Skip to content
Run checkov

Add checkov GitHub actions #5

Sign in to view logs

Add checkov GitHub actions

Add checkov GitHub actions #5

Triggered via pull request January 10, 2024 15:53
@dlpzxdlpzx
synchronize #962
feat/checkov-github-actions
Status Failure
Total duration 44s
Artifacts

checkov.yml

on: pull_request
build
32s
build
Fit to window
Zoom out
Zoom in

Annotations

10 errors and 1 warning
build: deploy/pivot_role/pivotRole.yaml#L49
CKV_AWS_109: "Ensure IAM policies does not allow permissions management without constraints"
build: deploy/pivot_role/pivotRole.yaml#L49
CKV_AWS_111: "Ensure IAM policies does not allow write access without constraints"
build: deploy/pivot_role/pivotRole.yaml#L222
CKV_AWS_109: "Ensure IAM policies does not allow permissions management without constraints"
build: deploy/pivot_role/pivotRole.yaml#L222
CKV_AWS_111: "Ensure IAM policies does not allow write access without constraints"
build: deploy/pivot_role/pivotRole.yaml#L422
CKV_AWS_109: "Ensure IAM policies does not allow permissions management without constraints"
build: deploy/cdk_exec_policy/cdkExecPolicy.yaml#L12
CKV_AWS_110: "Ensure IAM policies does not allow privilege escalation"
build: deploy/cdk_exec_policy/cdkExecPolicy.yaml#L12
CKV_AWS_109: "Ensure IAM policies does not allow permissions management without constraints"
build: deploy/cdk_exec_policy/cdkExecPolicy.yaml#L12
CKV_AWS_107: "Ensure IAM policies does not allow credentials exposure"
build: deploy/cdk_exec_policy/cdkExecPolicy.yaml#L12
CKV_AWS_111: "Ensure IAM policies does not allow write access without constraints"
build: backend/docker/prod/ecs/Dockerfile#L61
CKV_DOCKER_4: "Ensure that COPY is used instead of ADD in Dockerfiles"
build
The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/