What would you like to be added:
The description of Errored rule checks is as follows: Errored: Rule check has errored during runtime. It cannot be determined whether the check is fulfilled or not.
However currently we have rule checks that are with Errored status but the rule has not errored during runtime. E.g. rule 2005:
|
if containerStatusIdx < 0 { |
|
checkResults = append(checkResults, rule.ErroredCheckResult("containerStatus not found for container", containerTarget)) |
|
continue |
|
} |
We should review all Errored rules and find a better categorization for rule checks that do not fit the Errored description
Why is this needed:
Users determine Errored rule results as findings. We should aim to minimise the cases we
categorize as Errored and stick to current description of errored rule check: Rule check has errored during runtime
What would you like to be added:
The description of
Erroredrule checks is as follows:Errored: Rule check has errored during runtime. It cannot be determined whether the check is fulfilled or not.However currently we have rule checks that are with
Erroredstatus but the rule has not errored during runtime. E.g. rule 2005:diki/pkg/provider/managedk8s/ruleset/securityhardenedk8s/rules/2005.go
Lines 109 to 112 in 4140d1c
We should review all
Erroredrules and find a better categorization for rule checks that do not fit theErroreddescriptionWhy is this needed:
Users determine
Erroredrule results as findings. We should aim to minimise the cases wecategorize as
Erroredand stick to current description of errored rule check:Rule check has errored during runtime