Merge branch 'main' into DBP-1146-optional-deployment-prevention #4695
Annotations
12 warnings
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
Scan with kics:
charts/schulportal-client/templates/deployment.yaml#L30
Check if containers are running with low UID, which might cause conflicts with the host's user table.
|
Scan with kics:
charts/schulportal-client/templates/deployment.yaml#L25
Check if Readiness Probe is not configured.
|
Scan with kics:
charts/schulportal-client/templates/deployment.yaml#L25
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
|
Scan with kics:
charts/schulportal-client/templates/deployment.yaml#L25
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
|
Scan with kics:
charts/schulportal-client/templates/deployment.yaml#L27
Images should be specified together with their digests to ensure integrity
|
Scan with kics:
charts/schulportal-client/templates/deployment.yaml#L25
In case of an unresponsive container, a Liveness Probe can help your application become more available since it restarts the container. However, it can lead to cascading failures. Define one if you really need it
|
Scan with kics:
charts/schulportal-client/templates/deployment.yaml#L18
Containers should be configured with an AppArmor profile to enforce fine-grained access control over low-level system resources
|
Scan with kics:
charts/schulportal-client/templates/deployment.yaml#L5
Each namespace should have a LimitRange policy associated to ensure that resource allocations of Pods, Containers and PersistentVolumeClaims do not exceed the defined boundaries
|
Scan with kics:
charts/schulportal-client/templates/deployment.yaml#L5
Each namespace should have a ResourceQuota policy associated to limit the total amount of resources Pods, Containers and PersistentVolumeClaims can consume
|
Scan with kics:
charts/schulportal-client/templates/deployment.yaml#L30
Check if the root container filesystem is not being mounted read-only.
|
The following artifacts were uploaded using a version of actions/upload-artifact that is scheduled for deprecation: "playwright-report".
Please update your workflow to use v4 of the artifact actions.
Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/
|
Loading