TechQA.

OPA | Conftest incorrect parse yaml file

28 views Asked by At

ResourceQuota object definition involves limits keys with dots and there is issue to get the value of the limits:

policy.rego

package main

deny_incorrect_memory_unit[msg] {
  input.kind == "ResourceQuota"
  memoryLimit := input.spec.hard.limits.memory

  not regex.match("^[0-9]+M$", memoryLimit)
  msg := sprintf("%s: Incorrect value %s. Memory Limit in ResourceQuota must be defined in Megabytes (M) unit", [input.metadata.namespace, memoryLimit])
}

resource-quota.yaml

apiVersion: v1
kind: ResourceQuota
metadata:
  name: app
  namespace: backend
spec:
  hard:
    pods: 1
    limits.cpu: 3
    limits.memory: "1G"

In above example test finishes with success, despite of wrong unit in limits.memory After replacing yaml file to the below structure (which are not supported by k8s) test finish with expected result - failure:

spec:
  hard:
    pods: 1
    limits:
        cpu: 3
        memory: "1G"
go kubernetes opa open-policy-agent conftest
Original Q&A
0

There are 0 answers

Related Questions in GO

Related Questions in KUBERNETES

Related Questions in OPA

Related Questions in OPEN-POLICY-AGENT

Related Questions in CONFTEST

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions