Skip to content
Dev Pipeline

Refactor Person-Permissions #4356

Sign in to view logs

Refactor Person-Permissions

Refactor Person-Permissions #4356

Triggered via push July 10, 2024 14:17
@casparneumann-capcasparneumann-cap
pushed f407956
SPSH-848-person-permissions
Status Failure
Total duration 7m 6s
Artifacts

image-and-helm-publish-check-deploy-on-push-scheduled.yml

on: push
branch_meta  /  branch_meta
0s
branch_meta / branch_meta
create_branch_identifier_for_deletion  /  convert_branch_name
create_branch_identifier_for_deletion / convert_branch_name
CodeQL  /  Analyze CodeQL
1m 35s
CodeQL / Analyze CodeQL
Linting  /  Nest Lint
1m 8s
Linting / Nest Lint
Tests and Sonarcloud  /  Tests and Sonarcloud
6m 53s
Tests and Sonarcloud / Tests and Sonarcloud
scan_helm  /  Kics Helm Chart Scan
28s
scan_helm / Kics Helm Chart Scan
Scheduled trivy scan of latest image  /  Trivy Scan
Scheduled trivy scan of latest image / Trivy Scan
create_branch_identifier  /  convert_branch_name
0s
create_branch_identifier / convert_branch_name
delete_namespace  /  create_keycloak_db_name
delete_namespace / create_keycloak_db_name
delete_namespace  /  create_spsh_app_db_name
delete_namespace / create_spsh_app_db_name
delete_namespace  /  create_ticket_nr_variable
delete_namespace / create_ticket_nr_variable
Publish image and scan with trivy  /  Publish image
Publish image and scan with trivy / Publish image
select_helm_version_generation_and_image_tag_generation
0s
select_helm_version_generation_and_image_tag_generation
delete_namespace  /  delete_namespace
delete_namespace / delete_namespace
Publish image and scan with trivy  /  pre_scan
Publish image and scan with trivy / pre_scan
release_helm  /  release
15s
release_helm / release
delete_successful
0s
delete_successful
Publish image and scan with trivy  /  ...  /  Trivy Scan
Publish image and scan with trivy / Trivy scan for uploaded image / Trivy Scan
deploy  /  ...  /  branch_meta
deploy / create_ingress_prefix / branch_meta
deploy  /  create_dbildungs_iam_keycloak_db_name
deploy / create_dbildungs_iam_keycloak_db_name
deploy  /  create_dbildungs_iam_server_db_name
deploy / create_dbildungs_iam_server_db_name
deploy  /  ...  /  search_for_helm_tagname
deploy / find_dbildungs_iam_keycloak_helm_chart_tag / search_for_helm_tagname
deploy  /  ...  /  search_for_helm_tagname
deploy / find_dbildungs_iam_ldap_helm_chart_tag / search_for_helm_tagname
deploy  /  ...  /  search_for_helm_tagname
deploy / find_dbildungs_iam_server_helm_chart_tag / search_for_helm_tagname
deploy  /  ...  /  search_for_helm_tagname
deploy / find_schulportal_client_helm_chart_tag / search_for_helm_tagname
deploy  /  determine_playwright_branch
deploy / determine_playwright_branch
deploy  /  ...  /  convert_branch_name
deploy / create_lowercase_ingress_prefix / convert_branch_name
deploy  /  deployment
deploy / deployment
deploy  /  ...  /  run_playwright_end2end_tests
deploy / run_playwright_tests / run_playwright_end2end_tests
Fit to window
Zoom out
Zoom in

Annotations

2 errors and 13 warnings
Linting / Nest Lint
Process completed with exit code 1.
Tests and Sonarcloud / Tests and Sonarcloud
Process completed with exit code 1.
[MEDIUM] Container Running As Root: charts/dbildungs-iam-server/templates/ldap-deployment.yaml#L21
Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities in case of compromise
[MEDIUM] Container Running As Root: charts/dbildungs-iam-server/templates/redis-deployment.yaml#L22
Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities in case of compromise
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam-server/templates/ldap-deployment.yaml#L21
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam-server/templates/backend-deployment.yaml#L23
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam-server/templates/backend-deployment.yaml#L23
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam-server/templates/redis-deployment.yaml#L34
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam-server/templates/redis-deployment.yaml#L38
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam-server/templates/backend-deployment.yaml#L23
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Container Running With Low UID: charts/dbildungs-iam-server/templates/backend-deployment.yaml#L78
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] NET_RAW Capabilities Not Being Dropped: charts/dbildungs-iam-server/templates/redis-deployment.yaml#L22
Containers should drop 'ALL' or at least 'NET_RAW' capabilities
release_helm / release
The following actions uses Node.js version which is deprecated and will be forced to run on node20: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
Linting / Nest Lint: src/modules/personenkontext/domain/personenkontext.ts#L68
Insert `,`
Linting / Nest Lint: src/modules/personenkontext/domain/personenkontext.ts#L91
Insert `,`