Skip to content

changed cronjob values #14

changed cronjob values

changed cronjob values #14

Triggered via push October 11, 2024 14:35
Status Success
Total duration 42s
Artifacts
scan_helm  /  Kics Helm Chart Scan
29s
scan_helm / Kics Helm Chart Scan
Fit to window
Zoom out
Zoom in

Annotations

7 warnings
scan_helm / Kics Helm Chart Scan
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
[MEDIUM] Service Account Token Automount Not Disabled: charts/schulportal-load-tests/templates/cronjob.yaml#L19
Service Account Tokens are automatically mounted even if not necessary
[LOW] CronJob Deadline Not Configured: charts/schulportal-load-tests/templates/cronjob.yaml#L2
Cronjobs must have a configured deadline, which means the attribute 'startingDeadlineSeconds' must be defined
[LOW] Missing AppArmor Profile: charts/schulportal-load-tests/templates/cronjob.yaml#L15
Containers should be configured with an AppArmor profile to enforce fine-grained access control over low-level system resources
[LOW] Pod or Container Without LimitRange: charts/schulportal-load-tests/templates/cronjob.yaml#L2
Each namespace should have a LimitRange policy associated to ensure that resource allocations of Pods, Containers and PersistentVolumeClaims do not exceed the defined boundaries
[LOW] Pod or Container Without ResourceQuota: charts/schulportal-load-tests/templates/cronjob.yaml#L2
Each namespace should have a ResourceQuota policy associated to limit the total amount of resources Pods, Containers and PersistentVolumeClaims can consume
[INFO] Ensure Administrative Boundaries Between Resources: charts/schulportal-load-tests/templates/cronjob.yaml#L6
As a best practice, ensure that is made the correct use of namespaces to adequately administer your resources. Kubernetes Authorization plugins can also be used to create policies that segregate user access to namespaces.