From c39c7684b036285d7a6efa0ec365eb0ff35e7903 Mon Sep 17 00:00:00 2001 From: myishay Date: Wed, 14 Apr 2021 16:02:12 +0300 Subject: [PATCH] fix: update fail YAML to fail all rules --- internal/fixtures/kube/fail-30.yaml | 229 ++++++++++++++-------------- 1 file changed, 118 insertions(+), 111 deletions(-) diff --git a/internal/fixtures/kube/fail-30.yaml b/internal/fixtures/kube/fail-30.yaml index 9d84760859..8e0fbad868 100644 --- a/internal/fixtures/kube/fail-30.yaml +++ b/internal/fixtures/kube/fail-30.yaml @@ -14,14 +14,15 @@ spec: - name: web image: nginx:latest securityContext: + privileged: true runAsUser: 2000 livenessProbe: httpGet: path: /health port: 8080 httpHeaders: - - name: Custom-Header - value: Awesome + - name: Custom-Header + value: Awesome readinessProbe: tcpSocket: port: 8080 @@ -40,109 +41,109 @@ spec: apiVersion: kubeadm.k8s.io/v1beta1 kind: Deployment metadata: - name: rss-site - namespace: default - labels: - owner: test@datree.io - app: web + name: rss-site + namespace: default + labels: + owner: test@datree.io + app: web spec: - replicas: 1 - selector: - matchLabels: - app: web - template: - metadata: - namespace: test - labels: - app: web - spec: - restartPolicy: Never - volumes: - - name: docker-sock - hostPath: - path: /var/run/docker.socket - containers: - - name: front-end - image: nginx@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2 - livenessProbe: - httpGet: - path: /healthz - port: 8080 - httpHeaders: - - name: Custom-Header - value: Awesome - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - requests: - cpu: "64Mi" - limits: - memory: "128Mi" - ports: - - containerPort: 80 - - name: rss-reader - image: nickchase/nginx@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2 - securityContext: - runAsUser: 100 - livenessProbe: - httpGet: - path: /healthz - port: 8080 - httpHeaders: - - name: Custom-Header - value: Awesome - readinessProbe: - tcpSocket: - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - requests: - memory: "64Mi" - cpu: "64Mi" - limits: - memory: "128Mi" - cpu: "500m" - ports: - - containerPort: 88 + replicas: 1 + selector: + matchLabels: + app: web + template: + metadata: + namespace: test + labels: + app: web + spec: + restartPolicy: Never + volumes: + - name: docker-sock + hostPath: + path: /var/run/docker.sock + containers: + - name: front-end + image: nginx@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + httpHeaders: + - name: Custom-Header + value: Awesome + readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + requests: + cpu: "64Mi" + limits: + memory: "128Mi" + ports: + - containerPort: 80 + - name: rss-reader + image: nickchase/nginx@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2 + securityContext: + runAsUser: 100 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + httpHeaders: + - name: Custom-Header + value: Awesome + readinessProbe: + tcpSocket: + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + requests: + memory: "64Mi" + cpu: "64Mi" + limits: + memory: "128Mi" + cpu: "500m" + ports: + - containerPort: 88 --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: ingress-wildcard-host - labels: - owner: test@datree.io - environment: prod + name: ingress-wildcard-host + labels: + owner: test@datree.io + environment: prod spec: - rules: - - host: "*" - http: - paths: - - pathType: Prefix - path: "/bar" - backend: - service: - name: service1 - port: - number: 80 + rules: + - host: "*" + http: + paths: + - pathType: Prefix + path: "/bar" + backend: + service: + name: service1 + port: + number: 80 --- apiVersion: v1 kind: Service metadata: - name: my-service - labels: - owner: test@datree.io + name: my-service + labels: + owner: test@datree.io spec: - type: NodePort - selector: - app: MyApp - ports: - - protocol: TCP - port: 80 - targetPort: 9376 + type: NodePort + selector: + app: MyApp + ports: + - protocol: TCP + port: 80 + targetPort: 9376 --- apiVersion: batch/v1beta1 kind: CronJob @@ -152,23 +153,23 @@ metadata: labels: owner: test@datree.io spec: - schedule: "/1 * * * *" + schedule: "1 * * *" jobTemplate: spec: template: spec: volumes: - - name: docker-sock - hostPath: - path: /var/run/docker + - name: docker-sock + hostPath: + path: /var/run/docker containers: - - name: hello - image: busybox - imagePullPolicy: IfNotPresent - command: - - /bin/sh - - -c - - date; echo Hello from the Kubernetes cluster + - name: hello + image: busybox + imagePullPolicy: IfNotPresent + command: + - /bin/sh + - -c + - date; echo Hello from the Kubernetes cluster restartPolicy: OnFailure --- apiVersion: autoscaling/v2beta2 @@ -181,9 +182,15 @@ spec: kind: Deployment name: php-apache metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 50 + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 50 +--- +apiVersion: rbac.authorization.k8s.io/v1alpha1 +kind: InitConfiguration +--- +apiVersion: apps/v1beta2 +kind: Deployment