From 9ba04db9a0d79e5098757d7d9e8ab408ebd303a3 Mon Sep 17 00:00:00 2001
From: Peter Trifanov <peter.trifanov@sonarsource.com>
Date: Mon, 24 Jun 2024 11:44:44 +0200
Subject: [PATCH 1/2] Modify rule S6869: Add examples for LimitRange

---
 rules/S6869/kubernetes/rule.adoc | 40 +++++++++++++++++++++++++++++++-
 1 file changed, 39 insertions(+), 1 deletion(-)

diff --git a/rules/S6869/kubernetes/rule.adoc b/rules/S6869/kubernetes/rule.adoc
index d55bd995128..95a4e940833 100644
--- a/rules/S6869/kubernetes/rule.adoc
+++ b/rules/S6869/kubernetes/rule.adoc
@@ -30,6 +30,8 @@ data, disrupting critical operations and impacting system reliability.
 
 === Code examples
 
+To avoid potential issue either speicify a CPU limit for each container or create a resource of type `LimitRange` that sets a default CPU limit for all containers in a namespace.
+
 ==== Noncompliant code example
 
 [source,yaml,diff-id=1,diff-type=noncompliant]
@@ -44,6 +46,18 @@ spec:
       image: nginx
 ----
 
+[source,yaml,diff-id=2,diff-type=noncompliant]
+----
+apiVersion: v1
+kind: Pod
+metadata:
+  name: nginx-ns-noncompliant
+spec:
+  containers:
+    - name: nginx-ns-noncompliant # Noncompliant
+      image: nginx
+----
+
 ==== Compliant solution
 
 [source,yaml,diff-id=1,diff-type=compliant]
@@ -61,11 +75,35 @@ spec:
           cpu: 0.5
 ----
 
+[source,yaml,diff-id=2,diff-type=compliant]
+----
+apiVersion: v1
+kind: LimitRange
+metadata:
+  name: cpu-limit-range
+  namespace: default-cpu-example
+spec:
+  limits:
+  - default:
+      cpu: 0.5
+    type: Container
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: nginx-ns-compliant
+  namespace: default-cpu-example
+spec:
+  containers:
+  - name: nginx-ns-compliant
+    image: nginx
+----
+
 === How does this work?
 
 A limit can be set through the property `resources.limits.cpu` of a
 container. Alternatively, a default limit for a namespace can be set with
-`LimitRange`.
+`LimitRange` through `spec.limits[].default.cpu`.
 
 == Resources
 

From fb91b33406edb7b99720044c90acd2e44bcb79de Mon Sep 17 00:00:00 2001
From: Peter Trifanov <peter.trifanov@sonarsource.com>
Date: Fri, 28 Jun 2024 09:13:14 +0200
Subject: [PATCH 2/2] Update rule.adoc

---
 rules/S6869/kubernetes/rule.adoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/S6869/kubernetes/rule.adoc b/rules/S6869/kubernetes/rule.adoc
index 95a4e940833..a1dfc490857 100644
--- a/rules/S6869/kubernetes/rule.adoc
+++ b/rules/S6869/kubernetes/rule.adoc
@@ -30,7 +30,7 @@ data, disrupting critical operations and impacting system reliability.
 
 === Code examples
 
-To avoid potential issue either speicify a CPU limit for each container or create a resource of type `LimitRange` that sets a default CPU limit for all containers in a namespace.
+To avoid potential issues, either specify a CPU limit for each container or create a resource of type `LimitRange` that sets a default CPU limit for all containers in a namespace.
 
 ==== Noncompliant code example