Merge pull request #27 from digitalist-se/pre_upgrade · digitalist-se/matomo-kubernetes@1785b15

Triggered via push February 14, 2024 11:30

matomo-11.0.25

Status Success

Total duration 29s

Artifacts –

checkov.yaml

on: push

10 errors

CKV_K8S_153: "Prevent All NGINX Ingress annotation snippets. See CVE-2021-25742"

CKV_K8S_43: "Image should use digest"

CKV_K8S_31: "Ensure that the seccomp profile is set to docker/default or runtime/default"

CKV_K8S_29: "Apply security context to your pods and containers"

CKV_K8S_22: "Use read-only filesystem for containers where possible"

CKV_K8S_35: "Prefer using secrets as files over secrets as environment variables"

CKV_K8S_40: "Containers should run as a high UID to avoid host conflict"

CKV_K8S_38: "Ensure that Service Account Tokens are only mounted where necessary"

CKV_K8S_11: "CPU limits should be set"

CKV_K8S_28: "Minimize the admission of containers with the NET_RAW capability"