feat: add psp-check-supplemental-groups-modules

Signed-off-by: peefy <[email protected]>
kcl-lang · Nov 13, 2023 · abff52f · abff52f
1 parent 6e48ce8
commit abff52f
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 0 deletions.
diff --git a/psp-check-supplemental-groups/README.md b/psp-check-supplemental-groups/README.md
@@ -0,0 +1,7 @@
+## Introduction
+
+`psp-check-supplemental-groups` is a KCL PSP validation package. 
+
+## Resource
+
+The Code source and document are [here](https://github.com/kcl-lang/modules/tree/main/psp-check-supplemental-groups)
diff --git a/psp-check-supplemental-groups/kcl.mod b/psp-check-supplemental-groups/kcl.mod
@@ -0,0 +1,5 @@
+[package]
+name = "psp-check-supplemental-groups"
+version = "0.1.0"
+description = "`psp-check-supplemental-groups` is a kcl validation package"
+
diff --git a/psp-check-supplemental-groups/kcl.mod.lock b/psp-check-supplemental-groups/kcl.mod.lock
diff --git a/psp-check-supplemental-groups/main.k b/psp-check-supplemental-groups/main.k
@@ -0,0 +1,8 @@
+# Define the validation function
+validate = lambda item: {str:} {
+    if item.kind == "Pod":
+        assert item.spec?.securityContext?.supplementalGroups in ["100-200", "500-600"]
+    item
+}
+# Validate All resource
+items = [validate(i) for i in option("items") or []]