From 3ac3fe1fc5eec7542ffe5387585bc1ffe58bb94d Mon Sep 17 00:00:00 2001
From: Rotem Avni <52502521+rotemavni@users.noreply.github.com>
Date: Mon, 14 Oct 2024 20:17:14 +0300
Subject: [PATCH] fix(kubernetes): Handle non-sting params in command (#6768)

* handle a case where we have a non-sting in the command

* fix mypy

* fixed mypy

* fixed test
---
 .../checks/resource/k8s/k8s_check_utils.py      |  4 ++--
 tests/kubernetes/checks/test_k8s_check_utils.py | 17 +++++++++++++++++
 2 files changed, 19 insertions(+), 2 deletions(-)
 create mode 100644 tests/kubernetes/checks/test_k8s_check_utils.py

diff --git a/checkov/kubernetes/checks/resource/k8s/k8s_check_utils.py b/checkov/kubernetes/checks/resource/k8s/k8s_check_utils.py
index 883cd342003..beb4f232005 100644
--- a/checkov/kubernetes/checks/resource/k8s/k8s_check_utils.py
+++ b/checkov/kubernetes/checks/resource/k8s/k8s_check_utils.py
@@ -12,11 +12,11 @@ def extract_commands(conf: dict[str, Any]) -> tuple[list[str], list[str]]:
     for cmd in commands:
         if cmd is None:
             continue
-        if "=" in cmd:
+        if isinstance(cmd, str) and "=" in cmd:
             key, value = cmd.split("=", maxsplit=1)
             keys.append(key)
             values.append(value)
         else:
             keys.append(cmd)
-            values.append(None)
+            values.append('')
     return keys, values
diff --git a/tests/kubernetes/checks/test_k8s_check_utils.py b/tests/kubernetes/checks/test_k8s_check_utils.py
new file mode 100644
index 00000000000..a730f7c34a8
--- /dev/null
+++ b/tests/kubernetes/checks/test_k8s_check_utils.py
@@ -0,0 +1,17 @@
+from checkov.kubernetes.checks.resource.k8s.k8s_check_utils import extract_commands
+
+
+def test_non_int_extract_commands() -> None:
+    conf = {'command': ['kube-apiserver', '--encryption-provider-config=config.file']}
+
+    keys, values = extract_commands(conf)
+    assert keys == ['kube-apiserver', '--encryption-provider-config']
+    assert values == ['', 'config.file']
+
+
+def test_int_extract_commands() -> None:
+    conf = {'command': ['kube-apiserver', '--encryption-provider-config=config.file', '-p', 9082]}
+
+    keys, values = extract_commands(conf)
+    assert keys == ['kube-apiserver', '--encryption-provider-config', '-p', 9082]
+    assert values == ['', 'config.file', '', '']