Skip to content

Commit

Permalink
fix: Fix non existent csi driver issue
Browse files Browse the repository at this point in the history
  • Loading branch information
dorukozturk committed Dec 10, 2022
1 parent e930ffc commit 4ccc39b
Showing 1 changed file with 5 additions and 3 deletions.
8 changes: 5 additions & 3 deletions hardeneks/cluster_wide/security/encryption_secrets.py
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,8 @@ def use_encryption_with_efs(resources: Resources):
offenders = []

for persistent_volume in resources.persistent_volumes:
if persistent_volume.spec.csi.driver == "efs.csi.aws.com":
csi = persistent_volume.spec.csi
if csi and csi.driver == "efs.csi.aws.com":
mount_options = persistent_volume.spec.mount_options
if not mount_options:
offenders.append(persistent_volume)
Expand All @@ -45,8 +46,9 @@ def use_efs_access_points(resources: Resources):
offenders = []

for persistent_volume in resources.persistent_volumes:
if persistent_volume.spec.csi.driver == "efs.csi.aws.com":
if "::" not in persistent_volume.spec.csi.volume_handle:
csi = persistent_volume.spec.csi
if csi and csi.driver == "efs.csi.aws.com":
if "::" not in csi.volume_handle:
offenders.append(persistent_volume)

if offenders:
Expand Down

0 comments on commit 4ccc39b

Please sign in to comment.