container

package

v0.1.18 Latest Latest Go to latest Published: Apr 22, 2025 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/deckhouse/dmt

Links

Open Source Insights

README ¶

Description

Checks containers inside the template spec. This linter protects against the next cases:

containers with the duplicated names
containers with the duplicated env variables
misconfigured images repository and digest
imagePullPolicy is "Always" (should be unspecified or "IfNotPresent")
ephemeral storage is not defined in .resources
SecurityContext is not defined
container uses port <= 1024
Checks for probes defined in containers.

Settings example

Module level

This linter has settings.

linters-settings:
  container:
    exclude-rules:
      # exclude if object kind, object name and containers name are equal
      read-only-root-filesystem:
        - kind: Deployment
          name: deckhouse
          container: init-downloaded-modules
      # exclude if object kind, object name and containers name are equal
      resources:
        - kind: Deployment
          name: standby-holder-name
          container: reserve-resources
      # exclude if object kind, object name and containers name are equal
      security-context:
        - kind: Deployment
          name: caps-controller-manager
          container: caps-controller-manager
      # exclude if object kind, object name equals. affect any containers within
        - kind: Deployment
          name: standby-holder-name
      # exclude if object kind, object name are equal
      dns-policy:
        - kind: Deployment
          name: machine-controller-manager
      # exclude if object kind, object name and containers name are equal
      liveness-probe:
        - kind: Deployment
          name: standby-holder-name
          container: reserve-resources
      # exclude if object kind, object name and containers name are equal
      readiness-probe:
        - kind: Deployment
          name: standby-holder-name
          container: reserve-resources
      image-digest:
        - kind: Deployment
          name: okmeter
          container: okagent
    impact: error

Documentation ¶

Index ¶

Constants
type Container
- func New(cfg *config.ModuleConfig, errorList *errors.LintRuleErrorsList) *Container

Constants ¶

View Source

const (
	ID = "container"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Container ¶

type Container struct {
	ErrorList *errors.LintRuleErrorsList
	// contains filtered or unexported fields
}

Container linter

func New ¶

func New(cfg *config.ModuleConfig, errorList *errors.LintRuleErrorsList) *Container

func (*Container) Desc ¶

func (l *Container) Desc() string

func (*Container) Name ¶

func (l *Container) Name() string

func (*Container) Run ¶

func (l *Container) Run(m *module.Module)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
rules

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL