Dbp 1012 setup loadtest env #11
Open
Annotations
11 warnings
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
Scan with kics:
charts/schulportal-load-tests/templates/cronjob.yaml#L56
Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities in case of compromise
|
Scan with kics:
charts/schulportal-load-tests/templates/cronjob.yaml#L56
Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities in case of compromise
|
Scan with kics:
charts/schulportal-load-tests/templates/cronjob.yaml#L56
Check if containers are running with low UID, which might cause conflicts with the host's user table.
|
Scan with kics:
charts/schulportal-load-tests/templates/cronjob.yaml#L56
Check if containers are running with low UID, which might cause conflicts with the host's user table.
|
Scan with kics:
charts/schulportal-load-tests/templates/cronjob.yaml#L56
Containers should drop 'ALL' or at least 'NET_RAW' capabilities
|
Scan with kics:
charts/schulportal-load-tests/templates/cronjob.yaml#L56
Containers should drop 'ALL' or at least 'NET_RAW' capabilities
|
Scan with kics:
charts/schulportal-load-tests/templates/cronjob.yaml#L56
Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
|
Scan with kics:
charts/schulportal-load-tests/templates/cronjob.yaml#L56
Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
|
Scan with kics:
charts/schulportal-load-tests/templates/cronjob.yaml#L57
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
|
Scan with kics:
charts/schulportal-load-tests/templates/cronjob.yaml#L57
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
|
Loading