Python extract_commands Examples

Programming Language: Python

Namespace/Package Name: checkov.kubernetes.checks.resource.k8s.k8s_check_utils

Method/Function: extract_commands

Examples at hotexamples.com: 9

Python extract_commands - 9 examples found. These are the top rated real world Python examples of checkov.kubernetes.checks.resource.k8s.k8s_check_utils.extract_commands extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

    def scan_spec_conf(self, conf):
        keys, values = extract_commands(conf)

        if "kube-apiserver" in keys and '--kubelet-certificate-authority' not in keys:
            return CheckResult.FAILED

        return CheckResult.PASSED

Example #2

Show file

File: ApiServerEtcdCaFile.py Project: jakuta-tech/checkov

    def scan_spec_conf(self, conf):
        keys, values = extract_commands(conf)

        if "kube-apiserver" in keys:
            if '--etcd-ca-file' not in keys:
                return CheckResult.FAILED

        return CheckResult.PASSED

Example #3

Show file

File: ApiServerkubeletCertificateAuthority.py Project: tsmithv11/checkov

    def scan_container_conf(self, metadata: Dict[str, Any],
                            conf: Dict[str, Any]) -> CheckResult:
        keys, values = extract_commands(conf)

        if "kube-apiserver" in keys and "--kubelet-certificate-authority" not in keys:
            return CheckResult.FAILED

        return CheckResult.PASSED

Example #4

Show file

File: ApiServerEncryptionProviders.py Project: jakuta-tech/checkov

    def scan_spec_conf(self, conf):
        keys, values = extract_commands(conf)

        if "kube-apiserver" in keys:
            if "--encryption-provider-config" not in keys:
                        return CheckResult.FAILED
        

        return CheckResult.PASSED

Example #5

Show file

    def scan_spec_conf(self, conf):
        keys, values = extract_commands(conf)

        if "etcd" in keys:
            if '--peer-cert-file' in keys and '--peer-key-file' in keys:
                return CheckResult.PASSED
            return CheckResult.FAILED

        return CheckResult.PASSED

Example #6

Show file

File: ApiServerEncryptionProviders.py Project: tsmithv11/checkov

    def scan_container_conf(self, metadata: Dict[str, Any],
                            conf: Dict[str, Any]) -> CheckResult:
        self.evaluated_container_keys = ["command"]
        keys, values = extract_commands(conf)

        if "kube-apiserver" in keys:
            if "--encryption-provider-config" not in keys:
                return CheckResult.FAILED

        return CheckResult.PASSED

Example #7

Show file

    def scan_container_conf(self, metadata: Dict[str, Any],
                            conf: Dict[str, Any]) -> CheckResult:
        self.evaluated_container_keys = ["command"]
        keys, values = extract_commands(conf)

        if "etcd" in keys:
            if "--peer-cert-file" not in keys or "--peer-key-file" not in keys:
                return CheckResult.FAILED

        return CheckResult.PASSED

Example #8

Show file

    def scan_spec_conf(self, conf):
        keys, values = extract_commands(conf)

        if "kubelet" in keys:
            if '--read-only-port' in keys and values[keys.index(
                    '--read-only-port')] == "0":
                return CheckResult.PASSED
            return CheckResult.FAILED

        return CheckResult.PASSED

Example #9

Show file

File: KubeletReadOnlyPort.py Project: tsmithv11/checkov

    def scan_container_conf(self, metadata: Dict[str, Any],
                            conf: Dict[str, Any]) -> CheckResult:
        self.evaluated_container_keys = ["command"]
        keys, values = extract_commands(conf)

        if "kubelet" in keys:
            if "--read-only-port" in keys and values[keys.index(
                    "--read-only-port")] == "0":
                return CheckResult.PASSED
            return CheckResult.FAILED

        return CheckResult.PASSED