secureCodeBox
diff --git a/‎.editorconfig‎
Lines changed: 18 additions & 0 deletions b/‎.editorconfig‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎.github/workflows/ci.yaml‎
Lines changed: 20 additions & 20 deletions b/‎.github/workflows/ci.yaml‎
Lines changed: 20 additions & 20 deletions
diff --git a/‎README.md‎
Lines changed: 65 additions & 37 deletions b/‎README.md‎
Lines changed: 65 additions & 37 deletions
@@ -0,0 +1,18 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+end_of_line = lf
+insert_final_newline = true
+charset = utf-8
+indent_style = space
+indent_size = 2
+
+[*.go]
+indent_style = tab
+
+[Makefile]
+indent_style = tab
@@ -10,7 +10,7 @@ jobs:
         run: ls
       - name: "Install npm dependencies in all parser sub projects"
         run: |
-          for dir in scanner/*/parser/
+          for dir in scanners/*/parser/
           do
               cd $dir
               if [ -f package.json ] && [ -f package-lock.json ]; then
@@ -35,7 +35,7 @@ jobs:
       - name: "Install npm test dependencies"
         run: |
           npm ci
-          cd scanner/
+          cd scanners/
           npm ci
           cd -
           cd hooks/
@@ -113,7 +113,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
           repository: scbexperimental/parser-amass
-          path: ./scanner/amass/parser/
+          path: ./scanners/amass/parser/
           tag_with_ref: true
           tag_with_sha: true
           build_args: baseImageTag=ci-local
@@ -123,7 +123,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
           repository: scbexperimental/parser-kube-hunter
-          path: ./scanner/kube-hunter/parser/
+          path: ./scanners/kube-hunter/parser/
           tag_with_ref: true
           tag_with_sha: true
           build_args: baseImageTag=ci-local
@@ -133,7 +133,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
           repository: scbexperimental/parser-nikto
-          path: ./scanner/nikto/parser/
+          path: ./scanners/nikto/parser/
           tag_with_ref: true
           tag_with_sha: true
           build_args: baseImageTag=ci-local
@@ -143,7 +143,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
           repository: scbexperimental/parser-nmap
-          path: ./scanner/nmap/parser/
+          path: ./scanners/nmap/parser/
           tag_with_ref: true
           tag_with_sha: true
           build_args: baseImageTag=ci-local
@@ -153,7 +153,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
           repository: scbexperimental/parser-ssh-scan
-          path: ./scanner/ssh_scan/parser/
+          path: ./scanners/ssh_scan/parser/
           tag_with_ref: true
           tag_with_sha: true
           build_args: baseImageTag=ci-local
@@ -163,7 +163,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
           repository: scbexperimental/parser-sslyze
-          path: ./scanner/sslyze/parser/
+          path: ./scanners/sslyze/parser/
           tag_with_ref: true
           tag_with_sha: true
           build_args: baseImageTag=ci-local
@@ -173,7 +173,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
           repository: scbexperimental/parser-test-scan
-          path: ./scanner/test-scan/parser/
+          path: ./scanners/test-scan/parser/
           tag_with_ref: true
           tag_with_sha: true
           build_args: baseImageTag=ci-local
@@ -183,7 +183,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
           repository: scbexperimental/parser-trivy
-          path: ./scanner/trivy/parser/
+          path: ./scanners/trivy/parser/
           tag_with_ref: true
           tag_with_sha: true
           build_args: baseImageTag=ci-local
@@ -193,7 +193,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
           repository: scbexperimental/parser-zap
-          path: ./scanner/zap/parser/
+          path: ./scanners/zap/parser/
           tag_with_ref: true
           tag_with_sha: true
           build_args: baseImageTag=ci-local
@@ -270,7 +270,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
           repository: scbexperimental/nmap
-          path: ./scanner/nmap/scanner/
+          path: ./scanners/nmap/scanner/
           # Note: not prefixed with a "v" as this seems to match nmap versioning standards
           tags: "7.80,7.80-1,latest"
       - uses: docker/build-push-action@v1
@@ -279,7 +279,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
           repository: scbexperimental/kube-hunter
-          path: ./scanner/kube-hunter/scanner/
+          path: ./scanners/kube-hunter/scanner/
           # Note: not prefixed with a "v" as this matches the aquasec/kube-hunter tags
           tags: "0.3.0,latest"
       - uses: docker/build-push-action@v1
@@ -288,7 +288,7 @@ jobs:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
           repository: scbexperimental/test-scan
-          path: ./scanner/test-scan/scanner/
+          path: ./scanners/test-scan/scanner/
           # Note: not prefixed with a "v" as this seems to match nmap versioning standards
           tags: "latest"
   integrationTests:
@@ -319,7 +319,7 @@ jobs:
 
           # Operator Namespace
           kubectl create namespace securecodebox-system
-          # Install Operator using the images of the current commit 
+          # Install Operator using the images of the current commit
           helm -n securecodebox-system install securecodebox-operator ./operator/ --wait \
             --set="image.tag=sha-$(git rev-parse --short HEAD)" \
             --set="image.digest=null" \
@@ -337,7 +337,7 @@ jobs:
         run: "kubectl create namespace demo-apps"
       - name: "Install Test Dependencies"
         run: |
-          cd tests/integration/ 
+          cd tests/integration/
           npm ci
       # This steps should include Integration tests which are not related to a Specific Scanner
       - name: "Throws NoScanDefiniton Error Integration Tests"
@@ -354,23 +354,23 @@ jobs:
             --set="image.tag=sha-$(git rev-parse --short HEAD)" \
             --set="attribute.name=severity" \
             --set="attribute.value=high"
-          helm -n integration-tests install test-scan ./scanner/test-scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
+          helm -n integration-tests install test-scan ./scanners/test-scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
           cd tests/integration/
           npx jest --ci --color read-write-hook
           helm -n integration-tests uninstall test-scan update-category update-severity
       - name: "nmap Integration Tests"
         run: |
-          helm -n integration-tests install nmap ./scanner/nmap/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
+          helm -n integration-tests install nmap ./scanners/nmap/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
           cd tests/integration/
           npx jest --ci --color nmap
       - name: "kube-hunter Integration Tests"
         run: |
-          helm -n integration-tests install kube-hunter ./scanner/kube-hunter/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
+          helm -n integration-tests install kube-hunter ./scanners/kube-hunter/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
           cd tests/integration/
           npx jest --ci --color kube-hunter
       - name: "ssh-scan Integration Tests"
         run: |
-          helm -n integration-tests install ssh-scan ./scanner/ssh_scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
+          helm -n integration-tests install ssh-scan ./scanners/ssh_scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
           # Install dummy-ssh app
           helm -n demo-apps install dummy-ssh ./demo-apps/dummy-ssh/ --wait
           cd tests/integration/
 
@@ -1,3 +1,5 @@
+# secureCodeBox – v2 ALPHA
+
 <p align="center">
   <img alt="secureCodeBox Logo" src="./docs/resources/securecodebox-logo.svg" width="500px">
   <img alt="secureCodeBox Logo" src="https://owasp.org/assets/images/logo.png" width="200px">
@@ -15,27 +17,31 @@
   <a href="https://snyk.io/test/github/secureCodeBox/secureCodeBox-v2-alpha/"><img alt="Known Vulnerabilities" src="https://snyk.io/test/github/secureCodeBox/secureCodeBox-v2-alpha/badge.svg"></a>  
 </p>
 
-**NOTE**: This Repository contains a **work in progress** preview of the planned next mayor secureCodeBox Release. You can find the current **stable release** here [https://github.com/secureCodeBox/secureCodeBox](https://github.com/secureCodeBox/secureCodeBox). The release of version 2.0 is still at least some month away but you can already get a sneak peak here 😀. The release will contain a mayor re architecture of the secureCodeBox. More details will follow soon in a series of blog articles.
+**NOTE**: This Repository contains a **work in progress** preview of the planned next major secureCodeBox Release. You can find the current **stable release** here [https://github.com/secureCodeBox/secureCodeBox](https://github.com/secureCodeBox/secureCodeBox). The release of version 2.0 is still at least some month away but you can already get a sneak peak here 😀. The release will contain a major architecture change which will not be backward compatible. More details will follow soon in a series of blog articles.
 
 > _secureCodeBox_ is a kubernetes based, modularized toolchain for continuous security scans of your software project. Its goal is to orchestrate and easily automate a bunch of security-testing tools out of the box.
 
 ## Overview
 
 <!-- toc -->
 
-- [Overview](#overview)
-- [Purpose of this Project](#purpose-of-this-project)
-- [Quickstart](#quickstart)
-  - [Prerequisites](#prerequisites)
-  - [Deployment (based on Helm)](#deployment-based-on-helm)
-  - [Examples](#examples)
-  - [Access Services](#access-services)
-- [How does it work?](#how-does-it-work)
-- [Architecture](#architecture)
-- [License](#license)
-- [Community](#community)
-- [Contributing](#contributing)
-- [Author Information](#author-information)
+- [secureCodeBox – v2 ALPHA](#securecodebox--v2-alpha)
+  - [Overview](#overview)
+  - [Purpose of this Project](#purpose-of-this-project)
+  - [Quickstart](#quickstart)
+    - [Prerequisites](#prerequisites)
+    - [Deployment (based on Helm)](#deployment-based-on-helm)
+    - [Examples](#examples)
+      - [Local Scan Examples](#local-scan-examples)
+      - [Public Scan Examples](#public-scan-examples)
+      - [Then get the current State of the Scan by running:](#then-get-the-current-state-of-the-scan-by-running)
+    - [Access Services](#access-services)
+  - [How does it work?](#how-does-it-work)
+  - [Architecture](#architecture)
+  - [License](#license)
+  - [Community](#community)
+  - [Contributing](#contributing)
+  - [Author Information](#author-information)
 
 For additional documentation aspects please have a look at our:
 
@@ -63,16 +69,20 @@ There is a german article about [Security DevOps – Angreifern (immer) einen Sc
 
 ### Prerequisites
 
-- kubernetes (last 4 mayor releases supported: `1.15`, `1.16`, `1.17` & `1.18`)
+- kubernetes (last 4 major releases supported: `1.15`, `1.16`, `1.17` & `1.18`)
 
 ### Deployment (based on Helm)
 
+Deploy the secureCodeBox operator first:
+
 ```bash
-# Deploy the secureCodeBox Operator first
 kubectl create namespace securecodebox-system
 helm -n securecodebox-system install securecodebox-operator ./operator/
+```
+
+Optionally deploy SCB scanner Charts for each security scanner you want to use:
 
-# Deploy SCB scanner Charts for each security scanner you want to use (all optional)
+```bash
 helm upgrade --install amass ./scanner/amass/
 helm upgrade --install kube-hunter ./scanner/kube-hunter/
 helm upgrade --install nikto ./scanner/nikto
@@ -82,45 +92,63 @@ helm upgrade --install sslyze ./scanner/sslyze/
 helm upgrade --install trivy ./scanner/trivy/
 helm upgrade --install zap ./scanner/zap/
 helm upgrade --install wpscan ./scanner/wpscan/
+```
+
+Optional deploy some demo apps for scanning:
 
-# Optional Deploy some Demo Apps to test some scanning examples
+```bash
 helm upgrade --install dummy-ssh ./demo-apps/dummy-ssh/
+```
+
+Deploy secureCodeBox Hooks:
 
-# Deploy secureCodeBox Hooks 
-helm upgrade --install aah ./hooks/add-attributes/
+```bash
+helm upgrade --install aah ./hooks/update-field/
 helm upgrade --install gwh ./hooks/generic-webhook/
 helm upgrade --install issh ./hooks/imperative-subsequent-scans/
+```
+
+Persistence provider Elasticsearch:
 
-## Persistence Provider: Elasticsearch
+```bash
 helm upgrade --install elkh ./hooks/persistence-elastic/
 ```
 
 ### Examples
 
-```bash
-# Now everything is installed. You can try deploying scans from the `operator/config/samples/` directory
-## Local Scan Examples
+Now everything is installed. You can try deploying scans from the `scanner/*/examples` directories.
+
+#### Local Scan Examples
+
+E.g. localhost nmap scan:
 
-### E.g. localhost nmap scan
+```bash
 kubectl apply -f scanner/nmap/examples/localhost/scan.yaml
-kubectl apply -f scanner/ssh_scan/examples/localhost/scan.yaml
+```
+
+#### Public Scan Examples
 
-# Then get the current State of the Scan by running:
+```bash
+kubectl apply -f scanner/nmap/examples/scan.nmap.org/scan.yaml
+```
+
+#### Then get the current State of the Scan by running:
+
+```bash
 kubectl get scans
 ```
 
 ### Access Services
 
-* Minio UI:
-  * AccessKey: `kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.accesskey}' | base64 --decode; echo`
-  * SecretKey: `kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.secretkey}' | base64 --decode; echo`
-  * Port Forward Minio UI: `kubectl port-forward -n securecodebox-system service/securecodebox-operator-minio 9000:9000`
-* Elastic / Kibana UI:
-  * User: `elastic`
-  * Password: `kubectl get secret scb-elasticsearch-es-elastic-user -n scb-analytics -o=jsonpath='{.data.elastic}' | base64 --decode; echo`
-  * Port Forward Kibana: `kubectl port-forward -n default service/persistence-elastic-kibana 5601:5601`
-  * Port Forward Elasticsearch: `kubectl port-forward -n default service/elasticsearch-master 9200:9200` 
-
+- Minio UI:
+  - AccessKey: `kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.accesskey}' | base64 --decode; echo`
+  - SecretKey: `kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.secretkey}' | base64 --decode; echo`
+  - Port Forward Minio UI: `kubectl port-forward -n securecodebox-system service/securecodebox-operator-minio 9000:9000`
+- Elastic / Kibana UI:
+  - User: `elastic`
+  - Password: `kubectl get secret scb-elasticsearch-es-elastic-user -n scb-analytics -o=jsonpath='{.data.elastic}' | base64 --decode; echo`
+  - Port Forward Kibana: `kubectl port-forward -n default service/persistence-elastic-kibana 5601:5601`
+  - Port Forward Elasticsearch: `kubectl port-forward -n default service/elasticsearch-master 9200:9200`
 
 ## How does it work?