kube-tools/overlay/usr/local/bin/flux-audit

40 lines
1.0 KiB
Plaintext
Raw Permalink Normal View History

#!/usr/bin/env bash
set -eo pipefail
FLUX_PATH="${1:-.}"
if [ -z "$POLARIS_CONFIG" ]; then
POLARIS_CONFIG=(
"--format=pretty"
"--set-exit-code-on-danger"
"--set-exit-code-below-score=80"
"--only-show-failed-tests=true"
"--audit-path=-"
)
else
# shellcheck disable=SC2128
IFS=', ' read -r -a POLARIS_CONFIG <<<"$POLARIS_CONFIG"
fi
if [ -z "$FLUX_LOCAL_CONFIG" ]; then
FLUX_LOCAL_CONFIG=(
"--enable-helm"
"--skip-secrets"
"--skip-crds"
)
else
# shellcheck disable=SC2128
IFS=' ' read -r -a FLUX_LOCAL_CONFIG <<<"$FLUX_LOCAL_CONFIG"
fi
printf "\nINFO - Auditing clusters\n"
find "${FLUX_PATH%/}/clusters" -mindepth 1 -maxdepth 1 -type d -print0 | while IFS= read -r -d $'\0' cluster; do
printf "INFO - Auditing cluster %s\n" "${cluster##*/}"
flux-local build "${FLUX_LOCAL_CONFIG[@]}" "${cluster}" |
polaris audit "${POLARIS_CONFIG[@]}"
echo
if [[ ${PIPESTATUS[0]} != 0 ]]; then
exit 1
fi
done