Closed danielsagi closed 3 years ago
Merging #420 (e1e9516) into main (f95df81) will decrease coverage by
0.46%
. The diff coverage is54.54%
.
@@ Coverage Diff @@
## main #420 +/- ##
==========================================
- Coverage 63.88% 63.41% -0.47%
==========================================
Files 42 42
Lines 2287 2296 +9
==========================================
- Hits 1461 1456 -5
- Misses 826 840 +14
Impacted Files | Coverage Δ | |
---|---|---|
kube_hunter/modules/hunting/aks.py | 54.41% <54.54%> (-10.00%) |
:arrow_down: |
kube_hunter/modules/hunting/apiserver.py | 70.41% <0.00%> (-1.93%) |
:arrow_down: |
kube_hunter/modules/hunting/kubelet.py | 60.40% <0.00%> (+0.40%) |
:arrow_up: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update f95df81...e1e9516. Read the comment docs.
Description
Fixed false negative in AzureSpnHunter when /run is disabled #373
The fix concludes an additional test for the debug handler. this is because we haven't merged #271 yet. After the multiple subscription will be full implemented, we will remove the extra check for debug handlers here.
Other general improvements:
self.event.session
which could also result in a false negative.cat /etc/kuberntes/azure.json
now we use the volumeMount path to make sure we get the real correlated path inside the containerExposedPodsHandler
event. instead of sending another request to the kubelet.Tested on AKS clusters
Fixed Issues
fixes #373
Contribution checklist