🛑 missing gitleaks license. Go grab one at gitleaks.io and store it as a GitHub Secret named GITLEAKS_LICENSE. For more info about the recent breaking update, see [here](https://github.com/gitleaks/gitleaks-action#-announcement).

Process completed with exit code 1.

The strategy configuration was canceled because "go-dependency-scan.k8s-controller" failed

The operation was canceled.

Process completed with exit code 1.

The strategy configuration was canceled because "trivy-container-scan.ui" failed

CKV_K8S_28: "Minimize the admission of containers with the NET_RAW capability"

CKV_K8S_15: "Image Pull Policy should be Always"

CKV_K8S_40: "Containers should run as a high UID to avoid host conflict"

CKV_K8S_29: "Apply security context to your pods and containers"

CKV_K8S_38: "Ensure that Service Account Tokens are only mounted where necessary"

CKV_K8S_20: "Containers should not run with allowPrivilegeEscalation"

CKV_K8S_22: "Use read-only filesystem for containers where possible"

CKV_K8S_43: "Image should use digest"

CKV_K8S_30: "Apply security context to your containers"

CKV_K8S_31: "Ensure that the seccomp profile is set to docker/default or runtime/default"

DL3018 warning: Pin versions in apk add. Instead of `apk add <package>` use `apk add <package>=<version>`

DL3059 info: Multiple consecutive `RUN` instructions. Consider consolidation.

DL3015 info: Avoid additional packages by specifying `--no-install-recommends`

DL3008 warning: Pin versions in apt get install. Instead of `apt-get install <package>` use `apt-get install <package>=<version>`

The strategy configuration was canceled because "trivy-container-scan.ui" failed

Process completed with exit code 1.

Path does not exist: trivy-api-results.sarif

The operation was canceled.

The strategy configuration was canceled because "docker-lint.api" failed

in ghc-internal:GHC.Internal.IO.Exception

in ghc-internal:GHC.Internal.IO.Exception

in ghc-internal:GHC.Internal.IO

in ghc-internal:GHC.Internal.Exception

Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: gitleaks/gitleaks-action@v2. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/

Restore cache failed: Dependencies file is not found in /home/runner/work/streamspace/streamspace. Supported file pattern: go.mod

Restore cache failed: Dependencies file is not found in /home/runner/work/streamspace/streamspace. Supported file pattern: go.mod

Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/dependency-review-action@v4. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/

No files were found with the provided path: trivy-ui-report.html. No artifacts will be uploaded.

No files were found with the provided path: trivy-api-report.html. No artifacts will be uploaded.

Starting April 2026, the CodeQL Action will skip computing file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. To opt out of this change, set the `CODEQL_ACTION_FILE_COVERAGE_ON_PRS` environment variable to `true`. Alternatively, create a custom repository property with the name `github-codeql-file-coverage-on-prs` and the type "True/false", then set this property to `true` in the repository's settings.