name: salty-dog-kubernetes rules: - name: kubernetes-resources desc: containers must have complete resources specified level: info tags: - cluster-health - important - kubernetes select: '$.spec.template.spec.containers[*]' check: type: object additionalProperties: true required: [resources] properties: resources: type: object required: [limits, requests] properties: limits: type: object required: [cpu, memory] properties: cpu: &resources-cpu type: string default: 500m memory: &resources-memory oneOf: - type: number minimum: 1 - type: string pattern: "[1-9][0-9]*[KMG]i" requests: type: object required: [cpu, memory] properties: cpu: *resources-cpu memory: *resources-memory - name: kubernetes-resources-minimum-cpu desc: resource limits are too low level: debug tags: - kubernetes - optional select: '$.spec.template.spec.containers[*].resources' # filter containers with cpu limits filter: type: object properties: limits: type: object properties: cpu: *resources-cpu # ensure the limits aren't *too* low check: type: object properties: limits: type: object properties: cpu: type: string default: 500m - name: kubernetes-deployment-replicas desc: deployments must specify a positive replica count level: info tags: - important - kubernetes # select the root of the document select: '$' # filter deployments filter: type: object properties: kind: type: string const: Deployment # ensure replicas are greater than 0 check: type: object properties: spec: type: object properties: replica: type: number minimum: 1