Skip to content
This repository has been archived by the owner on Oct 30, 2024. It is now read-only.

Commit

Permalink
Feature: return exit code 2 on error findings (#283)
Browse files Browse the repository at this point in the history
  • Loading branch information
hazcod authored Aug 10, 2020
1 parent a528f5a commit df25139
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 0 deletions.
6 changes: 6 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ The rest of this README will focus on how to use kubeaudit as a command line too
* [Commands](#commands)
* [Configuration File](#configuration-file)
* [Override Errors](#override-errors)
* [CI/CD Usage](#cicd-usage)
* [Contributing](#contributing)

## Installation
Expand Down Expand Up @@ -207,6 +208,11 @@ See the specific [auditor docs](#auditors) for the auditor you wish to override

To learn more about labels, see https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

## CI/CD usage

kubeaudit will return exit code `2` whenever any errors are being found, so it can stop your pipeline.
If you do not want this to happen, run it as `kubeaudit all || true`

## Contributing

If you'd like to fix a bug, contribute a feature or just correct a typo, please feel free to do so as long as you follow our [Code of Conduct](https://github.com/Shopify/kubeaudit/blob/master/CODE_OF_CONDUCT.md).
Expand Down
4 changes: 4 additions & 0 deletions cmd/commands/root.go
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,10 @@ func runAudit(auditable ...kubeaudit.Auditable) func(cmd *cobra.Command, args []
}

report.PrintResults(os.Stdout, minSeverity, formatter)

if report.HasErrors() {
os.Exit(2)
}
}
}

Expand Down
12 changes: 12 additions & 0 deletions kubeaudit.go
Original file line number Diff line number Diff line change
Expand Up @@ -216,6 +216,18 @@ func (r *Report) Results() []Result {
return results
}

// HasErrors returns true if any findings have the level of Error
func (r *Report) HasErrors() (errorsFound bool) {
for _, workloadResult := range r.Results() {
for _, auditResult := range workloadResult.GetAuditResults() {
if auditResult.Severity >= Error {
return true
}
}
}
return false
}

// PrintResults writes the audit results with a severity greater than or matching minSeverity in a human-readable
// way to the provided writer
func (r *Report) PrintResults(writer io.Writer, minSeverity int, formatter log.Formatter) {
Expand Down

0 comments on commit df25139

Please sign in to comment.