CronJob Deadline Not Configured

  • Query id: 58876b44-a690-4e9f-9214-7735fa0dd15d
  • Query name: CronJob Deadline Not Configured
  • Platform: Terraform
  • Severity: Low
  • Category: Resource Management
  • URL: Github


Cronjobs must have a configured deadline, which means the attribute 'starting_deadline_seconds' must be defined

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file
resource "kubernetes_cron_job" "demo" {
  metadata {
    name = "demo"
  spec {
    concurrency_policy            = "Replace"
    failed_jobs_history_limit     = 5
    schedule                      = "1 0 * * *"
    successful_jobs_history_limit = 10
    job_template {
      metadata {}
      spec {
        backoff_limit              = 2
        ttl_seconds_after_finished = 10
        template {
          metadata {}
          spec {
            container {
              name    = "hello"
              image   = "busybox"
              command = ["/bin/sh", "-c", "date; echo Hello from the Kubernetes cluster"]

Code samples without security vulnerabilities

Negative test num. 1 - tf file
resource "kubernetes_cron_job" "demo2" {
  metadata {
    name = "demo"
  spec {
    concurrency_policy            = "Replace"
    failed_jobs_history_limit     = 5
    schedule                      = "1 0 * * *"
    starting_deadline_seconds     = 10
    successful_jobs_history_limit = 10
    job_template {
      metadata {}
      spec {
        backoff_limit              = 2
        ttl_seconds_after_finished = 10
        template {
          metadata {}
          spec {
            container {
              name    = "hello"
              image   = "busybox"
              command = ["/bin/sh", "-c", "date; echo Hello from the Kubernetes cluster"]