsaw-test.yaml
@@ -0,0 +1,52 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: chainsaw.kyverno.io/v1alpha1
+kind: Test
+metadata:
+  name: kyverno-adapter-policy-creation
+spec:
+  description: >
+   This test validates that creating a `escapeToHost` SecurityIntent with SecurityIntentBinding generates the expected Kyverno Policy.
+  steps:
+    - name: "Create a SecurityIntent"
+      try:
+        - apply:
+            file: ../../resources/namespaced/escape-to-host-si.yaml
+
+    - name: "Create a SecurityIntentBinding"
+      try:
+        - apply:
+            file: ../../resources/namespaced/escape-to-host-sib.yaml
+
+    - name: "Verify NimbusPolicy creation"
+      try:
+        - assert:
+            file: ../nimbus-policy-assert.yaml
+
+    - name: "Verify KyvernoPolicy creation"
+      try:
+        - assert:
+            file: ../kyverno-policy.yaml
+    
+    - name: "Verify status of created SecurityIntentBinding"
+      description: >
+        Verify the created SecurityIntentBinding status subresource includes the number and names of bound intents, 
+        along with the generated NimbusPolicy name.
+      try:
+        - assert:
+            file: ../sib-status-assert.yaml
+
+    - name: "Verify status of created NimbusPolicy"
+      try:
+        - assert:
+            file: ../np-status-assert.yaml
+
+    - name: "Verify that the corresponding NimbusPolicy status has been updated with the generated Kyverno Policy"
+      try:
+      - script:
+          content: kubectl get np -n $NAMESPACE escape-to-host-binding -o=jsonpath='{.status.adapterPolicies}'
+          check: 
+            (contains($stdout, 'KyvernoPolicy/escape-to-host-binding-escapetohost')): true
+    
+    
diff --git a/tests/e2e/escape-to-host/delete/README.md b/tests/e2e/escape-to-host/delete/README.md
new file mode 100644
index 00000000..e967db64
--- /dev/null
+++ b/tests/e2e/escape-to-host/delete/README.md
@@ -0,0 +1,78 @@
+# Test: `kyverno-adapter-policy-deletion`
+
+This test validates if the adapters re-create their manually deleted generated policies.
+
+
+## Steps
+
+| # | Name | Bindings | Try | Catch | Finally |
+|:-:|---|:-:|:-:|:-:|:-:|
+| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 0 | 1 | 0 | 0 |
+| 2 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 3 | [Verify NimbusPolicy creation](#step-Verify NimbusPolicy creation) | 0 | 1 | 0 | 0 |
+| 4 | [Verify KyvernoPolicy creation](#step-Verify KyvernoPolicy creation) | 0 | 1 | 0 | 0 |
+| 5 | [Delete existing KyvernoPolicy](#step-Delete existing KyvernoPolicy) | 0 | 1 | 0 | 0 |
+| 6 | [Verify KyvernoPolicy recreation](#step-Verify KyvernoPolicy recreation) | 0 | 1 | 0 | 0 |
+
+### Step: `Create a SecurityIntent`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
+
+### Step: `Create a SecurityIntentBinding`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
+
+### Step: `Verify NimbusPolicy creation`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+### Step: `Verify KyvernoPolicy creation`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+### Step: `Delete existing KyvernoPolicy`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `delete` | 0 | 0 | *No description* |
+
+### Step: `Verify KyvernoPolicy recreation`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+---
+
diff --git a/tests/e2e/escape-to-host/delete/chainsaw-test.yaml b/tests/e2e/escape-to-host/delete/chainsaw-test.yaml
new file mode 100644
index 00000000..bfefa704
--- /dev/null
+++ b/tests/e2e/escape-to-host/delete/chainsaw-test.yaml
@@ -0,0 +1,52 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: chainsaw.kyverno.io/v1alpha1
+kind: Test
+metadata:
+  name: kyverno-adapter-policy-deletion
+spec:
+  description: >
+    This test validates if the adapters re-create their manually deleted generated policies.
+  steps:
+    - name: "Create a SecurityIntent"
+      try:
+        - apply:
+            file: ../../resources/namespaced/escape-to-host-si.yaml
+
+    - name: "Create a SecurityIntentBinding"
+      try:
+        - apply:
+            file: ../../resources/namespaced/escape-to-host-sib.yaml
+
+    - name: "Verify NimbusPolicy creation"
+      try:
+        - assert:
+            file: ../nimbus-policy-assert.yaml
+
+    - name: "Verify KyvernoPolicy creation"
+      try:
+        - assert:
+            file: ../kyverno-policy.yaml
+
+    - name: "Delete existing KyvernoPolicy"
+      try:
+        - delete:
+            ref:
+              apiVersion: kyverno.io/v1
+              kind: Policy
+              name: escape-to-host-binding-escapetohost
+            expect:
+              - match:
+                  apiVersion: kyverno.io/v1
+                  kind: Policy
+                  name: escape-to-host-binding-escapetohost
+                check:
+                  ($error != null): true
+
+    - name: "Verify KyvernoPolicy recreation"
+      try:
+        - assert:
+            file: ../kyverno-policy.yaml
+
+
diff --git a/tests/e2e/escape-to-host/kyverno-policy.yaml b/tests/e2e/escape-to-host/kyverno-policy.yaml
new file mode 100644
index 00000000..531981ff
--- /dev/null
+++ b/tests/e2e/escape-to-host/kyverno-policy.yaml
@@ -0,0 +1,40 @@
+apiVersion: kyverno.io/v1
+kind: Policy
+metadata:
+  annotations:
+    app.kubernetes.io/managed-by: nimbus-kyverno
+    policies.kyverno.io/description: A attacker can breach container boundaries
+      and can gain access to the host machine
+  name: escape-to-host-binding-escapetohost
+  ownerReferences:
+    - apiVersion: intent.security.nimbus.com/v1
+      blockOwnerDeletion: true
+      controller: true
+      kind: NimbusPolicy
+      name: escape-to-host-binding
+spec:
+  admission: true
+  background: true
+  rules:
+  - exclude:
+      resources: {}
+    generate:
+      clone: {}
+      cloneList: {}
+    match:
+      any:
+      - resources:
+          kinds:
+          - v1/Pod
+          selector:
+            matchLabels:
+              app: nginx
+      resources: {}
+    mutate: {}
+    name: restricted
+    skipBackgroundRequests: true
+    validate:
+      podSecurity:
+        level: baseline
+        version: latest
+  validationFailureAction: Enforce
\ No newline at end of file
diff --git a/tests/e2e/escape-to-host/nimbus-policy-assert.yaml b/tests/e2e/escape-to-host/nimbus-policy-assert.yaml
new file mode 100644
index 00000000..8becbc0a
--- /dev/null
+++ b/tests/e2e/escape-to-host/nimbus-policy-assert.yaml
@@ -0,0 +1,28 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: intent.security.nimbus.com/v1
+kind: NimbusPolicy
+metadata:
+  name: escape-to-host-binding
+  ownerReferences:
+    - apiVersion: intent.security.nimbus.com/v1
+      blockOwnerDeletion: true
+      controller: true
+      kind: SecurityIntentBinding
+      name: escape-to-host-binding
+spec:
+  rules:
+  - description: A attacker can breach container boundaries and can gain access
+      to the host machine
+    id: escapeToHost
+    rule:
+      action: Block
+  selector:
+    matchLabels:
+      app: nginx
+# status:
+#   adapterPolicies:
+#   - KyvernoPolicy/escape-to-host-binding-escapetohost
+#   numberOfAdapterPolicies: 1
+#   status: Created
\ No newline at end of file
diff --git a/tests/e2e/escape-to-host/np-status-assert.yaml b/tests/e2e/escape-to-host/np-status-assert.yaml
new file mode 100644
index 00000000..006f190e
--- /dev/null
+++ b/tests/e2e/escape-to-host/np-status-assert.yaml
@@ -0,0 +1,16 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: intent.security.nimbus.com/v1
+kind: NimbusPolicy
+metadata:
+  name: escape-to-host-binding
+  ownerReferences:
+    - apiVersion: intent.security.nimbus.com/v1
+      blockOwnerDeletion: true
+      controller: true
+      kind: SecurityIntentBinding
+      name: escape-to-host-binding
+status:
+  numberOfAdapterPolicies: 4
+  status: Created
diff --git a/tests/e2e/escape-to-host/sib-status-assert.yaml b/tests/e2e/escape-to-host/sib-status-assert.yaml
new file mode 100644
index 00000000..592f2c08
--- /dev/null
+++ b/tests/e2e/escape-to-host/sib-status-assert.yaml
@@ -0,0 +1,13 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: intent.security.nimbus.com/v1
+kind: SecurityIntentBinding
+metadata:
+  name: escape-to-host-binding
+status:
+  boundIntents:
+    - escape-to-host
+  nimbusPolicy: escape-to-host-binding
+  numberOfBoundIntents: 1
+  status: Created
\ No newline at end of file
diff --git a/tests/e2e/escape-to-host/update/README.md b/tests/e2e/escape-to-host/update/README.md
new file mode 100644
index 00000000..d3b6a5f8
--- /dev/null
+++ b/tests/e2e/escape-to-host/update/README.md
@@ -0,0 +1,78 @@
+# Test: `kyverno-adapter-policy-updation`
+
+This test validates that direct updates to the generated adapter's policies are discarded, to maintain consistency and prevent unintended modifications.
+
+
+## Steps
+
+| # | Name | Bindings | Try | Catch | Finally |
+|:-:|---|:-:|:-:|:-:|:-:|
+| 1 | [Create a SecurityIntent](#step-Create a SecurityIntent) | 0 | 1 | 0 | 0 |
+| 2 | [Create a SecurityIntentBinding](#step-Create a SecurityIntentBinding) | 0 | 1 | 0 | 0 |
+| 3 | [Verify NimbusPolicy creation](#step-Verify NimbusPolicy creation) | 0 | 1 | 0 | 0 |
+| 4 | [Verify KyvernoPolicy creation](#step-Verify KyvernoPolicy creation) | 0 | 1 | 0 | 0 |
+| 5 | [Update existing KyvernoPolicy](#step-Update existing KyvernoPolicy) | 0 | 1 | 0 | 0 |
+| 6 | [Verify discarding of the changes made in KyvernoPolicy](#step-Verify discarding of the changes made in KyvernoPolicy) | 0 | 1 | 0 | 0 |
+
+### Step: `Create a SecurityIntent`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
+
+### Step: `Create a SecurityIntentBinding`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
+
+### Step: `Verify NimbusPolicy creation`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+### Step: `Verify KyvernoPolicy creation`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+### Step: `Update existing KyvernoPolicy`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `apply` | 0 | 0 | *No description* |
+
+### Step: `Verify discarding of the changes made in KyvernoPolicy`
+
+*No description*
+
+#### Try
+
+| # | Operation | Bindings | Outputs | Description |
+|:-:|---|:-:|:-:|---|
+| 1 | `assert` | 0 | 0 | *No description* |
+
+---
+
diff --git a/tests/e2e/escape-to-host/update/chainsaw-test.yaml b/tests/e2e/escape-to-host/update/chainsaw-test.yaml
new file mode 100644
index 00000000..daf77253
--- /dev/null
+++ b/tests/e2e/escape-to-host/update/chainsaw-test.yaml
@@ -0,0 +1,42 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: chainsaw.kyverno.io/v1alpha1
+kind: Test
+metadata:
+  name: kyverno-adapter-policy-updation
+spec:
+  description: >
+    This test validates that direct updates to the generated adapter's policies are discarded, to maintain consistency and prevent unintended modifications.
+  steps:
+    - name: "Create a SecurityIntent"
+      try:
+        - apply:
+            file: ../../resources/namespaced/escape-to-host-si.yaml
+
+    - name: "Create a SecurityIntentBinding"
+      try:
+        - apply:
+            file: ../../resources/namespaced/escape-to-host-sib.yaml
+
+    - name: "Verify NimbusPolicy creation"
+      try:
+        - assert:
+            file: ../nimbus-policy-assert.yaml
+
+    - name: "Verify KyvernoPolicy creation"
+      try:
+        - assert:
+            file: ../kyverno-policy.yaml
+    
+
+    - name: "Update existing KyvernoPolicy"
+      try:
+        - apply:
+            file: ../updated-kyverno-policy.yaml
+
+    - name: "Verify discarding of the changes made in KyvernoPolicy"
+      try:
+        - assert:
+            file: ../kyverno-policy.yaml
+
diff --git a/tests/e2e/escape-to-host/updated-kyverno-policy.yaml b/tests/e2e/escape-to-host/updated-kyverno-policy.yaml
new file mode 100644
index 00000000..fd534dbf
--- /dev/null
+++ b/tests/e2e/escape-to-host/updated-kyverno-policy.yaml
@@ -0,0 +1,34 @@
+apiVersion: kyverno.io/v1
+kind: Policy
+metadata:
+  annotations:
+    app.kubernetes.io/managed-by: nimbus-kyverno
+    policies.kyverno.io/description: A attacker can breach container boundaries
+      and can gain access to the host machine
+  name: escape-to-host-binding-escapetohost
+spec:
+  admission: true
+  background: true
+  rules:
+  - exclude:
+      resources: {}
+    generate:
+      clone: {}
+      cloneList: {}
+    match:
+      any:
+      - resources:
+          kinds:
+          - v1/Pod
+          selector:
+            matchLabels:
+              env: prod
+      resources: {}
+    mutate: {}
+    name: restricted
+    skipBackgroundRequests: true
+    validate:
+      podSecurity:
+        level: baseline
+        version: latest
+  validationFailureAction: Enforce
\ No newline at end of file
diff --git a/tests/e2e/resources/namespaced/escape-to-host-si.yaml b/tests/e2e/resources/namespaced/escape-to-host-si.yaml
new file mode 100644
index 00000000..206da8e6
--- /dev/null
+++ b/tests/e2e/resources/namespaced/escape-to-host-si.yaml
@@ -0,0 +1,12 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: intent.security.nimbus.com/v1
+kind: SecurityIntent
+metadata:
+  name: escape-to-host
+spec:
+  intent:
+    id: escapeToHost
+    description: "A attacker can breach container boundaries and can gain access to the host machine"
+    action: Block
\ No newline at end of file
diff --git a/tests/e2e/resources/namespaced/escape-to-host-sib.yaml b/tests/e2e/resources/namespaced/escape-to-host-sib.yaml
new file mode 100644
index 00000000..231803c2
--- /dev/null
+++ b/tests/e2e/resources/namespaced/escape-to-host-sib.yaml
@@ -0,0 +1,17 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright 2023 Authors of Nimbus
+
+apiVersion: intent.security.nimbus.com/v1
+kind: SecurityIntentBinding
+metadata:
+  name: escape-to-host-binding
+spec:
+  intents:
+    - name: escape-to-host
+  selector:
+    any:
+      - resources:
+          kind: Pod
+          namespace: default
+          matchLabels:
+            app: nginx