Skip to main content

k8s_container resource

Use the k8s_container Chef InSpec audit resource to test the configuration of a specific Container in the specified namespace.

Installation

Syntax

describe k8s_container(namespace: "NAMESPACE", pod_name: 'POD_NAME', name: "NAME") do
  #...
end

Parameter

namespace: Namespace of the resource.
pod_name: Pod Name of the resource
container_name: Container Name of the resource

Properties

name: Name of the Container.
image: Container image name.
command: Entrypoint array.
arg: Arguments to the entrypoint.
resource: Compute Resources required by this container.
volumeMount: Pod volumes to mount into the container’s filesystem
livenessProbe: Periodic probe of container liveness
readinessProbe: Periodic probe of container service readiness
imagePullPolicy: Image pull policy, One of Always, Never, IfNotPresent
securityContext: Security options the pod should run with

Examples

Container for default namespace must exist

 describe k8s_container(pod_name: 'POD_NAME', name: 'NAME') do
  it { should exist }
end

Container for a specified namespace must exist

describe k8s_container(namespace: 'NAMESPACE', name: 'NAME', pod_name: 'POD_NAME') do
  it { should exist }
end

Check for presence of specific commands in Entrypoint array

 describe k8s_container(pod_name: 'POD_NAME', name: 'NAME') do
  it { should_have_command?('COMMAND') }
end

Matchers

For a full list of available matchers, see our Universal Matchers page.

Was this page helpful?

Help us improve this document.

Edit this page on GitHub

Still stuck?

Contact Support Ask The Community

How can we improve this document?

Thank you for your feedback!

×