From 97687761a78388a3d00ad875601a19f48a0999ae Mon Sep 17 00:00:00 2001 From: Robert Brennan Date: Tue, 5 Sep 2023 13:15:45 -0400 Subject: [PATCH] Fix numerical resource ranges (#991) * fix numerical resource numbers * add resource range tests --- pkg/config/schema.go | 3 ++ test/checks/resourceRange/check.yaml | 32 +++++++++++++++++++ .../resourceRange/failure.cpu-number.yaml | 14 ++++++++ .../resourceRange/failure.mem-number.yaml | 14 ++++++++ .../resourceRange/success.cpu-number.yaml | 14 ++++++++ .../resourceRange/success.mem-number.yaml | 14 ++++++++ 6 files changed, 91 insertions(+) create mode 100644 test/checks/resourceRange/check.yaml create mode 100644 test/checks/resourceRange/failure.cpu-number.yaml create mode 100644 test/checks/resourceRange/failure.mem-number.yaml create mode 100644 test/checks/resourceRange/success.cpu-number.yaml create mode 100644 test/checks/resourceRange/success.mem-number.yaml diff --git a/pkg/config/schema.go b/pkg/config/schema.go index 87c5c750d..7743041b4 100644 --- a/pkg/config/schema.go +++ b/pkg/config/schema.go @@ -143,6 +143,9 @@ func (max resourceMaximum) Validate(path string, data interface{}, errs *[]jsons } func parseQuantity(i interface{}) (resource.Quantity, *[]jsonschema.ValError) { + if resNum, ok := i.(float64); ok { + i = fmt.Sprintf("%f", resNum) + } resStr, ok := i.(string) if !ok { return resource.Quantity{}, &[]jsonschema.ValError{ diff --git a/test/checks/resourceRange/check.yaml b/test/checks/resourceRange/check.yaml new file mode 100644 index 000000000..b937393a3 --- /dev/null +++ b/test/checks/resourceRange/check.yaml @@ -0,0 +1,32 @@ +containers: + exclude: + - initContainer +successMessage: Resource limits are within the required range +failureMessage: Resource limits should be within the required range +category: Resources +target: Container +schema: + '$schema': http://json-schema.org/draft-07/schema + type: object + required: + - resources + properties: + resources: + type: object + required: + - limits + properties: + limits: + type: object + required: + - memory + - cpu + properties: + memory: + type: string + resourceMinimum: 100Mi # 104857600 bytes + resourceMaximum: 6G + cpu: + type: string + resourceMinimum: 100m + resourceMaximum: "2" diff --git a/test/checks/resourceRange/failure.cpu-number.yaml b/test/checks/resourceRange/failure.cpu-number.yaml new file mode 100644 index 000000000..d70fd60bf --- /dev/null +++ b/test/checks/resourceRange/failure.cpu-number.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Pod +metadata: + name: nginx + labels: + app.kubernetes.io/name: nginx +spec: + containers: + - name: nginx + image: nginx + resources: + limits: + memory: 250Mi + cpu: 0.05 diff --git a/test/checks/resourceRange/failure.mem-number.yaml b/test/checks/resourceRange/failure.mem-number.yaml new file mode 100644 index 000000000..200bc882a --- /dev/null +++ b/test/checks/resourceRange/failure.mem-number.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Pod +metadata: + name: nginx + labels: + app.kubernetes.io/name: nginx +spec: + containers: + - name: nginx + image: nginx + resources: + limits: + memory: 104857599 + cpu: 1 diff --git a/test/checks/resourceRange/success.cpu-number.yaml b/test/checks/resourceRange/success.cpu-number.yaml new file mode 100644 index 000000000..f8e0f967e --- /dev/null +++ b/test/checks/resourceRange/success.cpu-number.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Pod +metadata: + name: nginx + labels: + app.kubernetes.io/name: nginx +spec: + containers: + - name: nginx + image: nginx + resources: + limits: + memory: 250Mi + cpu: 1.5 diff --git a/test/checks/resourceRange/success.mem-number.yaml b/test/checks/resourceRange/success.mem-number.yaml new file mode 100644 index 000000000..6e8202d4f --- /dev/null +++ b/test/checks/resourceRange/success.mem-number.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Pod +metadata: + name: nginx + labels: + app.kubernetes.io/name: nginx +spec: + containers: + - name: nginx + image: nginx + resources: + limits: + memory: 104857600 + cpu: 1