secureCodeBox · J12934 · Dec 6, 2021 · Nov 23, 2021 · Nov 23, 2021 · Dec 6, 2021
diff --git a/docs/api/crds/parse-definition.md b/docs/api/crds/parse-definition.md
@@ -29,6 +29,10 @@ This uses the kubernetes default [imagePullSecrets structure](https://kubernetes
 `ttlSecondsAfterFinished` can be used to automatically delete the completed Kubernetes job used to run the parser.
 This sets the `ttlSecondsAfterFinished` field on the created job. This requires your cluster to have the [TTLAfterFinished](https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished/) feature gate enabled in your cluster.
 
+### Affinity and Tolerations (optional)
+[`affinity`](https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) and [`tolerations`](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) can be used to control which nodes the parser is executed on.
+The values should be set via Helm values (during install) or by specifying `affinity` and/or `tolerations` in the `Scan` specification.
+
 ## Example
 
 ```yaml

diff --git a/docs/api/crds/scan-completion-hook.md b/docs/api/crds/scan-completion-hook.md
@@ -73,6 +73,10 @@ It has to be combined with [`volumeMounts`](#volumemounts-optional) to be useful
 `volumeMounts` let you specify where you want the previously-created volumes to be mounted inside the container.
 It has the same API as the `volumeMounts` property on Kubernetes pods.
 
+### Affinity and Tolerations (optional)
+[`affinity`](https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) and [`tolerations`](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) can be used to control which nodes the parser is executed on.
+The values should be set via Helm values (during install) or by specifying `affinity` and/or `tolerations` in the `Scan` specification.
+
 ### ServiceAccountName (Optional)
 
 The `serviceAccountName` field can be used to specify a custom ServiceAccount to use for the Kubernetes Job running the hook.

diff --git a/docs/api/crds/scan.md b/docs/api/crds/scan.md
@@ -107,6 +107,9 @@ See:
 - [Documentation](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/)
 - [API Reference](https://v1-18.docs.kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#container-v1-core)
 
+### Affinity and Tolerations (optional)
+[`affinity`](https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/) and [`tolerations`](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) can be used to control which nodes the parser is executed on.
+
 ### Cascades (Optional)
 
 `cascades` let you start new scans based on the results of the current scan.
@@ -121,9 +124,12 @@ Furthermore, in the cascade config you can specify whether cascading scan should
 * `inheritVolumes`: `false`
 * `inheritInitContainers`: `false`
 * `inheritHookSelector`: `false`
+* `inheritAffinity`: `true`
+* `inheritTolerations`: `true`
 
 These fields will merge the parent's entries with entries defined in the cascading rules.
 Entries defined in cascading rules will only apply to the current scan.
+There are two exceptions to this rule: in the case of Affinity and Tolerations, entries will be replaced instead of merged, and will be used for all following scans.
 
 :::caution
 Defining identical entries in both the Scan AND the Cascading Rule resource will lead to undefined behaviour.

diff --git a/scripts/utils/config.js b/scripts/utils/config.js
@@ -71,6 +71,7 @@ const docsConfig = {
             "architecture/adr/adr_0007",
             "architecture/adr/adr_0008",
             "architecture/adr/adr_0009",
+            "architecture/adr/adr_0010",
           ],
         },
       ],