Merge branch 'SPSH-696' of https://github.com/dBildungsplattform/dbil… #4405
branch_meta
/
branch_meta
0s
create_branch_identifier_for_deletion
/
convert_branch_name
CodeQL
/
Analyze CodeQL
1m 52s
Linting
/
Nest Lint
1m 3s
Tests and Sonarcloud
/
Tests and Sonarcloud
9m 35s
scan_helm
/
Kics Helm Chart Scan
30s
Scheduled trivy scan of latest image
/
Trivy Scan
delete_namespace
/
create_keycloak_db_name
delete_namespace
/
create_spsh_app_db_name
delete_namespace
/
create_ticket_nr_variable
Publish image and scan with trivy
/
Publish image
1m 18s
select_helm_version_generation_and_image_tag_generation
0s
delete_successful
0s
Publish image and scan with trivy
/
...
/
Trivy Scan
29s
deploy
/
...
/
search_for_helm_tagname
2s
deploy
/
...
/
search_for_helm_tagname
5s
deploy
/
...
/
search_for_helm_tagname
16s
deploy
/
...
/
search_for_helm_tagname
18s
deploy
/
create_dbildungs_iam_keycloak_db_name
0s
deploy
/
create_dbildungs_iam_server_db_name
0s
deploy
/
...
/
convert_branch_name
0s
deploy
/
...
/
run_playwright_end2end_tests
24m 6s
Annotations
1 error and 19 warnings
deploy / run_playwright_tests / run_playwright_end2end_tests
Process completed with exit code 1.
|
[MEDIUM] Container Running As Root:
charts/dbildungs-iam-server/templates/redis-deployment.yaml#L22
Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities in case of compromise
|
[MEDIUM] Container Running With Low UID:
charts/dbildungs-iam-server/templates/backend-deployment.yaml#L23
Check if containers are running with low UID, which might cause conflicts with the host's user table.
|
[MEDIUM] Container Running With Low UID:
charts/dbildungs-iam-server/templates/redis-deployment.yaml#L34
Check if containers are running with low UID, which might cause conflicts with the host's user table.
|
[MEDIUM] Container Running With Low UID:
charts/dbildungs-iam-server/templates/backend-deployment.yaml#L78
Check if containers are running with low UID, which might cause conflicts with the host's user table.
|
[MEDIUM] Container Running With Low UID:
charts/dbildungs-iam-server/templates/backend-deployment.yaml#L23
Check if containers are running with low UID, which might cause conflicts with the host's user table.
|
[MEDIUM] Container Running With Low UID:
charts/dbildungs-iam-server/templates/backend-deployment.yaml#L23
Check if containers are running with low UID, which might cause conflicts with the host's user table.
|
[MEDIUM] Container Running With Low UID:
charts/dbildungs-iam-server/templates/redis-deployment.yaml#L38
Check if containers are running with low UID, which might cause conflicts with the host's user table.
|
[MEDIUM] NET_RAW Capabilities Not Being Dropped:
charts/dbildungs-iam-server/templates/redis-deployment.yaml#L22
Containers should drop 'ALL' or at least 'NET_RAW' capabilities
|
[MEDIUM] Seccomp Profile Is Not Configured:
charts/dbildungs-iam-server/templates/redis-deployment.yaml#L38
Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
|
[MEDIUM] Service Account Token Automount Not Disabled:
charts/dbildungs-iam-server/templates/redis-deployment.yaml#L20
Service Account Tokens are automatically mounted even if not necessary
|
release_helm / release
The following actions uses Node.js version which is deprecated and will be forced to run on node20: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
deploy / find_dbildungs_iam_server_helm_chart_tag / search_for_helm_tagname
The following actions uses Node.js version which is deprecated and will be forced to run on node20: cardinalby/git-get-release-action@cedef2faf69cb7c55b285bad07688d04430b7ada. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
deploy / find_schulportal_client_helm_chart_tag / search_for_helm_tagname
The following actions uses Node.js version which is deprecated and will be forced to run on node20: cardinalby/git-get-release-action@cedef2faf69cb7c55b285bad07688d04430b7ada. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
deploy / find_dbildungs_iam_keycloak_helm_chart_tag / search_for_helm_tagname
The following actions uses Node.js version which is deprecated and will be forced to run on node20: cardinalby/git-get-release-action@cedef2faf69cb7c55b285bad07688d04430b7ada. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
deploy / find_dbildungs_iam_ldap_helm_chart_tag / search_for_helm_tagname
The following actions uses Node.js version which is deprecated and will be forced to run on node20: cardinalby/git-get-release-action@cedef2faf69cb7c55b285bad07688d04430b7ada. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
deploy / run_playwright_tests / run_playwright_end2end_tests
The following actions uses Node.js version which is deprecated and will be forced to run on node20: actions/checkout@v3, actions/setup-node@v3, actions/upload-artifact@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
Deprecation notice: v1, v2, and v3 of the artifact actions
The following artifacts were uploaded using a version of actions/upload-artifact that is scheduled for deprecation: "playwright-report".
Please update your workflow to use v4 of the artifact actions.
Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/
|
Artifacts
Produced during runtime
Name | Size | |
---|---|---|
playwright-report
Expired
|
679 KB |
|
test-artifacts
Expired
|
1.06 MB |
|