From 9e19faf621c8bbd8f90e6c3301a97b8103e9f2dd Mon Sep 17 00:00:00 2001
From: deggja <danieldagfinrud@gmail.com>
Date: Sun, 23 Jun 2024 22:56:20 +0200
Subject: [PATCH] fix: update cilium scanners to only check running pods

Signed-off-by: deggja <danieldagfinrud@gmail.com>
---
 backend/pkg/k8s/cilium-scanner.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/backend/pkg/k8s/cilium-scanner.go b/backend/pkg/k8s/cilium-scanner.go
index 6a761d9..e251de6 100644
--- a/backend/pkg/k8s/cilium-scanner.go
+++ b/backend/pkg/k8s/cilium-scanner.go
@@ -189,6 +189,9 @@ func determinePodCoverage(clientset *kubernetes.Clientset, nsName string, polici
 	}
 
 	for _, pod := range pods.Items {
+		if pod.Status.Phase != corev1.PodRunning {
+			continue
+		}
 		podIdentifier := fmt.Sprintf("%s/%s", pod.Namespace, pod.Name)
 		if _, exists := globallyProtectedPods[podIdentifier]; !exists {
 			if !IsPodProtected(writer, clientset, pod, policies, hasDenyAll, globallyProtectedPods) {