KICS security and vulnerability scanner #2084
Annotations
11 warnings
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
KICS scan:
charts/item-relationship-service/templates/deployment.yaml#L24
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
|
KICS scan:
charts/item-relationship-service/templates/service.yaml#L25
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
|
KICS scan:
charts/item-relationship-service/templates/configmap-spring-app-config.yaml#L26
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
|
KICS scan:
charts/item-relationship-service/templates/deployment.yaml#L58
Image Pull Policy of the container must be defined and set to Always
|
KICS scan:
charts/item-relationship-service/templates/deployment.yaml#L58
Images should be specified together with their digests to ensure integrity
|
KICS scan:
charts/item-relationship-service/templates/deployment.yaml#L40
Containers should be configured with an AppArmor profile to enforce fine-grained access control over low-level system resources
|
KICS scan:
charts/item-relationship-service/templates/deployment.yaml#L23
Each namespace should have a LimitRange policy associated to ensure that resource allocations of Pods, Containers and PersistentVolumeClaims do not exceed the defined boundaries
|
KICS scan:
charts/item-relationship-service/templates/deployment.yaml#L23
Each namespace should have a ResourceQuota policy associated to limit the total amount of resources Pods, Containers and PersistentVolumeClaims can consume
|
KICS scan:
charts/item-relationship-service/templates/deployment.yaml#L73
Container should not use secrets as environment variables
|
KICS scan:
charts/item-relationship-service/templates/deployment.yaml#L73
Container should not use secrets as environment variables
|
Loading