Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: trufflehog workgflow added #352

Closed
wants to merge 52 commits into from

Merge branch 'feat/trufflehog-workflow' of github.com:Cofinity-X/upst…

4ff1822
Select commit
Loading
Failed to load commit list.
Closed

feat: trufflehog workgflow added #352

Merge branch 'feat/trufflehog-workflow' of github.com:Cofinity-X/upst…
4ff1822
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / KICS succeeded Oct 18, 2024 in 6s

97 new alerts

New alerts in code changed by this pull request

  • 76 warnings
  • 11 notes

See annotations below for details.

View all branch alerts.

Annotations

Check notice on line 23 in charts/managed-identity-wallet/templates/psql-pv.yaml

See this annotation in the file changed.

Code scanning / KICS

Pod or Container Without LimitRange Note

metadata.name={postgres-seed-pvc} does not have a 'LimitRange' policy associated

Check notice on line 23 in charts/managed-identity-wallet/templates/psql-pv.yaml

See this annotation in the file changed.

Code scanning / KICS

Pod or Container Without ResourceQuota Note

metadata.name={postgres-seed-pvc} does not have a 'ResourceQuota' policy associated

Check warning on line 23 in charts/managed-identity-wallet/templates/vcrs-configmap.yaml

See this annotation in the file changed.

Code scanning / KICS

Using Unrecommended Namespace Warning

metadata.namespace is undefined or null

Check notice on line 20 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Pod or Container Without LimitRange Note

metadata.name={verifiable-credential-revocation-service} does not have a 'LimitRange' policy associated

Check notice on line 20 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Pod or Container Without ResourceQuota Note

metadata.name={verifiable-credential-revocation-service} does not have a 'ResourceQuota' policy associated

Check warning on line 21 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Using Unrecommended Namespace Warning

metadata.namespace is undefined or null

Check notice on line 41 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Missing AppArmor Profile Note

metadata.name={verifiable-credential-revocation-service}.spec.template.metadata.annotations does not specify an AppArmor profile for container {managed-identity-wallet}

Check warning on line 51 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Service Account Token Automount Not Disabled Warning

metadata.name={verifiable-credential-revocation-service}.spec.template.spec.automountServiceAccountToken is undefined

Check warning on line 58 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

CPU Limits Not Set Warning

spec.template.spec.containers.name=managed-identity-wallet doesn't have limits defined

Check warning on line 58 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

CPU Requests Not Set Warning

spec.template.spec.containers.name=managed-identity-wallet.resources doesn't have requests defined

Check warning on line 58 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Container Running As Root Warning

metadata.name={verifiable-credential-revocation-service}.spec.template.spec.containers.name={managed-identity-wallet}.securityContext.runAsUser is 0 and 'runAsNonRoot' is false

Check warning on line 58 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Container Running With Low UID Warning

metadata.name={verifiable-credential-revocation-service}.spec.template.spec.containers.name={managed-identity-wallet}.securityContext.runAsUser is undefined

Check warning on line 58 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Memory Limits Not Defined Warning

metadata.name={verifiable-credential-revocation-service}.spec.template.spec.containers.name={managed-identity-wallet}.resources.limits.memory is undefined

Check warning on line 58 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Memory Requests Not Defined Warning

metadata.name={verifiable-credential-revocation-service}.spec.template.spec.containers.name={managed-identity-wallet}.resources.requests.memory is undefined

Check warning on line 58 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

NET_RAW Capabilities Not Being Dropped Warning

metadata.name={verifiable-credential-revocation-service}.spec.template.spec.containers.name={managed-identity-wallet}.securityContext.capabilities.drop is undefined

Check warning on line 58 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Seccomp Profile Is Not Configured Warning

metadata.name={verifiable-credential-revocation-service}.spec.template.spec.containers.name={managed-identity-wallet}.securityContext.seccompProfile.type is undefined

Check notice on line 58 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Image Without Digest Note

metadata.name={verifiable-credential-revocation-service}.spec.template.spec.containers.name={managed-identity-wallet}.image does not include an image digest

Check notice on line 58 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Invalid Image Tag Note

metadata.name={verifiable-credential-revocation-service}.spec.template.spec.containers.name={managed-identity-wallet}.image tag is not provided or latest

Check notice on line 58 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

No Drop Capabilities for Containers Note

metadata.name={verifiable-credential-revocation-service}.spec.containers.name={managed-identity-wallet}.securityContext.capabilities is undefined

Check notice on line 58 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Root Container Not Mounted Read-only Note

metadata.name={verifiable-credential-revocation-service}.spec.template.spec.containers.name={managed-identity-wallet}.securityContext.readOnlyRootFilesystem is undefined

Check notice on line 58 in charts/managed-identity-wallet/templates/vcrs-deployment.yaml

See this annotation in the file changed.

Code scanning / KICS

Secrets As Environment Variables Note

'spec.template.spec.containers.name={managed-identity-wallet}.envFrom.secretRef' is defined

Check warning on line 22 in charts/managed-identity-wallet/templates/vcrs-secrets.yaml

See this annotation in the file changed.

Code scanning / KICS

Using Unrecommended Namespace Warning

metadata.namespace is undefined or null

Check notice on line 22 in charts/managed-identity-wallet/templates/vcrs-secrets.yaml

See this annotation in the file changed.

Code scanning / KICS

Using Kubernetes Native Secret Management

External secret storage is not in use

Check warning on line 22 in charts/managed-identity-wallet/templates/vcrs-service.yaml

See this annotation in the file changed.

Code scanning / KICS

Using Unrecommended Namespace Warning

metadata.namespace is undefined or null

Check warning on line 15 in docs/api/revocation-service/openapi_v001.json

See this annotation in the file changed.

Code scanning / KICS

Global Server Object Uses HTTP Warning documentation

Global servers' URL are not using HTTPS protocol