secureCodeBox · Weltraumschaf · Jun 27, 2024 · Jun 26, 2024 · Jun 26, 2024
diff --git a/.helm-docs/templates.gotmpl b/.helm-docs/templates.gotmpl
@@ -53,7 +53,7 @@ The {{ template "chart.name" . }} chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install {{ template "chart.name" . }} secureCodeBox/{{ template "chart.name" . }}
+helm upgrade --install {{ template "chart.name" . }} oci://ghcr.io/securecodebox/helm/{{ template "chart.name" . }}
 ```
 {{- end }}
 

diff --git a/.templates/new-scanner/README.md b/.templates/new-scanner/README.md
@@ -44,7 +44,7 @@ The new-scanner chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install new-scanner secureCodeBox/new-scanner
+helm upgrade --install new-scanner oci://ghcr.io/securecodebox/helm/new-scanner
 ```
 
 Please write how to configure the scanner

diff --git a/UPGRADING.md b/UPGRADING.md
@@ -156,7 +156,7 @@ To avoid the duplicate “scan-scan”, the scheduled scans from the container a
 
 Having the Cascading rules enabled by default on scanner helm install, has led to some confusion on the users side as mentioned in issue [#914](https://github.com/secureCodeBox/secureCodeBox/issues/914). As a result Cascading rules will have to be explicitly enabled by setting the `cascadingRules.enabled` value to `true`. For example as so:
 ```yaml
-helm upgrade --install nmap secureCodeBox/nmap --set=cascadingRules.enabled=true 
+helm upgrade --install nmap oci://ghcr.io/securecodebox/helm/nmap --set=cascadingRules.enabled=true 
 ```
 
 ➡️  [Reference: #1347](https://github.com/secureCodeBox/secureCodeBox/pull/1347)

diff --git a/auto-discovery/cloud-aws/README.md b/auto-discovery/cloud-aws/README.md
@@ -142,7 +142,7 @@ The auto-discovery-cloud-aws chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install auto-discovery-cloud-aws secureCodeBox/auto-discovery-cloud-aws
+helm upgrade --install auto-discovery-cloud-aws oci://ghcr.io/securecodebox/helm/auto-discovery-cloud-aws
 ```
 
 To directly deploy the auto-discovery-cloud-aws chart with the options for AWS configured, you can pass additional config values to helm:

diff --git a/auto-discovery/cloud-aws/docs/README.ArtifactHub.md b/auto-discovery/cloud-aws/docs/README.ArtifactHub.md
@@ -134,7 +134,7 @@ The auto-discovery-cloud-aws chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install auto-discovery-cloud-aws secureCodeBox/auto-discovery-cloud-aws
+helm upgrade --install auto-discovery-cloud-aws oci://ghcr.io/securecodebox/helm/auto-discovery-cloud-aws
 ```
 
 To directly deploy the auto-discovery-cloud-aws chart with the options for AWS configured, you can pass additional config values to helm:

diff --git a/auto-discovery/kubernetes/README.md b/auto-discovery/kubernetes/README.md
@@ -67,7 +67,7 @@ The auto-discovery-kubernetes chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install auto-discovery-kubernetes secureCodeBox/auto-discovery-kubernetes
+helm upgrade --install auto-discovery-kubernetes oci://ghcr.io/securecodebox/helm/auto-discovery-kubernetes
 ```
 
 ## Requirements

diff --git a/auto-discovery/kubernetes/docs/README.ArtifactHub.md b/auto-discovery/kubernetes/docs/README.ArtifactHub.md
@@ -59,7 +59,7 @@ The auto-discovery-kubernetes chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install auto-discovery-kubernetes secureCodeBox/auto-discovery-kubernetes
+helm upgrade --install auto-discovery-kubernetes oci://ghcr.io/securecodebox/helm/auto-discovery-kubernetes
 ```
 
 ## Requirements

diff --git a/bin/install.sh b/bin/install.sh
@@ -147,7 +147,7 @@ function installResources() {
 
   if [[ $unattended == 'true' ]]; then
     for resource in "${resources[@]}"; do
-      helm upgrade --install -n "$namespace" "$resource" secureCodeBox/"$resource" ||
+      helm upgrade --install -n "$namespace" "$resource" oci://ghcr.io/securecodebox/helm/"$resource" ||
         print "$COLOR_ERROR" "Installation of '$resource' failed"
     done
 
@@ -158,7 +158,7 @@ function installResources() {
       read -r line
 
       if [[ $line == *[Yy] ]]; then
-        helm upgrade --install -n "$namespace" "$resource" secureCodeBox/"$resource" ||
+        helm upgrade --install -n "$namespace" "$resource" oci://ghcr.io/securecodebox/helm/"$resource" ||
           print "$COLOR_ERROR" "Installation of '$resource' failed"
       fi
     done

diff --git a/demo-targets/bodgeit/README.md b/demo-targets/bodgeit/README.md
@@ -49,7 +49,7 @@ The bodgeit chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install bodgeit secureCodeBox/bodgeit
+helm upgrade --install bodgeit oci://ghcr.io/securecodebox/helm/bodgeit
 ```
 
 ## Values

diff --git a/demo-targets/bodgeit/docs/README.ArtifactHub.md b/demo-targets/bodgeit/docs/README.ArtifactHub.md
@@ -56,7 +56,7 @@ The bodgeit chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install bodgeit secureCodeBox/bodgeit
+helm upgrade --install bodgeit oci://ghcr.io/securecodebox/helm/bodgeit
 ```
 
 ## Values

diff --git a/demo-targets/dummy-ssh/README.md b/demo-targets/dummy-ssh/README.md
@@ -52,7 +52,7 @@ The dummy-ssh chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install dummy-ssh secureCodeBox/dummy-ssh
+helm upgrade --install dummy-ssh oci://ghcr.io/securecodebox/helm/dummy-ssh
 ```
 
 ## Values

diff --git a/demo-targets/dummy-ssh/docs/README.ArtifactHub.md b/demo-targets/dummy-ssh/docs/README.ArtifactHub.md
@@ -59,7 +59,7 @@ The dummy-ssh chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install dummy-ssh secureCodeBox/dummy-ssh
+helm upgrade --install dummy-ssh oci://ghcr.io/securecodebox/helm/dummy-ssh
 ```
 
 ## Values

diff --git a/demo-targets/http-webhook/README.md b/demo-targets/http-webhook/README.md
@@ -46,7 +46,7 @@ The http-webhook chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install http-webhook secureCodeBox/http-webhook
+helm upgrade --install http-webhook oci://ghcr.io/securecodebox/helm/http-webhook
 ```
 
 ## Values

diff --git a/demo-targets/http-webhook/docs/README.ArtifactHub.md b/demo-targets/http-webhook/docs/README.ArtifactHub.md
@@ -53,7 +53,7 @@ The http-webhook chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install http-webhook secureCodeBox/http-webhook
+helm upgrade --install http-webhook oci://ghcr.io/securecodebox/helm/http-webhook
 ```
 
 ## Values

diff --git a/demo-targets/juice-shop/README.md b/demo-targets/juice-shop/README.md
@@ -49,7 +49,7 @@ The juice-shop chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install juice-shop secureCodeBox/juice-shop
+helm upgrade --install juice-shop oci://ghcr.io/securecodebox/helm/juice-shop
 ```
 
 ## Values

diff --git a/demo-targets/juice-shop/docs/README.ArtifactHub.md b/demo-targets/juice-shop/docs/README.ArtifactHub.md
@@ -56,7 +56,7 @@ The juice-shop chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install juice-shop secureCodeBox/juice-shop
+helm upgrade --install juice-shop oci://ghcr.io/securecodebox/helm/juice-shop
 ```
 
 ## Values

diff --git a/demo-targets/old-joomla/README.md b/demo-targets/old-joomla/README.md
@@ -46,7 +46,7 @@ The old-joomla chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install old-joomla secureCodeBox/old-joomla
+helm upgrade --install old-joomla oci://ghcr.io/securecodebox/helm/old-joomla
 ```
 
 ## Values

diff --git a/demo-targets/old-joomla/docs/README.ArtifactHub.md b/demo-targets/old-joomla/docs/README.ArtifactHub.md
@@ -53,7 +53,7 @@ The old-joomla chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install old-joomla secureCodeBox/old-joomla
+helm upgrade --install old-joomla oci://ghcr.io/securecodebox/helm/old-joomla
 ```
 
 ## Values

diff --git a/demo-targets/old-typo3/README.md b/demo-targets/old-typo3/README.md
@@ -46,7 +46,7 @@ The old-typo3 chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install old-typo3 secureCodeBox/old-typo3
+helm upgrade --install old-typo3 oci://ghcr.io/securecodebox/helm/old-typo3
 ```
 
 ## Values

diff --git a/demo-targets/old-typo3/docs/README.ArtifactHub.md b/demo-targets/old-typo3/docs/README.ArtifactHub.md
@@ -53,7 +53,7 @@ The old-typo3 chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install old-typo3 secureCodeBox/old-typo3
+helm upgrade --install old-typo3 oci://ghcr.io/securecodebox/helm/old-typo3
 ```
 
 ## Values

diff --git a/demo-targets/old-wordpress/README.md b/demo-targets/old-wordpress/README.md
@@ -46,7 +46,7 @@ The old-wordpress chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install old-wordpress secureCodeBox/old-wordpress
+helm upgrade --install old-wordpress oci://ghcr.io/securecodebox/helm/old-wordpress
 ```
 
 ## Values

diff --git a/demo-targets/old-wordpress/docs/README.ArtifactHub.md b/demo-targets/old-wordpress/docs/README.ArtifactHub.md
@@ -53,7 +53,7 @@ The old-wordpress chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install old-wordpress secureCodeBox/old-wordpress
+helm upgrade --install old-wordpress oci://ghcr.io/securecodebox/helm/old-wordpress
 ```
 
 ## Values

diff --git a/demo-targets/swagger-petstore/README.md b/demo-targets/swagger-petstore/README.md
@@ -47,7 +47,7 @@ The swagger-petstore chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install swagger-petstore secureCodeBox/swagger-petstore
+helm upgrade --install swagger-petstore oci://ghcr.io/securecodebox/helm/swagger-petstore
 ```
 
 ## Values

diff --git a/demo-targets/swagger-petstore/docs/README.ArtifactHub.md b/demo-targets/swagger-petstore/docs/README.ArtifactHub.md
@@ -54,7 +54,7 @@ The swagger-petstore chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install swagger-petstore secureCodeBox/swagger-petstore
+helm upgrade --install swagger-petstore oci://ghcr.io/securecodebox/helm/swagger-petstore
 ```
 
 ## Values

diff --git a/demo-targets/unsafe-https/README.md b/demo-targets/unsafe-https/README.md
@@ -48,7 +48,7 @@ The unsafe-https chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install unsafe-https secureCodeBox/unsafe-https
+helm upgrade --install unsafe-https oci://ghcr.io/securecodebox/helm/unsafe-https
 ```
 
 ## Values

diff --git a/demo-targets/unsafe-https/docs/README.ArtifactHub.md b/demo-targets/unsafe-https/docs/README.ArtifactHub.md
@@ -55,7 +55,7 @@ The unsafe-https chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install unsafe-https secureCodeBox/unsafe-https
+helm upgrade --install unsafe-https oci://ghcr.io/securecodebox/helm/unsafe-https
 ```
 
 ## Values

diff --git a/demo-targets/vulnerable-log4j/README.md b/demo-targets/vulnerable-log4j/README.md
@@ -46,7 +46,7 @@ The vulnerable-log4j chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install vulnerable-log4j secureCodeBox/vulnerable-log4j
+helm upgrade --install vulnerable-log4j oci://ghcr.io/securecodebox/helm/vulnerable-log4j
 ```
 
 ## Values

diff --git a/demo-targets/vulnerable-log4j/docs/README.ArtifactHub.md b/demo-targets/vulnerable-log4j/docs/README.ArtifactHub.md
@@ -53,7 +53,7 @@ The vulnerable-log4j chart can be deployed via helm:
 
 ```bash
 # Install HelmChart (use -n to configure another namespace)
-helm upgrade --install vulnerable-log4j secureCodeBox/vulnerable-log4j
+helm upgrade --install vulnerable-log4j oci://ghcr.io/securecodebox/helm/vulnerable-log4j
 ```
 
 ## Values

diff --git a/documentation/docs/auto-discovery/container-auto-discovery.md b/documentation/docs/auto-discovery/container-auto-discovery.md
@@ -24,13 +24,13 @@ If a pod consists of multiple containers, the above described logic will be appl
 
 [Trivy](/docs/scanners/trivy) is a container image scanner that is used by the Container AutoDiscovery. It has to be installed in the same namespace as the containers that you wish to scan. The following steps will install trivy in the `default` namespace:
 ```bash
-helm upgrade --install trivy secureCodeBox/trivy
+helm upgrade --install trivy oci://ghcr.io/securecodebox/helm/trivy
 ```
 
 #### Deactivation
 
 The Container AutoDiscovery is enabled by default but can be disabled manually.
 
 ```bash
-helm upgrade --namespace securecodebox-system --install auto-discovery-kubernetes secureCodeBox/auto-discovery-kubernetes --set config.containerAutoDiscovery.enabled=false
+helm upgrade --namespace securecodebox-system --install auto-discovery-kubernetes oci://ghcr.io/securecodebox/helm/auto-discovery-kubernetes --set config.containerAutoDiscovery.enabled=false
 ```
diff --git a/documentation/docs/auto-discovery/installation.md b/documentation/docs/auto-discovery/installation.md
@@ -38,7 +38,7 @@ This behavior can be configured using one of the following `resourceInclusion` m
 These modes can be set via the `config.resourceInclusion` parameter in the helm chart:
 
 ```bash
-helm upgrade --namespace securecodebox-system --install auto-discovery-kubernetes secureCodeBox/auto-discovery-kubernetes --set config.resourceInclusion.mode="enabled-per-resource"
+helm upgrade --namespace securecodebox-system --install auto-discovery-kubernetes oci://ghcr.io/securecodebox/helm/auto-discovery-kubernetes --set config.resourceInclusion.mode="enabled-per-resource"
 ```
 
 The default mode is `enabled-per-namespace`.
@@ -57,7 +57,7 @@ Annotating a individual resource is done as follows. Here the deployment `juice-
 It is done by adding the annotation to the chart values, which is then passed to the deployment template. This results into the pod containing the service/deployment always having the annotation. The process may be different in your case:
 
 ```bash
-helm upgrade --install juice-shop secureCodeBox/juice-shop  --set-json='annotations={"auto-discovery.securecodebox.io/enabled":"true"}'
+helm upgrade --install juice-shop oci://ghcr.io/securecodebox/helm/juice-shop  --set-json='annotations={"auto-discovery.securecodebox.io/enabled":"true"}'
 ```
 
 You should now see a ZAP-advanced [ScheduledScan](/docs/api/crds/scheduled-scan) created for juice-shop or any other service that you have annotated.

diff --git a/documentation/docs/auto-discovery/service-auto-discovery.md b/documentation/docs/auto-discovery/service-auto-discovery.md
@@ -21,13 +21,13 @@ By default the Service AutoDiscovery creates [ZAP Advanced](../scanners/zap-adva
 By default the Service AutoDiscovery creates ScheduledScans using the [ZAP Advanced](/docs/scanners/zap-advanced) ScanType. It has to be installed in the same namespace as the containers that you wish to scan. The following steps will install zap-advanced in the `default` namespace:
 
 ```bash
-helm upgrade --install zap-advanced secureCodeBox/zap-advanced
+helm upgrade --install zap-advanced oci://ghcr.io/securecodebox/helm/zap-advanced
 ```
 
 #### Deactivation
 
 The Service AutoDiscovery is enabled by default but can be disabled manually.
 
 ```bash
-helm upgrade --namespace securecodebox-system --install auto-discovery-kubernetes secureCodeBox/auto-discovery-kubernetes --set config.serviceAutoDiscovery.enabled=false
+helm upgrade --namespace securecodebox-system --install auto-discovery-kubernetes oci://ghcr.io/securecodebox/helm/auto-discovery-kubernetes --set config.serviceAutoDiscovery.enabled=false
 ```
diff --git a/documentation/docs/contributing/integrating-a-hook/readme-and-helm-docs.md b/documentation/docs/contributing/integrating-a-hook/readme-and-helm-docs.md
@@ -34,7 +34,7 @@ This Hook will make a request to the specified `webhookUrl` containing the findi
 Installing the Generic WebHook hook will add a ReadOnly Hook to your namespace.
 Change `webhookUrl` to your desired endpoint.
 
-helm upgrade --install gwh secureCodeBox/generic-webhook --set webhookUrl="http://example.com/my/webhook/target"
+helm upgrade --install gwh oci://ghcr.io/securecodebox/helm/generic-webhook --set webhookUrl="http://example.com/my/webhook/target"
 
 ## Chart Configuration
 

diff --git a/documentation/docs/getting-started/installation.md b/documentation/docs/getting-started/installation.md
@@ -14,14 +14,8 @@ The secureCodeBox is running on [Kubernetes](https://kubernetes.io/). To install
 First of all you need to install the secureCodeBox Operator which is responsible for starting all security scans.
 
 ```bash
-# Add the secureCodeBox Helm Repo
-helm repo add secureCodeBox https://charts.securecodebox.io
-
-# Create a new namespace for the secureCodeBox Operator
-kubectl create namespace securecodebox-system
-
-# Install the Operator & CRD's
-helm --namespace securecodebox-system upgrade --install securecodebox-operator secureCodeBox/operator
+# Install the Operator & CRD's into the `securecodebox-system` namespace
+helm --namespace securecodebox-system upgrade --install --create-namespace securecodebox-operator oci://ghcr.io/securecodebox/helm/operator
 ```
 
 If you didn't see any errors you now have the secureCodeBox Operator up and running! 🥳 🚀
@@ -111,16 +105,16 @@ You can optionally deploy SCB scanner charts for each security scanner you want
 ```bash
 # The following chart will be installed in the `default` namespace by you can choose the namespace of your choice by
 # adding `--namespace YOURNAMESPACE` to each line
-helm upgrade --install amass secureCodeBox/amass
-helm upgrade --install gitleaks secureCodeBox/gitleaks
-helm upgrade --install kube-hunter secureCodeBox/kube-hunter
-helm upgrade --install nikto secureCodeBox/nikto
-helm upgrade --install nmap secureCodeBox/nmap
-helm upgrade --install ssh-scan secureCodeBox/ssh-scan
-helm upgrade --install sslyze secureCodeBox/sslyze
-helm upgrade --install trivy secureCodeBox/trivy
-helm upgrade --install wpscan secureCodeBox/wpscan
-helm upgrade --install zap secureCodeBox/zap
+helm upgrade --install amass oci://ghcr.io/securecodebox/helm/amass
+helm upgrade --install gitleaks oci://ghcr.io/securecodebox/helm/gitleaks
+helm upgrade --install kube-hunter oci://ghcr.io/securecodebox/helm/kube-hunter
+helm upgrade --install nikto oci://ghcr.io/securecodebox/helm/nikto
+helm upgrade --install nmap oci://ghcr.io/securecodebox/helm/nmap
+helm upgrade --install ssh-scan oci://ghcr.io/securecodebox/helm/ssh-scan
+helm upgrade --install sslyze oci://ghcr.io/securecodebox/helm/sslyze
+helm upgrade --install trivy oci://ghcr.io/securecodebox/helm/trivy
+helm upgrade --install wpscan oci://ghcr.io/securecodebox/helm/wpscan
+helm upgrade --install zap oci://ghcr.io/securecodebox/helm/zap
 ```
 
 ## Install some demo targets
@@ -133,11 +127,11 @@ Otherwise you could be targeted by someone else really fast 😈
 :::
 
 ```bash
-helm upgrade --install dummy-ssh secureCodeBox/dummy-ssh
-helm upgrade --install bodgeit secureCodeBox/bodgeit
-helm upgrade --install juice-shop secureCodeBox/juice-shop
-helm upgrade --install old-wordpress secureCodeBox/old-wordpress
-helm upgrade --install swagger-petstore secureCodeBox/swagger-petstore
+helm upgrade --install dummy-ssh oci://ghcr.io/securecodebox/helm/dummy-ssh
+helm upgrade --install bodgeit oci://ghcr.io/securecodebox/helm/bodgeit
+helm upgrade --install juice-shop oci://ghcr.io/securecodebox/helm/juice-shop
+helm upgrade --install old-wordpress oci://ghcr.io/securecodebox/helm/old-wordpress
+helm upgrade --install swagger-petstore oci://ghcr.io/securecodebox/helm/swagger-petstore
 ```
 
 :::note