docs/snyk/v3.3.2/argocd-iac-install.html
| Project | manifests/install.yaml | | Path | /argo-cd/manifests/install.yaml | | Project Type | Kubernetes |
high severity
Using this role grants dangerous permissions. For a ClusterRole this would be considered high severity.
Consider removing these permissions
medium severity
Using this role grants dangerous permissions. For a ClusterRole this would be considered high severity.
Consider removing these permissions
medium severity
Using this role grants dangerous permissions. For a ClusterRole this would be considered high severity.
Consider removing these permissions
medium severity
Using this role grants dangerous permissions. For a ClusterRole this would be considered high severity.
Consider removing these permissions
medium severity
Using this role grants dangerous permissions. For a ClusterRole this would be considered high severity.
Consider removing these permissions
medium severity
Using this role grants dangerous permissions. For a ClusterRole this would be considered high severity.
Consider removing these permissions
medium severity
Using this role grants dangerous permissions. For a ClusterRole this would be considered high severity.
Consider removing these permissions
medium severity
Using this role grants dangerous permissions. For a ClusterRole this would be considered high severity.
Consider removing these permissions
low severity
The container may run with outdated or unauthorized image
Set imagePullPolicy attribute to Always
low severity
The container may run with outdated or unauthorized image
Set imagePullPolicy attribute to Always
low severity
CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.
Add resources.limits.cpu field with required CPU limit value
low severity
CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.
Add resources.limits.cpu field with required CPU limit value
low severity
CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.
Add resources.limits.cpu field with required CPU limit value
low severity
CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.
Add resources.limits.cpu field with required CPU limit value
low severity
CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.
Add resources.limits.cpu field with required CPU limit value
low severity
CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.
Add resources.limits.cpu field with required CPU limit value
low severity
CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.
Add resources.limits.cpu field with required CPU limit value
low severity
CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.
Add resources.limits.cpu field with required CPU limit value
low severity
CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.
Add resources.limits.cpu field with required CPU limit value
low severity
CPU limits can prevent containers from consuming valuable compute time for no benefit (e.g. inefficient code) that might lead to unnecessary costs. It is advisable to also configure CPU requests to ensure application stability.
Add resources.limits.cpu field with required CPU limit value
low severity
Increases the attack surface of the application and the container.
Reduce ports count to 2
low severity
Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods
Add livenessProbe attribute
low severity
Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods
Add livenessProbe attribute
low severity
Kubernetes will not be able to detect if application is able to service requests, and will not restart unhealthy pods
Add livenessProbe attribute
low severity
Containers without memory limits are more likely to be terminated when the node runs out of memory
Set resources.limits.memory value
low severity
Containers without memory limits are more likely to be terminated when the node runs out of memory
Set resources.limits.memory value
low severity
Containers without memory limits are more likely to be terminated when the node runs out of memory
Set resources.limits.memory value
low severity
Containers without memory limits are more likely to be terminated when the node runs out of memory
Set resources.limits.memory value
low severity
Containers without memory limits are more likely to be terminated when the node runs out of memory
Set resources.limits.memory value
low severity
Containers without memory limits are more likely to be terminated when the node runs out of memory
Set resources.limits.memory value
low severity
Containers without memory limits are more likely to be terminated when the node runs out of memory
Set resources.limits.memory value
low severity
Containers without memory limits are more likely to be terminated when the node runs out of memory
Set resources.limits.memory value
low severity
Containers without memory limits are more likely to be terminated when the node runs out of memory
Set resources.limits.memory value
low severity
Containers without memory limits are more likely to be terminated when the node runs out of memory
Set resources.limits.memory value
low severity
UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass
Set securityContext.runAsUser value to greater or equal than 10'000. SecurityContext can be set on both pod and container level. If both are set, then the container level takes precedence
low severity
UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass
Set securityContext.runAsUser value to greater or equal than 10'000. SecurityContext can be set on both pod and container level. If both are set, then the container level takes precedence
low severity
UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass
Set securityContext.runAsUser value to greater or equal than 10'000. SecurityContext can be set on both pod and container level. If both are set, then the container level takes precedence
low severity
UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass
Set securityContext.runAsUser value to greater or equal than 10'000. SecurityContext can be set on both pod and container level. If both are set, then the container level takes precedence
low severity
UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass
Set securityContext.runAsUser value to greater or equal than 10'000. SecurityContext can be set on both pod and container level. If both are set, then the container level takes precedence
low severity
UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass
Set securityContext.runAsUser value to greater or equal than 10'000. SecurityContext can be set on both pod and container level. If both are set, then the container level takes precedence
low severity
UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass
Set securityContext.runAsUser value to greater or equal than 10'000. SecurityContext can be set on both pod and container level. If both are set, then the container level takes precedence
low severity
UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass
Set securityContext.runAsUser value to greater or equal than 10'000. SecurityContext can be set on both pod and container level. If both are set, then the container level takes precedence
low severity
UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass
Set securityContext.runAsUser value to greater or equal than 10'000. SecurityContext can be set on both pod and container level. If both are set, then the container level takes precedence
low severity
UID of the container processes could clash with host's UIDs and lead to unintentional authorization bypass
Set securityContext.runAsUser value to greater or equal than 10'000. SecurityContext can be set on both pod and container level. If both are set, then the container level takes precedence