secureCodeBox · J12934 · Jun 10, 2021 · Jun 9, 2021 · Jun 9, 2021 · Jun 9, 2021
diff --git a/.codeclimate.yml b/.codeclimate.yml
@@ -48,7 +48,7 @@ exclude_patterns:
   - "**/*.test.ts"
   - "**/*.d.ts"
   # Generated 
-  - "**/hooks/declarative-subsequent-scans/scan-helpers.js"
-  - "**/hooks/declarative-subsequent-scans/hook.js"
+  - "**/hooks/cascading-scans/scan-helpers.js"
+  - "**/hooks/cascading-scans/hook.js"
   # Auto Generated by kubernetes java client
   - "**/hooks/persistence-defectdojo/src/main/java/io/securecodebox/models/"
diff --git a/.eslintignore b/.eslintignore
@@ -4,8 +4,8 @@
 
 **/node_modules
 **/coverage
-hooks/declarative-subsequent-scans/hook.js
-hooks/declarative-subsequent-scans/scan-helpers.js
-hooks/declarative-subsequent-scans/kubernetes-label-selector.js
+hooks/cascading-scans/hook.js
+hooks/cascading-scans/scan-helpers.js
+hooks/cascading-scans/kubernetes-label-selector.js
 scanners/zap-advanced/scanner/scripts/*
 **/build/reports/*
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -109,7 +109,7 @@ jobs:
           npm ci
       - name: "Compile Typescript"
         run: |
-          cd hooks/declarative-subsequent-scans
+          cd hooks/cascading-scans
           npm run build
       - name: "Run tests & publish code coverage"
         uses: paambaati/codeclimate-action@v2.6.0
@@ -228,7 +228,7 @@ jobs:
     strategy:
       matrix:
         hook:
-          - declarative-subsequent-scans
+          - cascading-scans
           - finding-post-processing
           - generic-webhook
           - notification-hook
@@ -846,9 +846,9 @@ jobs:
           kubectl -n integration-tests delete scans --all
           # We'll run these in a separate namespace so that only the cascadingRules we want to test will be used
           kubectl create namespace cascading-tests
-          # Install declarative-subsequent-scans hook
-          helm upgrade --install dssh ./hooks/declarative-subsequent-scans/ -n cascading-tests \
-            --set="image.repository=docker.io/${{ env.DOCKER_NAMESPACE }}/declarative-subsequent-scans" \
+          # Install cascading-scans hook
+          helm upgrade --install dssh ./hooks/cascading-scans/ -n cascading-tests \
+            --set="image.repository=docker.io/${{ env.DOCKER_NAMESPACE }}/cascading-scans" \
             --set="image.tag=sha-$(git rev-parse --short HEAD)"
           # Install nmap
           helm -n cascading-tests install nmap ./scanners/nmap/ \
@@ -889,9 +889,9 @@ jobs:
           kubectl -n integration-tests delete scans --all
           # We'll run these in a separate namespace so that only the cascadingRules we want to test will be used
           kubectl create namespace cascading-tests
-          # Install declarative-subsequent-scans hook
-          helm upgrade --install dssh ./hooks/declarative-subsequent-scans/ -n cascading-tests --wait \
-            --set="image.repository=docker.io/${{ env.DOCKER_NAMESPACE }}/declarative-subsequent-scans" \
+          # Install cascading-scans hook
+          helm upgrade --install dssh ./hooks/cascading-scans/ -n cascading-tests --wait \
+            --set="image.repository=docker.io/${{ env.DOCKER_NAMESPACE }}/cascading-scans" \
             --set="image.tag=sha-$(git rev-parse --short HEAD)"
           # Install unsafe-https
           helm upgrade --install unsafe-https ./demo-apps/unsafe-https/ -n cascading-tests --wait

diff --git a/docs/user-guide/README.md b/docs/user-guide/README.md
@@ -17,14 +17,14 @@ category: "use"
 
 > ✍ **Page under construction.**
 
-## Declarative Combined Scans
+## Cascading Scans
 
 ### Install Hook
 
-Installing the Declarative Combined Scan hook will add a ReadOnly Hook to your namespace which looks for matching CascadingRules in the namespace and starts subsequent scans accordingly.
+Installing the Cascading Scan hook will add a ReadOnly Hook to your namespace which looks for matching CascadingRules in the namespace and starts subsequent scans accordingly.
 
 ```bash
-helm install combined-scans ./hooks/declarative-subsequent-scans
+helm install cascading-scans ./hooks/cascading-scans
 ```
 
 ### Verify Hook Installation
@@ -35,11 +35,11 @@ Successful installation can be verified by retrieving installed ScanCompletionHo
 kubectl get ScanCompletionHooks
 ```
 
-The result should contain a hook for declarative subsequent scans.
+The result should contain a hook for cascading scans.
 
 ```bash
-NAME                                          TYPE       IMAGE
-combined-scans-declarative-subsequent-scans   ReadOnly   docker.io/securecodebox/hook-declarative-subsequent-scans:latest
+NAME              TYPE       IMAGE
+cascading-scans   ReadOnly   docker.io/securecodebox/cascading-scans:latest
 ```
 
 ### Verify CascadingRules

diff --git a/...eclarative-subsequent-scans/.dockerignore → hooks/cascading-scans/.dockerignore b/...eclarative-subsequent-scans/.dockerignore → hooks/cascading-scans/.dockerignore
diff --git a/...s/declarative-subsequent-scans/.gitignore → hooks/cascading-scans/.gitignore b/...s/declarative-subsequent-scans/.gitignore → hooks/cascading-scans/.gitignore
diff --git a/.../declarative-subsequent-scans/.helmignore → hooks/cascading-scans/.helmignore b/.../declarative-subsequent-scans/.helmignore → hooks/cascading-scans/.helmignore
diff --git a/...s/declarative-subsequent-scans/Chart.lock → hooks/cascading-scans/Chart.lock b/...s/declarative-subsequent-scans/Chart.lock → hooks/cascading-scans/Chart.lock
diff --git a/...ative-subsequent-scans/Chart.lock.license → hooks/cascading-scans/Chart.lock.license b/...ative-subsequent-scans/Chart.lock.license → hooks/cascading-scans/Chart.lock.license
diff --git a/...s/declarative-subsequent-scans/Chart.yaml → hooks/cascading-scans/Chart.yaml b/...s/declarative-subsequent-scans/Chart.yaml → hooks/cascading-scans/Chart.yaml
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 apiVersion: v2
-name: declarative-subsequent-scans
+name: cascading-scans
 description: Starts possible subsequent security scans based on findings (e.g. open ports found by NMAP or subdomains found by AMASS).
 
 type: application

diff --git a/...s/declarative-subsequent-scans/Dockerfile → hooks/cascading-scans/Dockerfile b/...s/declarative-subsequent-scans/Dockerfile → hooks/cascading-scans/Dockerfile
diff --git a/hooks/declarative-subsequent-scans/README.md → hooks/cascading-scans/README.md b/hooks/declarative-subsequent-scans/README.md → hooks/cascading-scans/README.md
@@ -13,14 +13,14 @@ usecase: "Cascading Scans based declarative Rules."
 Installing the Cascading Scans hook will add a ReadOnly Hook to your namespace which looks for matching _CascadingRules_ in the namespace and start the according scans.
 
 ```bash
-helm upgrade --install dssh secureCodeBox/declarative-subsequent-scans
+helm upgrade --install dssh secureCodeBox/cascading-scans
 ```
 
 ### Verification
 ```bash
 kubectl get ScanCompletionHooks
 NAME   TYPE       IMAGE
-dssh   ReadOnly   docker.io/securecodebox/hook-declarative-subsequent-scans:latest
+dssh   ReadOnly   docker.io/securecodebox/cascading-scans:latest
 ```
 
 ## CascadingScan Rules
@@ -120,5 +120,5 @@ zap-http         zap-baseline-scan   non-invasive   medium
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | hookJob.ttlSecondsAfterFinished | string | `nil` | Seconds after which the kubernetes job for the hook will be deleted. Requires the Kubernetes TTLAfterFinished controller: https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished/ |
-| image.repository | string | `"docker.io/securecodebox/declarative-subsequent-scans"` | Hook image repository |
+| image.repository | string | `"docker.io/securecodebox/cascading-scans"` | Hook image repository |
 | image.tag | string | defaults to the charts version | The image Tag defaults to the charts version if not defined. |
diff --git a/...arative-subsequent-scans/README.md.gotmpl → hooks/cascading-scans/README.md.gotmpl b/...arative-subsequent-scans/README.md.gotmpl → hooks/cascading-scans/README.md.gotmpl
@@ -18,14 +18,14 @@ usecase: "Cascading Scans based declarative Rules."
 Installing the Cascading Scans hook will add a ReadOnly Hook to your namespace which looks for matching _CascadingRules_ in the namespace and start the according scans.
 
 ```bash
-helm upgrade --install dssh secureCodeBox/declarative-subsequent-scans
+helm upgrade --install dssh secureCodeBox/cascading-scans
 ```
 
 ### Verification
 ```bash
 kubectl get ScanCompletionHooks
 NAME   TYPE       IMAGE
-dssh   ReadOnly   docker.io/securecodebox/hook-declarative-subsequent-scans:latest
+dssh   ReadOnly   docker.io/securecodebox/cascading-scans:latest
 ```
 
 ## CascadingScan Rules

diff --git a/...declarative-subsequent-scans/hook.test.js → hooks/cascading-scans/hook.test.js b/...declarative-subsequent-scans/hook.test.js → hooks/cascading-scans/hook.test.js
@@ -2,7 +2,7 @@
 //
 // SPDX-License-Identifier: Apache-2.0
 
-const { getSubsequentScanDefinition } = require("./scan-helpers");
+const { getCascadingScanDefinition } = require("./scan-helpers");
 const { getCascadingScans } = require("./hook");
 
 let parentScan = undefined;
@@ -376,7 +376,7 @@ test("should not copy labels if inheritLabels is set to false", () => {
   );
 
   for (const { name, scanType, parameters, generatedBy, env, scanLabels, scanAnnotations } of cascadedScans) {
-    const cascadingScanDefinition = getSubsequentScanDefinition({
+    const cascadingScanDefinition = getCascadingScanDefinition({
       name,
       parentScan: parentScan,
       generatedBy,
@@ -420,7 +420,7 @@ test("should copy labels if inheritLabels is not set", () => {
   );
 
   for (const { name, scanType, parameters, generatedBy, env, scanLabels, scanAnnotations } of cascadedScans) {
-    const cascadingScanDefinition = getSubsequentScanDefinition({
+    const cascadingScanDefinition = getCascadingScanDefinition({
       name,
       parentScan: parentScan,
       generatedBy,
@@ -466,7 +466,7 @@ test("should copy labels if inheritLabels is set to true", () => {
   );
 
   for (const { name, scanType, parameters, generatedBy, env, scanLabels, scanAnnotations } of cascadedScans) {
-    const cascadingScanDefinition = getSubsequentScanDefinition({
+    const cascadingScanDefinition = getCascadingScanDefinition({
       name,
       parentScan: parentScan,
       generatedBy,
@@ -510,7 +510,7 @@ test("should not copy annotations if inheritAnnotations is set to false", () =>
   );
 
   for (const { name, scanType, parameters, generatedBy, env, scanLabels, scanAnnotations } of cascadedScans) {
-    const cascadingScanDefinition = getSubsequentScanDefinition({
+    const cascadingScanDefinition = getCascadingScanDefinition({
       name,
       parentScan: parentScan,
       generatedBy,
@@ -553,7 +553,7 @@ test("should copy annotations if inheritAnnotations is not set", () => {
   );
 
   for (const { name, scanType, parameters, generatedBy, env, scanLabels, scanAnnotations } of cascadedScans) {
-    const cascadingScanDefinition = getSubsequentScanDefinition({
+    const cascadingScanDefinition = getCascadingScanDefinition({
       name,
       parentScan: parentScan,
       generatedBy,
@@ -597,7 +597,7 @@ test("should copy annotations if inheritAnnotations is set to true", () => {
   );
 
   for (const { name, scanType, parameters, generatedBy, env, scanLabels, scanAnnotations } of cascadedScans) {
-    const cascadingScanDefinition = getSubsequentScanDefinition({
+    const cascadingScanDefinition = getCascadingScanDefinition({
       name,
       parentScan: parentScan,
       generatedBy,
@@ -662,7 +662,7 @@ test("should copy scanLabels from CascadingRule to cascading scan", () => {
     ]
   `);
 
-  const cascadingScanDefinition = getSubsequentScanDefinition({
+  const cascadingScanDefinition = getCascadingScanDefinition({
     name,
     parentScan: parentScan,
     generatedBy,
@@ -726,7 +726,7 @@ test("should copy scanAnnotations from CascadingRule to cascading scan", () => {
     ]
   `);
 
-  const cascadingScanDefinition = getSubsequentScanDefinition({
+  const cascadingScanDefinition = getCascadingScanDefinition({
     name,
     parentScan: parentScan,
     generatedBy,

diff --git a/hooks/declarative-subsequent-scans/hook.ts → hooks/cascading-scans/hook.ts b/hooks/declarative-subsequent-scans/hook.ts → hooks/cascading-scans/hook.ts
@@ -9,7 +9,7 @@ import * as Mustache from "mustache";
 import {
   startSubsequentSecureCodeBoxScan,
   getCascadingRulesForScan,
-  getSubsequentScanDefinition,
+  getCascadingScanDefinition,
   // types
   Scan,
   Finding,
@@ -29,7 +29,7 @@ export async function handle({ scan, getFindings }: HandleArgs) {
   const cascadingScans = getCascadingScans(scan, findings, cascadingRules);
 
   for (const { name, scanType, parameters, generatedBy, env, scanLabels, scanAnnotations } of cascadingScans) {
-    const cascadingScanDefinition = getSubsequentScanDefinition({
+    const cascadingScanDefinition = getCascadingScanDefinition({
       name,
       parentScan: scan,
       generatedBy,

diff --git a/...t-scans/kubernetes-label-selector.test.js → ...g-scans/kubernetes-label-selector.test.js b/...t-scans/kubernetes-label-selector.test.js → ...g-scans/kubernetes-label-selector.test.js
diff --git a/...equent-scans/kubernetes-label-selector.ts → ...cading-scans/kubernetes-label-selector.ts b/...equent-scans/kubernetes-label-selector.ts → ...cading-scans/kubernetes-label-selector.ts