Skip to main content

k8sobject resource

Use the k8sobject Chef InSpec audit resource is a generic InSpec resource to test any Kubernetes object.

Installation

Syntax

describe k8sobject(type: K8s_RESOURCE_TYPE, namespace: NAMESPACE, name: RESOURCE_NAME) do
  #...
end

Parameters

type
type of the K8s resource that is for a query.
namespace
namespace of the resource.
name
Name of the resource.

Properties

uid
UID of the resource.
name
Name of the resource.
namespace
Namespace of the resource.
resource_version
Resource version of the resource.
kind
Resource type.
metadata
Metadata for the resource.
labels
Labels of the resource.
annotations
Annotations of the resource.

Examples

Test to ensure kube-system, kube-public, and default namespaces exist

describe k8sobject(api: 'v1', type: 'namespaces', name: 'kube-system') do
  it { should exist }
end

Test to ensure kube-system pods exist

k8sobject(api: 'v1', type: 'pods', namespace: 'kube-system', labelSelector: 'k8s-app=kube-proxy') do
  it { should exist }
end

Matchers

This Chef InSpec audit resource has the following special matchers. For a full list of available matchers, see our Universal Matchers page.

have_label

The have_label matcher verifies if the specified key and value are present in the resource lables.

it { should have_label('foo', 'bar') }

have_annotation

The have_annotation matcher verifies if the specified key and value are present in the resource annotations.

it { should have_annotation('foo', 'bar') }
Edit this page on GitHub

Thank you for your feedback!

×









Search Results