KICS #192
nicoprow
This run and associated checks have been archived and are scheduled for deletion.
Learn more about checks retention
Annotations
10 warnings
|
[MEDIUM] Container Running With Low UID:
charts/country-risk/charts/country-risk-frontend/templates/deployment.yaml#L1
Check if containers are running with low UID, which might cause conflicts with the host's user table.
|
|
[MEDIUM] Container Traffic Not Bound To Host Interface:
docker-compose.yml#L5
Incoming container traffic should be bound to a specific host interface
|
|
[MEDIUM] Healthcheck Not Set:
docker-compose.yml#L3
Check containers periodically to see if they are running properly.
|
|
[MEDIUM] Host Namespace is Shared:
docker-compose.yml#L3
The hosts process namespace should not be shared by containers
|
|
[MEDIUM] Memory Not Limited:
docker-compose.yml#L3
Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than the designated amount of memory
|
|
[MEDIUM] Networks Not Set:
docker-compose.yml#L3
Setting networks in services ensures you are not using dockers default bridge (docker0), which shares traffic bewteen all containers.
|
|
[MEDIUM] Pids Limit Not Set:
docker-compose.yml#L3
'pids_limit' should be set and different than -1
|
|
[MEDIUM] Readiness Probe Is Not Configured:
charts/country-risk/charts/country-risk-frontend/templates/deployment.yaml#L1
Check if Readiness Probe is not configured.
|
|
[MEDIUM] Seccomp Profile Is Not Configured:
charts/country-risk/charts/country-risk-backend/templates/deployment.yaml#L1
Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
|
|
[MEDIUM] Seccomp Profile Is Not Configured:
charts/country-risk/charts/country-risk-frontend/templates/deployment.yaml#L1
Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
|