codecov[bot]
commented
1 month ago Codecov Report
Attention: Patch coverage is 52.38095% with 10 lines in your changes missing coverage. Please review.
Project coverage is 62.34%. Comparing base (
dbd7529) to head (6331670). Report is 29 commits behind head on main.
| Files | Patch % | Lines |
|---|---|---|
| pkg/templates/runasnonroot/template.go | 52.38% | 10 Missing :warning: |
Additional details and impacted files
```diff @@ Coverage Diff @@ ## main #804 +/- ## ========================================== - Coverage 62.36% 62.34% -0.02% ========================================== Files 197 197 Lines 4854 4871 +17 ========================================== + Hits 3027 3037 +10 - Misses 1439 1447 +8 + Partials 388 387 -1 ``` | [Flag](https://app.codecov.io/gh/stackrox/kube-linter/pull/804/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=stackrox) | Coverage Δ | | |---|---|---| | [unit](https://app.codecov.io/gh/stackrox/kube-linter/pull/804/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=stackrox) | `62.34% <52.38%> (-0.02%)` | :arrow_down: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=stackrox#carryforward-flags-in-the-pull-request-comment) to find out more.:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Closes #748
This PR introduces changes which expand the
run-as-non-roottemplate/check to verifyrunAsGroupfield is set to a non-zero value.The
runAsGroupfield specifies the group ID under which the container’s process should run. If left unspecified, the GID defaults to 0.Snippet of build in action where
pod.yamlfor first execution initially didn't setrunAsGroup, second execution set the field to 0, and finally set to a non-zero value: