Skip to content
Helm chart validation

Add scanning for misconfigurations #20

Sign in to view logs

Add scanning for misconfigurations

Add scanning for misconfigurations #20

Triggered via pull request December 20, 2023 14:19
@ppawlowskippawlowski
opened #248
feat-misconfig-scan
Status Success
Total duration 3m 3s
Artifacts

helm-chart.yml

on: pull_request
Lint and install chart
2m 54s
Lint and install chart
Validate chart against kubernetes API
51s
Validate chart against kubernetes API
Scan chart
30s
Scan chart
Fit to window
Zoom out
Zoom in

Annotations

10 errors and 49 warnings
Scan chart: templated_chart.yaml#L31
CKV_K8S_21: "The default namespace should not be used"
Scan chart: templated_chart.yaml#L44
CKV_K8S_21: "The default namespace should not be used"
Scan chart: templated_chart.yaml#L59
CKV_K8S_21: "The default namespace should not be used"
Scan chart: templated_chart.yaml#L102
CKV_K8S_21: "The default namespace should not be used"
Scan chart: templated_chart.yaml#L157
CKV_K8S_21: "The default namespace should not be used"
Scan chart: templated_chart.yaml#L188
CKV_K8S_21: "The default namespace should not be used"
Scan chart: templated_chart.yaml#L211
CKV_K8S_21: "The default namespace should not be used"
Scan chart: templated_chart.yaml#L224
CKV_K8S_11: "CPU limits should be set"
Scan chart: templated_chart.yaml#L224
CKV_K8S_8: "Liveness Probe Should be Configured"
Scan chart: templated_chart.yaml#L224
CKV_K8S_38: "Ensure that Service Account Tokens are only mounted where necessary"
[HIGH] CVE-2022-28391 (busybox-1.31.1-r21) failed: busybox-1.31.1-r21#L0
trivy-junit-results.xml
[HIGH] CVE-2022-0778 (libcrypto1.1-1.1.1l-r0) failed: libcrypto1.1-1.1.1l-r0#L0
trivy-junit-results.xml
[HIGH] CVE-2022-0778 (libssl1.1-1.1.1l-r0) failed: libssl1.1-1.1.1l-r0#L0
trivy-junit-results.xml
[HIGH] CVE-2022-28391 (ssl_client-1.31.1-r21) failed: ssl_client-1.31.1-r21#L0
trivy-junit-results.xml
[CRITICAL] CVE-2022-37434 (zlib-1.2.11-r3) failed: zlib-1.2.11-r3#L0
trivy-junit-results.xml
[HIGH] CVE-2018-25032 (zlib-1.2.11-r3) failed: zlib-1.2.11-r3#L0
trivy-junit-results.xml
[HIGH] CVE-2021-3807 (ansi-regex-3.0.0) failed: ansi-regex-3.0.0#L0
trivy-junit-results.xml
[HIGH] CVE-2021-3807 (ansi-regex-5.0.0) failed: ansi-regex-5.0.0#L0
trivy-junit-results.xml
[MEDIUM] CVE-2023-45857 (axios-0.27.0) failed: axios-0.27.0#L0
trivy-junit-results.xml
[MEDIUM] CVE-2022-33987 (got-11.8.3) failed: got-11.8.3#L0
trivy-junit-results.xml
[HIGH] CVE-2022-25881 (http-cache-semantics-4.1.0) failed: http-cache-semantics-4.1.0#L0
trivy-junit-results.xml
[HIGH] CVE-2022-3517 (minimatch-3.0.4) failed: minimatch-3.0.4#L0
trivy-junit-results.xml
[MEDIUM] GHSA-v78c-4p63-2j6c (moment-timezone-0.5.34) failed: moment-timezone-0.5.34#L0
trivy-junit-results.xml
[HIGH] CVE-2022-29244 (npm-8.1.2) failed: npm-8.1.2#L0
trivy-junit-results.xml
[MEDIUM] CVE-2022-25896 (passport-0.5.2) failed: passport-0.5.2#L0
trivy-junit-results.xml
[HIGH] CVE-2022-24999 (qs-6.9.6) failed: qs-6.9.6#L0
trivy-junit-results.xml
[MEDIUM] CVE-2022-25883 (semver-6.3.0) failed: semver-6.3.0#L0
trivy-junit-results.xml
All 2 runs failed: [MEDIUM] CVE-2022-25883 (semver-7.3.5): semver-7.3.5#L0
trivy-junit-results.xml
[MEDIUM] CVE-2023-26136 (tough-cookie-4.0.0) failed: tough-cookie-4.0.0#L0
trivy-junit-results.xml
[MEDIUM] CVE-2023-0842 (xml2js-0.4.23) failed: xml2js-0.4.23#L0
trivy-junit-results.xml
[MEDIUM] GHSA-v78c-4p63-2j6c (moment-timezone-0.5.34) failed: moment-timezone-0.5.34#L0
trivy-junit-results.xml
All 2 runs failed: [MEDIUM] CVE-2022-25883 (semver-7.3.7): semver-7.3.7#L0
trivy-junit-results.xml
[MEDIUM] CVE-2023-26136 (tough-cookie-4.0.0) failed: tough-cookie-4.0.0#L0
trivy-junit-results.xml
[MEDIUM] CVE-2023-0842 (xml2js-0.4.23) failed: xml2js-0.4.23#L0
trivy-junit-results.xml
[HIGH] CVE-2022-28391 (busybox-1.31.1-r21) failed: busybox-1.31.1-r21#L0
trivy-junit-results.xml
[HIGH] CVE-2022-0778 (libcrypto1.1-1.1.1l-r0) failed: libcrypto1.1-1.1.1l-r0#L0
trivy-junit-results.xml
[HIGH] CVE-2022-0778 (libssl1.1-1.1.1l-r0) failed: libssl1.1-1.1.1l-r0#L0
trivy-junit-results.xml
[HIGH] CVE-2022-28391 (ssl_client-1.31.1-r21) failed: ssl_client-1.31.1-r21#L0
trivy-junit-results.xml
[CRITICAL] CVE-2022-37434 (zlib-1.2.11-r3) failed: zlib-1.2.11-r3#L0
trivy-junit-results.xml
[HIGH] CVE-2018-25032 (zlib-1.2.11-r3) failed: zlib-1.2.11-r3#L0
trivy-junit-results.xml
[HIGH] CVE-2021-3807 (ansi-regex-3.0.0) failed: ansi-regex-3.0.0#L0
trivy-junit-results.xml
[HIGH] CVE-2021-3807 (ansi-regex-5.0.0) failed: ansi-regex-5.0.0#L0
trivy-junit-results.xml
[MEDIUM] CVE-2023-45857 (axios-0.27.0) failed: axios-0.27.0#L0
trivy-junit-results.xml
[MEDIUM] CVE-2022-33987 (got-11.8.3) failed: got-11.8.3#L0
trivy-junit-results.xml
[HIGH] CVE-2022-25881 (http-cache-semantics-4.1.0) failed: http-cache-semantics-4.1.0#L0
trivy-junit-results.xml
[HIGH] CVE-2022-3517 (minimatch-3.0.4) failed: minimatch-3.0.4#L0
trivy-junit-results.xml
[MEDIUM] GHSA-v78c-4p63-2j6c (moment-timezone-0.5.34) failed: moment-timezone-0.5.34#L0
trivy-junit-results.xml
[HIGH] CVE-2022-29244 (npm-8.1.2) failed: npm-8.1.2#L0
trivy-junit-results.xml
[MEDIUM] CVE-2022-25896 (passport-0.5.2) failed: passport-0.5.2#L0
trivy-junit-results.xml
[HIGH] CVE-2022-24999 (qs-6.9.6) failed: qs-6.9.6#L0
trivy-junit-results.xml
All 2 runs failed: [MEDIUM] CVE-2022-25883 (semver-7.3.5): semver-7.3.5#L0
trivy-junit-results.xml
[MEDIUM] CVE-2023-26136 (tough-cookie-4.0.0) failed: tough-cookie-4.0.0#L0
trivy-junit-results.xml
[MEDIUM] CVE-2023-0842 (xml2js-0.4.23) failed: xml2js-0.4.23#L0
trivy-junit-results.xml
[MEDIUM] CVE-2023-26136 (tough-cookie-2.5.0) failed: tough-cookie-2.5.0#L0
trivy-junit-results.xml
[MEDIUM] GHSA-v78c-4p63-2j6c (moment-timezone-0.5.34) failed: moment-timezone-0.5.34#L0
trivy-junit-results.xml
All 2 runs failed: [MEDIUM] CVE-2022-25883 (semver-7.3.7): semver-7.3.7#L0
trivy-junit-results.xml
[MEDIUM] CVE-2023-26136 (tough-cookie-4.0.0) failed: tough-cookie-4.0.0#L0
trivy-junit-results.xml
[MEDIUM] CVE-2023-0842 (xml2js-0.4.23) failed: xml2js-0.4.23#L0
trivy-junit-results.xml
[MEDIUM] CVE-2023-26136 (tough-cookie-2.5.0) failed: tough-cookie-2.5.0#L0
trivy-junit-results.xml