Skip to content

KICS

KICS #43

Triggered via schedule August 2, 2024 01:18
Status Success
Total duration 43s
Artifacts

kics.yml

on: schedule
Fit to window
Zoom out
Zoom in

Annotations

10 warnings
[MEDIUM] Container Running With Low UID: charts/policy-hub/templates/deployment-hub.yaml#L39
Check if containers are running with low UID, which might cause conflicts with the host's user table.
[MEDIUM] Seccomp Profile Is Not Configured: charts/policy-hub/templates/deployment-hub.yaml#L39
Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
[MEDIUM] Service Account Token Automount Not Disabled: charts/policy-hub/templates/deployment-hub.yaml#L38
Service Account Tokens are automatically mounted even if not necessary
[LOW] Deployment Without PodDisruptionBudget: charts/policy-hub/templates/deployment-hub.yaml#L32
Deployments should be assigned with a PodDisruptionBudget to ensure high availability
[LOW] Image Pull Policy Of The Container Is Not Set To Always: charts/policy-hub/templates/deployment-hub.yaml#L39
Image Pull Policy of the container must be defined and set to Always
[LOW] Image Without Digest: charts/policy-hub/templates/deployment-hub.yaml#L39
Images should be specified together with their digests to ensure integrity
[LOW] Missing AppArmor Profile: charts/policy-hub/templates/deployment-hub.yaml#L35
Containers should be configured with an AppArmor profile to enforce fine-grained access control over low-level system resources
[LOW] Pod or Container Without LimitRange: charts/policy-hub/templates/deployment-hub.yaml#L20
Each namespace should have a LimitRange policy associated to ensure that resource allocations of Pods, Containers and PersistentVolumeClaims do not exceed the defined boundaries
[LOW] Pod or Container Without ResourceQuota: charts/policy-hub/templates/deployment-hub.yaml#L20
Each namespace should have a ResourceQuota policy associated to limit the total amount of resources Pods, Containers and PersistentVolumeClaims can consume
[LOW] Secrets As Environment Variables: charts/policy-hub/templates/deployment-hub.yaml#L65
Container should not use secrets as environment variables