Skip to content
KICS security and vulnerability scanner

Merge pull request #150 from catenax-ng/main #551

Sign in to view logs

Merge pull request #150 from catenax-ng/main

Merge pull request #150 from catenax-ng/main #551

Triggered via push August 11, 2023 11:05
@ds-jhartmannds-jhartmann
pushed 5d0e0aa
main
Status Failure
Total duration 2m 38s
Artifacts 1

kics.yml

on: push
Analyze
2m 27s
Analyze
Fit to window
Zoom out
Zoom in

Annotations

1 error and 10 warnings
Analyze
KICS scan failed with exit code 50
[HIGH] Passwords And Secrets - Generic Access Key: irs-api/src/main/resources/application-local.yml#L9
Query to find passwords and secrets in infrastructure code.
[HIGH] Passwords And Secrets - Generic Access Key: irs-api/src/main/resources/application-local.yml#L3
Query to find passwords and secrets in infrastructure code.
[HIGH] Passwords And Secrets - Generic Password: charts/irs-helm/values.yaml#L227
Query to find passwords and secrets in infrastructure code.
[MEDIUM] Using Unrecommended Namespace: charts/irs-helm/templates/configmap-spring-app-config.yaml#L1
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
[MEDIUM] Using Unrecommended Namespace: charts/irs-helm/templates/deployment.yaml#L1
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
[MEDIUM] Using Unrecommended Namespace: charts/irs-helm/templates/service.yaml#L1
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
[LOW] Container Requests Not Equal To It's Limits: charts/irs-helm/templates/deployment.yaml#L1
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
[LOW] IAM Access Analyzer Not Enabled: charts/irs-helm/templates/service.yaml#L23
IAM Access Analyzer should be enabled and configured to continuously monitor resource permissions
[LOW] IAM Access Analyzer Not Enabled: .config/spectral/restBasicsHttpStatusCodes.yml#L1
IAM Access Analyzer should be enabled and configured to continuously monitor resource permissions
[LOW] IAM Access Analyzer Not Enabled: charts/irs-helm/values.yaml#L1
IAM Access Analyzer should be enabled and configured to continuously monitor resource permissions

Artifacts

Produced during runtime
Name Size
kicsResults.json Expired
43.6 KB