| 224 | } |
| 225 | |
| 226 | func applyControllerSchemaChecks(ctx context.Context, conf *config.Configuration, resourceProvider *kube.ResourceProvider, resource kube.GenericResource) (Result, error) { |
| 227 | finalResult := Result{ |
| 228 | Kind: resource.Kind, |
| 229 | Name: resource.ObjectMeta.GetName(), |
| 230 | Namespace: resource.ObjectMeta.GetNamespace(), |
| 231 | } |
| 232 | resultSet, err := applyTopLevelSchemaChecks(ctx, conf, resourceProvider, resource, true) |
| 233 | if err != nil { |
| 234 | return finalResult, err |
| 235 | } |
| 236 | finalResult.Results = resultSet |
| 237 | |
| 238 | nonControllerResults, err := applyTopLevelSchemaChecks(ctx, conf, resourceProvider, resource, false) |
| 239 | if err != nil { |
| 240 | return finalResult, err |
| 241 | } |
| 242 | for key, val := range nonControllerResults { |
| 243 | if _, ok := finalResult.Results[key]; ok { |
| 244 | return finalResult, errors.New("Duplicate finding for check " + key) |
| 245 | } |
| 246 | finalResult.Results[key] = val |
| 247 | } |
| 248 | |
| 249 | podRS, err := applyPodSchemaChecks(ctx, conf, resourceProvider, resource) |
| 250 | if err != nil { |
| 251 | return finalResult, err |
| 252 | } |
| 253 | podRes := PodResult{ |
| 254 | Results: podRS, |
| 255 | ContainerResults: []ContainerResult{}, |
| 256 | } |
| 257 | finalResult.PodResult = &podRes |
| 258 | |
| 259 | for _, container := range resource.PodSpec.InitContainers { |
| 260 | results, err := applyContainerSchemaChecks(ctx, conf, resourceProvider, resource, &container, true) |
| 261 | if err != nil { |
| 262 | return finalResult, err |
| 263 | } |
| 264 | cRes := ContainerResult{ |
| 265 | Name: container.Name, |
| 266 | Results: results, |
| 267 | } |
| 268 | podRes.ContainerResults = append(podRes.ContainerResults, cRes) |
| 269 | } |
| 270 | for _, container := range resource.PodSpec.Containers { |
| 271 | results, err := applyContainerSchemaChecks(ctx, conf, resourceProvider, resource, &container, false) |
| 272 | if err != nil { |
| 273 | return finalResult, err |
| 274 | } |
| 275 | cRes := ContainerResult{ |
| 276 | Name: container.Name, |
| 277 | Results: results, |
| 278 | } |
| 279 | podRes.ContainerResults = append(podRes.ContainerResults, cRes) |
| 280 | } |
| 281 | |
| 282 | return finalResult, nil |
| 283 | } |