emit warning on no liveness probe defined for pods

Iterates through all pod specs listing pods without liveness probes
under a severity of `osgraph.InfoSeverity`

pkg/api/kubegraph/analysis/podspec.go

@@ -8,11 +8,13 @@ import (
 	osgraph "github.com/openshift/origin/pkg/api/graph"
 	kubeedges "github.com/openshift/origin/pkg/api/kubegraph"
 	kubegraph "github.com/openshift/origin/pkg/api/kubegraph/nodes"
+	"k8s.io/kubernetes/pkg/util/sets"
 )
 
 const (
-	UnmountableSecretWarning = "UnmountableSecret"
-	MissingSecretWarning     = "MissingSecret"
+	UnmountableSecretWarning    = "UnmountableSecret"
+	MissingSecretWarning        = "MissingSecret"
+	MissingLivenessProbeWarning = "MissingLivenessProbe"
 )
 
 // FindUnmountableSecrets inspects all PodSpecs for any Secret reference that isn't listed as mountable by the referenced ServiceAccount
@@ -48,6 +50,39 @@ func FindUnmountableSecrets(g osgraph.Graph, f osgraph.Namer) []osgraph.Marker {
 	return markers
 }
 
+// FindMissingLivenessProbes inspects all PodSpecs for missing liveness probes
+func FindMissingLivenessProbes(g osgraph.Graph, f osgraph.Namer, setProbeCommand string) []osgraph.Marker {
+	markers := []osgraph.Marker{}
+	appendedNodes := sets.NewString()
+
+	for _, uncastPodSpecNode := range g.NodesByKind(kubegraph.PodSpecNodeKind) {
+		podSpecNode := uncastPodSpecNode.(*kubegraph.PodSpecNode)
+		podsWithoutLivenessProbes := CheckForLivenessProbes(g, podSpecNode)
+
+		topLevelNode := osgraph.GetTopLevelContainerNode(g, podSpecNode)
+		topLevelString := f.ResourceName(topLevelNode)
+
+		// prevent duplicate markers
+		if appendedNodes.Has(topLevelString) {
+			continue
+		}
+
+		appendedNodes.Insert(topLevelString)
+		for range podsWithoutLivenessProbes {
+			markers = append(markers, osgraph.Marker{
+				Node:     podSpecNode,
+				Severity: osgraph.InfoSeverity,
+				Key:      MissingLivenessProbeWarning,
+				Message: fmt.Sprintf("%s has no liveness probe to verify pods are still running.",
+					topLevelString),
+				Suggestion: osgraph.Suggestion(fmt.Sprintf("%s %s --liveness ...", setProbeCommand, topLevelString)),
+			})
+		}
+	}
+
+	return markers
+}
+
 // FindMissingSecrets inspects all PodSpecs for any Secret reference that is a synthetic node (not a pre-existing node in the graph)
 func FindMissingSecrets(g osgraph.Graph, f osgraph.Namer) []osgraph.Marker {
 	markers := []osgraph.Marker{}
@@ -75,6 +110,24 @@ func FindMissingSecrets(g osgraph.Graph, f osgraph.Namer) []osgraph.Marker {
 	return markers
 }
 
+func CheckForLivenessProbes(g osgraph.Graph, podSpecNode *kubegraph.PodSpecNode) []*kubegraph.PodSpecNode {
+	noLivenessProbes := []*kubegraph.PodSpecNode{}
+
+	hasLivenessProbe := false
+	for _, container := range podSpecNode.PodSpec.Containers {
+		if container.LivenessProbe != nil {
+			hasLivenessProbe = true
+			break
+		}
+	}
+
+	if !hasLivenessProbe {
+		noLivenessProbes = append(noLivenessProbes, podSpecNode)
+	}
+
+	return noLivenessProbes
+}
+
 // CheckForUnmountableSecrets checks to be sure that all the referenced secrets are mountable (by service account)
 func CheckForUnmountableSecrets(g osgraph.Graph, podSpecNode *kubegraph.PodSpecNode) []*kubegraph.SecretNode {
 	saNodes := g.SuccessorNodesByNodeAndEdgeKind(podSpecNode, kubegraph.ServiceAccountNodeKind, kubeedges.ReferencedServiceAccountEdgeKind)

pkg/cmd/cli/describe/projectstatus.go

@@ -376,6 +376,9 @@ func getMarkerScanners(logsCommandName, securityPolicyCommandFormat, setProbeCom
 		func(g osgraph.Graph, f osgraph.Namer) []osgraph.Marker {
 			return deployanalysis.FindDeploymentConfigReadinessWarnings(g, f, setProbeCommandName)
 		},
+		func(g osgraph.Graph, f osgraph.Namer) []osgraph.Marker {
+			return kubeanalysis.FindMissingLivenessProbes(g, f, setProbeCommandName)
+		},
 		routeanalysis.FindPortMappingIssues,
 		routeanalysis.FindMissingTLSTerminationType,
 		routeanalysis.FindPathBasedPassthroughRoutes,