kubernetes / pod-security-admission
Conditional Complexity

The distribution of complexity of units (measured with McCabe index).

Intro
  • Conditional complexity (also called cyclomatic complexity) is a term used to measure the complexity of software. The term refers to the number of possible paths through a program function. A higher value ofter means higher maintenance and testing costs (infosecinstitute.com).
  • Conditional complexity is calculated by counting all conditions in the program that can affect the execution path (e.g. if statement, loops, switches, and/or operators, try and catch blocks...).
  • Conditional complexity is measured at the unit level (methods, functions...).
  • Units are classified in four categories based on the measured McCabe index: 1-5 (simple units), 6-10 (medium complex units), 11-25 (complex units), 26+ (very complex units).
Learn more...
Conditional Complexity Overall
  • There are 247 units with 2,969 lines of code in units (74.3% of code).
    • 0 very complex units (0 lines of code)
    • 0 complex units (0 lines of code)
    • 14 medium complex units (741 lines of code)
    • 15 simple units (484 lines of code)
    • 218 very simple units (1,744 lines of code)
0% | 0% | 24% | 16% | 58%
Legend:
51+
26-50
11-25
6-10
1-5
Alternative Visuals
Conditional Complexity per Extension
51+
26-50
11-25
6-10
1-5
go0% | 0% | 24% | 16% | 58%
Conditional Complexity per Logical Component
primary logical decomposition
51+
26-50
11-25
6-10
1-5
policy0% | 0% | 35% | 13% | 51%
admission0% | 0% | 62% | 4% | 33%
cmd/webhook/server0% | 0% | 0% | 42% | 57%
api0% | 0% | 0% | 27% | 72%
admission/api/v1alpha10% | 0% | 0% | 26% | 73%
admission/api/v1beta10% | 0% | 0% | 26% | 73%
admission/api0% | 0% | 0% | 36% | 63%
metrics0% | 0% | 0% | 0% | 100%
admission/api/validation0% | 0% | 0% | 0% | 100%
admission/api/load0% | 0% | 0% | 0% | 100%
admission/api/scheme0% | 0% | 0% | 0% | 100%
cmd/webhook0% | 0% | 0% | 0% | 100%
Most Complex Units
Top 20 most complex units
Unit# linesMcCabe index# params
func restrictedVolumes_1_0()
in policy/check_restrictedVolumes.go
 80 25 2
func()
in admission/admission.go
 56 17 1
func seLinuxOptions_1_0()
in policy/check_seLinuxOptions.go
 73 15 2
func()
in admission/admission.go
 54 15 1
func isSignificantPodUpdate()
in admission/admission.go
 37 13 2
func capabilitiesRestricted_1_22()
in policy/check_capabilities_restricted.go
 55 12 2
func windowsHostProcess_1_0()
in policy/check_windowsHostProcess.go
 40 12 2
func()
in admission/admission.go
 32 12 1
func()
in admission/admission.go
 51 12 1
func()
in admission/admission.go
 56 12 1
func validateChecks()
in policy/registry.go
 32 11 1
func seccompProfileRestricted_1_19()
in policy/check_seccompProfile_restricted.go
 60 11 2
func runAsNonRoot_1_0()
in policy/check_runAsNonRoot.go
 53 11 2
func()
in admission/admission.go
 62 11 1
func()
in cmd/webhook/server/server.go
 64 10 1
func PolicyToEvaluate()
in api/helpers.go
 41 10 2
func()
in admission/admission.go
 24 10 1
func runAsUser_1_23()
in policy/check_runAsUser.go
 30 9 2
func seccompProfileBaseline_1_19()
in policy/check_seccompProfile_baseline.go
 41 9 2
func Setup()
in cmd/webhook/server/server.go
 38 7 1