Skip to content

SPSH-1001: Fixed lint issues #5399

SPSH-1001: Fixed lint issues

SPSH-1001: Fixed lint issues #5399

Triggered via push September 9, 2024 09:34
Status Success
Total duration 24m 29s
Artifacts 2
branch_meta  /  branch_meta
0s
branch_meta / branch_meta
create_branch_identifier_for_deletion  /  convert_branch_name
create_branch_identifier_for_deletion / convert_branch_name
CodeQL  /  Analyze CodeQL
1m 44s
CodeQL / Analyze CodeQL
Linting  /  Nest Lint
1m 16s
Linting / Nest Lint
Tests and Sonarcloud  /  Tests and Sonarcloud
11m 57s
Tests and Sonarcloud / Tests and Sonarcloud
scan_helm  /  Kics Helm Chart Scan
27s
scan_helm / Kics Helm Chart Scan
Scheduled trivy scan of latest image  /  Trivy Scan
Scheduled trivy scan of latest image / Trivy Scan
create_branch_identifier  /  convert_branch_name
0s
create_branch_identifier / convert_branch_name
delete_namespace  /  create_keycloak_db_name
delete_namespace / create_keycloak_db_name
delete_namespace  /  create_spsh_app_db_name
delete_namespace / create_spsh_app_db_name
delete_namespace  /  create_ticket_nr_variable
delete_namespace / create_ticket_nr_variable
Publish image and scan with trivy  /  Publish image
1m 26s
Publish image and scan with trivy / Publish image
select_helm_version_generation_and_image_tag_generation
0s
select_helm_version_generation_and_image_tag_generation
delete_namespace  /  delete_namespace
delete_namespace / delete_namespace
Publish image and scan with trivy  /  pre_scan
0s
Publish image and scan with trivy / pre_scan
release_helm  /  release
22s
release_helm / release
delete_successful
0s
delete_successful
Publish image and scan with trivy  /  ...  /  Trivy Scan
34s
Publish image and scan with trivy / Trivy scan for uploaded image / Trivy Scan
deploy  /  ...  /  branch_meta
0s
deploy / create_ingress_prefix / branch_meta
deploy  /  ...  /  search_for_helm_tagname
8s
deploy / find_dbildungs_iam_server_helm_chart_tag / search_for_helm_tagname
deploy  /  ...  /  search_for_helm_tagname
3s
deploy / find_schulportal_client_helm_chart_tag / search_for_helm_tagname
deploy  /  ...  /  search_for_helm_tagname
11s
deploy / find_dbildungs_iam_keycloak_helm_chart_tag / search_for_helm_tagname
deploy  /  ...  /  search_for_helm_tagname
13s
deploy / find_dbildungs_iam_ldap_helm_chart_tag / search_for_helm_tagname
deploy  /  create_dbildungs_iam_keycloak_db_name
0s
deploy / create_dbildungs_iam_keycloak_db_name
deploy  /  create_dbildungs_iam_server_db_name
0s
deploy / create_dbildungs_iam_server_db_name
deploy  /  determine_playwright_branch
2s
deploy / determine_playwright_branch
deploy  /  ...  /  convert_branch_name
0s
deploy / create_lowercase_ingress_prefix / convert_branch_name
deploy  /  ...  /  run_playwright_end2end_tests
2m 56s
deploy / run_playwright_tests / run_playwright_end2end_tests
Fit to window
Zoom out
Zoom in

Annotations

1 error and 20 warnings
deploy / run_playwright_tests / run_playwright_end2end_tests
Process completed with exit code 1.
[MEDIUM] Container Running As Root: charts/dbildungs-iam-server/templates/redis-deployment.yaml#L22
Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities in case of compromise
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam-server/templates/backend-deployment.yaml#L22
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam-server/templates/redis-deployment.yaml#L38
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam-server/templates/backend-deployment.yaml#L22
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam-server/templates/backend-deployment.yaml#L53
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam-server/templates/redis-deployment.yaml#L34
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] NET_RAW Capabilities Not Being Dropped: charts/dbildungs-iam-server/templates/redis-deployment.yaml#L22
Containers should drop 'ALL' or at least 'NET_RAW' capabilities
[MEDIUM] Seccomp Profile Is Not Configured: charts/dbildungs-iam-server/templates/redis-deployment.yaml#L38
Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
[MEDIUM] Service Account Token Automount Not Disabled: charts/dbildungs-iam-server/templates/redis-deployment.yaml#L20
Service Account Tokens are automatically mounted even if not necessary
[LOW] Container Requests Not Equal To It's Limits: charts/dbildungs-iam-server/templates/backend-deployment.yaml#L22
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
release_helm / release
The following actions use a deprecated Node.js version and will be forced to run on node20: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
deploy / find_schulportal_client_helm_chart_tag / search_for_helm_tagname
The following actions use a deprecated Node.js version and will be forced to run on node20: cardinalby/git-get-release-action@cedef2faf69cb7c55b285bad07688d04430b7ada. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
deploy / find_dbildungs_iam_server_helm_chart_tag / search_for_helm_tagname
The following actions use a deprecated Node.js version and will be forced to run on node20: cardinalby/git-get-release-action@cedef2faf69cb7c55b285bad07688d04430b7ada. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
deploy / find_dbildungs_iam_keycloak_helm_chart_tag / search_for_helm_tagname
The following actions use a deprecated Node.js version and will be forced to run on node20: cardinalby/git-get-release-action@cedef2faf69cb7c55b285bad07688d04430b7ada. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
deploy / find_dbildungs_iam_ldap_helm_chart_tag / search_for_helm_tagname
The following actions use a deprecated Node.js version and will be forced to run on node20: cardinalby/git-get-release-action@cedef2faf69cb7c55b285bad07688d04430b7ada. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
deploy / run_playwright_tests / run_playwright_end2end_tests
The following actions uses node12 which is deprecated and will be forced to run on node16: RocketChat/[email protected]. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
deploy / run_playwright_tests / run_playwright_end2end_tests
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, actions/setup-node@v3, actions/upload-artifact@v3, RocketChat/[email protected]. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
Deprecation notice: v1, v2, and v3 of the artifact actions
The following artifacts were uploaded using a version of actions/upload-artifact that is scheduled for deprecation: "playwright-report". Please update your workflow to use v4 of the artifact actions. Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/

Artifacts

Produced during runtime
Name Size
playwright-report Expired
562 KB
test-artifacts Expired
1.28 MB