fix: Fix handling of undefined values in values.yaml #134
pr.yml
on: pull_request
ci
/
conditionals
0s
ci
/
...
/
ossf-scorecard
24s
ci
/
...
/
dependency review
4s
ci
/
...
/
check-commit-message
4s
ci
/
...
/
unit tests
41s
ci
/
...
/
checkov
38s
ci
/
...
/
codeql
4m 18s
ci
/
...
/
golangci-lint
1m 40s
ci
/
...
/
gosec
1m 56s
ci
/
...
/
hadolint
17s
ci
/
...
/
kubelinter
15s
ci
/
...
/
semgrep
33s
ci
/
...
/
trivy config
35s
ci
/
...
/
deploy
16s
ci
/
...
/
trivy image
36s
ci
/
...
/
grype
37s
ci
/
...
/
dependency review
14s
Matrix: ci / integration-test / functional
Matrix: ci / integration-test / k8s versions
Matrix: ci / integration-test / optional
Matrix: ci / integration-test / optional k8s versions
Matrix: ci / integration-test / self-hosted-notary
Annotations
10 errors and 9 warnings
ci / sast / checkov:
deployment/deployment.yaml#L286
CKV_K8S_43: "Image should use digest"
|
ci / sast / checkov:
deployment/deployment.yaml#L286
CKV_K8S_31: "Ensure that the seccomp profile is set to docker/default or runtime/default"
|
ci / sast / checkov:
deployment/deployment.yaml#L286
CKV_K8S_38: "Ensure that Service Account Tokens are only mounted where necessary"
|
ci / sast / checkov:
deployment/deployment.yaml#L286
CKV_K8S_35: "Prefer using secrets as files over secrets as environment variables"
|
ci / sast / checkov:
deployment/deployment.yaml#L417
CKV_K8S_43: "Image should use digest"
|
ci / sast / checkov:
deployment/deployment.yaml#L417
CKV_K8S_31: "Ensure that the seccomp profile is set to docker/default or runtime/default"
|
ci / sast / checkov:
deployment/deployment.yaml#L417
CKV_K8S_35: "Prefer using secrets as files over secrets as environment variables"
|
ci / sast / checkov:
deployment/deployment.yaml#L286
CKV2_K8S_6: "Minimize the admission of pods which lack an associated NetworkPolicy"
|
ci / sast / checkov:
deployment/deployment.yaml#L417
CKV2_K8S_6: "Minimize the admission of pods which lack an associated NetworkPolicy"
|
ci / sast / checkov:
deployment/deployment.yaml#L219
CKV2_K8S_5: "No ServiceAccount/Node should be able to read all secrets"
|
ci / build / context
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: docker/metadata-action@507c2f2dc502c992ad446e3d7a5dfbe311567a96. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
ci / sast / trivy config
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: github/codeql-action/upload-sarif@32dc499307d133bb5085bae78498c0ac2cf762d5. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
ci / unit-test / unit tests
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
ci / build / build
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: docker/setup-buildx-action@f03ac48505955848960e80bbb68046aa35c7b9e7, docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a, docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671, anchore/sbom-action@5ecf649a417b8ae17dc8383dc32d46c03f2312df, actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
ci / sca / trivy image
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a, github/codeql-action/upload-sarif@32dc499307d133bb5085bae78498c0ac2cf762d5. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
ci / sca / grype
Failed minimum severity level. Found vulnerabilities with level 'medium' or higher
|
ci / sca / grype
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a, anchore/scan-action@dafbc97d7259af88b61bd260f2fde565d0668a72, github/codeql-action/upload-sarif@32dc499307d133bb5085bae78498c0ac2cf762d5. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
ci / sast / codeql
1 issue was detected with this workflow: Please specify an on.push hook to analyze and see code scanning alerts from the default branch on the Security tab.
|
Deprecation notice: v1, v2, and v3 of the artifact actions
The following artifacts were uploaded using a version of actions/upload-artifact that is scheduled for deprecation: "cosign.pub", "sbom.cdx", "sse-secure-systems-connaisseur-test_sha-915c264.cyclonedx.json".
Please update your workflow to use v4 of the artifact actions.
Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/
|
Artifacts
Produced during runtime
Name | Size | |
---|---|---|
cosign.pub
Expired
|
178 Bytes |
|
sbom.cdx
Expired
|
269 KB |
|
sse-secure-systems-connaisseur-test_sha-915c264.cyclonedx.json
Expired
|
268 KB |
|