Steampipe MCP Server →
Steampipe Hub 
Hub
Plugins
turbot/kubernetes
Overview
39
Tables
901
QueriesPowerpipeModsGitHub

Query: Job containers should have etcd certfile and keyfile configured appropriately

Description

This check ensures that the container in the Job has etcd certfile and keyfile configured appropriately.

Query

Tables used in this query:

Controls using this query:

SQL

select
  coalesce(uid, concat(path, ':', start_line)) as resource,
  case
    when (c -> 'command') is null
    or not ((c -> 'command') @> '["etcd"]') then 'ok'
    when (c -> 'command') @> '["etcd"]'
    and (
      not (c ->> 'command' like '%--cert-file%')
      or not (c ->> 'command' like '%--key-file%')
    ) then 'alarm'
    else 'ok'
  end as status,
  case
    when (c -> 'command') is null then c ->> 'name' || ' command not defined.'
    when not ((c -> 'command') @> '["etcd"]') then c ->> 'name' || ' etcd not defined.'
    when (c -> 'command') @> '["etcd"]'
    and(
      not (c ->> 'command' like '%--cert-file%')
      or not (c ->> 'command' like '%--key-file%')
    ) then c ->> 'name' || ' etcd certfile and keyfile not set.'
    else c ->> 'name' || ' etcd certfile and keyfile set.'
  end as reason,
  name as job_name,
  coalesce(context_name, '') as context_name,
  namespace,
  source_type,
  coalesce(path || ':' || start_line || '-' || end_line, '') as path
from
  kubernetes_job,
  jsonb_array_elements(template -> 'spec' -> 'containers') as c;