From d298fdda81d74e5817dd4210baf60a758aa24672 Mon Sep 17 00:00:00 2001
From: Max Maass <max.maass@iteratec.com>
Date: Tue, 23 Nov 2021 15:43:43 +0100
Subject: [PATCH 1/3] Add ADR-0010 to sidebar

Signed-off-by: Max Maass <max.maass@iteratec.com>
---
 scripts/utils/config.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scripts/utils/config.js b/scripts/utils/config.js
index 0f901c6a..8fd17574 100644
--- a/scripts/utils/config.js
+++ b/scripts/utils/config.js
@@ -71,6 +71,7 @@ const docsConfig = {
             "architecture/adr/adr_0007",
             "architecture/adr/adr_0008",
             "architecture/adr/adr_0009",
+            "architecture/adr/adr_0010",
           ],
         },
       ],

From 52e86a0e723d6bb64de779478519174c15c275a3 Mon Sep 17 00:00:00 2001
From: Max Maass <max.maass@iteratec.com>
Date: Tue, 23 Nov 2021 15:44:22 +0100
Subject: [PATCH 2/3] Update CRD docs with affinity and tolerations

Signed-off-by: Max Maass <max.maass@iteratec.com>
---
 docs/api/crds/parse-definition.md     | 4 ++++
 docs/api/crds/scan-completion-hook.md | 4 ++++
 docs/api/crds/scan.md                 | 6 ++++++
 3 files changed, 14 insertions(+)

diff --git a/docs/api/crds/parse-definition.md b/docs/api/crds/parse-definition.md
index 537b0d6a..e41f5461 100644
--- a/docs/api/crds/parse-definition.md
+++ b/docs/api/crds/parse-definition.md
@@ -29,6 +29,10 @@ This uses the kubernetes default [imagePullSecrets structure](https://kubernetes
 `ttlSecondsAfterFinished` can be used to automatically delete the completed Kubernetes job used to run the parser.
 This sets the `ttlSecondsAfterFinished` field on the created job. This requires your cluster to have the [TTLAfterFinished](https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished/) feature gate enabled in your cluster.
 
+### Affinity and Tolerations (optional)
+[`affinity`](https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) and [`tolerations`](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) can be used to control which nodes the parser is executed on.
+The values should be set via Helm values (during install) or by specifying `affinity` and/or `tolerations` in the `Scan` specification.
+
 ## Example
 
 ```yaml
diff --git a/docs/api/crds/scan-completion-hook.md b/docs/api/crds/scan-completion-hook.md
index 800689a0..22ab58d4 100644
--- a/docs/api/crds/scan-completion-hook.md
+++ b/docs/api/crds/scan-completion-hook.md
@@ -73,6 +73,10 @@ It has to be combined with [`volumeMounts`](#volumemounts-optional) to be useful
 `volumeMounts` let you specify where you want the previously-created volumes to be mounted inside the container.
 It has the same API as the `volumeMounts` property on Kubernetes pods.
 
+### Affinity and Tolerations (optional)
+[`affinity`](https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) and [`tolerations`](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) can be used to control which nodes the parser is executed on.
+The values should be set via Helm values (during install) or by specifying `affinity` and/or `tolerations` in the `Scan` specification.
+
 ### ServiceAccountName (Optional)
 
 The `serviceAccountName` field can be used to specify a custom ServiceAccount to use for the Kubernetes Job running the hook.
diff --git a/docs/api/crds/scan.md b/docs/api/crds/scan.md
index bb5438d7..00b424b9 100644
--- a/docs/api/crds/scan.md
+++ b/docs/api/crds/scan.md
@@ -107,6 +107,9 @@ See:
 - [Documentation](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/)
 - [API Reference](https://v1-18.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#container-v1-core)
 
+### Affinity and Tolerations (optional)
+[`affinity`](https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) and [`tolerations`](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) can be used to control which nodes the parser is executed on.
+
 ### Cascades (Optional)
 
 `cascades` let you start new scans based on the results of the current scan.
@@ -121,9 +124,12 @@ Furthermore, in the cascade config you can specify whether cascading scan should
 * `inheritVolumes`: `false`
 * `inheritInitContainers`: `false`
 * `inheritHookSelector`: `false`
+* `inheritAffinity`: `true`
+* `inheritTolerations`: `true`
 
 These fields will merge the parent's entries with entries defined in the cascading rules.
 Entries defined in cascading rules will only apply to the current scan.
+There are two exceptions to this rule: in the case of Affinity and Tolerations, entries will be replaced instead of merged, and will be used for all following scans.
 
 :::caution
 Defining identical entries in both the Scan AND the Cascading Rule resource will lead to undefined behaviour.

From 7805070d20415e7d31bc2e602d018c91d69f3bcf Mon Sep 17 00:00:00 2001
From: Max Maass <max.maass@iteratec.com>
Date: Mon, 6 Dec 2021 16:05:40 +0100
Subject: [PATCH 3/3] Add empty commit to trigger CI rerun

Signed-off-by: Max Maass <max.maass@iteratec.com>