Checkov #630
Annotations
10 errors and 3 warnings
Checkov:
sts.yaml#L31
CKV_K8S_35: "Prefer using secrets as files over secrets as environment variables"
|
Checkov:
sts.yaml#L31
CKV_K8S_15: "Image Pull Policy should be Always"
|
Checkov:
sts.yaml#L31
CKV_K8S_38: "Ensure that Service Account Tokens are only mounted where necessary"
|
Checkov:
sts.yaml#L31
CKV_K8S_40: "Containers should run as a high UID to avoid host conflict"
|
Checkov:
sts.yaml#L31
CKV_K8S_31: "Ensure that the seccomp profile is set to docker/default or runtime/default"
|
Checkov:
sts.yaml#L31
CKV_K8S_43: "Image should use digest"
|
Checkov:
pod.yaml#L34
CKV_K8S_28: "Minimize the admission of containers with the NET_RAW capability"
|
Checkov:
pod.yaml#L34
CKV_K8S_22: "Use read-only filesystem for containers where possible"
|
Checkov:
pod.yaml#L34
CKV_K8S_29: "Apply security context to your pods and containers"
|
Checkov:
pod.yaml#L34
CKV_K8S_8: "Liveness Probe Should be Configured"
|
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/setup-python@v1. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/
|
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/setup-python@v1, actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
Upload SARIF file
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/
|
Loading