Skip to content

Commit

Permalink
feat: Update storage class path in pv-without-encryption rule
Browse files Browse the repository at this point in the history
Signed-off-by: kooomix <[email protected]>
  • Loading branch information
kooomix committed Jun 3, 2024
1 parent 138fa85 commit 31eee67
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 2 deletions.
2 changes: 1 addition & 1 deletion rules/pv-without-encryption/raw.rego
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ deny[msga] {
"packagename": "armo_builtins",
"failedPaths": [],
"fixPaths": [{
"path": "pv.spec.storageClassName",
"path": "spec.storageClassName",
"value": "<your encrypted storage class>"
}],
"alertScore": 7,
Expand Down
27 changes: 26 additions & 1 deletion rules/pv-without-encryption/test/eks/expected.json
Original file line number Diff line number Diff line change
@@ -1 +1,26 @@
[{"alertMessage":"Volume 'pvc-0eeeeefe-5193-472c-a81e-104f3919130e' has is using a storage class that does not use encryption","failedPaths":[],"fixPaths":[{"path":"pv.spec.storageClassName","value":"\u003cyour encrypted storage class\u003e"}],"ruleStatus":"","packagename":"armo_builtins","alertScore":7,"alertObject":{"k8sApiObjects":[{"apiVersion":"v1","kind":"PersistentVolume","metadata":{"name":"pvc-0eeeeefe-5193-472c-a81e-104f3919130e"}}]}}]
[
{
"alertMessage": "Volume 'pvc-0eeeeefe-5193-472c-a81e-104f3919130e' has is using a storage class that does not use encryption",
"failedPaths": [],
"fixPaths": [
{
"path": "spec.storageClassName",
"value": "\u003cyour encrypted storage class\u003e"
}
],
"ruleStatus": "",
"packagename": "armo_builtins",
"alertScore": 7,
"alertObject": {
"k8sApiObjects": [
{
"apiVersion": "v1",
"kind": "PersistentVolume",
"metadata": {
"name": "pvc-0eeeeefe-5193-472c-a81e-104f3919130e"
}
}
]
}
}
]

0 comments on commit 31eee67

Please sign in to comment.