fix(scalability): only checking current cluster

hardeneks/cluster_wide/scalability/control_plane.py

@@ -30,17 +30,21 @@ def check_EKS_version(resources: Resources):
 # if any cluster does not have setting, it returns False
 def check_kubectl_compression(resources: Resources):
     kubeconfig = helpers.get_kube_config()
-    isSetCorrectly = True
+    isSetCorrectly = False
     for cluster in kubeconfig.get("clusters", []):
-        clusterName = cluster.get("name", "NoName")
-        if cluster.get("cluster", {}).get("disable-compression", False) != True:
-            isSetCorrectly = False
-            console.print(
-                Panel(
-                    f"[red]DisableCompression in Cluster {clusterName}  should equal True",
-                    subtitle="[link=https://aws.github.io/aws-eks-best-practices/scalability/docs/control-plane/#disable-kubectl-compression]Click to see the guide[/link]",
+        clusterName = cluster.get("name", None)
+        if (clusterName == resources.cluster):
+            if cluster.get("cluster", {}).get("disable-compression", False) != True:
+                console.print(
+                    Panel(
+                        f"[red]`disable-compression` in Cluster {clusterName}  should equal True",
+                        subtitle="[link=https://aws.github.io/aws-eks-best-practices/scalability/docs/control-plane/#disable-kubectl-compression]Click to see the guide[/link]",
+                    )
                 )
-            )
-            console.print()
+                console.print()
+            else:
+                isSetCorrectly = True
+            break
+
 
     return isSetCorrectly

hardeneks/config.yaml

@@ -54,6 +54,7 @@ rules:
     scalability:
       control_plane:
         - check_EKS_version
+        - check_kubectl_compression
   namespace_based:
     security: 
       iam:

tests/test_scalability_control_plane.py

@@ -29,17 +29,17 @@ def test_check_EKS_version(mocked_client):
 @patch(helpers.__name__ + ".get_kube_config")
 def test_check_kubectl_compression(mocked_helpers):
     namespaced_resources = Resources(
-        "some_region", "some_context", "some_cluster", []
+        "some_region", "some_context", "foobarcluster", []
     )
     mocked_helpers.return_value = {'clusters': [{'cluster': {'server': 'testtest', 'disable-compression': True}, 'name': 'foobarcluster'}]}
     assert check_kubectl_compression(namespaced_resources)
-    mocked_helpers.return_value = {'clusters': [{'cluster': {'server': 'testtest', 'disable-compression': True}, 'name': 'foobarcluster6'},{'cluster': {'server': 'testtest', 'disable-compression': True}, 'name': 'foobarcluster2'}]}
+    mocked_helpers.return_value = {'clusters': [{'cluster': {'server': 'testtest', 'disable-compression': True}, 'name': 'foobarcluster'}, {'cluster': {'server': 'testtest', 'disable-compression': False}, 'name': 'foobarcluster2'}]}
     assert check_kubectl_compression(namespaced_resources)
-    mocked_helpers.return_value = {'clusters': [{'cluster': {'server': 'testtest', 'disable-compression': True}, 'name': 'foobarcluster3'}, {'cluster': {'server': 'testtest', 'disable-compression': False}, 'name': 'foobarcluster4'}]}
+    mocked_helpers.return_value = {'clusters': [{'cluster': {'server': 'testtest', 'disable-compression': False}, 'name': 'foobarcluster'}, {'cluster': {'server': 'testtest', 'disable-compression': False}, 'name': 'foobarcluster4'}]}
     assert not check_kubectl_compression(namespaced_resources)
     mocked_helpers.return_value = {'clusters': [{'cluster': {'test': 'user'}, 'name': 'foobarcluster7'}]}
     assert not check_kubectl_compression(namespaced_resources)
     mocked_helpers.return_value = {'clusters': [{}]}
     assert not check_kubectl_compression(namespaced_resources)
     mocked_helpers.return_value = {}
-    assert check_kubectl_compression(namespaced_resources)
+    assert not check_kubectl_compression(namespaced_resources)