diff options
| author |   Parth Inamdar <parth.inamdar1@gmail.com> | 2021-12-06 10:33:36 -0500 |
|---|---|---|
| committer | Parth Inamdar <parth.inamdar1@gmail.com> | 2021-12-06 11:46:11 -0500 |
| commit | f176944ff11798a36104d859b6225093586f808f (patch) | |
| tree | 342c9119a087ec32d407828a38dc5727e774ed7f /sdv/docker/sdvstate/internal/validator/kuberef/security_check.py | |
| parent | 52ba79c07aa517160698ee7e04797447448ebf3c (diff) | |
Added few changes to resolve config issues
Signed-off-by: Parth V Inamdar <parth.inamdar1@gmail.com>
Change-Id: If7e4a62fbe993130c36f36b4b781f4df7ee9eeaf
Diffstat (limited to 'sdv/docker/sdvstate/internal/validator/kuberef/security_check.py')
| -rw-r--r-- | sdv/docker/sdvstate/internal/validator/kuberef/security_check.py | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/sdv/docker/sdvstate/internal/validator/kuberef/security_check.py b/sdv/docker/sdvstate/internal/validator/kuberef/security_check.py index f49048c..a6c15ee 100644 --- a/sdv/docker/sdvstate/internal/validator/kuberef/security_check.py +++ b/sdv/docker/sdvstate/internal/validator/kuberef/security_check.py @@ -2,6 +2,8 @@ Security Checks """ +#pylint: disable=broad-except + import time import logging from tools.kube_utils import kube_api, kube_curl @@ -62,6 +64,12 @@ def capability_check(): except RuntimeError as error: status.append(error) + except Exception as error: + kube.delete_namespaced_pod(name=pod_cap.metadata.name, namespace='default') + result['criteria'] = 'fail' + status.append(error) + + result['details'].append(status) store_result(logger, result) return result @@ -118,6 +126,11 @@ def privilege_check(): except RuntimeError as error: status.append(error) + except Exception as error: + kube.delete_namespaced_pod(name=pod_priv.metadata.name, namespace='default') + result['criteria'] = 'fail' + status.append(error) + result['details'].append(status) store_result(logger, result) @@ -157,7 +170,7 @@ def host_network_check(): try: pod_nw = kube.create_namespaced_pod(body=pod_manifest, namespace='default') - time.sleep(5) + time.sleep(6) kube.delete_namespaced_pod(name=pod_nw.metadata.name, namespace='default') result['criteria'] = 'fail' @@ -168,6 +181,12 @@ def host_network_check(): except RuntimeError as error: status.append(error) + except Exception as error: + kube.delete_namespaced_pod(name=pod_nw.metadata.name, namespace='default') + result['criteria'] = 'fail' + status.append(error) + + result['details'].append(status) store_result(logger, result) @@ -227,6 +246,11 @@ def host_path_vol_check(): except RuntimeError as error: status.append(error) + except Exception as error: + kube.delete_namespaced_pod(name=pod_vol.metadata.name, namespace='default') + result['criteria'] = 'fail' + status.append(error) + result['details'].append(status) store_result(logger, result) |