Skip to content
KICS security and vulnerability scanner

KICS security and vulnerability scanner #557

Sign in to view logs

KICS security and vulnerability scanner

KICS security and vulnerability scanner #557

Triggered via schedule August 17, 2023 00:30
@ds-jkreutzfeldds-jkreutzfeld
5d0e0aa
main
Status Failure
Total duration 2m 28s
Artifacts 1

kics.yml

on: schedule
Analyze
2m 19s
Analyze
Fit to window
Zoom out
Zoom in

Annotations

1 error and 10 warnings
Analyze
KICS scan failed with exit code 50
[HIGH] Passwords And Secrets - Generic Access Key: irs-api/src/main/resources/application-local.yml#L3
Query to find passwords and secrets in infrastructure code.
[HIGH] Passwords And Secrets - Generic Access Key: irs-api/src/main/resources/application-local.yml#L9
Query to find passwords and secrets in infrastructure code.
[HIGH] Passwords And Secrets - Generic Password: charts/irs-helm/values.yaml#L227
Query to find passwords and secrets in infrastructure code.
[MEDIUM] Using Unrecommended Namespace: charts/irs-helm/templates/configmap-spring-app-config.yaml#L1
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
[MEDIUM] Using Unrecommended Namespace: charts/irs-helm/templates/deployment.yaml#L1
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
[MEDIUM] Using Unrecommended Namespace: charts/irs-helm/templates/service.yaml#L1
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
[LOW] Container Requests Not Equal To It's Limits: charts/irs-helm/templates/deployment.yaml#L1
Containers must have the same resource requests set as limits. This is recommended to avoid resource DDoS of the node during spikes and means that 'requests.memory' and 'requests.cpu' must equal 'limits.memory' and 'limits.cpu', respectively
[LOW] IAM Access Analyzer Not Enabled: .github/workflows/tavern.yml#L1
IAM Access Analyzer should be enabled and configured to continuously monitor resource permissions
[LOW] IAM Access Analyzer Not Enabled: .github/workflows/spectral.yaml#L1
IAM Access Analyzer should be enabled and configured to continuously monitor resource permissions
[LOW] IAM Access Analyzer Not Enabled: .github/workflows/xray-cucumber.yaml#L1
IAM Access Analyzer should be enabled and configured to continuously monitor resource permissions

Artifacts

Produced during runtime
Name Size
kicsResults.json Expired
43.6 KB