Skip to content

removed security context for testing #147

removed security context for testing

removed security context for testing #147

Triggered via push October 16, 2023 14:58
Status Failure
Total duration 4m 42s
Artifacts 1
nest_test_and_sonarcloud  /  Nest Test
2m 48s
nest_test_and_sonarcloud / Nest Test
codeql_analyze  /  Analyze CodeQL
1m 58s
codeql_analyze / Analyze CodeQL
nest_lint  /  Nest Lint
1m 10s
nest_lint / Nest Lint
kics_helm  /  Run kics Helm Chart Scan
33s
kics_helm / Run kics Helm Chart Scan
nest_test_and_sonarcloud  /  SonarCloud
1m 37s
nest_test_and_sonarcloud / SonarCloud
Fit to window
Zoom out
Zoom in

Annotations

1 error and 10 warnings
kics_helm / Run kics Helm Chart Scan
KICS scan failed with exit code 50
[HIGH] Privilege Escalation Allowed: charts/dbildungs-iam/templates/dbildungs-iam-deployment-backend.yaml#L1
Containers should not run with allowPrivilegeEscalation in order to prevent them from gaining more privileges than their parent process
[MEDIUM] CPU Requests Not Set: charts/dbildungs-iam/templates/dbildungs-iam-deployment-backend.yaml#L1
CPU requests should be set to ensure the sum of the resource requests of the scheduled Containers is less than the capacity of the node
[MEDIUM] CPU Requests Not Set: charts/dbildungs-iam/templates/dbildungs-iam-deployment-bff.yaml#L1
CPU requests should be set to ensure the sum of the resource requests of the scheduled Containers is less than the capacity of the node
[MEDIUM] Container Running As Root: charts/dbildungs-iam/templates/dbildungs-iam-deployment-backend.yaml#L1
Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities in case of compromise
[MEDIUM] Container Running As Root: charts/dbildungs-iam/templates/dbildungs-iam-deployment-bff.yaml#L1
Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities in case of compromise
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam/templates/dbildungs-iam-deployment-backend.yaml#L32
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam/templates/dbildungs-iam-deployment-bff.yaml#L35
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Memory Requests Not Defined: charts/dbildungs-iam/templates/dbildungs-iam-deployment-bff.yaml#L1
Memory requests should be defined for each container. This allows the kubelet to reserve the requested amount of system resources and prevents over-provisioning on individual nodes
[MEDIUM] Memory Requests Not Defined: charts/dbildungs-iam/templates/dbildungs-iam-deployment-backend.yaml#L1
Memory requests should be defined for each container. This allows the kubelet to reserve the requested amount of system resources and prevents over-provisioning on individual nodes
[MEDIUM] NET_RAW Capabilities Not Being Dropped: charts/dbildungs-iam/templates/dbildungs-iam-deployment-bff.yaml#L1
Containers should drop 'ALL' or at least 'NET_RAW' capabilities

Artifacts

Produced during runtime
Name Size
test-artifacts Expired
1.43 MB