🚀Launch Week 07, January 27th - 31st, 2025🚀
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-kubernetes-compliance
Overview
4Dashboards
790Benchmarks
781Queries
2Variables
GitHub

Control: PodTemplate containers should have liveness probe

Description

Containers in PodTemplate definition should have liveness probe. The liveness probes are to check if the container is started and alive. If this isn't the case, kubernetes will eventually restart the container.

Usage

Run the control in your terminal:

powerpipe control run kubernetes_compliance.control.pod_template_container_liveness_probe

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run kubernetes_compliance.control.pod_template_container_liveness_probe --share

SQL

This control uses a named query:

select
  coalesce(uid, concat(path, ':', start_line)) as resource,
  case
    when c -> 'livenessProbe' is not null then 'ok'
    else 'alarm'
  end as status,
  case
    when c -> 'livenessProbe' is not null then c ->> 'name' || ' has liveness probe.'
    else c ->> 'name' || ' does not have liveness probe.'
  end as reason,
  name as pod_template_name
  
  , coalesce(context_name, '') as context_name, namespace, source_type, coalesce(path || ':' || start_line || '-' || end_line, '') as path
from
  kubernetes_pod_template,
  jsonb_array_elements(template -> 'spec' -> 'containers') as c;

Tags

category = Compliance
plugin = kubernetes
service = Kubernetes/PodTemplate