Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kube-linter for openSUSE:Factory
checked in at 2025-06-20 16:49:06
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kube-linter (Old)
and /work/SRC/openSUSE:Factory/.kube-linter.new.31170 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kube-linter"
Fri Jun 20 16:49:06 2025 rev:8 rq:1286828 version:0.7.4
Changes:
--------
--- /work/SRC/openSUSE:Factory/kube-linter/kube-linter.changes 2025-06-14
16:18:53.805155904 +0200
+++ /work/SRC/openSUSE:Factory/.kube-linter.new.31170/kube-linter.changes
2025-06-20 16:50:29.390941457 +0200
@@ -1,0 +2,6 @@
+Thu Jun 19 06:32:31 UTC 2025 - Johannes Kastl
<opensuse_buildserv...@ojkastl.de>
+
+- Update to version 0.7.4:
+ * Add new check job-ttl-seconds-after-finished (#963) (#964)
+
+-------------------------------------------------------------------
Old:
----
kube-linter-0.7.3.obscpio
New:
----
kube-linter-0.7.4.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ kube-linter.spec ++++++
--- /var/tmp/diff_new_pack.cVkLRG/_old 2025-06-20 16:50:30.174973882 +0200
+++ /var/tmp/diff_new_pack.cVkLRG/_new 2025-06-20 16:50:30.174973882 +0200
@@ -17,7 +17,7 @@
Name: kube-linter
-Version: 0.7.3
+Version: 0.7.4
Release: 0
Summary: Static analysis tool that checks Kubernetes YAML files and
Helm charts
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.cVkLRG/_old 2025-06-20 16:50:30.206975205 +0200
+++ /var/tmp/diff_new_pack.cVkLRG/_new 2025-06-20 16:50:30.210975371 +0200
@@ -3,7 +3,7 @@
<param name="url">https://github.com/stackrox/kube-linter</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="revision">v0.7.3</param>
+ <param name="revision">v0.7.4</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.cVkLRG/_old 2025-06-20 16:50:30.230976198 +0200
+++ /var/tmp/diff_new_pack.cVkLRG/_new 2025-06-20 16:50:30.234976364 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/stackrox/kube-linter</param>
- <param
name="changesrevision">c87de4e48122908e5730a48f060dbc64656a4e8c</param></service></servicedata>
+ <param
name="changesrevision">c17833d87f7fe421b1634b6368a291edab655c60</param></service></servicedata>
(No newline at EOF)
++++++ kube-linter-0.7.3.obscpio -> kube-linter-0.7.4.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kube-linter-0.7.3/docs/generated/checks.md
new/kube-linter-0.7.4/docs/generated/checks.md
--- old/kube-linter-0.7.3/docs/generated/checks.md 2025-06-11
18:44:46.000000000 +0200
+++ new/kube-linter-0.7.4/docs/generated/checks.md 2025-06-18
16:44:38.000000000 +0200
@@ -277,6 +277,15 @@
**Remediation**: Ensure that port naming is in conjunction with the
specification. For more information, please look at the Kubernetes Service
specification on this page:
https://kubernetes.io/docs/reference/_print/#ServiceSpec. And additional
information about IANA Service naming can be found on the following page:
https://www.rfc-editor.org/rfc/rfc6335.html#section-5.1.
**Template**: [target-port](templates.md#target-port)
+## job-ttl-seconds-after-finished
+
+**Enabled by default**: Yes
+
+**Description**: Indicates when standalone jobs do not set
ttlSecondsAfterFinished and when jobs managed by cronjob do set
ttlSecondsAfterFinished.
+
+**Remediation**: Set Job.spec.ttlSecondsAfterFinished. Unset
CronJob.Spec.JobTemplate.Spec.ttlSecondsAfterFinished.
+
+**Template**:
[job-ttl-seconds-after-finished](templates.md#ttlsecondsafterfinished-impact-for-standalone-and-managed-job-objects)
## latest-tag
**Enabled by default**: Yes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kube-linter-0.7.3/docs/generated/templates.md
new/kube-linter-0.7.4/docs/generated/templates.md
--- old/kube-linter-0.7.3/docs/generated/templates.md 2025-06-11
18:44:46.000000000 +0200
+++ new/kube-linter-0.7.4/docs/generated/templates.md 2025-06-18
16:44:38.000000000 +0200
@@ -414,6 +414,15 @@
type: array
```
+## ttlSecondsAfterFinished impact for standalone and managed Job objects
+
+**Key**: `job-ttl-seconds-after-finished`
+
+**Description**: Flag standalone Job objects not setting
ttlSecondsAfterFinished. Flag CronJob objects setting ttlSecondsAfterFinished
+
+**Supported Objects**: JobLike
+
+
## Latest Tag
**Key**: `latest-tag`
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kube-linter-0.7.3/e2etests/bats-tests.sh
new/kube-linter-0.7.4/e2etests/bats-tests.sh
--- old/kube-linter-0.7.3/e2etests/bats-tests.sh 2025-06-11
18:44:46.000000000 +0200
+++ new/kube-linter-0.7.4/e2etests/bats-tests.sh 2025-06-18
16:44:38.000000000 +0200
@@ -394,6 +394,21 @@
[[ "${actual_messages[3]}" == "Deployment: port name \"123456\" in container
\"invalid-target-ports\" must contain at least one letter (a-z)" ]]
}
+@test "job-ttl-seconds-after-finished" {
+ tmp="tests/checks/job-ttl-seconds-after-finished.yaml"
+ cmd="${KUBE_LINTER_BIN} lint --include job-ttl-seconds-after-finished
--do-not-auto-add-defaults --format json ${tmp}"
+ run ${cmd}
+
+ message1=$(get_value_from "${lines[0]}"
'.Reports[0].Object.K8sObject.GroupVersionKind.Kind + " " +
.Reports[0].Object.K8sObject.Name + ": " + .Reports[0].Diagnostic.Message')
+ message2=$(get_value_from "${lines[0]}"
'.Reports[1].Object.K8sObject.GroupVersionKind.Kind + " " +
.Reports[1].Object.K8sObject.Name + ": " + .Reports[1].Diagnostic.Message')
+
+ [[ "${message1}" == "Job bad-job: Standalone Job does not specify
ttlSecondsAfterFinished" ]]
+ [[ "${message2}" == "CronJob bad-cronjob: Managed Job specifies
ttlSecondsAfterFinished which might conflict with successfulJobsHistoryLimit
and failedJobsHistoryLimit from CronJob that have default values. Final
behaviour is determined by the strictest parameter, and therefore, setting
ttlSecondsAfterFinished at the job level can result with unexpected behaviour
with regard to finished jobs removal" ]]
+
+ count=$(get_value_from "${lines[0]}" '.Reports | length')
+ [[ "${count}" == "2" ]]
+}
+
@test "latest-tag" {
tmp="tests/checks/latest-tag.yml"
cmd="${KUBE_LINTER_BIN} lint --include latest-tag --do-not-auto-add-defaults
--format json ${tmp}"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-linter-0.7.3/internal/defaultchecks/default_checks.go
new/kube-linter-0.7.4/internal/defaultchecks/default_checks.go
--- old/kube-linter-0.7.3/internal/defaultchecks/default_checks.go
2025-06-11 18:44:46.000000000 +0200
+++ new/kube-linter-0.7.4/internal/defaultchecks/default_checks.go
2025-06-18 16:44:38.000000000 +0200
@@ -17,6 +17,7 @@
"host-network",
"host-pid",
"invalid-target-ports",
+ "job-ttl-seconds-after-finished",
"latest-tag",
"liveness-port",
"mismatching-selector",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-linter-0.7.3/pkg/builtinchecks/yamls/job-ttl-seconds-after-finished.yaml
new/kube-linter-0.7.4/pkg/builtinchecks/yamls/job-ttl-seconds-after-finished.yaml
---
old/kube-linter-0.7.3/pkg/builtinchecks/yamls/job-ttl-seconds-after-finished.yaml
1970-01-01 01:00:00.000000000 +0100
+++
new/kube-linter-0.7.4/pkg/builtinchecks/yamls/job-ttl-seconds-after-finished.yaml
2025-06-18 16:44:38.000000000 +0200
@@ -0,0 +1,7 @@
+name: "job-ttl-seconds-after-finished"
+description: "Indicates when standalone jobs do not set
ttlSecondsAfterFinished and when jobs managed by cronjob do set
ttlSecondsAfterFinished."
+remediation: "Set Job.spec.ttlSecondsAfterFinished. Unset
CronJob.Spec.JobTemplate.Spec.ttlSecondsAfterFinished."
+scope:
+ objectKinds:
+ - JobLike
+template: "job-ttl-seconds-after-finished"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kube-linter-0.7.3/pkg/extract/job_spec.go
new/kube-linter-0.7.4/pkg/extract/job_spec.go
--- old/kube-linter-0.7.3/pkg/extract/job_spec.go 1970-01-01
01:00:00.000000000 +0100
+++ new/kube-linter-0.7.4/pkg/extract/job_spec.go 2025-06-18
16:44:38.000000000 +0200
@@ -0,0 +1,18 @@
+package extract
+
+import (
+ "golang.stackrox.io/kube-linter/pkg/k8sutil"
+ batchV1 "k8s.io/api/batch/v1"
+)
+
+// JobSpec extracts a job template spec from Job or CronJob objects
+func JobSpec(obj k8sutil.Object) (batchV1.JobSpec, string, bool) {
+ switch obj := obj.(type) {
+ case *batchV1.Job:
+ return obj.Spec, "Job", true
+ case *batchV1.CronJob:
+ return obj.Spec.JobTemplate.Spec, "CronJob", true
+ default:
+ return batchV1.JobSpec{}, "", false
+ }
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kube-linter-0.7.3/pkg/lintcontext/mocks/cronjob.go
new/kube-linter-0.7.4/pkg/lintcontext/mocks/cronjob.go
--- old/kube-linter-0.7.3/pkg/lintcontext/mocks/cronjob.go 1970-01-01
01:00:00.000000000 +0100
+++ new/kube-linter-0.7.4/pkg/lintcontext/mocks/cronjob.go 2025-06-18
16:44:38.000000000 +0200
@@ -0,0 +1,24 @@
+package mocks
+
+import (
+ "testing"
+
+ "github.com/stretchr/testify/require"
+ batchV1 "k8s.io/api/batch/v1"
+ metaV1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// AddMockCronJob adds a mock CronJob to LintContext
+func (l *MockLintContext) AddMockCronJob(t *testing.T, name string) {
+ require.NotEmpty(t, name)
+ l.objects[name] = &batchV1.CronJob{
+ ObjectMeta: metaV1.ObjectMeta{Name: name},
+ }
+}
+
+// ModifyCronJob modifies a given CronJob in the context via the passed
function
+func (l *MockLintContext) ModifyCronJob(t *testing.T, name string, f
func(cronjob *batchV1.CronJob)) {
+ dep, ok := l.objects[name].(*batchV1.CronJob)
+ require.True(t, ok)
+ f(dep)
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kube-linter-0.7.3/pkg/lintcontext/mocks/job.go
new/kube-linter-0.7.4/pkg/lintcontext/mocks/job.go
--- old/kube-linter-0.7.3/pkg/lintcontext/mocks/job.go 1970-01-01
01:00:00.000000000 +0100
+++ new/kube-linter-0.7.4/pkg/lintcontext/mocks/job.go 2025-06-18
16:44:38.000000000 +0200
@@ -0,0 +1,24 @@
+package mocks
+
+import (
+ "testing"
+
+ "github.com/stretchr/testify/require"
+ batchV1 "k8s.io/api/batch/v1"
+ metaV1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// AddMockJob adds a mock Job to LintContext
+func (l *MockLintContext) AddMockJob(t *testing.T, name string) {
+ require.NotEmpty(t, name)
+ l.objects[name] = &batchV1.Job{
+ ObjectMeta: metaV1.ObjectMeta{Name: name},
+ }
+}
+
+// ModifyJob modifies a given Job in the context via the passed function
+func (l *MockLintContext) ModifyJob(t *testing.T, name string, f func(job
*batchV1.Job)) {
+ dep, ok := l.objects[name].(*batchV1.Job)
+ require.True(t, ok)
+ f(dep)
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kube-linter-0.7.3/pkg/objectkinds/job_like.go
new/kube-linter-0.7.4/pkg/objectkinds/job_like.go
--- old/kube-linter-0.7.3/pkg/objectkinds/job_like.go 1970-01-01
01:00:00.000000000 +0100
+++ new/kube-linter-0.7.4/pkg/objectkinds/job_like.go 2025-06-18
16:44:38.000000000 +0200
@@ -0,0 +1,23 @@
+package objectkinds
+
+import (
+ batchV1 "k8s.io/api/batch/v1"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+const (
+ JobLike = "JobLike"
+)
+
+var (
+ jobGVK = batchV1.SchemeGroupVersion.WithKind("Job")
+)
+var (
+ cronJobGVK = batchV1.SchemeGroupVersion.WithKind("CronJob")
+)
+
+func init() {
+ RegisterObjectKind(JobLike, MatcherFunc(func(gvk
schema.GroupVersionKind) bool {
+ return gvk == jobGVK || gvk == cronJobGVK
+ }))
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kube-linter-0.7.3/pkg/templates/all/all.go
new/kube-linter-0.7.4/pkg/templates/all/all.go
--- old/kube-linter-0.7.3/pkg/templates/all/all.go 2025-06-11
18:44:46.000000000 +0200
+++ new/kube-linter-0.7.4/pkg/templates/all/all.go 2025-06-18
16:44:38.000000000 +0200
@@ -25,6 +25,7 @@
_ "golang.stackrox.io/kube-linter/pkg/templates/hostpid"
_ "golang.stackrox.io/kube-linter/pkg/templates/hpareplicas"
_ "golang.stackrox.io/kube-linter/pkg/templates/imagepullpolicy"
+ _
"golang.stackrox.io/kube-linter/pkg/templates/jobttlsecondsafterfinished"
_ "golang.stackrox.io/kube-linter/pkg/templates/latesttag"
_ "golang.stackrox.io/kube-linter/pkg/templates/livenessport"
_ "golang.stackrox.io/kube-linter/pkg/templates/livenessprobe"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-linter-0.7.3/pkg/templates/jobttlsecondsafterfinished/internal/params/gen-params.go
new/kube-linter-0.7.4/pkg/templates/jobttlsecondsafterfinished/internal/params/gen-params.go
---
old/kube-linter-0.7.3/pkg/templates/jobttlsecondsafterfinished/internal/params/gen-params.go
1970-01-01 01:00:00.000000000 +0100
+++
new/kube-linter-0.7.4/pkg/templates/jobttlsecondsafterfinished/internal/params/gen-params.go
2025-06-18 16:44:38.000000000 +0200
@@ -0,0 +1,52 @@
+// Code generated by kube-linter template codegen. DO NOT EDIT.
+// +build !templatecodegen
+
+package params
+
+import (
+ "fmt"
+ "strings"
+
+ "github.com/pkg/errors"
+ "golang.stackrox.io/kube-linter/pkg/check"
+ "golang.stackrox.io/kube-linter/pkg/templates/util"
+)
+
+var (
+ // Use some imports in case they don't get used otherwise.
+ _ = util.MustParseParameterDesc
+ _ = fmt.Sprintf
+
+ ParamDescs = []check.ParameterDesc{
+ }
+)
+
+func (p *Params) Validate() error {
+ var validationErrors []string
+ if len(validationErrors) > 0 {
+ return errors.Errorf("invalid parameters: %s",
strings.Join(validationErrors, ", "))
+ }
+ return nil
+}
+
+// ParseAndValidate instantiates a Params object out of the passed
map[string]interface{},
+// validates it, and returns it.
+// The return type is interface{} to satisfy the type in the Template struct.
+func ParseAndValidate(m map[string]interface{}) (interface{}, error) {
+ var p Params
+ if err := util.DecodeMapStructure(m, &p); err != nil {
+ return nil, err
+ }
+ if err := p.Validate(); err != nil {
+ return nil, err
+ }
+ return p, nil
+}
+
+// WrapInstantiateFunc is a convenience wrapper that wraps an untyped
instantiate function
+// into a typed one.
+func WrapInstantiateFunc(f func(p Params) (check.Func, error)) func
(interface{}) (check.Func, error) {
+ return func(paramsInt interface{}) (check.Func, error) {
+ return f(paramsInt.(Params))
+ }
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-linter-0.7.3/pkg/templates/jobttlsecondsafterfinished/internal/params/params.go
new/kube-linter-0.7.4/pkg/templates/jobttlsecondsafterfinished/internal/params/params.go
---
old/kube-linter-0.7.3/pkg/templates/jobttlsecondsafterfinished/internal/params/params.go
1970-01-01 01:00:00.000000000 +0100
+++
new/kube-linter-0.7.4/pkg/templates/jobttlsecondsafterfinished/internal/params/params.go
2025-06-18 16:44:38.000000000 +0200
@@ -0,0 +1,5 @@
+package params
+
+// Params represents the params accepted by this template.
+type Params struct {
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-linter-0.7.3/pkg/templates/jobttlsecondsafterfinished/template.go
new/kube-linter-0.7.4/pkg/templates/jobttlsecondsafterfinished/template.go
--- old/kube-linter-0.7.3/pkg/templates/jobttlsecondsafterfinished/template.go
1970-01-01 01:00:00.000000000 +0100
+++ new/kube-linter-0.7.4/pkg/templates/jobttlsecondsafterfinished/template.go
2025-06-18 16:44:38.000000000 +0200
@@ -0,0 +1,46 @@
+package jobttlsecondsafterfinished
+
+import (
+ "golang.stackrox.io/kube-linter/pkg/check"
+ "golang.stackrox.io/kube-linter/pkg/config"
+ "golang.stackrox.io/kube-linter/pkg/diagnostic"
+ "golang.stackrox.io/kube-linter/pkg/extract"
+ "golang.stackrox.io/kube-linter/pkg/lintcontext"
+ "golang.stackrox.io/kube-linter/pkg/objectkinds"
+ "golang.stackrox.io/kube-linter/pkg/templates"
+
"golang.stackrox.io/kube-linter/pkg/templates/jobttlsecondsafterfinished/internal/params"
+)
+
+const templateKey = "job-ttl-seconds-after-finished"
+
+func init() {
+ templates.Register(check.Template{
+ HumanName: "ttlSecondsAfterFinished impact for standalone and
managed Job objects",
+ Key: templateKey,
+ Description: "Flag standalone Job objects not setting
ttlSecondsAfterFinished. Flag CronJob objects setting ttlSecondsAfterFinished",
+ SupportedObjectKinds: config.ObjectKindsDesc{
+ ObjectKinds: []string{objectkinds.JobLike},
+ },
+ Parameters: params.ParamDescs,
+ ParseAndValidateParams: params.ParseAndValidate,
+ Instantiate: params.WrapInstantiateFunc(func(_ params.Params)
(check.Func, error) {
+ return func(lintCtx lintcontext.LintContext, object
lintcontext.Object) []diagnostic.Diagnostic {
+ jobSpec, kind, ok :=
extract.JobSpec(object.K8sObject)
+ if !ok {
+ return nil
+ }
+ switch kind {
+ case "Job":
+ if jobSpec.TTLSecondsAfterFinished ==
nil {
+ return
[]diagnostic.Diagnostic{{Message: "Standalone Job does not specify
ttlSecondsAfterFinished"}}
+ }
+ case "CronJob":
+ if jobSpec.TTLSecondsAfterFinished !=
nil {
+ return
[]diagnostic.Diagnostic{{Message: "Managed Job specifies
ttlSecondsAfterFinished which might conflict with successfulJobsHistoryLimit
and failedJobsHistoryLimit from CronJob that have default values. Final
behaviour is determined by the strictest parameter, and therefore, setting
ttlSecondsAfterFinished at the job level can result with unexpected behaviour
with regard to finished jobs removal"}}
+ }
+ }
+ return nil
+ }, nil
+ }),
+ })
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-linter-0.7.3/pkg/templates/jobttlsecondsafterfinished/template_test.go
new/kube-linter-0.7.4/pkg/templates/jobttlsecondsafterfinished/template_test.go
---
old/kube-linter-0.7.3/pkg/templates/jobttlsecondsafterfinished/template_test.go
1970-01-01 01:00:00.000000000 +0100
+++
new/kube-linter-0.7.4/pkg/templates/jobttlsecondsafterfinished/template_test.go
2025-06-18 16:44:38.000000000 +0200
@@ -0,0 +1,109 @@
+package jobttlsecondsafterfinished
+
+import (
+ "testing"
+
+ "github.com/stretchr/testify/suite"
+ "golang.stackrox.io/kube-linter/pkg/diagnostic"
+ "golang.stackrox.io/kube-linter/pkg/lintcontext/mocks"
+ "golang.stackrox.io/kube-linter/pkg/templates"
+
"golang.stackrox.io/kube-linter/pkg/templates/jobttlsecondsafterfinished/internal/params"
+ batchV1 "k8s.io/api/batch/v1"
+)
+
+const (
+ JobKind = "Job"
+ CronJobKind = "CronJob"
+ jobNoTTL = "job_no_ttl"
+ jobTTL = "job_ttl"
+ cronjobNoTTL = "cronjob_no_ttl"
+ cronjobTTL = "cronjob_ttl"
+)
+
+type JobTTLSecondsAfterFinishedTestSuite struct {
+ templates.TemplateTestSuite
+
+ ctx *mocks.MockLintContext
+}
+
+func (s *JobTTLSecondsAfterFinishedTestSuite) SetupTest() {
+ s.Init(templateKey)
+ s.ctx = mocks.NewMockContext()
+}
+
+func (s *JobTTLSecondsAfterFinishedTestSuite) AddJobLike(kind, name string,
ttl *int32) {
+ switch kind {
+ case JobKind:
+ s.ctx.AddMockJob(s.T(), name)
+ if ttl != nil {
+ s.ctx.ModifyJob(s.T(), name, func(job *batchV1.Job) {
+ job.Spec.TTLSecondsAfterFinished = ttl
+ })
+ }
+ case CronJobKind:
+ s.ctx.AddMockCronJob(s.T(), name)
+ if ttl != nil {
+ s.ctx.ModifyCronJob(s.T(), name, func(cronjob
*batchV1.CronJob) {
+
cronjob.Spec.JobTemplate.Spec.TTLSecondsAfterFinished = ttl
+ })
+ }
+ }
+}
+
+func TestJobTTLSecondsAfterFinished(t *testing.T) {
+ suite.Run(t, new(JobTTLSecondsAfterFinishedTestSuite))
+}
+
+func (s *JobTTLSecondsAfterFinishedTestSuite) TestJobTTL() {
+ ttl := int32(100)
+ s.AddJobLike(JobKind, jobTTL, &ttl)
+ s.Validate(s.ctx, []templates.TestCase{
+ {
+ Param: params.Params{},
+ Diagnostics: map[string][]diagnostic.Diagnostic{
+ jobTTL: nil,
+ },
+ ExpectInstantiationError: false,
+ },
+ })
+}
+
+func (s *JobTTLSecondsAfterFinishedTestSuite) TestJobNoTTL() {
+ s.AddJobLike(JobKind, jobNoTTL, nil)
+ s.Validate(s.ctx, []templates.TestCase{
+ {
+ Param: params.Params{},
+ Diagnostics: map[string][]diagnostic.Diagnostic{
+ jobNoTTL: {{Message: "Standalone Job does not
specify ttlSecondsAfterFinished"}},
+ },
+ ExpectInstantiationError: false,
+ },
+ })
+}
+
+func (s *JobTTLSecondsAfterFinishedTestSuite) TestCronJobTTL() {
+ ttl := int32(100)
+ s.AddJobLike(CronJobKind, cronjobTTL, &ttl)
+ s.Validate(s.ctx, []templates.TestCase{
+ {
+ Param: params.Params{},
+ Diagnostics: map[string][]diagnostic.Diagnostic{
+ cronjobTTL: {{Message: "Managed Job specifies
ttlSecondsAfterFinished which might conflict with successfulJobsHistoryLimit
and failedJobsHistoryLimit from CronJob that have default values. Final
behaviour is determined by the strictest parameter, and therefore, setting
ttlSecondsAfterFinished at the job level can result with unexpected behaviour
with regard to finished jobs removal"}},
+ },
+ ExpectInstantiationError: false,
+ },
+ })
+}
+
+func (s *JobTTLSecondsAfterFinishedTestSuite) TestCronJobNoTTL() {
+ s.AddJobLike(CronJobKind, cronjobNoTTL, nil)
+ s.Validate(s.ctx, []templates.TestCase{
+ {
+ Param: params.Params{},
+ Diagnostics: map[string][]diagnostic.Diagnostic{
+ cronjobNoTTL: nil,
+ },
+ ExpectInstantiationError: false,
+ },
+ })
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kube-linter-0.7.3/tests/checks/job-ttl-seconds-after-finished.yaml
new/kube-linter-0.7.4/tests/checks/job-ttl-seconds-after-finished.yaml
--- old/kube-linter-0.7.3/tests/checks/job-ttl-seconds-after-finished.yaml
1970-01-01 01:00:00.000000000 +0100
+++ new/kube-linter-0.7.4/tests/checks/job-ttl-seconds-after-finished.yaml
2025-06-18 16:44:38.000000000 +0200
@@ -0,0 +1,68 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: bad-job
+spec:
+ template:
+ spec:
+ containers:
+ - name: pi
+ image: perl:5.34.0
+ command: ["perl", "-Mbignum=bpi", "-wle", "print bpi(2000)"]
+ restartPolicy: Never
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: good-job
+spec:
+ ttlSecondsAfterFinished: 100
+ template:
+ spec:
+ containers:
+ - name: pi
+ image: perl:5.34.0
+ command: ["perl", "-Mbignum=bpi", "-wle", "print bpi(2000)"]
+ restartPolicy: Never
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: bad-cronjob
+spec:
+ schedule: "* * * * *"
+ jobTemplate:
+ spec:
+ template:
+ spec:
+ containers:
+ - name: hello
+ image: quay.io/quay/busybox
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sh
+ - -c
+ - date; echo Hello from the Kubernetes cluster
+ restartPolicy: OnFailure
+ ttlSecondsAfterFinished: 1200
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: good-cronjob
+spec:
+ schedule: "* * * * *"
+ jobTemplate:
+ spec:
+ template:
+ spec:
+ containers:
+ - name: hello
+ image: quay.io/quay/busybox
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sh
+ - -c
+ - date; echo Hello from the Kubernetes cluster
+ restartPolicy: OnFailure
++++++ kube-linter.obsinfo ++++++
--- /var/tmp/diff_new_pack.cVkLRG/_old 2025-06-20 16:50:30.530988605 +0200
+++ /var/tmp/diff_new_pack.cVkLRG/_new 2025-06-20 16:50:30.534988771 +0200
@@ -1,5 +1,5 @@
name: kube-linter
-version: 0.7.3
-mtime: 1749660286
-commit: c87de4e48122908e5730a48f060dbc64656a4e8c
+version: 0.7.4
+mtime: 1750257878
+commit: c17833d87f7fe421b1634b6368a291edab655c60
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/kube-linter/vendor.tar.gz
/work/SRC/openSUSE:Factory/.kube-linter.new.31170/vendor.tar.gz differ: char
24, line 1
