Varsha Varadarajan
|
d97a10d1b3
|
List command: Provide option to whitelist and blacklist groups for listing
|
2019-06-28 09:42:21 -04:00 |
Varsha Varadarajan
|
f146baf9e0
|
Merge pull request #30 from digitalocean/varsha/fix-golint-errors
Fix golint errors.
|
2019-06-28 08:38:26 -04:00 |
Varsha Varadarajan
|
f0618e9133
|
Fix golint errors.
|
2019-06-28 08:33:20 -04:00 |
Varsha Varadarajan
|
a9460b1dc7
|
Merge pull request #29 from digitalocean/awg/ci
Add basic CI checks using GH actions
|
2019-06-28 08:10:21 -04:00 |
Varsha Varadarajan
|
7b5f5c15d5
|
Merge pull request #26 from digitalocean/varsha/namespace-check-improvement
Improve default namespace check for secrets: Use upstream constant to exclude default secret sa token from check.
|
2019-06-28 08:05:21 -04:00 |
Varsha Varadarajan
|
6c972785b5
|
Use upstream constant for all namespaces.
|
2019-06-28 08:04:16 -04:00 |
Adam Wolfe Gordon
|
07a63a4a12
|
Add basic CI checks using GH actions
|
2019-06-27 16:47:19 -06:00 |
Varsha Varadarajan
|
975a255a50
|
Improve default namespace check for secrets: Use upstream constant to exclude default secret sa token from check.
|
2019-06-27 11:12:55 -04:00 |
Varsha Varadarajan
|
58006dbae0
|
Merge pull request #24 from digitalocean/varsha/unused-pv
Unused PV: Check if there are unused persistent volumes in the cluster.
|
2019-06-27 08:08:04 -04:00 |
Varsha Varadarajan
|
3384e0b25d
|
Use long names for k8s object constants
|
2019-06-27 08:07:35 -04:00 |
Varsha Varadarajan
|
ae35752083
|
Unused PV: Check if there are unused persistent volumes in the cluster.
|
2019-06-26 14:40:25 -04:00 |
Varsha Varadarajan
|
4c228b9a01
|
Merge pull request #23 from digitalocean/varsha/test-refactor
Change desc assertion in all tests, rename variables to conform to convention
|
2019-06-26 09:26:17 -04:00 |
Varsha Varadarajan
|
8bacdc73a0
|
Change desc assertion in all tests, rename variables to conform to convention
|
2019-06-26 09:25:07 -04:00 |
Varsha Varadarajan
|
8f324cf6d9
|
Merge pull request #22 from digitalocean/varsha/hostpath-pv
Hostpath check: Checks if there are pods which use hostpath volumes
|
2019-06-26 09:05:00 -04:00 |
Varsha Varadarajan
|
d5811380e1
|
Update checks.md to include hostpath volume check.
|
2019-06-26 09:04:41 -04:00 |
Varsha Varadarajan
|
85fdefe8b1
|
Show volume name in errors.
|
2019-06-26 08:43:06 -04:00 |
Varsha Varadarajan
|
28e57071f5
|
Hostpath check: Checks if there are pods which use hostpath volumes
|
2019-06-26 08:29:06 -04:00 |
Varsha Varadarajan
|
99121a2193
|
Merge pull request #19 from digitalocean/varsha/check-desc
Have checks.md to provide details about each check.
|
2019-06-26 08:28:33 -04:00 |
Varsha Varadarajan
|
cc400b2a24
|
Have checks.md to provide details about each check.
This is especially useful in documenting the reason behind some of the best practices we recommend.
|
2019-06-26 08:27:47 -04:00 |
Varsha Varadarajan
|
f0ca2af611
|
Merge pull request #17 from digitalocean/varsha/diagnostic-struct
Introduce diagnostic struct for structuring check outputs
|
2019-06-25 14:20:28 -04:00 |
Varsha Varadarajan
|
695765302e
|
Add level flag to filter output based on severity: error, warning, or suggestion
|
2019-06-25 14:19:41 -04:00 |
Varsha Varadarajan
|
171ba02f4e
|
Remove TypeMeta from Diagnostic.
* The k8s API does not set TypeMeta on objects when the list API is used
|
2019-06-25 14:19:20 -04:00 |
Varsha Varadarajan
|
4be81f8fca
|
Add cli flag for output format
* Displays json if flag is provided, else display human readable string.
|
2019-06-25 14:19:20 -04:00 |
Varsha Varadarajan
|
65ba22e8d8
|
Use owner references to indicate the objects that refer to the problematic object.
* Change output format to json
|
2019-06-25 14:19:20 -04:00 |
Varsha Varadarajan
|
0320c5633a
|
Introduce Diagnostic struct to store check output
|
2019-06-25 09:42:27 -04:00 |
Varsha Varadarajan
|
257a14ed25
|
Merge pull request #20 from digitalocean/varsha/remove-quotas-and-limits
Remove quotas and limits from default-namespace check.
|
2019-06-25 08:37:02 -04:00 |
Varsha Varadarajan
|
19c60903e8
|
Remove quotas and limits from default-namespace check.
* It is perfectly reasonable to have resource quotas and limit ranges in the default namespace in order to avoid resource monopolization.
|
2019-06-24 11:51:32 -04:00 |
Varsha Varadarajan
|
1485fdb27a
|
Merge pull request #18 from digitalocean/varsha/readme
Update README.md
|
2019-06-24 09:51:42 -04:00 |
Varsha Varadarajan
|
d75ec23f00
|
Update README.md
|
2019-06-24 09:51:09 -04:00 |
Varsha Varadarajan
|
131a122193
|
Merge pull request #16 from digitalocean/varsha/refactor-latest-tag-check
Refactor latest-tag check to use docker distribution package.
|
2019-06-21 12:09:12 -04:00 |
Varsha Varadarajan
|
3e49be5d62
|
Refactor latest-tag check to use docker distribution package.
|
2019-06-21 12:08:30 -04:00 |
Varsha Varadarajan
|
787fc63030
|
Merge pull request #12 from digitalocean/varsha/pod-state
Pod state check: Checks the cluster for pods in unknown or failed state.
|
2019-06-20 15:32:15 -04:00 |
Varsha Varadarajan
|
500858d2d1
|
Change group for pod-state check to workload-health
|
2019-06-20 15:28:24 -04:00 |
Varsha Varadarajan
|
4a3e055e13
|
Pod state check: Checks the cluster for pods in unknown or failed state.
|
2019-06-20 15:14:44 -04:00 |
Varsha Varadarajan
|
b77cf1ea42
|
Merge pull request #15 from digitalocean/varsha/fully-qualified-image
Fully qualified image: Check if container uses fully qualified image names
|
2019-06-20 15:14:15 -04:00 |
Varsha Varadarajan
|
e8223d9204
|
Separate messages for malformed image and fully qualified image.
|
2019-06-20 15:13:43 -04:00 |
Varsha Varadarajan
|
d1469a006c
|
Fully qualified image: Check if container uses fully qualified image names
|
2019-06-20 10:17:56 -04:00 |
Varsha Varadarajan
|
b2768bdb56
|
Change assertion order in tests.
|
2019-06-19 19:19:09 -04:00 |
Varsha Varadarajan
|
049292bd67
|
Merge pull request #14 from digitalocean/varsha/privileged-containers
Privileged container check: Add warning if a privileged container container is found.
|
2019-06-19 19:14:53 -04:00 |
Varsha Varadarajan
|
2da3158afa
|
Privileged container check: Add warning if a privileged container container is found.
|
2019-06-19 08:41:46 -04:00 |
Varsha Varadarajan
|
716f6d8efd
|
Fix image names in test.
|
2019-06-18 17:00:17 -04:00 |
Varsha Varadarajan
|
159ca8317a
|
Rename latest_go_test to latest_tag_test
|
2019-06-18 16:20:00 -04:00 |
Varsha Varadarajan
|
e91923530c
|
Merge pull request #13 from digitalocean/varsha/add-tests
Add tests around metadata for each check
|
2019-06-18 14:07:47 -04:00 |
Varsha Varadarajan
|
283bf23c49
|
Add tests around metadata for each check
|
2019-06-18 14:06:58 -04:00 |
Varsha Varadarajan
|
3a3fc4f657
|
Merge pull request #11 from digitalocean/varsha/latest-tag
Latest tag check: Check if containers and initContainers in a pod use image with latest tag.
|
2019-06-18 11:55:39 -04:00 |
Varsha Varadarajan
|
e2ef830747
|
Latest tag check: Check if containers and initContainers in a pod use image with latest tag.
|
2019-06-18 11:54:23 -04:00 |
Varsha Varadarajan
|
ef42156f40
|
Merge pull request #9 from digitalocean/varsha/node-name
Add node name check: Checks for pods which use node name in the node selector.
|
2019-06-16 08:32:05 -04:00 |
Varsha Varadarajan
|
baa0bf739c
|
Add node name check: Checks for pods which use node name in the node selector.
|
2019-06-16 08:31:25 -04:00 |
Varsha Varadarajan
|
a8f09faa60
|
Merge pull request #10 from digitalocean/use-upstream-default-namespace-const
Use Kubernetes upstream constant for default namespace
|
2019-06-14 16:46:37 -04:00 |
Timo Reimann
|
880c78e9a5
|
Use Kubernetes upstream constant for default namespace
|
2019-06-14 22:41:21 +02:00 |