Seperate school and role #5251
marode-cap
branch_meta
/
branch_meta
0s
create_branch_identifier_for_deletion
/
convert_branch_name
Check deployment clearance
5s
Scheduled trivy scan of latest image
/
Trivy Scan
CodeQL
/
Analyze CodeQL
1m 50s
Linting
/
Nest Lint
1m 24s
Tests and Sonarcloud
/
Tests and Sonarcloud
3m 21s
scan_helm
/
Kics Helm Chart Scan
24s
delete_namespace
/
create_dbildungs_iam_keycloak_db_name
delete_namespace
/
create_dbildungs_iam_server_db_name
delete_namespace
/
create_ticket_nr_variable
select_helm_version_generation_and_image_tag_generation
0s
trivy_scan_rocketchat_notification
0s
Publish image and scan with trivy
/
Publish image
1m 8s
delete_successful
0s
Publish image and scan with trivy
/
...
/
Trivy Scan
30s
deploy
/
...
/
search_for_helm_tagname
15s
deploy
/
...
/
search_for_helm_tagname
4s
deploy
/
...
/
search_for_helm_tagname
16s
deploy
/
...
/
search_for_helm_tagname
17s
deploy
/
recreate_dbildungs_iam_keycloak_db_name
0s
deploy
/
recreate_dbildungs_iam_server_db_name
0s
deploy
/
...
/
run_playwright_end2end_tests
5m 14s
Annotations
13 warnings
|
[MEDIUM] Container Running With Low UID:
charts/schulportal-client/templates/deployment.yaml#L30
Check if containers are running with low UID, which might cause conflicts with the host's user table.
|
|
[MEDIUM] Readiness Probe Is Not Configured:
charts/schulportal-client/templates/deployment.yaml#L25
Check if Readiness Probe is not configured.
|
|
[LOW] Container Requests Not Equal To It's Limits:
charts/schulportal-client/templates/deployment.yaml#L25
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
|
|
[LOW] Container Requests Not Equal To It's Limits:
charts/schulportal-client/templates/deployment.yaml#L25
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
|
|
[LOW] Image Without Digest:
charts/schulportal-client/templates/deployment.yaml#L27
Images should be specified together with their digests to ensure integrity
|
|
[LOW] Liveness Probe Is Not Defined:
charts/schulportal-client/templates/deployment.yaml#L25
In case of an unresponsive container, a Liveness Probe can help your application become more available since it restarts the container. However, it can lead to cascading failures. Define one if you really need it
|
|
[LOW] Missing AppArmor Profile:
charts/schulportal-client/templates/deployment.yaml#L18
Containers should be configured with an AppArmor profile to enforce fine-grained access control over low-level system resources
|
|
[LOW] Pod or Container Without LimitRange:
charts/schulportal-client/templates/deployment.yaml#L5
Each namespace should have a LimitRange policy associated to ensure that resource allocations of Pods, Containers and PersistentVolumeClaims do not exceed the defined boundaries
|
|
[LOW] Pod or Container Without ResourceQuota:
charts/schulportal-client/templates/deployment.yaml#L5
Each namespace should have a ResourceQuota policy associated to limit the total amount of resources Pods, Containers and PersistentVolumeClaims can consume
|
|
[LOW] Root Container Not Mounted Read-only:
charts/schulportal-client/templates/deployment.yaml#L30
Check if the root container filesystem is not being mounted read-only.
|
|
|
|
|
|
|
Artifacts
Produced during runtime
| Name | Size | |
|---|---|---|
|
playwright-report
|
225 KB |
|
|
test-artifacts
|
523 KB |
|