Skip to content
push

update: bump the gh-actions-packages group across 1 directory with 4 … #76

Sign in to view logs

update: bump the gh-actions-packages group across 1 directory with 4 …

update: bump the gh-actions-packages group across 1 directory with 4 … #76

Re-run triggered November 22, 2024 10:58
@StarkteetjeStarkteetje
e7e0698
master
Status Success
Total duration 2m 42s
Artifacts 3

push.yml

on: push
ci  /  conditionals
0s
ci / conditionals
ci  /  ...  /  context
7s
ci / build / context
ci  /  ...  /  ossf-scorecard
43s
ci / compliance / ossf-scorecard
ci  /  ...  /  dependency review
0s
ci / compliance / dependency review
ci  /  ...  /  check-commit-message
0s
ci / compliance / check-commit-message
ci  /  ...  /  unit tests
2m 28s
ci / unit-test / unit tests
ci  /  ...  /  checkov
38s
ci / sast / checkov
ci  /  ...  /  codeql
3m 41s
ci / sast / codeql
ci  /  ...  /  golangci-lint
2m 11s
ci / sast / golangci-lint
ci  /  ...  /  gosec
2m 31s
ci / sast / gosec
ci  /  ...  /  hadolint
22s
ci / sast / hadolint
ci  /  ...  /  kubelinter
17s
ci / sast / kubelinter
ci  /  ...  /  semgrep
34s
ci / sast / semgrep
ci  /  ...  /  trivy config
39s
ci / sast / trivy config
ci  /  ...  /  deploy
13s
ci / docs / deploy
ci  /  ...  /  build
2m 15s
ci / build / build
ci  /  ...  /  trivy image
26s
ci / sca / trivy image
ci  /  ...  /  grype
30s
ci / sca / grype
ci  /  ...  /  dependency review
23s
ci / sca / syft / dependency review
Matrix: ci / integration-test / functional
Matrix: ci / integration-test / k8s versions
Matrix: ci / integration-test / optional
Matrix: ci / integration-test / optional k8s versions
Matrix: ci / integration-test / self-hosted-notary
Fit to window
Zoom out
Zoom in

Annotations

10 errors and 17 warnings
ci / sast / checkov: deployment/deployment.yaml#L286
CKV_K8S_38: "Ensure that Service Account Tokens are only mounted where necessary"
ci / sast / checkov: deployment/deployment.yaml#L286
CKV_K8S_35: "Prefer using secrets as files over secrets as environment variables"
ci / sast / checkov: deployment/deployment.yaml#L286
CKV_K8S_43: "Image should use digest"
ci / sast / checkov: deployment/deployment.yaml#L286
CKV_K8S_15: "Image Pull Policy should be Always"
ci / sast / checkov: deployment/deployment.yaml#L410
CKV_K8S_35: "Prefer using secrets as files over secrets as environment variables"
ci / sast / checkov: deployment/deployment.yaml#L410
CKV_K8S_43: "Image should use digest"
ci / sast / checkov: deployment/deployment.yaml#L410
CKV_K8S_40: "Containers should run as a high UID to avoid host conflict"
ci / sast / checkov: deployment/deployment.yaml#L286
CKV2_K8S_6: "Minimize the admission of pods which lack an associated NetworkPolicy"
ci / sast / checkov: deployment/deployment.yaml#L410
CKV2_K8S_6: "Minimize the admission of pods which lack an associated NetworkPolicy"
ci / sast / checkov: deployment/deployment.yaml#L219
CKV2_K8S_5: "No ServiceAccount/Node should be able to read all secrets"
ci / build / context
The following actions use a deprecated Node.js version and will be forced to run on node20: docker/metadata-action@507c2f2dc502c992ad446e3d7a5dfbe311567a96. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
ci / sast / gosec
Failed to download action 'https://api.github.com/repos/securego/gosec/tarball/d4617f51baf75f4f809066386a4f9d27b3ac3e46'. Error: Response status code does not indicate success: 500 (Internal Server Error). 4080:FFFCD:2A6679:541949:67405EE0
ci / sast / gosec
Back off 28.436 seconds before retry.
ci / unit-test / unit tests
The following actions use a deprecated Node.js version and will be forced to run on node20: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
ci / sast / trivy config
The following actions use a deprecated Node.js version and will be forced to run on node20: github/codeql-action/upload-sarif@32dc499307d133bb5085bae78498c0ac2cf762d5. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
ci / build / build
The following actions use a deprecated Node.js version and will be forced to run on node20: docker/setup-buildx-action@f03ac48505955848960e80bbb68046aa35c7b9e7, docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a, docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671, anchore/sbom-action@5ecf649a417b8ae17dc8383dc32d46c03f2312df, actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
ci / sca / trivy image
The following actions use a deprecated Node.js version and will be forced to run on node20: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a, github/codeql-action/upload-sarif@32dc499307d133bb5085bae78498c0ac2cf762d5. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
ci / sca / grype
The following actions use a deprecated Node.js version and will be forced to run on node20: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a, anchore/scan-action@dafbc97d7259af88b61bd260f2fde565d0668a72, github/codeql-action/upload-sarif@32dc499307d133bb5085bae78498c0ac2cf762d5. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
ci / integration-test / optional k8s versions (v1.22)
Failed to download action 'https://api.github.com/repos/docker/login-action/tarball/9780b0c442fbb1117ed29e0efdff1e18412f7567'. Error: Response status code does not indicate success: 500 (Internal Server Error). 2500:2CEA02:2B68FD:55EB2E:67405FA3
ci / integration-test / optional k8s versions (v1.22)
Back off 20.457 seconds before retry.
ci / integration-test / functional (other-ns)
Failed to download action 'https://api.github.com/repos/docker/login-action/tarball/9780b0c442fbb1117ed29e0efdff1e18412f7567'. Error: Response status code does not indicate success: 500 (Internal Server Error). 6040:179B5C:2BBA48:56A1C7:67405F91
ci / integration-test / functional (other-ns)
Back off 24.504 seconds before retry.
ci / integration-test / optional k8s versions (v1.25)
Failed to download action 'https://api.github.com/repos/docker/login-action/tarball/9780b0c442fbb1117ed29e0efdff1e18412f7567'. Error: Response status code does not indicate success: 500 (Internal Server Error). B840:18ECB:2DFBB0:5B0C18:67405FC4
ci / integration-test / optional k8s versions (v1.25)
Back off 27.067 seconds before retry.
ci / integration-test / optional k8s versions (v1.25)
Failed to download action 'https://api.github.com/repos/docker/login-action/tarball/9780b0c442fbb1117ed29e0efdff1e18412f7567'. Error: Response status code does not indicate success: 500 (Internal Server Error). B840:18ECB:2E47B1:5BA342:67405FE0
ci / integration-test / optional k8s versions (v1.25)
Back off 12.649 seconds before retry.
Deprecation notice: v1, v2, and v3 of the artifact actions
The following artifacts were uploaded using a version of actions/upload-artifact that is scheduled for deprecation: "cosign.pub", "sbom.cdx". Please update your workflow to use v4 of the artifact actions. Learn more: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/

Artifacts

Produced during runtime
Name Size
cosign.pub
178 Bytes
sbom.cdx
277 KB