Security and Compliance Checks #37
pinetopssecurity-checks.yml
on: schedule
Terraform Security Scan
54s
Compliance Assessment
5s
Secret Scanning
6s
Annotations
4 errors and 1 notice
|
Compliance Assessment
google-github-actions/auth failed with: failed to generate Google Cloud federated token for //iam.googleapis.com/***: {"error":"invalid_target","error_description":"The target service indicated by the \"audience\" parameters is invalid. This might either be because the pool or provider is disabled or deleted or because it doesn't exist."}
|
|
Secret Scanning
🛑 missing gitleaks license. Go grab one at gitleaks.io and store it as a GitHub Secret named GITLEAKS_LICENSE. For more info about the recent breaking update, see [here](https://github.com/gitleaks/gitleaks-action#-announcement).
|
|
Terraform Security Scan
Path does not exist: checkov.sarif
|
|
Terraform Security Scan
Path does not exist: tfsec.sarif
|
|
GitHub API token
Consider setting a GITHUB_TOKEN to prevent GitHub api rate limits
|