Skip to content
Kubescape scanning for misconfigurations

Merge pull request #510 from kubescape/bump #1345

Sign in to view logs

Merge pull request #510 from kubescape/bump

Merge pull request #510 from kubescape/bump #1345

Triggered via push October 1, 2024 12:11
@matthyxmatthyx
pushed 0895a18
main
Status Success
Total duration 59s
Artifacts

kubescape.yaml

on: push
kubescape
48s
kubescape
Fit to window
Zoom out
Zoom in

Annotations

7 errors and 2 warnings
ks_microservice_create_2_cronjob_mitre_and_nsa_proxy: results_xml_format/ks_microservice_create_2_cronjob_mitre_and_nsa_proxy.xml#L1
kubescape cronjob failed to create
synchronizer: results_xml_format/synchronizer.xml#L1
cluster resource 'systest-ns-noy9/Deployment/nginx-deployment' is '938' while resource version in BE is '894'
basic_incident_presented: results_xml_format/basic_incident_presented.xml#L1
check_alerts_of_incident, timeout: 3 minutes, error: Failed to get unique values of alerts {"guid": "6e908fb7-f113-40a6-ba1a-6d85877ba107", "name": "Unexpected process launched", "attributes": {"incidentStatus": "completed"}, "updatedTime": "2024-10-01T12:18:29Z", "spiffe": "wlid://cluster-kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b/namespace-systest-ns-h6zi/deployment-redis-sleep", "resourceID": "", "designators": {"designatorType": "Attributes", "wlid": "wlid://cluster-kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b/namespace-systest-ns-h6zi/deployment-redis-sleep", "attributes": {"cluster": "kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b", "clusterShortName": "kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b", "containerName": "redis", "customerGUID": "3f4a257e-11ea-4cee-8bc0-ca8daa65a833", "kind": "Deployment", "name": "redis-sleep", "namespace": "systest-ns-h6zi", "nodeName": "systests-5af0d603-69e0-42af-9d79-e8a7425ea45b-control-plane", "originalCacheEntry": "3f4a257e-11ea-4cee-8bc0-ca8daa65a833/kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b/systests-5af0d603-69e0-42af-9d79-e8a7425ea45b-control-plane/wlid://cluster-kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b/namespace-systest-ns-h6zi/deployment-redis-sleep/redis/6e908fb7-f113-40a6-ba1a-6d85877ba107", "podName": "redis-sleep-7bd7d4785f-9wzxs"}}, "arguments": {"args": ["/bin/ls", "-l", "/tmp"], "exec": "/bin/ls", "retval": 0}, "infectedPID": 12971, "fixSuggestions": "If this is a valid behavior, please add the exec call \"/bin/ls\" to the whitelist in the application profile for the Pod \"redis-sleep-7bd7d4785f-9wzxs\". You can use the following command: kubectl patch applicationprofile replicaset-redis-sleep-7bd7d4785f --namespace systest-ns-h6zi --type merge -p '{\"spec\": {\"containers\": [{\"name\": \"redis\", \"execs\": [{\"path\": \"/bin/ls\", \"args\": [\"/bin/ls\",\"-l\",\"/tmp\"]}]}]}}'", "severity": 5, "timestamp": "2024-10-01T12:15:58.665Z", "nanoseconds": 1727784958665746026, "ruleDescription": "Unexpected process launched: /bin/ls in: redis", "kind": {"Group": "", "Version": "", "Kind": ""}, "resource": {"Group": "", "Version": "", "Resource": ""}, "clusterName": "kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b", "containerName": "redis", "hostNetwork": false, "image": "docker.io/library/redis@sha256:92f3e116c1e719acf78004dd62992c3ad56f68f810c93a8db3fe2351bb9722c2", "imageDigest": "sha256:a5b1aed421143f36e2445cb2def7135ab7edb69eaa8066d07c3fa344f1052902", "namespace": "systest-ns-h6zi", "nodeName": "systests-5af0d603-69e0-42af-9d79-e8a7425ea45b-control-plane", "containerID": "8d082191acdb451b833f8435fd6f15df8bdc3c1eb53a1df2f33f488f4d9abe28", "podName": "redis-sleep-7bd7d4785f-9wzxs", "podNamespace": "systest-ns-h6zi", "podLabels": {"app": "redis-sleep", "pod-template-hash": "7bd7d4785f"}, "workloadName": "redis-sleep", "workloadNamespace": "systest-ns-h6zi", "workloadKind": "Deployment", "alertType": 0, "ruleID": "R0001", "hostName": "", "message": "Unexpected process launched: /bin/ls in: redis", "incidentCategory": "Anomaly", "incidentTypeID": "I013", "policiesApplied": [{"guid": "17794a36-9303-4692-9d6c-8ef419ae0d43", "name": "Anomaly", "enabled": false, "scope": {}, "ruleSetType": "", "updatedBy": "", "notifications": null, "actions": []}], "creationTimestamp": "2024-10-01T12:15:59.009Z", "description": "A process was launched that is not expected to run in the environment.", "mitreTactic": "TA0002", "incidentSeverity": "Medium", "severityScore": 300, "isDismissed": false, "markedAsFalsePositive": false, "processTree": {"processTree": {"pid": 12971, "cmdline": "/bin/ls -l /tmp", "comm": "ls", "ppid": 12962, "pcomm": "runc", "hardlink": "/bin/busybox", "uid": 0, "gid": 0, "upperLayer": false, "cwd": "/data", "path": "/bin/ls"}, "uniqueID": 0, "containerID": "8d082191acdb451b833f8435fd6f15df8bdc3c1eb53a1df2f33f488f4d9abe28"}} {"fields": {"ruleID": ["R0001", "R0004"]}, "fieldsCount": {"ruleID": [{"key": "R0001", "count": 1}, {"key": "R0004", "count": 2}]}}. kwargs: '{'incident': {'guid': '6e908fb7-f113-40a6-ba1a-6d85877ba107', 'name': 'Unexpected process launched', 'attributes': {'incidentStatus': 'completed'}, 'updatedTime': '2024-10-01T12:18:29Z', 'spiffe': 'wlid://cluster-kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b/namespace-systest-ns-h6zi/deployment-redis-sleep', 'resourceID': '', 'designators': {'designatorType': 'Attributes', 'wlid': 'wlid://cluster-kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b/namespace-systest-ns-h6zi/deployment-redis-sleep', 'attributes': {'cluster': 'kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b', 'clusterShortName': 'kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b', 'containerName': 'redis', 'customerGUID': '3f4a257e-11ea-4cee-8bc0-ca8daa65a833', 'kind': 'Deployment', 'name': 'redis-sleep', 'namespace': 'systest-ns-h6zi', 'nodeName': 'systests-5af0d603-69e0-42af-9d79-e8a7425ea45b-control-plane', 'originalCacheEntry': '3f4a257e-11ea-4cee-8bc0-ca8daa65a833/kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b/systests-5af0d603-69e0-42af-9d79-e8a7425ea45b-control-plane/wlid://cluster-kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b/namespace-systest-ns-h6zi/deployment-redis-sleep/redis/6e908fb7-f113-40a6-ba1a-6d85877ba107', 'podName': 'redis-sleep-7bd7d4785f-9wzxs'}}, 'arguments': {'args': ['/bin/ls', '-l', '/tmp'], 'exec': '/bin/ls', 'retval': 0}, 'infectedPID': 12971, 'fixSuggestions': 'If this is a valid behavior, please add the exec call "/bin/ls" to the whitelist in the application profile for the Pod "redis-sleep-7bd7d4785f-9wzxs". You can use the following command: kubectl patch applicationprofile replicaset-redis-sleep-7bd7d4785f --namespace systest-ns-h6zi --type merge -p \'{"spec": {"containers": [{"name": "redis", "execs": [{"path": "/bin/ls", "args": ["/bin/ls","-l","/tmp"]}]}]}}\'', 'severity': 5, 'timestamp': '2024-10-01T12:15:58.665Z', 'nanoseconds': 1727784958665746026, 'ruleDescription': 'Unexpected process launched: /bin/ls in: redis', 'kind': {'Group': '', 'Version': '', 'Kind': ''}, 'resource': {'Group': '', 'Version': '', 'Resource': ''}, 'clusterName': 'kind-systests-5af0d603-69e0-42af-9d79-e8a7425ea45b', 'containerName': 'redis', 'hostNetwork': False, 'image': 'docker.io/library/redis@sha256:92f3e116c1e719acf78004dd62992c3ad56f68f810c93a8db3fe2351bb9722c2', 'imageDigest': 'sha256:a5b1aed421143f36e2445cb2def7135ab7edb69eaa8066d07c3fa344f1052902', 'namespace': 'systest-ns-h6zi', 'nodeName': 'systests-5af0d603-69e0-42af-9d79-e8a7425ea45b-control-plane', 'containerID': '8d082191acdb451b833f8435fd6f15df8bdc3c1eb53a1df2f33f488f4d9abe28', 'podName': 'redis-sleep-7bd7d4785f-9wzxs', 'podNamespace': 'systest-ns-h6zi', 'podLabels': {'app': 'redis-sleep', 'pod-template-hash': '7bd7d4785f'}, 'workloadName': 'redis-sleep', 'workloadNamespace': 'systest-ns-h6zi', 'workloadKind': 'Deployment', 'alertType': 0, 'ruleID': 'R0001', 'hostName': '', 'message': 'Unexpected process launched: /bin/ls in: redis', 'incidentCategory': 'Anomaly', 'incidentTypeID': 'I013', 'policiesApplied': [{'guid': '17794a36-9303-4692-9d6c-8ef419ae0d43', 'name': 'Anomaly', 'enabled': False, 'scope': {}, 'ruleSetType': '', 'updatedBy': '', 'notifications': None, 'actions': []}], 'creationTimestamp': '2024-10-01T12:15:59.009Z', 'description': 'A process was launched that is not expected to run in the environment.', 'mitreTactic': 'TA0002', 'incidentSeverity': 'Medium', 'severityScore': 300, 'isDismissed': False, 'markedAsFalsePositive': False, 'processTree': {'processTree': {'pid': 12971, 'cmdline': '/bin/ls -l /tmp', 'comm': 'ls', 'ppid': 12962, 'pcomm': 'runc', 'hardlink': '/bin/busybox', 'uid': 0, 'gid': 0, 'upperLayer': False, 'cwd': '/data', 'path': '/bin/ls'}, 'uniqueID': 0, 'containerID': '8d082191acdb451b833f8435fd6f15df8bdc3c1eb53a1df2f33f488f4d9abe28'}}}'
ks_microservice_nsa_and_mitre_framework_demand: results_xml_format/ks_microservice_nsa_and_mitre_framework_demand.xml#L1
Failed to get the report-guid for the last scan.
basic_incident_presented: results_xml_format/basic_incident_presented.xml#L1
verify_incident_in_backend_list, timeout: 0 minutes, error: Failed to get incidents list []. kwargs: '{'cluster': 'kind-systests-1d968a80-1e49-4556-87a5-972ab7dc0c59', 'namespace': 'systest-ns-sout', 'incident_name': 'Unexpected process launched'}'
basic_incident_presented: results_xml_format/basic_incident_presented.xml#L1
verify_incident_in_backend_list, timeout: 0 minutes, error: Failed to get incidents list []. kwargs: '{'cluster': 'kind-systests-caaa1034-78ab-44fe-924a-7e8b8da68943', 'namespace': 'systest-ns-m4jw', 'incident_name': 'Unexpected process launched'}'
basic_incident_presented: results_xml_format/basic_incident_presented.xml#L1
check_alerts_of_incident, timeout: 3 minutes, error: Failed to get unique values of alerts {"guid": "48677570-7146-4037-94d6-518dc7b0fe14", "name": "Unexpected process launched", "attributes": {"incidentStatus": "completed"}, "updatedTime": "2024-10-01T12:59:33Z", "spiffe": "wlid://cluster-kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd/namespace-systest-ns-mymq/deployment-redis-sleep", "resourceID": "", "designators": {"designatorType": "Attributes", "wlid": "wlid://cluster-kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd/namespace-systest-ns-mymq/deployment-redis-sleep", "attributes": {"cluster": "kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd", "clusterShortName": "kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd", "containerName": "redis", "customerGUID": "3f4a257e-11ea-4cee-8bc0-ca8daa65a833", "kind": "Deployment", "name": "redis-sleep", "namespace": "systest-ns-mymq", "nodeName": "systests-e90b61a8-4635-4ab0-81a7-ba593033dedd-control-plane", "originalCacheEntry": "3f4a257e-11ea-4cee-8bc0-ca8daa65a833/kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd/systests-e90b61a8-4635-4ab0-81a7-ba593033dedd-control-plane/wlid://cluster-kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd/namespace-systest-ns-mymq/deployment-redis-sleep/redis/48677570-7146-4037-94d6-518dc7b0fe14", "podName": "redis-sleep-7bd7d4785f-4d4jb"}}, "arguments": {"args": ["/bin/ls", "-l", "/tmp"], "exec": "/bin/ls", "retval": 0}, "infectedPID": 12802, "fixSuggestions": "If this is a valid behavior, please add the exec call \"/bin/ls\" to the whitelist in the application profile for the Pod \"redis-sleep-7bd7d4785f-4d4jb\". You can use the following command: kubectl patch applicationprofile replicaset-redis-sleep-7bd7d4785f --namespace systest-ns-mymq --type merge -p '{\"spec\": {\"containers\": [{\"name\": \"redis\", \"execs\": [{\"path\": \"/bin/ls\", \"args\": [\"/bin/ls\",\"-l\",\"/tmp\"]}]}]}}'", "severity": 5, "timestamp": "2024-10-01T12:56:56.182Z", "nanoseconds": 1727787416182753257, "ruleDescription": "Unexpected process launched: /bin/ls in: redis", "kind": {"Group": "", "Version": "", "Kind": ""}, "resource": {"Group": "", "Version": "", "Resource": ""}, "clusterName": "kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd", "containerName": "redis", "hostNetwork": false, "image": "docker.io/library/redis@sha256:92f3e116c1e719acf78004dd62992c3ad56f68f810c93a8db3fe2351bb9722c2", "imageDigest": "sha256:a5b1aed421143f36e2445cb2def7135ab7edb69eaa8066d07c3fa344f1052902", "namespace": "systest-ns-mymq", "nodeName": "systests-e90b61a8-4635-4ab0-81a7-ba593033dedd-control-plane", "containerID": "f4ace08f0fc826b4c16faa392a48caaf1a015af7ef50805427c40ba7ce987ba2", "podName": "redis-sleep-7bd7d4785f-4d4jb", "podNamespace": "systest-ns-mymq", "podLabels": {"app": "redis-sleep", "pod-template-hash": "7bd7d4785f"}, "workloadName": "redis-sleep", "workloadNamespace": "systest-ns-mymq", "workloadKind": "Deployment", "alertType": 0, "ruleID": "R0001", "hostName": "", "message": "Unexpected process launched: /bin/ls in: redis", "incidentCategory": "Anomaly", "incidentTypeID": "I013", "policiesApplied": [{"guid": "17794a36-9303-4692-9d6c-8ef419ae0d43", "name": "Anomaly", "enabled": false, "scope": {}, "ruleSetType": "", "updatedBy": "", "notifications": null, "actions": []}], "creationTimestamp": "2024-10-01T12:57:03.331Z", "description": "A process was launched that is not expected to run in the environment.", "mitreTactic": "TA0002", "incidentSeverity": "Medium", "severityScore": 300, "isDismissed": false, "markedAsFalsePositive": false, "processTree": {"processTree": {"pid": 12802, "cmdline": "/bin/ls -l /tmp", "comm": "ls", "ppid": 12792, "pcomm": "runc", "hardlink": "/bin/busybox", "uid": 0, "gid": 0, "upperLayer": false, "cwd": "/data", "path": "/bin/ls"}, "uniqueID": 0, "containerID": "f4ace08f0fc826b4c16faa392a48caaf1a015af7ef50805427c40ba7ce987ba2"}} {"fields": {"ruleID": ["R0001", "R0004"]}, "fieldsCount": {"ruleID": [{"key": "R0001", "count": 1}, {"key": "R0004", "count": 20}]}}. kwargs: '{'incident': {'guid': '48677570-7146-4037-94d6-518dc7b0fe14', 'name': 'Unexpected process launched', 'attributes': {'incidentStatus': 'completed'}, 'updatedTime': '2024-10-01T12:59:33Z', 'spiffe': 'wlid://cluster-kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd/namespace-systest-ns-mymq/deployment-redis-sleep', 'resourceID': '', 'designators': {'designatorType': 'Attributes', 'wlid': 'wlid://cluster-kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd/namespace-systest-ns-mymq/deployment-redis-sleep', 'attributes': {'cluster': 'kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd', 'clusterShortName': 'kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd', 'containerName': 'redis', 'customerGUID': '3f4a257e-11ea-4cee-8bc0-ca8daa65a833', 'kind': 'Deployment', 'name': 'redis-sleep', 'namespace': 'systest-ns-mymq', 'nodeName': 'systests-e90b61a8-4635-4ab0-81a7-ba593033dedd-control-plane', 'originalCacheEntry': '3f4a257e-11ea-4cee-8bc0-ca8daa65a833/kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd/systests-e90b61a8-4635-4ab0-81a7-ba593033dedd-control-plane/wlid://cluster-kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd/namespace-systest-ns-mymq/deployment-redis-sleep/redis/48677570-7146-4037-94d6-518dc7b0fe14', 'podName': 'redis-sleep-7bd7d4785f-4d4jb'}}, 'arguments': {'args': ['/bin/ls', '-l', '/tmp'], 'exec': '/bin/ls', 'retval': 0}, 'infectedPID': 12802, 'fixSuggestions': 'If this is a valid behavior, please add the exec call "/bin/ls" to the whitelist in the application profile for the Pod "redis-sleep-7bd7d4785f-4d4jb". You can use the following command: kubectl patch applicationprofile replicaset-redis-sleep-7bd7d4785f --namespace systest-ns-mymq --type merge -p \'{"spec": {"containers": [{"name": "redis", "execs": [{"path": "/bin/ls", "args": ["/bin/ls","-l","/tmp"]}]}]}}\'', 'severity': 5, 'timestamp': '2024-10-01T12:56:56.182Z', 'nanoseconds': 1727787416182753257, 'ruleDescription': 'Unexpected process launched: /bin/ls in: redis', 'kind': {'Group': '', 'Version': '', 'Kind': ''}, 'resource': {'Group': '', 'Version': '', 'Resource': ''}, 'clusterName': 'kind-systests-e90b61a8-4635-4ab0-81a7-ba593033dedd', 'containerName': 'redis', 'hostNetwork': False, 'image': 'docker.io/library/redis@sha256:92f3e116c1e719acf78004dd62992c3ad56f68f810c93a8db3fe2351bb9722c2', 'imageDigest': 'sha256:a5b1aed421143f36e2445cb2def7135ab7edb69eaa8066d07c3fa344f1052902', 'namespace': 'systest-ns-mymq', 'nodeName': 'systests-e90b61a8-4635-4ab0-81a7-ba593033dedd-control-plane', 'containerID': 'f4ace08f0fc826b4c16faa392a48caaf1a015af7ef50805427c40ba7ce987ba2', 'podName': 'redis-sleep-7bd7d4785f-4d4jb', 'podNamespace': 'systest-ns-mymq', 'podLabels': {'app': 'redis-sleep', 'pod-template-hash': '7bd7d4785f'}, 'workloadName': 'redis-sleep', 'workloadNamespace': 'systest-ns-mymq', 'workloadKind': 'Deployment', 'alertType': 0, 'ruleID': 'R0001', 'hostName': '', 'message': 'Unexpected process launched: /bin/ls in: redis', 'incidentCategory': 'Anomaly', 'incidentTypeID': 'I013', 'policiesApplied': [{'guid': '17794a36-9303-4692-9d6c-8ef419ae0d43', 'name': 'Anomaly', 'enabled': False, 'scope': {}, 'ruleSetType': '', 'updatedBy': '', 'notifications': None, 'actions': []}], 'creationTimestamp': '2024-10-01T12:57:03.331Z', 'description': 'A process was launched that is not expected to run in the environment.', 'mitreTactic': 'TA0002', 'incidentSeverity': 'Medium', 'severityScore': 300, 'isDismissed': False, 'markedAsFalsePositive': False, 'processTree': {'processTree': {'pid': 12802, 'cmdline': '/bin/ls -l /tmp', 'comm': 'ls', 'ppid': 12792, 'pcomm': 'runc', 'hardlink': '/bin/busybox', 'uid': 0, 'gid': 0, 'upperLayer': False, 'cwd': '/data', 'path': '/bin/ls'}, 'uniqueID': 0, 'containerID': 'f4ace08f0fc826b4c16faa392a48caaf1a015af7ef50805427c40ba7ce987ba2'}}}'
kubescape
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
kubescape
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/