search

open-policy-agent / gatekeeper-library

📚 The OPA Gatekeeper policy library
https://open-policy-agent.github.io/gatekeeper-library
Apache License 2.0
648 stars 321 forks source link

Incorrect PodDisruptionBudget ConstraintTemplate description #593

Open LilWatson opened 2 months ago

LilWatson commented 2 months ago

Hi everybody,

just want to let you know that the description of the PodDisruptionBudget ConstraintTemplate says Deployment/Statefulset 's replicas are not allowed to be equal to the PDB's minAvailable, while it actualy checks if spec.replicas is greater then minAvailable.

Description: https://github.com/open-policy-agent/gatekeeper-library/blob/525a0050e47678a5500660d205742d7ed070e8e8/library/general/poddisruptionbudget/template.yaml#L21

Replicas check: https://github.com/open-policy-agent/gatekeeper-library/blob/525a0050e47678a5500660d205742d7ed070e8e8/library/general/poddisruptionbudget/template.yaml#L81

Playground Example with violation for minAvailable < spec.replicas https://play.openpolicyagent.org/p/lh2tKpzfMN

Have a nice day! :)

stale[bot] commented 1 week ago

This issue/PR has been automatically marked as stale because it has not had recent activity. It will be closed in 14 days if no further activity occurs. Thank you for your contributions.