rspec/rules/S6596/kubernetes/rule.adoc

:image_type: container

include::../common/description.adoc[]

== How to fix it

include::../common/how-to-fix.adoc[]

=== Code examples

==== Noncompliant code example
[source,yaml,diff-id=1,diff-type=noncompliant]
----
apiVersion: v1
kind: Pod
metadata:
  name: example
spec:
  containers:
    - name: nginx
      image: nginx # Noncompliant

    - name: nginx
      image: nginx:latest # Noncompliant
----

==== Compliant solution

[source,yaml,diff-id=1,diff-type=compliant]
----
apiVersion: v1
kind: Pod
metadata:
  name: example
spec:
  containers:
    - name: nginx
      image: nginx:1.14.2 # Compliant, fixed tag

    - name: nginx
      image: nginx@sha256:b0ad43f7ee5edbc0effbc14645ae7055e21bc1973aee5150745632a24a752661 # Compliant, SHA of the image
----

include::../common/how-does-this-work.adoc[]

include::../common/extra-mile.adoc[]

include::../common/resources.adoc[]

include::../common/implementation-specific.adoc[]