forgetest5
/
kubeeye
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #1 from kubesphere/update_readme 

update readme
This commit is contained in:
Forest 2020-12-07 14:45:15 +08:00 committed by GitHub
parent 21ad1c48d1 ea39838b44
commit 03784f77c3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 327 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
Makefile
View File

@ -1,9 +1,20 @@
.PHONY: build
.PHONY: ke
BINARY="ke"
ke-linux:
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o ${BINARY}
fmt:
gofmt -w ./pkg ./cmd
ke-darwin:
CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o ${BINARY}
ke:
CGO_ENABLED=0 go build -o ${BINARY}
# install kubeye
install: ke
mv ${BINARY} /usr/local/bin/
clean:
rm ${BINARY}
# uninstall kubeye from local computer
uninstall:
rm /usr/local/bin/${BINARY} 2> /dev/null

197
README.md
View File

@ -1,95 +1,27 @@
# Kubeye
Kubeye is a tool for inspecting Kubernetes clusters. It runs a variety of checks to ensure that Kubernetes pods are configured using best practices, helping you avoid problems in the future.
Quickly get cluster core component status and cluster size information and abnormal Pods information and tons of node problems. Developed by the GO language. Support for user-defined best practice configuration rules and the addition of cluster fault scouts, which can refer to the [Node-Problem-Detector](https://github.com/kubernetes/node-problem-detector) project。
Kubeye aims to find various problems on Kubernetes, such as application misconfiguration, cluster components unhealthy and node problems(using [Node-Problem-Detector](https://github.com/kubernetes/node-problem-detector)). Besides predefined rules, it also supports custom defined rules.
## Usage
1、Get the Installer Excutable File
* Binary downloads of the kubeye can be found on the [Releases page](https://github.com/kubesphere/kubeye/releases). Unpack the binary and you are good to go!
* Build Binary from Source Code
```shell script
git clone https://github.com/kubesphere/kubeye.git
cd kubeye
make ke-linux
```
2、Perform operation
```shell script
./ke audit --kubeconfig /home/ubuntu/.kube/config
```
3、(Optional) Install Node-problem-Detector in the inspection cluster
> Note: The NPD module does not need to be installed When more detailed node information does not need to be probed.
## How to use
- Install kubeye on your machine
- Download pre built executables from [Releases](https://github.com/kubesphere/kubeye/releases).
- Or you can build from source code
```shell
git clone https://github.com/kubesphere/kubeye.git
cd kubeye
make install
```
- [Optional] Install Node-problem-Detector
> Note: This line will install npd on your cluster, only required if you want detailed report.
```shell script
./ke install npd --kubeconfig /home/ubuntu/.kube/config
ke install npd --kubeconfig ~/.kube/config
```
## What kubeye can do
1. Core component detection in the cluster, including controller-manager, scheduler and ETCD exception detection.
2. Node detection in the cluster, including Kubelet abnormalities, insufficient machine MEMORY/CPU/DISk resources, docker service exceptions.
3. Pod detection int the cluster, including pod best practices, pod exceptions information.
## Features
|YES/NO|CHECK ITEM |Description|
|---|---|---|
| :white_check_mark: | ETCDHealthStatus | If ETCD is abnormal, displays dial tcp 192.168.13.8:2379: connect: connection refused|
| :white_check_mark: | Controller-ManagerHealthStatus | If Controller-Manager is abnormal, displays dial tcp 127.0.0.1:10252: connect: connection refused|
| :white_check_mark: | ScheduleHealthStatus | If Schedule is abnormal, displays dial tcp 127.0.0.1:10251: connect: connection refused|
| :white_check_mark: | NodeMemory | If the node is full of Memory, the node displays NotReady|
| :white_check_mark: | DockerHealthStatus | If docker is abnormal, displays cannot connect to the Docker daemon at unix:///var/run/docker.sock|
| :white_check_mark: | NodeDisk | If the node is full of Disk, displays FreeDiskSpaceFailed|
| :white_check_mark: | KubeletHealthStatus | If kubelet not work, the node displays NotReady|
| :white_check_mark: | NodeCPU | If the node CPU is always full, the node displays NotReady|
| :white_check_mark: | NodeCorruptOverlay2 | Overlay2 is not available|
| :white_check_mark: | NodeKernelNULLPointer | the node displays NotReady|
| :white_check_mark: | NodeDeadlock | A deadlock is a phenomenon in which two or more processes are waiting for each other as they compete for resources|
| :white_check_mark: | NodeOOM | Monitor processes that consume too much memory, especially those that consume a lot of memory very quickly, and the kernel kill them to prevent them from running out of memory|
| :white_check_mark: | NodeExt4Error | Ext4 mount error|
| :white_check_mark: | NodeTaskHung | Check to see if there is a process in state D for more than 120s|
| :white_check_mark: | NodeUnregisterNetDevice | Check corresponding net|
| :white_check_mark: | NodeCorruptDockerImage | Check docker image|
| :white_check_mark: | NodeAUFSUmountHung | Check storage|
| :white_check_mark: | NodeDockerHung | Docker hung, you can check docker log|
| :white_check_mark: | PodSetLiveNessProbe | No livenessProbe was declared|
| :white_check_mark: | PodSetTagNotSpecified | The mirror address does not declare tag or tag is latest|
| :white_check_mark: | PodSetRunAsPrivileged | Running a pod in a privileged mode means that the pod can access the hosts resources and kernel capabilities|
| :white_check_mark: | PodSetImagePullBackOff | Pod can't pull the image properly, so it can be pulled manually on the corresponding node|
| :white_check_mark: | PodSetImageRegistry | Checks if the image form is at the beginning of the corresponding harbor|
| :white_check_mark: | PodSetCpuLimitsMissing | No CPU Resource limit was declared|
| :white_check_mark: | PodNoSuchFileOrDirectory | Go into the container to see if the corresponding file exists|
| :white_check_mark: | PodIOError | This is usually due to file IO performance bottlenecks|
| :white_check_mark: | PodNoSuchDeviceOrAddress | Check corresponding net|
| :white_check_mark: | PodInvalidArgument | Check the storage|
| :white_check_mark: | PodDeviceOrResourceBusy | Check corresponding dirctory and PID|
| :white_check_mark: | PodFileExists | Check for existing files|
| :white_check_mark: | PodTooManyOpenFiles | The number of file /socket connections opened by the program exceeds the system set value|
| :white_check_mark: | PodNoSpaceLeftOnDevice | Check for disk and inode usage|
| | NodeTokenExpired | Token certificate expired|
| | NodeApiServerExpired | kube-apiserver certificate expired|
| | NodeKubeletExpired | Kubelet certificate expired|
| | PodSetCpuRequestsMissing | The CPU Resource Request value was not declared|
| | PodSetHostIPCSet | Set the hostIP|
| | PodSetHostNetworkSet | Set the hostNetwork|
| | PodHostPIDSet | Set the hostPID|
| | PodMemoryRequestsMiss | No memory Resource Request value is declared|
| | PodSetHostPort | Set the hostPort|
| | PodSetMemoryLimitsMissing | No memory Resource limit value is declared|
| | PodNotReadOnlyRootFiles | The file system is not set to read-only|
| | PodSetPullPolicyNotAlways | The mirror pull strategy is not always|
| | PodSetRunAsRootAllowed | Executed as a root account|
| | PodDangerousCapabilities | You have the dangerous option in capabilities such as ALL/SYS_ADMIN/NET_ADMIN|
| | PodlivenessProbeMissing | ReadinessProbe was not declared|
| | privilegeEscalationAllowed | Privilege escalation is allowed|
## Results Example
```
root@node1:/home/ubuntu/go/src/kubeye# ./ke audit --kubeconfig /home/ubuntu/config
- Run kubeye
```shell
root@node1:# ke audit --kubeconfig ~/.kube/config
NODENAME SEVERITY HEARTBEATTIME REASON MESSAGE
node18 danger 2020-11-19T10:32:03+08:00 NodeStatusUnknown Kubelet stopped posting node status.
node19 danger 2020-11-19T10:31:37+08:00 NodeStatusUnknown Kubelet stopped posting node status.
@ -123,27 +55,88 @@ kube-system calico-kube-controllers Deployment 2020-11-27T17:09:59+08:0
kube-system coredns Deployment 2020-11-27T17:09:59+08:00 [cpuLimitsMissing]
```
## Custom check
## What kubeye can do
* Add custom npd rule methods
- Kubeye can find problems of your cluster control plane, including kube-apiserver/kube-controller-manager/etcd, etc.
- Kubeye helps you detect all kinds of node problems, including memory/cpu/disk pressure, unexpected kernel error logs, etc.
- Kubeye validates your workloads yaml specs against industry best practice, helps you make your cluster stable.
## Checklist
|YES/NO|CHECK ITEM |Description|
|---|---|---|
| :white_check_mark: | ETCDHealthStatus | if etcd is up and running normally |
| :white_check_mark: | ControllerManagerHealthStatus | if kubernetes kube-controller-manager is up and running normally. |
| :white_check_mark: | SchedulerHealthStatus | if kubernetes kube-scheduler |
| :white_check_mark: | NodeMemory | if node memory usage is above threshold |
| :white_check_mark: | DockerHealthStatus | if docker is up and running|
| :white_check_mark: | NodeDisk | if node disk usage is above given threshold |
| :white_check_mark: | KubeletHealthStatus | if kubelet is active and running normally |
| :white_check_mark: | NodeCPU | if node cpu usage is above the given threshold |
| :white_check_mark: | NodeCorruptOverlay2 | Overlay2 is not available|
| :white_check_mark: | NodeKernelNULLPointer | the node displays NotReady|
| :white_check_mark: | NodeDeadlock | A deadlock is a phenomenon in which two or more processes are waiting for each other as they compete for resources|
| :white_check_mark: | NodeOOM | Monitor processes that consume too much memory, especially those that consume a lot of memory very quickly, and the kernel kill them to prevent them from running out of memory|
| :white_check_mark: | NodeExt4Error | Ext4 mount error|
| :white_check_mark: | NodeTaskHung | Check to see if there is a process in state D for more than 120s|
| :white_check_mark: | NodeUnregisterNetDevice | Check corresponding net|
| :white_check_mark: | NodeCorruptDockerImage | Check docker image|
| :white_check_mark: | NodeAUFSUmountHung | Check storage|
| :white_check_mark: | NodeDockerHung | Docker hung, you can check docker log|
| :white_check_mark: | PodSetLivenessProbe | if livenessProbe set for every container in a pod|
| :white_check_mark: | PodSetTagNotSpecified | The mirror address does not declare tag or tag is latest|
| :white_check_mark: | PodSetRunAsPrivileged | Running a pod in a privileged mode means that the pod can access the hosts resources and kernel capabilities|
| :white_check_mark: | PodSetImagePullBackOff | Pod can't pull the image properly, so it can be pulled manually on the corresponding node|
| :white_check_mark: | PodSetImageRegistry | Checks if the image form is at the beginning of the corresponding harbor|
| :white_check_mark: | PodSetCpuLimitsMissing | No CPU Resource limit was declared|
| :white_check_mark: | PodNoSuchFileOrDirectory | Go into the container to see if the corresponding file exists|
| :white_check_mark: | PodIOError | This is usually due to file IO performance bottlenecks|
| :white_check_mark: | PodNoSuchDeviceOrAddress | Check corresponding net|
| :white_check_mark: | PodInvalidArgument | Check the storage|
| :white_check_mark: | PodDeviceOrResourceBusy | Check corresponding dirctory and PID|
| :white_check_mark: | PodFileExists | Check for existing files|
| :white_check_mark: | PodTooManyOpenFiles | The number of file /socket connections opened by the program exceeds the system set value|
| :white_check_mark: | PodNoSpaceLeftOnDevice | Check for disk and inode usage|
| | NodeTokenExpired | Token certificate expired|
| | NodeApiServerExpired | kube-apiserver certificate expired|
| | NodeKubeletExpired | Kubelet certificate expired|
| | PodSetCpuRequestsMissing | The CPU Resource Request value was not declared|
| | PodSetHostIPCSet | Set the hostIP|
| | PodSetHostNetworkSet | Set the hostNetwork|
| | PodHostPIDSet | Set the hostPID|
| | PodMemoryRequestsMiss | No memory Resource Request value is declared|
| | PodSetHostPort | Set the hostPort|
| | PodSetMemoryLimitsMissing | No memory Resource limit value is declared|
| | PodNotReadOnlyRootFiles | The file system is not set to read-only|
| | PodSetPullPolicyNotAlways | The mirror pull strategy is not always|
| | PodSetRunAsRootAllowed | Executed as a root account|
| | PodDangerousCapabilities | You have the dangerous option in capabilities such as ALL/SYS_ADMIN/NET_ADMIN|
| | PodlivenessProbeMissing | ReadinessProbe was not declared|
| | privilegeEscalationAllowed | Privilege escalation is allowed|
> unmarked items are under heavy development
## Add your own check rules
### Add custom npd rule
- Install NPD with `ke install npd --kubeconfig ~/.kube/config`
- Edit configmap kube-system/node-problem-detector-config with kubectl,
```
kubectl edit cm -n kube-system node-problem-detector-config
```
1. Deploy npd, ./ke add npd --kubeconfig /home/ubuntu/.kube/config
2. Ddit node-problem-detector-config configMap, such as: kubectl edit cm -n kube-system node-problem-detector-config
3. Add exception log information under the rule of configMap, rules follow regular expressions.
### Audit with your own custom best practice rules
- Prepare a rule yaml, for example, the following rule will validate your pod spec to make sure image are only from authorized registries.
```
* Add custom best practice configuration
```
1. Use the -f parameter and file name config.yaml.
./ke audit -f /home/ubuntu/go/src/kubeye/examples/tmp/config.yaml --kubeconfig /home/ubuntu/.kube/config
2. config.yaml example, follow the JSON syntax.
ubuntu@node1:~/go/src/kubeye/examples/tmp$ cat config.yaml
checks:
imageRegistry: warning
customChecks:
imageRegistry:
successMessage: Image comes from allowed registries
failureMessage: Image should not be from disallowed registry
successMessage: Image from an authorized registriy.
failureMessage: Image from an unauthorized registry.
category: Images
target: Container
schema:
@ -154,8 +147,12 @@ customChecks:
type: string
not:
pattern: ^quay.io
```
ubuntu@node1:~/go/src/kubeye/examples/tmp$./ke audit -f /home/ubuntu/go/src/kubeye/examples/tmp/config.yaml
- Save the above rule as a yaml, for example, `rule.yaml`.
- Run kubeye with `rule.yaml`
```shell
root:# ke audit -f rule.yaml --kubeconfig ~/.kube/config
NAMESPACE NAME KIND TIME MESSAGE
default nginx Deployment 2020-11-27T17:18:31+08:00 [imageRegistry]
kube-system node-problem-detector DaemonSet 2020-11-27T17:18:31+08:00 [livenessProbeMissing runAsPrivileged]
@ -164,4 +161,4 @@ kube-system calico-kube-controllers Deployment 2020-11-27T17:18:31+08:00
kube-system nodelocaldns DaemonSet 2020-11-27T17:18:31+08:00 [runAsPrivileged cpuLimitsMissing]
default nginx Deployment 2020-11-27T17:18:31+08:00 [livenessProbeMissing cpuLimitsMissing]
kube-system coredns Deployment 2020-11-27T17:18:31+08:00 [cpuLimitsMissing]
```
```

14
cmd/add.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package cmd
import (

14
cmd/audit.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package cmd
import (

4
cmd/root.go
View File

@ -1,5 +1,5 @@
/*
Copyright © 2020 NAME HERE <EMAIL ADDRESS>
Copyright © 2020 KubeSphere Authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -25,7 +25,7 @@ var Verbose bool
var rootCmd = &cobra.Command{
Use: "ke",
Short: "Kubeye the cluster configuration",
Short: "Kubeye finds various problems on Kubernetes cluster.",
}
func Execute() {

1
go.mod
View File

@ -13,5 +13,4 @@ require (
k8s.io/apimachinery v0.18.6
k8s.io/client-go v0.18.6
sigs.k8s.io/controller-runtime v0.6.3
sigs.k8s.io/yaml v1.2.0 // indirect
)

26
main.go
View File

@ -1,18 +1,18 @@
/*
Copyright © 2020 NAME HERE <EMAIL ADDRESS>
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (

14
pkg/config/config.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package config
import (

14
pkg/config/exemptions.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package config
import "strings"

31
pkg/config/schema.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package config
import (
@ -20,7 +34,6 @@ type SchemaCheck struct {
Category string `yaml:"category"`
SuccessMessage string `yaml:"successMessage"`
FailureMessage string `yaml:"failureMessage"`
// Controllers includeExcludeList `yaml:"controllers"`
Containers includeExcludeList `yaml:"containers"`
Target TargetKind `yaml:"target"`
SchemaTarget TargetKind `yaml:"schemaTarget"`
@ -48,21 +61,7 @@ func (check SchemaCheck) IsActionable(target TargetKind, controllerType string,
if check.Target != target {
return false
}
//isIncluded := len(check.Controllers.Include) == 0
//for _, inclusion := range check.Controllers.Include {
// if inclusion == controllerType {
// isIncluded = true
// break
// }
//}
//if !isIncluded {
// return false
//}
//for _, exclusion := range check.Controllers.Exclude {
// if exclusion == controllerType {
// return false
// }
//}
if check.Target == TargetContainer {
isIncluded := len(check.Containers.Include) == 0
for _, inclusion := range check.Containers.Include {

14
pkg/config/severity.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package config
type Severity string

14
pkg/kube/resources.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package kube
import (

14
pkg/kube/workload.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package kube
import (

14
pkg/validator/add.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package validator
import (

14
pkg/validator/audit.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package validator
import (

18
pkg/validator/container.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package validator
import (
@ -34,8 +48,8 @@ func ValidateAllContainers(ctx context.Context, conf *config.Configuration, cont
return nil, err
}
for key, deleteTrue := range result.Results {
if true == deleteTrue.Success{
for key, deleteTrue := range result.Results {
if true == deleteTrue.Success {
delete(result.Results, key)
continue
}

14
pkg/validator/output.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package validator
import (

14
pkg/validator/pod.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package validator
import (

14
pkg/validator/schema.go
View File

@ -1,3 +1,17 @@
// Copyright 2020 KubeSphere Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package validator
import (