Merge pull request #154 from deggja/fix/bug_107

fix: implement fix for bug_107
deggja · Jun 23, 2024 · 9cfbb5e · 9cfbb5e
2 parents ce3549a + 3aa01ad
commit 9cfbb5e
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 0 deletions.
diff --git a/backend/pkg/k8s/cilium-scanner.go b/backend/pkg/k8s/cilium-scanner.go
@@ -189,6 +189,10 @@ func determinePodCoverage(clientset *kubernetes.Clientset, nsName string, polici
  }
 
  for _, pod := range pods.Items {
+ // Skip pods that are not in running state
+ if pod.Status.Phase != corev1.PodRunning {
+ continue
+ }
  podIdentifier := fmt.Sprintf("%s/%s", pod.Namespace, pod.Name)
  if _, exists := globallyProtectedPods[podIdentifier]; !exists {
  if !IsPodProtected(writer, clientset, pod, policies, hasDenyAll, globallyProtectedPods) {

diff --git a/backend/pkg/k8s/scanner.go b/backend/pkg/k8s/scanner.go
@@ -165,6 +165,10 @@ func determineUnprotectedPods(clientset *kubernetes.Clientset, nsName string, co
  }
 
  for _, pod := range allPods.Items {
+ // Skip pods that are not in running state
+ if pod.Status.Phase != v1.PodRunning {
+ continue
+ }
  if !coveredPods[pod.Name] {
  podDetail := fmt.Sprintf("%s %s %s", nsName, pod.Name, pod.Status.PodIP)
  if !containsPodDetail(scanResult.UnprotectedPods, podDetail) {