Skip to content

Commit

Permalink
Merge #295
Browse files Browse the repository at this point in the history 
295: score/networkpolicy: improved copy for pod-has-networkpolicy errors r=zegl a=zegl



Co-authored-by: Gustav Westling <gustav@westling.dev>
  • Loading branch information
@bors @zegl
bors[bot] and zegl committed Aug 11, 2020
2 parents e6bad3b + c16bdc8 commit cdab99b
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions score/networkpolicy/networkpolicy.go
View file
Expand Up @@ -68,13 +68,13 @@ func podHasNetworkPolicy(allNetpols []networkingv1.NetworkPolicy) func(spec core
score.Grade = scorecard.GradeAllOK
} else if hasMatchingEgressNetpol && !hasMatchingIngressNetpol {
score.Grade = scorecard.GradeWarning
score.AddComment("", "The pod does not have a matching ingress network policy", "Add a egress policy to the pods NetworkPolicy")
score.AddComment("", "The pod does not have a matching ingress NetworkPolicy", "Add a ingress policy to the pods NetworkPolicy")
} else if hasMatchingIngressNetpol && !hasMatchingEgressNetpol {
score.Grade = scorecard.GradeWarning
score.AddComment("", "The pod does not have a matching egress network policy", "Add a ingress policy to the pods NetworkPolicy")
score.AddComment("", "The pod does not have a matching egress NetworkPolicy", "Add a egress policy to the pods NetworkPolicy")
} else {
score.Grade = scorecard.GradeCritical
score.AddComment("", "The pod does not have a matching network policy", "Create a NetworkPolicy that targets this pod")
score.AddComment("", "The pod does not have a matching NetworkPolicy", "Create a NetworkPolicy that targets this pod to control who/what can communicate with this pod. Note, this feature needs to be supported by the CNI implementation used in the Kubernetes cluster to have an effect.")
}

return
Expand Down

0 comments on commit cdab99b

Please sign in to comment.