DevOpsBest, YAML-scanning, AllControls
Kubernetes common labels help manage and monitor Kubernetes cluster using different tools such as kubectl, dashboard and others in an interoperable way. Refer to https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/ for more information. This control helps you find objects that don't have any of these labels defined.Note, this control is configurable. See below the details.
CronJob, DaemonSet, Deployment, Job, Pods, ReplicaSet, StatefulSet
Test will check if the list of label that start with app.kubernetes.io/ are defined.
Define applicable labels or use the exception mechanism to prevent further notifications.
This control can be configured using the following parameters. Read CLI/UI documentation about how to change parameters.
Kubescape checks that workloads have at least one of the following kubernetes recommended labels.
apiVersion: apps/v1 kind: Deployment metadata: name: dwployment-witout-k8s-labels-1 labels: app: nginx spec: replicas: 3 selector: matchLabels: app: nginx template: metadata: labels: app.kubernetes.io/name: myApp app: nginx spec: containers: - name: nginx image: nginx:1.14.2 ports: - containerPort: 80
Updated about 2 months ago