Skip to content

🕸 Extend the Cascading-Scans Hook to generate custom labels or annotations for subsequent scans#430

Merged
rfelber merged 12 commits intosecureCodeBox:mainfrom
EndPositive:cascading_scans_custom_annotations
May 23, 2021
Merged

🕸 Extend the Cascading-Scans Hook to generate custom labels or annotations for subsequent scans#430
rfelber merged 12 commits intosecureCodeBox:mainfrom
EndPositive:cascading_scans_custom_annotations

Conversation

@EndPositive
Copy link
Contributor

@EndPositive EndPositive commented May 18, 2021
edited by rfelber
Loading

Description

This PR implements some of the features described in #334 related to annotations and labels in cascading scans.

close #334

Todo

  • Update DSSH code to handle cascades.inheritLabels and cascades.inheritAnnotations
  • Introduce CascadingRule.spec.scanLabels and CascadingRule.spec.scanAnnotations.
  • Add templating to CascadingRule.spec.scanLabels and CascadingRule.spec.scanAnnotations.
  • Update CRD's & types in other scanners/hooks.
  • Update docs: #78

Checklist

  • Test your changes as thoroughly as possible before you commit them. Preferably, automate your test by unit/integration tests.
  • Make sure npm test runs for the whole project.
  • Make codeclimate checks happy

@rfelber rfelber added the hook Implement or update a hook label May 18, 2021
@rfelber rfelber linked an issue May 18, 2021 that may be closed by this pull request
🕸 Extend the Cascading-Scans Hook to generate custom labels or annotations for subsequent scans #334
Closed
@rfelber rfelber added the defectdojo All issues regarding the DefectDojo Integration label May 19, 2021
@rfelber
Copy link
Member

rfelber commented May 20, 2021

Hi @EndPositive,
thx for you help implementing this issue 👍🏻
If you have any questions drop us a line via Slack or in this issue 😊

@EndPositive
Copy link
Contributor Author

EndPositive commented May 20, 2021

Hey @rseedorff , no problemo! I'm planning to get it ready for review by tomorrow. If I have any more questions, I'll be sure to reach out!

@EndPositive EndPositive marked this pull request as ready for review May 21, 2021 09:33
@EndPositive EndPositive mentioned this pull request May 21, 2021
Merged
@rfelber rfelber requested a review from J12934 May 21, 2021 10:02
rfelber
rfelber reviewed May 23, 2021
View reviewed changes
rfelber
rfelber requested changes May 23, 2021
View reviewed changes
Copy link
Member

@rfelber rfelber left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @EndPositive,
your PR looks great 👍🏻 To prevent a breaking change the scanAnnotations shouldn't be required.

@EndPositive @rfelber
Apply suggestions from code review
5eb1a07 
Co-authored-by: Robert Seedorff <Robert.Seedorff@iteratec.com>
@EndPositive
Copy link
Contributor Author

EndPositive commented May 23, 2021

Good catch, thanks!

@rfelber rfelber merged commit 1211070 into secureCodeBox:main May 23, 2021
@EndPositive EndPositive deleted the cascading_scans_custom_annotations branch June 3, 2021 14:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rfelber rfelber rfelber approved these changes

@J12934 J12934 Awaiting requested review from J12934

Assignees

No one assigned

Labels

defectdojo All issues regarding the DefectDojo Integration hook Implement or update a hook

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

🕸 Extend the Cascading-Scans Hook to generate custom labels or annotations for subsequent scans

3 participants

@EndPositive @rfelber @J12934