Skip to content

KICS

KICS #60

Triggered via schedule June 2, 2024 00:13
Status Failure
Total duration 1m 23s
Billable time 2m
Artifacts

kics.yml

on: schedule
Fit to window
Zoom out
Zoom in

Annotations

1 error and 14 warnings
Analyze
Advanced Security must be enabled for this repository to use code scanning.
Analyze
Advanced Security must be enabled for this repository to use code scanning.
Analyze
This run of the CodeQL Action does not have permission to access Code Scanning API endpoints. As a result, it will not be opted into any experimental features. This could be because the Action is running on a pull request from a fork. If not, please ensure the Action has the 'security-events: write' permission. Details: Advanced Security must be enabled for this repository to use code scanning.
Analyze
Advanced Security must be enabled for this repository to use code scanning.
Analyze
Advanced Security must be enabled for this repository to use code scanning.
[MEDIUM] Container Running With Low UID: charts/dim/templates/deployment.yaml#L40
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Container Running With Low UID: charts/dim/templates/cronjob-processes.yaml#L38
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Seccomp Profile Is Not Configured: charts/dim/templates/cronjob-processes.yaml#L38
Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
[MEDIUM] Seccomp Profile Is Not Configured: charts/dim/templates/deployment.yaml#L40
Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
[MEDIUM] Service Account Token Automount Not Disabled: charts/dim/templates/cronjob-processes.yaml#L36
Service Account Tokens are automatically mounted even if not necessary
[MEDIUM] Service Account Token Automount Not Disabled: charts/dim/templates/deployment.yaml#L39
Service Account Tokens are automatically mounted even if not necessary
[LOW] CronJob Deadline Not Configured: charts/dim/templates/cronjob-processes.yaml#L21
Cronjobs must have a configured deadline, which means the attribute 'startingDeadlineSeconds' must be defined
[LOW] Deployment Without PodDisruptionBudget: charts/dim/templates/deployment.yaml#L33
Deployments should be assigned with a PodDisruptionBudget to ensure high availability
[LOW] Image Pull Policy Of The Container Is Not Set To Always: charts/dim/templates/cronjob-processes.yaml#L38
Image Pull Policy of the container must be defined and set to Always
[LOW] Image Pull Policy Of The Container Is Not Set To Always: charts/dim/templates/deployment.yaml#L40
Image Pull Policy of the container must be defined and set to Always