mirror of
https://github.com/FairwindsOps/polaris.git
synced 2026-05-13 04:36:51 +00:00
messages -> results
This commit is contained in:
Robert Brennan
@@ -27,8 +27,8 @@ func ValidateContainer(conf *config.Configuration, basePod *corev1.PodSpec, cont
|
||||
}
|
||||
|
||||
cRes := ContainerResult{
|
||||
Name: container.Name,
|
||||
Messages: results,
|
||||
Name: container.Name,
|
||||
Results: results,
|
||||
}
|
||||
|
||||
return cRes
|
||||
|
||||
@@ -318,22 +318,22 @@ func TestValidateNetworking(t *testing.T) {
|
||||
}
|
||||
|
||||
var testCases = []struct {
|
||||
name string
|
||||
networkConf map[string]conf.Severity
|
||||
container *corev1.Container
|
||||
expectedMessages []ResultMessage
|
||||
name string
|
||||
networkConf map[string]conf.Severity
|
||||
container *corev1.Container
|
||||
expectedResults []ResultMessage
|
||||
}{
|
||||
{
|
||||
name: "empty ports + empty validation config",
|
||||
networkConf: emptyConf,
|
||||
container: emptyContainer,
|
||||
expectedMessages: []ResultMessage{},
|
||||
name: "empty ports + empty validation config",
|
||||
networkConf: emptyConf,
|
||||
container: emptyContainer,
|
||||
expectedResults: []ResultMessage{},
|
||||
},
|
||||
{
|
||||
name: "empty ports + standard validation config",
|
||||
networkConf: standardConf,
|
||||
container: emptyContainer,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "hostPortSet",
|
||||
Message: "Host port is not configured",
|
||||
Success: true,
|
||||
@@ -345,7 +345,7 @@ func TestValidateNetworking(t *testing.T) {
|
||||
name: "empty ports + strong validation config",
|
||||
networkConf: standardConf,
|
||||
container: emptyContainer,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "hostPortSet",
|
||||
Message: "Host port is not configured",
|
||||
Success: true,
|
||||
@@ -354,16 +354,16 @@ func TestValidateNetworking(t *testing.T) {
|
||||
}},
|
||||
},
|
||||
{
|
||||
name: "host ports + empty validation config",
|
||||
networkConf: emptyConf,
|
||||
container: badContainer,
|
||||
expectedMessages: []ResultMessage{},
|
||||
name: "host ports + empty validation config",
|
||||
networkConf: emptyConf,
|
||||
container: badContainer,
|
||||
expectedResults: []ResultMessage{},
|
||||
},
|
||||
{
|
||||
name: "host ports + standard validation config",
|
||||
networkConf: standardConf,
|
||||
container: badContainer,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "hostPortSet",
|
||||
Message: "Host port should not be configured",
|
||||
Success: false,
|
||||
@@ -375,7 +375,7 @@ func TestValidateNetworking(t *testing.T) {
|
||||
name: "no host ports + standard validation config",
|
||||
networkConf: standardConf,
|
||||
container: goodContainer,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "hostPortSet",
|
||||
Message: "Host port is not configured",
|
||||
Success: true,
|
||||
@@ -387,7 +387,7 @@ func TestValidateNetworking(t *testing.T) {
|
||||
name: "host ports + strong validation config",
|
||||
networkConf: strongConf,
|
||||
container: badContainer,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "hostPortSet",
|
||||
Message: "Host port should not be configured",
|
||||
Success: false,
|
||||
@@ -407,8 +407,8 @@ func TestValidateNetworking(t *testing.T) {
|
||||
for _, msg := range results {
|
||||
messages = append(messages, msg)
|
||||
}
|
||||
assert.Len(t, messages, len(tt.expectedMessages))
|
||||
assert.ElementsMatch(t, messages, tt.expectedMessages)
|
||||
assert.Len(t, messages, len(tt.expectedResults))
|
||||
assert.ElementsMatch(t, messages, tt.expectedResults)
|
||||
})
|
||||
}
|
||||
}
|
||||
@@ -498,25 +498,25 @@ func TestValidateSecurity(t *testing.T) {
|
||||
}
|
||||
|
||||
var testCases = []struct {
|
||||
name string
|
||||
securityConf map[string]conf.Severity
|
||||
container *corev1.Container
|
||||
pod *corev1.PodSpec
|
||||
expectedMessages []ResultMessage
|
||||
name string
|
||||
securityConf map[string]conf.Severity
|
||||
container *corev1.Container
|
||||
pod *corev1.PodSpec
|
||||
expectedResults []ResultMessage
|
||||
}{
|
||||
{
|
||||
name: "empty security context + empty validation config",
|
||||
securityConf: emptyConf,
|
||||
container: emptyContainer,
|
||||
pod: emptyPodSpec,
|
||||
expectedMessages: []ResultMessage{},
|
||||
name: "empty security context + empty validation config",
|
||||
securityConf: emptyConf,
|
||||
container: emptyContainer,
|
||||
pod: emptyPodSpec,
|
||||
expectedResults: []ResultMessage{},
|
||||
},
|
||||
{
|
||||
name: "empty security context + standard validation config",
|
||||
securityConf: standardConf,
|
||||
container: emptyContainer,
|
||||
pod: emptyPodSpec,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "runAsRootAllowed",
|
||||
Message: "Should not be allowed to run as root",
|
||||
Success: false,
|
||||
@@ -559,7 +559,7 @@ func TestValidateSecurity(t *testing.T) {
|
||||
securityConf: standardConf,
|
||||
container: badContainer,
|
||||
pod: emptyPodSpec,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "dangerousCapabilities",
|
||||
Message: "Container should not have dangerous capabilities",
|
||||
Success: false,
|
||||
@@ -602,7 +602,7 @@ func TestValidateSecurity(t *testing.T) {
|
||||
securityConf: standardConf,
|
||||
container: badContainer,
|
||||
pod: goodPodSpec,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "dangerousCapabilities",
|
||||
Message: "Container should not have dangerous capabilities",
|
||||
Success: false,
|
||||
@@ -645,7 +645,7 @@ func TestValidateSecurity(t *testing.T) {
|
||||
securityConf: standardConf,
|
||||
container: badContainer,
|
||||
pod: badPodSpec,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "dangerousCapabilities",
|
||||
Message: "Container should not have dangerous capabilities",
|
||||
Success: false,
|
||||
@@ -688,7 +688,7 @@ func TestValidateSecurity(t *testing.T) {
|
||||
securityConf: standardConf,
|
||||
container: goodContainer,
|
||||
pod: emptyPodSpec,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "runAsRootAllowed",
|
||||
Message: "Is not allowed to run as root",
|
||||
Success: true,
|
||||
@@ -731,7 +731,7 @@ func TestValidateSecurity(t *testing.T) {
|
||||
securityConf: strongConf,
|
||||
container: goodContainer,
|
||||
pod: emptyPodSpec,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "dangerousCapabilities",
|
||||
Message: "Container does not have any dangerous capabilities",
|
||||
Success: true,
|
||||
@@ -774,7 +774,7 @@ func TestValidateSecurity(t *testing.T) {
|
||||
securityConf: strongConf,
|
||||
container: strongContainer,
|
||||
pod: emptyPodSpec,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "runAsRootAllowed",
|
||||
Message: "Is not allowed to run as root",
|
||||
Success: true,
|
||||
@@ -817,7 +817,7 @@ func TestValidateSecurity(t *testing.T) {
|
||||
securityConf: strongConf,
|
||||
container: inheritContainer,
|
||||
pod: goodPodSpec,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "runAsRootAllowed",
|
||||
Message: "Is not allowed to run as root",
|
||||
Success: true,
|
||||
@@ -860,7 +860,7 @@ func TestValidateSecurity(t *testing.T) {
|
||||
securityConf: strongConf,
|
||||
container: strongContainer,
|
||||
pod: badPodSpec,
|
||||
expectedMessages: []ResultMessage{{
|
||||
expectedResults: []ResultMessage{{
|
||||
ID: "runAsRootAllowed",
|
||||
Message: "Is not allowed to run as root",
|
||||
Success: true,
|
||||
@@ -910,8 +910,8 @@ func TestValidateSecurity(t *testing.T) {
|
||||
for _, msg := range results {
|
||||
messages = append(messages, msg)
|
||||
}
|
||||
assert.Len(t, messages, len(tt.expectedMessages))
|
||||
assert.ElementsMatch(t, tt.expectedMessages, messages)
|
||||
assert.Len(t, messages, len(tt.expectedResults))
|
||||
assert.ElementsMatch(t, tt.expectedResults, messages)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
@@ -34,7 +34,7 @@ func ValidateController(conf *conf.Configuration, controller controller.Interfac
|
||||
Kind: controllerKind.String(),
|
||||
Name: controller.GetName(),
|
||||
Namespace: controller.GetObjectMeta().Namespace,
|
||||
Messages: ResultSet{},
|
||||
Results: ResultSet{},
|
||||
PodResult: podResult,
|
||||
}
|
||||
return result
|
||||
|
||||
@@ -41,7 +41,7 @@ func TestValidateController(t *testing.T) {
|
||||
Errors: uint(0),
|
||||
}
|
||||
|
||||
expectedMessages := ResultSet{
|
||||
expectedResults := ResultSet{
|
||||
"hostIPCSet": {ID: "hostIPCSet", Message: "Host IPC is not configured", Success: true, Severity: "error", Category: "Security"},
|
||||
"hostPIDSet": {ID: "hostPIDSet", Message: "Host PID is not configured", Success: true, Severity: "error", Category: "Security"},
|
||||
}
|
||||
@@ -51,7 +51,7 @@ func TestValidateController(t *testing.T) {
|
||||
assert.Equal(t, "Deployment", actualResult.Kind)
|
||||
assert.Equal(t, 1, len(actualResult.PodResult.ContainerResults), "should be equal")
|
||||
assert.EqualValues(t, expectedSum, actualResult.GetSummary())
|
||||
assert.EqualValues(t, expectedMessages, actualResult.PodResult.Messages)
|
||||
assert.EqualValues(t, expectedResults, actualResult.PodResult.Results)
|
||||
}
|
||||
|
||||
func TestSkipHealthChecks(t *testing.T) {
|
||||
@@ -77,7 +77,7 @@ func TestSkipHealthChecks(t *testing.T) {
|
||||
Warnings: uint(1),
|
||||
Errors: uint(1),
|
||||
}
|
||||
expectedMessages := ResultSet{
|
||||
expectedResults := ResultSet{
|
||||
"readinessProbeMissing": {ID: "readinessProbeMissing", Message: "Readiness probe should be configured", Success: false, Severity: "error", Category: "Health Checks"},
|
||||
"livenessProbeMissing": {ID: "livenessProbeMissing", Message: "Liveness probe should be configured", Success: false, Severity: "warning", Category: "Health Checks"},
|
||||
}
|
||||
@@ -85,8 +85,8 @@ func TestSkipHealthChecks(t *testing.T) {
|
||||
assert.Equal(t, "Deployment", actualResult.Kind)
|
||||
assert.Equal(t, 2, len(actualResult.PodResult.ContainerResults), "should be equal")
|
||||
assert.EqualValues(t, expectedSum, actualResult.GetSummary())
|
||||
assert.EqualValues(t, ResultSet{}, actualResult.PodResult.ContainerResults[0].Messages)
|
||||
assert.EqualValues(t, expectedMessages, actualResult.PodResult.ContainerResults[1].Messages)
|
||||
assert.EqualValues(t, ResultSet{}, actualResult.PodResult.ContainerResults[0].Results)
|
||||
assert.EqualValues(t, expectedResults, actualResult.PodResult.ContainerResults[1].Results)
|
||||
|
||||
job := controller.NewJobController(test.MockJob())
|
||||
expectedSum = CountSummary{
|
||||
@@ -94,12 +94,12 @@ func TestSkipHealthChecks(t *testing.T) {
|
||||
Warnings: uint(0),
|
||||
Errors: uint(0),
|
||||
}
|
||||
expectedMessages = ResultSet{}
|
||||
expectedResults = ResultSet{}
|
||||
actualResult = ValidateController(&c, job)
|
||||
assert.Equal(t, "Job", actualResult.Kind)
|
||||
assert.Equal(t, 1, len(actualResult.PodResult.ContainerResults), "should be equal")
|
||||
assert.EqualValues(t, expectedSum, actualResult.GetSummary())
|
||||
assert.EqualValues(t, expectedMessages, actualResult.PodResult.ContainerResults[0].Messages)
|
||||
assert.EqualValues(t, expectedResults, actualResult.PodResult.ContainerResults[0].Results)
|
||||
|
||||
cronjob := controller.NewCronJobController(test.MockCronJob())
|
||||
expectedSum = CountSummary{
|
||||
@@ -107,12 +107,12 @@ func TestSkipHealthChecks(t *testing.T) {
|
||||
Warnings: uint(0),
|
||||
Errors: uint(0),
|
||||
}
|
||||
expectedMessages = ResultSet{}
|
||||
expectedResults = ResultSet{}
|
||||
actualResult = ValidateController(&c, cronjob)
|
||||
assert.Equal(t, "CronJob", actualResult.Kind)
|
||||
assert.Equal(t, 1, len(actualResult.PodResult.ContainerResults), "should be equal")
|
||||
assert.EqualValues(t, expectedSum, actualResult.GetSummary())
|
||||
assert.EqualValues(t, expectedMessages, actualResult.PodResult.ContainerResults[0].Messages)
|
||||
assert.EqualValues(t, expectedResults, actualResult.PodResult.ContainerResults[0].Results)
|
||||
}
|
||||
|
||||
func TestControllerExemptions(t *testing.T) {
|
||||
|
||||
@@ -47,25 +47,25 @@ func TestGetTemplateData(t *testing.T) {
|
||||
|
||||
assert.Equal(t, "Deployment", actualAudit.Results[0].Kind)
|
||||
assert.Equal(t, 1, len(actualAudit.Results[0].PodResult.ContainerResults))
|
||||
assert.Equal(t, 2, len(actualAudit.Results[0].PodResult.ContainerResults[0].Messages))
|
||||
assert.Equal(t, 2, len(actualAudit.Results[0].PodResult.ContainerResults[0].Results))
|
||||
|
||||
assert.Equal(t, "StatefulSet", actualAudit.Results[1].Kind)
|
||||
assert.Equal(t, 1, len(actualAudit.Results[1].PodResult.ContainerResults))
|
||||
assert.Equal(t, 2, len(actualAudit.Results[1].PodResult.ContainerResults[0].Messages))
|
||||
assert.Equal(t, 2, len(actualAudit.Results[1].PodResult.ContainerResults[0].Results))
|
||||
|
||||
assert.Equal(t, "DaemonSet", actualAudit.Results[2].Kind)
|
||||
assert.Equal(t, 1, len(actualAudit.Results[2].PodResult.ContainerResults))
|
||||
assert.Equal(t, 2, len(actualAudit.Results[2].PodResult.ContainerResults[0].Messages))
|
||||
assert.Equal(t, 2, len(actualAudit.Results[2].PodResult.ContainerResults[0].Results))
|
||||
|
||||
assert.Equal(t, "Job", actualAudit.Results[3].Kind)
|
||||
assert.Equal(t, 1, len(actualAudit.Results[3].PodResult.ContainerResults))
|
||||
assert.Equal(t, 0, len(actualAudit.Results[3].PodResult.ContainerResults[0].Messages))
|
||||
assert.Equal(t, 0, len(actualAudit.Results[3].PodResult.ContainerResults[0].Results))
|
||||
|
||||
assert.Equal(t, "CronJob", actualAudit.Results[4].Kind)
|
||||
assert.Equal(t, 1, len(actualAudit.Results[4].PodResult.ContainerResults))
|
||||
assert.Equal(t, 0, len(actualAudit.Results[4].PodResult.ContainerResults[0].Messages))
|
||||
assert.Equal(t, 0, len(actualAudit.Results[4].PodResult.ContainerResults[0].Results))
|
||||
|
||||
assert.Equal(t, "ReplicationController", actualAudit.Results[5].Kind)
|
||||
assert.Equal(t, 1, len(actualAudit.Results[5].PodResult.ContainerResults))
|
||||
assert.Equal(t, 2, len(actualAudit.Results[5].PodResult.ContainerResults[0].Messages))
|
||||
assert.Equal(t, 2, len(actualAudit.Results[5].PodResult.ContainerResults[0].Results))
|
||||
}
|
||||
|
||||
@@ -65,21 +65,21 @@ type ControllerResult struct {
|
||||
Name string
|
||||
Namespace string
|
||||
Kind string
|
||||
Messages ResultSet
|
||||
Results ResultSet
|
||||
PodResult PodResult
|
||||
}
|
||||
|
||||
// PodResult provides a list of validation messages for each pod.
|
||||
type PodResult struct {
|
||||
Name string
|
||||
Messages ResultSet
|
||||
Results ResultSet
|
||||
ContainerResults []ContainerResult
|
||||
}
|
||||
|
||||
// ContainerResult provides a list of validation messages for each container.
|
||||
type ContainerResult struct {
|
||||
Name string
|
||||
Messages ResultSet
|
||||
Name string
|
||||
Results ResultSet
|
||||
}
|
||||
|
||||
// CountSummary provides a high level overview of success, warnings, and errors.
|
||||
@@ -121,15 +121,15 @@ func (rs ResultSet) GetSummary() CountSummary {
|
||||
}
|
||||
|
||||
func (p PodResult) GetSummary() CountSummary {
|
||||
summary := p.Messages.GetSummary()
|
||||
summary := p.Results.GetSummary()
|
||||
for _, containerResult := range p.ContainerResults {
|
||||
summary.AddSummary(containerResult.Messages.GetSummary())
|
||||
summary.AddSummary(containerResult.Results.GetSummary())
|
||||
}
|
||||
return summary
|
||||
}
|
||||
|
||||
func (c ControllerResult) GetSummary() CountSummary {
|
||||
summary := c.Messages.GetSummary()
|
||||
summary := c.Results.GetSummary()
|
||||
summary.AddSummary(c.PodResult.GetSummary())
|
||||
return summary
|
||||
}
|
||||
|
||||
@@ -28,7 +28,7 @@ func ValidatePod(conf *config.Configuration, pod *corev1.PodSpec, controllerName
|
||||
}
|
||||
|
||||
pRes := PodResult{
|
||||
Messages: podResults,
|
||||
Results: podResults,
|
||||
ContainerResults: []ContainerResult{},
|
||||
}
|
||||
|
||||
|
||||
@@ -42,7 +42,7 @@ func TestValidatePod(t *testing.T) {
|
||||
Errors: uint(0),
|
||||
}
|
||||
|
||||
expectedMessages := ResultSet{
|
||||
expectedResults := ResultSet{
|
||||
"hostIPCSet": {ID: "hostIPCSet", Message: "Host IPC is not configured", Success: true, Severity: "error", Category: "Security"},
|
||||
"hostNetworkSet": {ID: "hostNetworkSet", Message: "Host network is not configured", Success: true, Severity: "warning", Category: "Networking"},
|
||||
"hostPIDSet": {ID: "hostPIDSet", Message: "Host PID is not configured", Success: true, Severity: "error", Category: "Security"},
|
||||
@@ -52,7 +52,7 @@ func TestValidatePod(t *testing.T) {
|
||||
|
||||
assert.Equal(t, 1, len(actualPodResult.ContainerResults), "should be equal")
|
||||
assert.EqualValues(t, expectedSum, actualPodResult.GetSummary())
|
||||
assert.EqualValues(t, expectedMessages, actualPodResult.Messages)
|
||||
assert.EqualValues(t, expectedResults, actualPodResult.Results)
|
||||
}
|
||||
|
||||
func TestInvalidIPCPod(t *testing.T) {
|
||||
@@ -75,7 +75,7 @@ func TestInvalidIPCPod(t *testing.T) {
|
||||
Warnings: uint(0),
|
||||
Errors: uint(1),
|
||||
}
|
||||
expectedMessages := ResultSet{
|
||||
expectedResults := ResultSet{
|
||||
"hostIPCSet": {ID: "hostIPCSet", Message: "Host IPC should not be configured", Success: false, Severity: "error", Category: "Security"},
|
||||
"hostNetworkSet": {ID: "hostNetworkSet", Message: "Host network is not configured", Success: true, Severity: "warning", Category: "Networking"},
|
||||
"hostPIDSet": {ID: "hostPIDSet", Message: "Host PID is not configured", Success: true, Severity: "error", Category: "Security"},
|
||||
@@ -85,7 +85,7 @@ func TestInvalidIPCPod(t *testing.T) {
|
||||
|
||||
assert.Equal(t, 1, len(actualPodResult.ContainerResults), "should be equal")
|
||||
assert.EqualValues(t, expectedSum, actualPodResult.GetSummary())
|
||||
assert.EqualValues(t, expectedMessages, actualPodResult.Messages)
|
||||
assert.EqualValues(t, expectedResults, actualPodResult.Results)
|
||||
}
|
||||
|
||||
func TestInvalidNeworkPod(t *testing.T) {
|
||||
@@ -109,7 +109,7 @@ func TestInvalidNeworkPod(t *testing.T) {
|
||||
Errors: uint(0),
|
||||
}
|
||||
|
||||
expectedMessages := ResultSet{
|
||||
expectedResults := ResultSet{
|
||||
"hostNetworkSet": {ID: "hostNetworkSet", Message: "Host network should not be configured", Success: false, Severity: "warning", Category: "Networking"},
|
||||
"hostIPCSet": {ID: "hostIPCSet", Message: "Host IPC is not configured", Success: true, Severity: "error", Category: "Security"},
|
||||
"hostPIDSet": {ID: "hostPIDSet", Message: "Host PID is not configured", Success: true, Severity: "error", Category: "Security"},
|
||||
@@ -119,7 +119,7 @@ func TestInvalidNeworkPod(t *testing.T) {
|
||||
|
||||
assert.Equal(t, 1, len(actualPodResult.ContainerResults), "should be equal")
|
||||
assert.EqualValues(t, expectedSum, actualPodResult.GetSummary())
|
||||
assert.EqualValues(t, expectedMessages, actualPodResult.Messages)
|
||||
assert.EqualValues(t, expectedResults, actualPodResult.Results)
|
||||
}
|
||||
|
||||
func TestInvalidPIDPod(t *testing.T) {
|
||||
@@ -143,7 +143,7 @@ func TestInvalidPIDPod(t *testing.T) {
|
||||
Errors: uint(1),
|
||||
}
|
||||
|
||||
expectedMessages := ResultSet{
|
||||
expectedResults := ResultSet{
|
||||
"hostPIDSet": {ID: "hostPIDSet", Message: "Host PID should not be configured", Success: false, Severity: "error", Category: "Security"},
|
||||
"hostIPCSet": {ID: "hostIPCSet", Message: "Host IPC is not configured", Success: true, Severity: "error", Category: "Security"},
|
||||
"hostNetworkSet": {ID: "hostNetworkSet", Message: "Host network is not configured", Success: true, Severity: "warning", Category: "Networking"},
|
||||
@@ -153,7 +153,7 @@ func TestInvalidPIDPod(t *testing.T) {
|
||||
|
||||
assert.Equal(t, 1, len(actualPodResult.ContainerResults), "should be equal")
|
||||
assert.EqualValues(t, expectedSum, actualPodResult.GetSummary())
|
||||
assert.EqualValues(t, expectedMessages, actualPodResult.Messages)
|
||||
assert.EqualValues(t, expectedResults, actualPodResult.Results)
|
||||
}
|
||||
|
||||
func TestExemption(t *testing.T) {
|
||||
@@ -182,7 +182,7 @@ func TestExemption(t *testing.T) {
|
||||
Warnings: uint(0),
|
||||
Errors: uint(0),
|
||||
}
|
||||
expectedMessages := ResultSet{
|
||||
expectedResults := ResultSet{
|
||||
"hostNetworkSet": {ID: "hostNetworkSet", Message: "Host network is not configured", Success: true, Severity: "warning", Category: "Networking"},
|
||||
"hostPIDSet": {ID: "hostPIDSet", Message: "Host PID is not configured", Success: true, Severity: "error", Category: "Security"},
|
||||
}
|
||||
@@ -191,5 +191,5 @@ func TestExemption(t *testing.T) {
|
||||
|
||||
assert.Equal(t, 1, len(actualPodResult.ContainerResults), "should be equal")
|
||||
assert.EqualValues(t, expectedSum, actualPodResult.GetSummary())
|
||||
assert.EqualValues(t, expectedMessages, actualPodResult.Messages)
|
||||
assert.EqualValues(t, expectedResults, actualPodResult.Results)
|
||||
}
|
||||
|
||||
@@ -161,14 +161,14 @@ func (v *Validator) Handle(ctx context.Context, req types.Request) types.Respons
|
||||
func getFailureReason(podResult validator.PodResult) string {
|
||||
reason := "\nPolaris prevented this deployment due to configuration problems:\n"
|
||||
|
||||
for _, message := range podResult.Messages {
|
||||
for _, message := range podResult.Results {
|
||||
if !message.Success && message.Severity == config.SeverityError {
|
||||
reason += fmt.Sprintf("- Pod: %s\n", message.Message)
|
||||
}
|
||||
}
|
||||
|
||||
for _, containerResult := range podResult.ContainerResults {
|
||||
for _, message := range containerResult.Messages {
|
||||
for _, message := range containerResult.Results {
|
||||
if !message.Success && message.Severity == config.SeverityError {
|
||||
reason += fmt.Sprintf("- Container %s: %s\n", containerResult.Name, message.Message)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user