CI Infra Checks

Update bridgecrewio/checkov-action action to v12.2875.0 #1330

Sign in to view logs

Triggered via pull request August 23, 2024 03:32

reopened #2021

renovate/cicd

Status Failure

Total duration 1m 12s

Artifacts –

ci-infra.yml

on: pull_request

Lint GitHub Actions workflows

Check Terraform format

Validate Terraform modules

Check compliance with checkov

Check compliance with tfsec

Annotations

10 errors and 6 warnings

Check compliance with checkov

CKV_AWS_354: "Ensure RDS Performance Insights are encrypted using KMS CMKs"

Check compliance with checkov

CKV_AWS_356: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"

Check compliance with checkov

CKV_TF_1: "Ensure Terraform module sources use a commit hash"

Check compliance with checkov

CKV_AWS_356: "Ensure no IAM policies documents allow "*" as a statement's resource for restrictable actions"

Check compliance with checkov

CKV2_AWS_64: "Ensure KMS key Policy is defined"

Check compliance with checkov

CKV2_AWS_64: "Ensure KMS key Policy is defined"

Check compliance with checkov

CKV2_AWS_64: "Ensure KMS key Policy is defined"

Check compliance with checkov

CKV2_AWS_64: "Ensure KMS key Policy is defined"

Check compliance with checkov

CKV2_AWS_64: "Ensure KMS key Policy is defined"

Check compliance with checkov

CKV2_AWS_64: "Ensure KMS key Policy is defined"

Lint scripts

The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/

Lint GitHub Actions workflows

The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/

Check Terraform format

The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, hashicorp/setup-terraform@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/

Check compliance with tfsec

The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/

Check compliance with checkov

The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, actions/setup-python@v4. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/

Validate Terraform modules

The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, hashicorp/setup-terraform@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/