Control: Ingress definition should not have NGINX ingress annotation snippets containing alias statements
Description
This check ensures that the NGINX ingress annotation snippets in the Ingress do not contain alias statements.
Usage
Run the control in your terminal:
powerpipe control run kubernetes_compliance.control.ingress_nginx_annotations_snippets_alias_not_usedSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run kubernetes_compliance.control.ingress_nginx_annotations_snippets_alias_not_used --shareSQL
This control uses a named query:
select coalesce(uid, concat(path, ':', start_line)) as resource, case when a.key like '%snippet%' and a.value like '%alias%' then 'alarm' else 'ok' end as status, case when a.key like '%snippet%' and a.value like '%alias%' then a.key || ' annotation snippet contains alias statements.' else a.key || ' annotation snippet not containing alias statements.' end as reason, name as ingress_name , coalesce(context_name, '') as context_name, namespace, source_type, coalesce(path || ':' || start_line || '-' || end_line, '') as pathfrom kubernetes_ingress, jsonb_each_text(annotations) as a;