Skip to content
kics scanning

removes snyk cli scan - this project will now use scm integration (#241) #34

Sign in to view logs

removes snyk cli scan - this project will now use scm integration (#241)

removes snyk cli scan - this project will now use scm integration (#241) #34

Triggered via push February 6, 2024 12:54
@weecoweeco
pushed 4c40fee
master
Status Failure
Total duration 54s
Artifacts

kics-iac.yml

on: push
kics
43s
kics
Fit to window
Zoom out
Zoom in

Annotations

1 error and 12 warnings
kics
Process completed with exit code 1.
kics
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@v2. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
kics
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
[MEDIUM] CPU Limits Not Set: charts/kminion/templates/deployment.yaml#L1
CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests
[MEDIUM] CPU Requests Not Set: charts/kminion/templates/deployment.yaml#L1
CPU requests should be set to ensure the sum of the resource requests of the scheduled Containers is less than the capacity of the node
[MEDIUM] Container Running With Low UID: charts/kminion/templates/deployment.yaml#L33
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Container Traffic Not Bound To Host Interface: docker-compose.yml#L8
Incoming container traffic should be bound to a specific host interface
[MEDIUM] Container Traffic Not Bound To Host Interface: docker-compose.yml#L43
Incoming container traffic should be bound to a specific host interface
[MEDIUM] Container Traffic Not Bound To Host Interface: docker-compose.yml#L22
Incoming container traffic should be bound to a specific host interface
[MEDIUM] Healthcheck Not Set: docker-compose.yml#L16
Check containers periodically to see if they are running properly.
[MEDIUM] Healthcheck Not Set: docker-compose.yml#L34
Check containers periodically to see if they are running properly.
[MEDIUM] Healthcheck Not Set: docker-compose.yml#L6
Check containers periodically to see if they are running properly.
[MEDIUM] Host Namespace is Shared: docker-compose.yml#L16
The hosts process namespace should not be shared by containers