Update Enterprise Version to 2024.9 #25
bsee-botkics-and-release.yaml
on: push
kics-github-action
27s
release-job
7s
Annotations
14 warnings
|
kics-github-action
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/upload-artifact@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
[MEDIUM] Service Account Token Automount Not Disabled:
charts/helm-chart/templates/enterprise-server/deployment.yml#L26
Service Account Tokens are automatically mounted even if not necessary
|
|
[MEDIUM] Volume Mount With OS Directory Write Permissions:
charts/helm-chart/templates/web-server/deployment.yml#L124
Containers can mount sensitive folders from the hosts, giving them potentially dangerous access to critical host configurations and binaries.
|
|
[MEDIUM] Volume Mount With OS Directory Write Permissions:
charts/helm-chart/templates/enterprise-server/deployment.yml#L34
Containers can mount sensitive folders from the hosts, giving them potentially dangerous access to critical host configurations and binaries.
|
|
[MEDIUM] Volume Mount With OS Directory Write Permissions:
charts/helm-chart/templates/enterprise-server/deployment.yml#L95
Containers can mount sensitive folders from the hosts, giving them potentially dangerous access to critical host configurations and binaries.
|
|
[MEDIUM] Volume Mount With OS Directory Write Permissions:
charts/helm-chart/templates/web-server/deployment.yml#L33
Containers can mount sensitive folders from the hosts, giving them potentially dangerous access to critical host configurations and binaries.
|
|
[LOW] Container Requests Not Equal To It's Limits:
charts/helm-chart/templates/enterprise-server/deployment.yml#L34
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
|
|
[LOW] Container Requests Not Equal To It's Limits:
charts/helm-chart/templates/web-server/deployment.yml#L101
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
|
|
[LOW] Container Requests Not Equal To It's Limits:
charts/helm-chart/templates/web-server/deployment.yml#L104
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
|
|
[LOW] Container Requests Not Equal To It's Limits:
charts/helm-chart/templates/enterprise-server/deployment.yml#L130
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
|
|
[LOW] Container Requests Not Equal To It's Limits:
charts/helm-chart/templates/enterprise-server/deployment.yml#L34
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
|
|
release-job
The following actions use a deprecated Node.js version and will be forced to run on node20: azure/setup-helm@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
release-job
Error while fetching latest Helm release: Error: [@octokit/auth-action] `GITHUB_TOKEN` variable is not set. It must be set on either `env:` or `with:`. See https:/octokit/auth-action.js#createactionauth. Using default version v3.9.0
|
|
Deprecation notice: v1, v2, and v3 of the artifact actions
The following artifacts were uploaded using a version of actions/upload-artifact that is scheduled for deprecation: "Kics report".
Please update your workflow to use v4 of the artifact actions.
Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/
|
Artifacts
Produced during runtime
| Name | Size | |
|---|---|---|
|
Kics report
|
132 KB |
|