score/container: align `container-ephemeral-storage-request-and-limit…

…` to `container-resources`
zegl · Dec 19, 2023 · 7df9449 · 7df9449
1 parent 891b4c9
commit 7df9449
Showing 1 changed file with 19 additions and 2 deletions.
diff --git a/score/container/container.go b/score/container/container.go
@@ -215,18 +215,35 @@ func containerStorageEphemeralRequestAndLimit(ps ks.PodSpecer) (score scorecard.
 
 	score.Grade = scorecard.GradeAllOK
 
+	hasMissingLimit := false
+	hasMissingRequest := false
+
 	for _, container := range allContainers {
 		if container.Resources.Limits.StorageEphemeral().IsZero() {
 			score.AddComment(container.Name, "Ephemeral Storage limit is not set",
 				"Resource limits are recommended to avoid resource DDOS. Set resources.limits.ephemeral-storage")
-			score.Grade = scorecard.GradeCritical
-		} else if container.Resources.Requests.StorageEphemeral().IsZero() {
+			hasMissingLimit = true
+		}
+		if container.Resources.Requests.StorageEphemeral().IsZero() {
 			score.AddComment(container.Name, "Ephemeral Storage request is not set",
 				"Resource requests are recommended to make sure the application can start and run without crashing. Set resource.requests.ephemeral-storage")
 			score.Grade = scorecard.GradeWarning
+			hasMissingRequest = true
 		}
 	}
 
+	switch {
+	case len(allContainers) == 0:
+		score.Grade = scorecard.GradeCritical
+		score.AddComment("", "No containers defined", "")
+	case hasMissingLimit:
+		score.Grade = scorecard.GradeCritical
+	case hasMissingRequest:
+		score.Grade = scorecard.GradeWarning
+	default:
+		score.Grade = scorecard.GradeAllOK
+	}
+
 	return
 }