Dbp 537 implement autoscaler otc dns handling (#20) #60
Annotations
11 warnings
|
Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
|
|
Scan with kics:
charts/infra-autoscaler/templates/deployment.yaml#L63
CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests
|
|
Scan with kics:
charts/infra-autoscaler/templates/deployment.yaml#L63
CPU requests should be set to ensure the sum of the resource requests of the scheduled Containers is less than the capacity of the node
|
|
Scan with kics:
charts/infra-autoscaler/templates/deployment.yaml#L63
Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than the designated amount of memory
|
|
Scan with kics:
charts/infra-autoscaler/templates/deployment.yaml#L63
Memory requests should be defined for each container. This allows the kubelet to reserve the requested amount of system resources and prevents over-provisioning on individual nodes
|
|
Scan with kics:
charts/infra-autoscaler/templates/deployment.yaml#L63
Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
|
|
Scan with kics:
charts/infra-autoscaler/templates/serviceaccount.yaml#L5
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
|
|
Scan with kics:
charts/infra-autoscaler/templates/configmap.yaml#L4
Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
|
|
Scan with kics:
charts/infra-autoscaler/templates/deployment.yaml#L13
Containers should be configured with an AppArmor profile to enforce fine-grained access control over low-level system resources
|
|
Scan with kics:
charts/infra-autoscaler/templates/deployment.yaml#L1
Each namespace should have a LimitRange policy associated to ensure that resource allocations of Pods, Containers and PersistentVolumeClaims do not exceed the defined boundaries
|
|
Scan with kics:
charts/infra-autoscaler/templates/deployment.yaml#L1
Each namespace should have a ResourceQuota policy associated to limit the total amount of resources Pods, Containers and PersistentVolumeClaims can consume
|
Loading