Checkov #626
Annotations
10 errors and 3 warnings
Checkov:
job.yaml#L27
CKV_K8S_31: "Ensure that the seccomp profile is set to docker/default or runtime/default"
|
Checkov:
job.yaml#L27
CKV_K8S_43: "Image should use digest"
|
Checkov:
job.yaml#L27
CKV_K8S_23: "Minimize the admission of root containers"
|
Checkov:
job.yaml#L27
CKV_K8S_29: "Apply security context to your pods and containers"
|
Checkov:
job.yaml#L27
CKV_K8S_40: "Containers should run as a high UID to avoid host conflict"
|
Checkov:
job.yaml#L27
CKV_K8S_38: "Ensure that Service Account Tokens are only mounted where necessary"
|
Checkov:
job.yaml#L27
CKV_K8S_20: "Containers should not run with allowPrivilegeEscalation"
|
Checkov:
job.yaml#L27
CKV_K8S_22: "Use read-only filesystem for containers where possible"
|
Checkov:
job.yaml#L27
CKV_K8S_14: "Image Tag should be fixed - not latest or blank"
|
Checkov:
job.yaml#L27
CKV_K8S_30: "Apply security context to your containers"
|
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/setup-python@v1. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
|
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/setup-python@v1, actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
Upload SARIF file
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/
|
Loading