secureCodeBox/operator/Chart.yaml at main · secureCodeBox/secureCodeBox

History

161 lines (155 loc) · 6.36 KB

Raw

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

# SPDX-FileCopyrightText: the secureCodeBox authors

# SPDX-License-Identifier: Apache-2.0

apiVersion: v2

description: secureCodeBox Operator to automate the execution of security scans on kubernetes

type: application

# version - gets automatically set to the secureCodeBox release version when the helm charts gets published

version: v3.1.0-alpha1

kubeVersion: ">=v1.11.0-0"

keywords:

- security

- secureCodeBox

- operator

home: https://www.securecodebox.io/docs/getting-started/installation

icon: https://www.securecodebox.io/img/Logo_Color.svg

sources:

- https://github.com/secureCodeBox/secureCodeBox

maintainers:

- name: iteratec GmbH

email: secureCodeBox@iteratec.com

dependencies: []

# Artifacthub.io specific annotations

# https://artifacthub.io/docs/topics/annotations/helm/

annotations:

# TODO: should be replaced during release process with the release body

# artifacthub.io/changes: |

# - Added cool feature

# - Fixed minor bug

artifacthub.io/containsSecurityUpdates: "true"

# TODO: docker tags should be replaced during release process with the release version

# artifacthub.io/images: |

# - name: securecodebox-operator

# image: docker.io/securecodebox/operator:v2.7.0-alpha1

# - name: securecodebox-lurker

# image: docker.io/securecodebox/lurker:v2.7.0-alpha1

artifacthub.io/crds: |

- kind: Scan

version: v1

displayName: secureCodeBox Scan

description: |

The Scan Custom Resource Definition (CRD) lets you define how a specific security scan should be configured.

More details about this CRD are documented here: https://www.securecodebox.io/docs/api/crds/scan

- kind: ScheduledScan

version: v1

displayName: secureCodeBox Scheduled Scan

description: |

The ScheduledScan Custom Resource Definition (CRD) lets you define a Scan which gets repeated in a specific time interval,

e.g. every 24 hours or every 7 days. More details about this CRD are documented here: https://www.securecodebox.io/docs/api/crds/scheduled-scan

- kind: CascadingRule

version: v1

displayName: secureCodeBox Cascading Rule

description: |

CascadingRules are Custom Resource Definitions (CRD's) used to define how scans can be started automatically based on the results of previous scans.

This lets you run large exploratory scans and automatically start more in depth scans on the targets found by the initial scans.

More details about this CRD are documented here: https://www.securecodebox.io/docs/api/crds/cascading-rule

- kind: ScanType

version: v1

displayName: secureCodeBox ScanType

description: |

The ScanType Custom Resource Definition (CRD) is used to define to the secureCodeBox how a specific scanner can be executed in Kubernetes.

The main part of the ScanType is the JobTemplate, which contains a Kubernetes Job definition which will be used to construct the scans Job.

More details about this CRD are documented here: https://www.securecodebox.io/docs/api/crds/scan-type

- kind: ParseDefinition

version: v1

displayName: secureCodeBox ParseDefinition

description: |

ParseDefinitions are Custom Resource Definitions (CRD's) used to describe to the secureCodeBox

how it can convert a raw finding report (e.g. XML report from nmap) into the generic secureCodeBox finding format.

More details about this CRD are documented here: https://www.securecodebox.io/docs/api/crds/parse-definition

- kind: ScanCompletionHook

version: v1

displayName: secureCodeBox Scan Completion Hook

description: |

ScanCompletionHooks are Custom Resource Definitions (CRD's) used to define custom behavior which should be run after a scan has been completed.

More details about this CRD are documented here: https://www.securecodebox.io/docs/api/crds/parse-definition

artifacthub.io/crdsExamples: |

- apiVersion: "execution.securecodebox.io/v1"

kind: Scan

metadata:

spec:

scanType: "nmap"

parameters:

# Use nmap's service detection feature

- "-sV"

- scanme.nmap.org

env:

- name: TEST_ENV

valueFrom:

secretKeyRef:

key: secret-name

- name: GREETING

value: "Hello from the secureCodeBox :D"

cascades:

matchLabels:

securecodebox.io/intensive: light

matchExpressions:

- key: "securecodebox.io/invasive"

operator: In

values: [non-invasive, invasive]

- apiVersion: "execution.securecodebox.io/v1"

kind: ScheduledScan

metadata:

spec:

interval: 24h

scanSpec:

scanType: "nmap"

parameters:

# Use nmaps service detection feature

- "-sV"

- scanme.nmap.org

successfulJobsHistoryLimit: 3

failedJobsHistoryLimit: 5

- apiVersion: "cascading.securecodebox.io/v1"

kind: CascadingRule

metadata:

labels:

securecodebox.io/invasive: non-invasive

securecodebox.io/intensive: light

spec:

matches:

anyOf:

- category: "Subdomain"

osi_layer: "NETWORK"

scanSpec:

scanType: "nmap"

parameters:

- "-Pn"

- "{{location}}"

artifacthub.io/license: Apache-2.0

artifacthub.io/links: |

- name: Documentation

url: https://www.securecodebox.io/docs/getting-started/installation

- name: Homepage

url: https://www.securecodebox.io

- name: iteratec GmbH

url: https://www.iteratec.com

artifacthub.io/operator: "true"

artifacthub.io/operatorCapabilities: Seamless Upgrades

artifacthub.io/prerelease: "false"

artifacthub.io/recommendations: |

- url: https://artifacthub.io/packages/helm/securecodebox/auto-discovery-kubernetes

- url: https://artifacthub.io/packages/helm/securecodebox/zap

- url: https://artifacthub.io/packages/helm/securecodebox/subfinder

- url: https://artifacthub.io/packages/helm/securecodebox/nmap

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

FilesExpand file tree

Chart.yaml

Latest commit

History

Chart.yaml

File metadata and controls