All Policies

Require Container Port Names

Containers may define ports on which they listen. In addition to a port number, a name field may optionally be used. Including a name makes it easier when defining Service resource definitions and others since the name may be referenced allowing the port number to change. This policy requires that for every containerPort defined there is also a name specified.

Policy Definition

/other/require-container-port-names/require-container-port-names.yaml

 1apiVersion: kyverno.io/v1
 2kind: ClusterPolicy
 3metadata:
 4  name: require-container-port-names
 5  annotations:
 6    policies.kyverno.io/title: Require Container Port Names
 7    policies.kyverno.io/category: Other
 8    policies.kyverno.io/severity: medium
 9    kyverno.io/kyverno-version: 1.7.2
10    kyverno.io/kubernetes-version: "1.23"
11    policies.kyverno.io/subject: Pod
12    policies.kyverno.io/description: >-
13      Containers may define ports on which they listen. In addition to a port number,
14      a name field may optionally be used. Including a name makes it easier when defining
15      Service resource definitions and others since the name may be referenced allowing
16      the port number to change. This policy requires that for every containerPort defined
17      there is also a name specified.            
18spec:
19  validationFailureAction: audit
20  background: true
21  rules:
22    - name: port-name
23      match:
24        any:
25        - resources:
26            kinds:
27              - Pod
28      validate:
29        message: Name is required for every containerPort.
30        pattern:
31          spec:
32            containers:
33            - name: "*"
34              =(ports):
35              - name: "*"
Create policy issue