feat(scalability): adding checks for compression and skipped file

joshkurz · Feb 24, 2023 · f2717bc · f2717bc
1 parent 8343559
commit f2717bc
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 1 deletion.
diff --git a/hardeneks/cluster_wide/scalability/control_plane.py b/hardeneks/cluster_wide/scalability/control_plane.py
@@ -22,3 +22,18 @@ def check_EKS_version(resources: Resources):
         return False
 
     return True
+
+
+def check_kubectl_compression(resources: Resources):
+    _, active_context = kubernetes.config.list_kube_config_contexts()
+    if active_context.get("context", {}).get("disable-compression") != True:
+        console.print(
+            Panel(
+                f"[red]Disable kubectl Compression should equal True",
+                subtitle="[link=https://aws.github.io/aws-eks-best-practices/scalability/docs/control-plane/#disable-kubectl-compression]Click to see the guide[/link]",
+            )
+        )
+        console.print()
+        return False
+
+    return True
diff --git a/hardeneks/cluster_wide/scalability/skipped.json b/hardeneks/cluster_wide/scalability/skipped.json
@@ -0,0 +1,12 @@
+[{
+    "name": "Limit workload and node bursting",
+    "link": "https://aws.github.io/aws-eks-best-practices/scalability/docs/control-plane/#limit-workload-and-node-bursting"
+},
+{
+    "name": "Scale nodes and pods down safely",
+    "link": "https://aws.github.io/aws-eks-best-practices/scalability/docs/control-plane/#scale-nodes-and-pods-down-safely"
+},
+{
+    "name": "Use Client-Side Cache when running Kubectl",
+    "link": "https://aws.github.io/aws-eks-best-practices/scalability/docs/control-plane/#use-client-side-cache-when-running-kubectl"
+}]
diff --git a/tests/test_scalability_control_plane.py b/tests/test_scalability_control_plane.py
@@ -1,7 +1,10 @@
 from hardeneks.resources import Resources
 from unittest.mock import patch
 
-from hardeneks.cluster_wide.scalability.control_plane import check_EKS_version
+from hardeneks.cluster_wide.scalability.control_plane import (
+    check_EKS_version,
+    check_kubectl_compression
+)
 
 
 class Version:
@@ -21,3 +24,17 @@ def test_check_EKS_version(mocked_client):
     assert check_EKS_version(namespaced_resources)
     mocked_client.return_value = Version("24")
     assert check_EKS_version(namespaced_resources)
+
+@patch("kubernetes.config.list_kube_config_contexts")
+def test_check_kubectl_compression(mocked_client):
+    namespaced_resources = Resources(
+        "some_region", "some_context", "some_cluster", []
+    )
+    mocked_client.return_value = None, {'context': {'cluster': 'test', 'user': 'foo', 'disable-compression': True}, 'name': 'foobarcluster'}
+    assert check_kubectl_compression(namespaced_resources)
+    mocked_client.return_value = None, {'context': {'cluster': 'test', 'user': 'foo'}, 'name': 'foobarcluster'}
+    assert not check_kubectl_compression(namespaced_resources)
+    mocked_client.return_value = None, {'name': 'foobarcluster'}
+    assert not check_kubectl_compression(namespaced_resources)
+    mocked_client.return_value = None, {'context': {'cluster': 'test', 'user': 'foo', 'disable-compression': False}, 'name': 'foobarcluster'}
+    assert not check_kubectl_compression(namespaced_resources)