ci: rework integration test step #470
pr.yml
on: pull_request
ci
/
conditionals
0s
ci
/
...
/
ossf-scorecard
21s
ci
/
...
/
dependency review
7s
ci
/
...
/
check-commit-message
9s
ci
/
...
/
unit tests
49s
ci
/
...
/
checkov
32s
ci
/
...
/
codeql
3m 43s
ci
/
...
/
golangci-lint
2m 17s
ci
/
...
/
gosec
32s
ci
/
...
/
hadolint
19s
ci
/
...
/
kubelinter
16s
ci
/
...
/
semgrep
34s
ci
/
...
/
trivy config
29s
ci
/
...
/
deploy
14s
ci
/
...
/
trivy image
23s
ci
/
...
/
grype
44s
ci
/
...
/
dependency review
18s
ci
/
...
/
self-hosted-notary
15s
Matrix: ci / integration-test / functional
Matrix: ci / integration-test / k8s versions
Matrix: ci / integration-test / optional
Matrix: ci / integration-test / optional k8s versions
Annotations
12 errors and 5 warnings
ci / compliance / check-commit-message
Process completed with exit code 1.
|
ci / sast / checkov:
deployment/deployment.yaml#L286
CKV_K8S_38: "Ensure that Service Account Tokens are only mounted where necessary"
|
ci / sast / checkov:
deployment/deployment.yaml#L286
CKV_K8S_35: "Prefer using secrets as files over secrets as environment variables"
|
ci / sast / checkov:
deployment/deployment.yaml#L286
CKV_K8S_43: "Image should use digest"
|
ci / sast / checkov:
deployment/deployment.yaml#L286
CKV_K8S_15: "Image Pull Policy should be Always"
|
ci / sast / checkov:
deployment/deployment.yaml#L410
CKV_K8S_35: "Prefer using secrets as files over secrets as environment variables"
|
ci / sast / checkov:
deployment/deployment.yaml#L410
CKV_K8S_43: "Image should use digest"
|
ci / sast / checkov:
deployment/deployment.yaml#L410
CKV_K8S_40: "Containers should run as a high UID to avoid host conflict"
|
ci / sast / checkov:
deployment/deployment.yaml#L286
CKV2_K8S_6: "Minimize the admission of pods which lack an associated NetworkPolicy"
|
ci / sast / checkov:
deployment/deployment.yaml#L410
CKV2_K8S_6: "Minimize the admission of pods which lack an associated NetworkPolicy"
|
ci / sast / checkov:
deployment/deployment.yaml#L219
CKV2_K8S_5: "No ServiceAccount/Node should be able to read all secrets"
|
ci / integration-test / self-hosted-notary
Process completed with exit code 3.
|
ci / sast / trivy config
Uploading multiple SARIF runs with the same category is deprecated and will be removed on June 4, 2025. Please update your workflow to upload a single run per category. For more information, see https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload
|
ci / unit-test / unit tests
The following actions use a deprecated Node.js version and will be forced to run on node20: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
ci / unit-test / unit tests
Failed to restore: "/usr/bin/tar" failed with error: The process '/usr/bin/tar' failed with exit code 2
|
ci / sast / codeql
1 issue was detected with this workflow: Please specify an on.push hook to analyze and see code scanning alerts from the default branch on the Security tab.
|
ci / sast / codeql
Unable to validate code scanning workflow: MissingPushHook
|
Artifacts
Produced during runtime
Name | Size | |
---|---|---|
cosign.pub
|
287 Bytes |
|
sbom.cdx
|
32 KB |
|
sse-secure-systems-connaisseur-test_sha-2982c7d.cyclonedx.json
|
32.1 KB |
|
sse-secure-systems~connaisseur~JT6IXU.dockerbuild
|
47.6 KB |
|