Skip to content

wip: start recreating logout-flow #49

wip: start recreating logout-flow

wip: start recreating logout-flow #49

Triggered via push October 16, 2024 08:40
Status Success
Total duration 38s
Artifacts
scan_helm  /  Kics Helm Chart Scan
27s

Annotations

11 warnings
scan_helm / Kics Helm Chart Scan
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
[MEDIUM] CPU Limits Not Set: charts/schulportal-load-tests/templates/cronjob.yaml#L43
CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests
[MEDIUM] CPU Requests Not Set: charts/schulportal-load-tests/templates/cronjob.yaml#L43
CPU requests should be set to ensure the sum of the resource requests of the scheduled Containers is less than the capacity of the node
[MEDIUM] Container Running As Root: charts/schulportal-load-tests/templates/cronjob.yaml#L43
Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities in case of compromise
[MEDIUM] Container Running With Low UID: charts/schulportal-load-tests/templates/cronjob.yaml#L43
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Memory Limits Not Defined: charts/schulportal-load-tests/templates/cronjob.yaml#L43
Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than the designated amount of memory
[MEDIUM] Memory Requests Not Defined: charts/schulportal-load-tests/templates/cronjob.yaml#L43
Memory requests should be defined for each container. This allows the kubelet to reserve the requested amount of system resources and prevents over-provisioning on individual nodes
[MEDIUM] NET_RAW Capabilities Not Being Dropped: charts/schulportal-load-tests/templates/cronjob.yaml#L43
Containers should drop 'ALL' or at least 'NET_RAW' capabilities
[MEDIUM] Seccomp Profile Is Not Configured: charts/schulportal-load-tests/templates/cronjob.yaml#L43
Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
[MEDIUM] Service Account Token Automount Not Disabled: charts/schulportal-load-tests/templates/cronjob.yaml#L19
Service Account Tokens are automatically mounted even if not necessary
[LOW] CronJob Deadline Not Configured: charts/schulportal-load-tests/templates/cronjob.yaml#L2
Cronjobs must have a configured deadline, which means the attribute 'startingDeadlineSeconds' must be defined