Skip to content

Merge branch 'main' into DBP-1146-optional-deployment-prevention #4695

Merge branch 'main' into DBP-1146-optional-deployment-prevention

Merge branch 'main' into DBP-1146-optional-deployment-prevention #4695

Re-run triggered December 19, 2024 15:46
Status Success
Total duration 5m 26s
Artifacts 2
branch_meta  /  branch_meta
0s
branch_meta / branch_meta
create_branch_identifier_for_deletion  /  convert_branch_name
create_branch_identifier_for_deletion / convert_branch_name
Check deployment clearance
3s
Check deployment clearance
CodeQL  /  Analyze CodeQL
1m 6s
CodeQL / Analyze CodeQL
Linting  /  Nest Lint
1m 11s
Linting / Nest Lint
Tests and Sonarcloud  /  Tests and Sonarcloud
2m 26s
Tests and Sonarcloud / Tests and Sonarcloud
scan_helm  /  Kics Helm Chart Scan
30s
scan_helm / Kics Helm Chart Scan
Scheduled trivy scan of latest image  /  Trivy Scan
Scheduled trivy scan of latest image / Trivy Scan
create_branch_identifier  /  convert_branch_name
0s
create_branch_identifier / convert_branch_name
delete_namespace  /  create_dbildungs_iam_keycloak_db_name
delete_namespace / create_dbildungs_iam_keycloak_db_name
delete_namespace  /  create_dbildungs_iam_server_db_name
delete_namespace / create_dbildungs_iam_server_db_name
delete_namespace  /  create_ticket_nr_variable
delete_namespace / create_ticket_nr_variable
select_helm_version_generation_and_image_tag_generation
0s
select_helm_version_generation_and_image_tag_generation
Publish image and scan with trivy  /  Publish image
1m 9s
Publish image and scan with trivy / Publish image
delete_namespace  /  delete_databases_and_namespace
delete_namespace / delete_databases_and_namespace
release_helm  /  release
46s
release_helm / release
Publish image and scan with trivy  /  pre_scan
0s
Publish image and scan with trivy / pre_scan
delete_successful
0s
delete_successful
wait_for_helm_chart_to_get_published
1m 1s
wait_for_helm_chart_to_get_published
Publish image and scan with trivy  /  ...  /  Trivy Scan
32s
Publish image and scan with trivy / Trivy scan for uploaded image / Trivy Scan
deploy  /  ...  /  search_for_helm_tagname
3s
deploy / find_dbildungs_iam_server_helm_chart_tag / search_for_helm_tagname
deploy  /  ...  /  search_for_helm_tagname
4s
deploy / find_schulportal_client_helm_chart_tag / search_for_helm_tagname
deploy  /  ...  /  search_for_helm_tagname
14s
deploy / find_dbildungs_iam_keycloak_helm_chart_tag / search_for_helm_tagname
deploy  /  ...  /  search_for_helm_tagname
2s
deploy / find_dbildungs_iam_ldap_helm_chart_tag / search_for_helm_tagname
deploy  /  recreate_dbildungs_iam_keycloak_db_name
0s
deploy / recreate_dbildungs_iam_keycloak_db_name
deploy  /  recreate_dbildungs_iam_server_db_name
0s
deploy / recreate_dbildungs_iam_server_db_name
deploy  /  determine_playwright_branch
0s
deploy / determine_playwright_branch
deploy  /  ...  /  run_playwright_end2end_tests
5m 7s
deploy / run_playwright_tests / run_playwright_end2end_tests
Fit to window
Zoom out
Zoom in

Annotations

34 warnings
Check deployment clearance
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
branch_meta / branch_meta
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
CodeQL / Analyze CodeQL
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
Linting / Nest Lint
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
Tests and Sonarcloud / Tests and Sonarcloud
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
scan_helm / Kics Helm Chart Scan
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
[MEDIUM] Container Running With Low UID: charts/schulportal-client/templates/deployment.yaml#L30
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[LOW] Container Requests Not Equal To It's Limits: charts/schulportal-client/templates/deployment.yaml#L25
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
[LOW] Container Requests Not Equal To It's Limits: charts/schulportal-client/templates/deployment.yaml#L25
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
[LOW] Image Without Digest: charts/schulportal-client/templates/deployment.yaml#L27
Images should be specified together with their digests to ensure integrity
[LOW] Liveness Probe Is Not Defined: charts/schulportal-client/templates/deployment.yaml#L25
In case of an unresponsive container, a Liveness Probe can help your application become more available since it restarts the container. However, it can lead to cascading failures. Define one if you really need it
[LOW] Missing AppArmor Profile: charts/schulportal-client/templates/deployment.yaml#L18
Containers should be configured with an AppArmor profile to enforce fine-grained access control over low-level system resources
[LOW] Pod or Container Without LimitRange: charts/schulportal-client/templates/deployment.yaml#L5
Each namespace should have a LimitRange policy associated to ensure that resource allocations of Pods, Containers and PersistentVolumeClaims do not exceed the defined boundaries
[LOW] Pod or Container Without ResourceQuota: charts/schulportal-client/templates/deployment.yaml#L5
Each namespace should have a ResourceQuota policy associated to limit the total amount of resources Pods, Containers and PersistentVolumeClaims can consume
[LOW] Root Container Not Mounted Read-only: charts/schulportal-client/templates/deployment.yaml#L30
Check if the root container filesystem is not being mounted read-only.
select_helm_version_generation_and_image_tag_generation
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
create_branch_identifier / convert_branch_name
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
release_helm / release
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
Publish image and scan with trivy / Publish image
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
wait_for_helm_chart_to_get_published
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
Publish image and scan with trivy / pre_scan
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
Publish image and scan with trivy / Trivy scan for uploaded image / Trivy Scan
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
deploy / recreate_dbildungs_iam_keycloak_db_name
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
deploy / determine_playwright_branch
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
deploy / recreate_dbildungs_iam_server_db_name
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
deploy / find_dbildungs_iam_server_helm_chart_tag / search_for_helm_tagname
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
deploy / find_schulportal_client_helm_chart_tag / search_for_helm_tagname
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
deploy / find_dbildungs_iam_keycloak_helm_chart_tag / search_for_helm_tagname
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
deploy / find_dbildungs_iam_ldap_helm_chart_tag / search_for_helm_tagname
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
deploy / deployment
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
deploy / run_playwright_tests / run_playwright_end2end_tests
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
Deprecation notice: v1, v2, and v3 of the artifact actions
The following artifacts were uploaded using a version of actions/upload-artifact that is scheduled for deprecation: "playwright-report". Please update your workflow to use v4 of the artifact actions. Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/

Artifacts

Produced during runtime
Name Size
playwright-report
24.9 MB