secureCodeBox · rfelber · Jun 7, 2021 · Jun 7, 2021 · Jun 7, 2021 · Jun 7, 2021
diff --git a/.github/release-steps.md b/.github/release-steps.md
@@ -0,0 +1,11 @@
+## A list of steps to ensure after a new release
+- Ensure and update all charts with a new release chartversion x.x.x
+- Add the minor or major release version to the `helm-docs` template: `./.helm-docs/template.gotmpl
+- ensure the all chart annotations specific for ArtifactHub are correct (e.g. release notes)
+- check SECURITY.md
+
+::: Note
+
+In the future we should try to automate this steps also for each release!
+
+:::
diff --git a/.github/workflows/helm-docs.yaml b/.github/workflows/helm-docs.yaml
@@ -31,12 +31,83 @@ jobs:
 
           curl --output helm-docs.tar.gz --location https://github.com/norwoodj/helm-docs/releases/download/v1.5.0/helm-docs_1.5.0_Linux_x86_64.tar.gz
           tar -xvf helm-docs.tar.gz
-          # Verify install
+          # Verify installation
           ./helm-docs --version
 
       - name: Generate Helm Docs
         run: |
-          ./helm-docs/helm-docs
+          # Generate README.md based on Chart.yaml and template
+          ./helm-docs/helm-docs --template-files=./.helm-docs/templates.gotmpl --template-files=.helm-docs.gotmpl --template-files=./.helm-docs/README.md.gotmpl
+
+      - name: Generate Demo-Apps Docs
+        run: |
+          # Start in the hooks folder
+          cd demo-apps
+          # https://github.com/koalaman/shellcheck/wiki/SC2044
+          find . -type f -name Chart.yaml -print0 | while IFS= read -r -d '' chart; do
+          (
+            dir="$(dirname "${chart}")"
+            echo "Processing Helm Chart in $dir"
+            cd "${dir}" || exit
+            if [ -d "docs" ]; then
+              echo "Docs Folder found at: ${dir}/docs"
+              ./../../helm-docs/helm-docs --template-files=./../../.helm-docs/templates.gotmpl --template-files=.helm-docs.gotmpl --template-files=./../../.helm-docs/README.DockerHub-Target.md.gotmpl --output-file=docs/README.DockerHub-Target.md
+              ./../../helm-docs/helm-docs --template-files=./../../.helm-docs/templates.gotmpl --template-files=.helm-docs.gotmpl --template-files=./../../.helm-docs/README.ArtifactHub.md.gotmpl --output-file=docs/README.ArtifactHub.md
+            else
+              echo "Ignoring Docs creation process for Chart $dir, because no `docs` folder found at: ${dir}/docs"
+            fi
+          )
+          done
+
+      - name: Generate Docker Hooks Docs
+        run: |
+          # Start in the hooks folder
+          cd hooks
+          # https://github.com/koalaman/shellcheck/wiki/SC2044
+          find . -type f -name Chart.yaml -print0 | while IFS= read -r -d '' chart; do
+          (
+            dir="$(dirname "${chart}")"
+            echo "Processing Helm Chart in $dir"
+            cd "${dir}" || exit
+            if [ -d "docs" ]; then
+              echo "Docs Folder found at: ${dir}/docs"
+              ./../../helm-docs/helm-docs --template-files=./../../.helm-docs/templates.gotmpl --template-files=.helm-docs.gotmpl --template-files=./../../.helm-docs/README.DockerHub-Hook.md.gotmpl --output-file=docs/README.DockerHub-Hook.md
+              ./../../helm-docs/helm-docs --template-files=./../../.helm-docs/templates.gotmpl --template-files=.helm-docs.gotmpl --template-files=./../../.helm-docs/README.ArtifactHub.md.gotmpl --output-file=docs/README.ArtifactHub.md
+            else
+              echo "Ignoring Docs creation process for Chart $dir, because no `docs` folder found at: ${dir}/docs"
+            fi
+          )
+          done
+
+      - name: Generate Docker Scanner Docs
+        run: |
+          # Start in the scanners folder
+          cd scanners
+          # https://github.com/koalaman/shellcheck/wiki/SC2044
+          find . -type f -name Chart.yaml -print0 | while IFS= read -r -d '' chart; do
+          (
+            dir="$(dirname "${chart}")"
+            echo "Processing Helm Chart in $dir"
+            cd "${dir}" || exit
+            if [ -d "docs" ]; then
+              echo "Docs Folder found at: ${dir}/docs"
+              if [ -d "parser" ]; then
+                echo "Parser found at: ${dir}/parser"
+                ./../../helm-docs/helm-docs --template-files=./../../.helm-docs/templates.gotmpl --template-files=.helm-docs.gotmpl --template-files=./../../.helm-docs/README.DockerHub-Parser.md.gotmpl --output-file=docs/README.DockerHub-Parser.md
+              fi
+              if [ -d "scanner" ]; then
+                echo "Scanner found at: ${dir}/parser"
+                ./../../helm-docs/helm-docs --template-files=./../../.helm-docs/templates.gotmpl --template-files=.helm-docs.gotmpl --template-files=./../../.helm-docs/README.DockerHub-Scanner.md.gotmpl --output-file=docs/README.DockerHub-Scanner.md
+              fi
+              ./../../helm-docs/helm-docs --template-files=./../../.helm-docs/templates.gotmpl --template-files=.helm-docs.gotmpl --template-files=./../../.helm-docs/README.ArtifactHub.md.gotmpl --output-file=docs/README.ArtifactHub.md
+            else
+              echo "Ignoring Docs creation process for Chart $dir, because no `docs` folder found at: ${dir}/docs"
+            fi
+          )
+          done
+
+      - name: Remove Helm Docs Files
+        run: |
           # Remove helm-docs download to ensure they don't get commited back
           rm -rf helm-docs
       - uses: stefanzweifel/git-auto-commit-action@v4.11.0

diff --git a/.helm-docs/README.ArtifactHub.md.gotmpl b/.helm-docs/README.ArtifactHub.md.gotmpl
@@ -0,0 +1,31 @@
+{{- /*
+SPDX-FileCopyrightText: 2020 iteratec GmbH
+
+SPDX-License-Identifier: Apache-2.0
+*/ -}}
+{{ template "extra.hintSection" . }}
+
+{{ template "extra.badgesSection" . }}
+
+{{ template "extra.secureCodeBoxAboutSection" . }}
+
+{{ template "extra.chartAboutSection" . }}
+
+{{ template "extra.chartDeploymentSection" . }}
+
+{{ template "extra.scannerConfigurationSection" . }}
+
+{{ template "extra.contributionSection" . }}
+
+{{ template "extra.communitySection" . }}
+
+{{ template "chart.requirementsSection" . }}
+
+{{ template "extra.chartConfigurationSection" . }}
+
+{{ template "chart.valuesSection" . }}
+
+{{ template "extra.licenseSection" . }}
+
+{{ template "extra.generalLinksSection" . }}
+{{ template "extra.scannerLinksSection" . }}
diff --git a/.helm-docs/README.DockerHub-Hook.md.gotmpl b/.helm-docs/README.DockerHub-Hook.md.gotmpl
@@ -0,0 +1,28 @@
+{{- /*
+SPDX-FileCopyrightText: 2020 iteratec GmbH
+
+SPDX-License-Identifier: Apache-2.0
+*/ -}}
+{{ template "extra.hintSection" . }}
+
+{{ template "extra.badgesSection" . }}
+
+{{ template "extra.secureCodeBoxAboutSection" . }}
+
+{{ template "extra.dockerDeploymentSection" . }}
+
+## How to use this image
+This `hook` image is intended to work in combination with other `parser` images to read or manipulate `findings` results. For more informations details please take a look at the [project page][scb-docs] or [documentation page][{{ template "chart.homepage" . }}].
+
+```bash
+docker pull securecodebox/hook-{{ template "chart.name" . }}
+```
+
+{{ template "extra.chartAboutSection" . }}
+
+{{ template "extra.communitySection" . }}
+
+{{ template "extra.dockerLicenseSection" . }}
+
+{{ template "extra.generalLinksSection" . }}
+{{ template "extra.scannerLinksSection" . }}
diff --git a/.helm-docs/README.DockerHub-Parser.md.gotmpl b/.helm-docs/README.DockerHub-Parser.md.gotmpl
@@ -0,0 +1,28 @@
+{{- /*
+SPDX-FileCopyrightText: 2020 iteratec GmbH
+
+SPDX-License-Identifier: Apache-2.0
+*/ -}}
+{{ template "extra.hintSection" . }}
+
+{{ template "extra.badgesSection" . }}
+
+{{ template "extra.secureCodeBoxAboutSection" . }}
+
+{{ template "extra.dockerDeploymentSection" . }}
+
+## How to use this image
+This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more informations details please take a look at the documentation page: {{ template "chart.homepage" . }}.
+
+```bash
+docker pull securecodebox/parser-{{ template "chart.name" . }}
+```
+
+{{ template "extra.chartAboutSection" . }}
+
+{{ template "extra.communitySection" . }}
+
+{{ template "extra.dockerLicenseSection" . }}
+
+{{ template "extra.generalLinksSection" . }}
+{{ template "extra.scannerLinksSection" . }}
diff --git a/.helm-docs/README.DockerHub-Scanner.md.gotmpl b/.helm-docs/README.DockerHub-Scanner.md.gotmpl
@@ -0,0 +1,30 @@
+{{- /*
+SPDX-FileCopyrightText: 2020 iteratec GmbH
+
+SPDX-License-Identifier: Apache-2.0
+*/ -}}
+{{ template "extra.hintSection" . }}
+
+{{ template "extra.badgesSection" . }}
+
+{{ template "extra.secureCodeBoxAboutSection" . }}
+
+{{ template "extra.dockerDeploymentSection" . }}
+
+## How to use this image
+This `scanner` image is intended to work in combination with the corresponding `parser` image to parse the scanner `findings` to generic secureCodeBox results. For more informations details please take a look at the [project page][scb-docs] or [documentation page][{{ template "chart.homepage" . }}].
+
+```bash
+docker pull securecodebox/scanner-{{ template "chart.name" . }}
+```
+
+{{ template "extra.chartAboutSection" . }}
+
+{{ template "extra.scannerConfigurationSection" . }}
+
+{{ template "extra.communitySection" . }}
+
+{{ template "extra.dockerLicenseSection" . }}
+
+{{ template "extra.generalLinksSection" . }}
+{{ template "extra.scannerLinksSection" . }}
diff --git a/.helm-docs/README.DockerHub-Target.md.gotmpl b/.helm-docs/README.DockerHub-Target.md.gotmpl
@@ -0,0 +1,28 @@
+{{- /*
+SPDX-FileCopyrightText: 2020 iteratec GmbH
+
+SPDX-License-Identifier: Apache-2.0
+*/ -}}
+{{ template "extra.hintSection" . }}
+
+{{ template "extra.badgesSection" . }}
+
+{{ template "extra.secureCodeBoxAboutSection" . }}
+
+{{ template "extra.dockerDeploymentSection" . }}
+
+## How to use this image
+This image is an potentialy vulnerable service or application which is used for demo purposes, automated tests and trainings.
+
+```bash
+docker pull securecodebox/{{ template "chart.name" . }}
+```
+
+{{ template "extra.chartAboutSection" . }}
+
+{{ template "extra.communitySection" . }}
+
+{{ template "extra.dockerLicenseSection" . }}
+
+{{ template "extra.generalLinksSection" . }}
+{{ template "extra.scannerLinksSection" . }}
diff --git a/.helm-docs/README.md.gotmpl b/.helm-docs/README.md.gotmpl
@@ -0,0 +1,26 @@
+{{- /*
+SPDX-FileCopyrightText: 2020 iteratec GmbH
+
+SPDX-License-Identifier: Apache-2.0
+*/ -}}
+{{ template "extra.hintSection" . }}
+{{ template "extra.docsSection" . }}
+
+{{ template "extra.badgesSection" . }}
+
+{{ template "extra.chartAboutSection" . }}
+
+{{ template "extra.chartDeploymentSection" . }}
+
+{{ template "extra.scannerConfigurationSection" . }}
+
+{{ template "chart.requirementsSection" . }}
+
+{{ template "extra.chartConfigurationSection" . }}
+
+{{ template "chart.valuesSection" . }}
+
+{{ template "extra.licenseSection" . }}
+
+{{ template "extra.generalLinksSection" . }}
+{{ template "extra.scannerLinksSection" . }}
diff --git a/.helm-docs/templates.gotmpl b/.helm-docs/templates.gotmpl
@@ -0,0 +1,106 @@
+{{- define "extra.badgesSection" -}}
+<p align="center">
+  <a href="https://opensource.org/licenses/Apache-2.0"><img alt="License Apache-2.0" src="https://img.shields.io/badge/License-Apache%202.0-blue.svg"></a>
+  <a href="https://github.com/secureCodeBox/secureCodeBox/releases/latest"><img alt="GitHub release (latest SemVer)" src="https://img.shields.io/github/v/release/secureCodeBox/secureCodeBox?sort=semver"></a>
+  <a href="https://owasp.org/www-project-securecodebox/"><img alt="OWASP Incubator Project" src="https://img.shields.io/badge/OWASP-Incubator%20Project-365EAA"></a>
+  <a href="https://artifacthub.io/packages/search?repo=seccurecodebox"><img alt="Artifact HUB" src="https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/seccurecodebox"></a>
+  <a href="https://github.com/secureCodeBox/secureCodeBox/"><img alt="GitHub Repo stars" src="https://img.shields.io/github/stars/secureCodeBox/secureCodeBox?logo=GitHub"></a>
+  <a href="https://twitter.com/securecodebox"><img alt="Twitter Follower" src="https://img.shields.io/twitter/follow/securecodebox?style=flat&color=blue&logo=twitter"></a>
+</p>
+{{- end }}
+
+{{- define "extra.hintSection" -}}
+<!--
+SPDX-FileCopyrightText: 2020 iteratec GmbH
+
+SPDX-License-Identifier: Apache-2.0
+-->
+<!-- 
+.: IMPORTANT! :.
+--------------------------
+This file is generated automaticaly with `helm-docs` based on the following template files:
+- ./.helm-docs/templates.gotmpl (general template data for all charts)
+- ./chart-folder/.helm-docs.gotmpl (chart specific template data)
+
+Please be aware of that and apply your changes only within those template files instead of this file. 
+Otherwise your changes will be reverted/overriden automaticaly due to the build process `./.github/workflows/helm-docs.yaml`
+--------------------------
+-->
+{{- end }}
+
+{{- define "extra.secureCodeBoxAboutSection" -}}
+## What is OWASP secureCodeBox?
+
+<p align="center">
+  <img alt="secureCodeBox Logo" src="https://docs.securecodebox.io/img/Logo_Color.svg" width="250px">
+</p>
+
+_[OWASP secureCodeBox][scb-github]_ is an automated and scalable open source solution that can be used to integrate various *security vulnerability scanners* with a simple and lightweight interface. The _secureCodeBox_ mission is to support *DevSecOps* Teams to make it easy to automate security vulnerability testing in different scenarios.
+
+With the _secureCodeBox_ we provide a toolchain for continuous scanning of applications to find the low-hanging fruit issues early in the development process and free the resources of the penetration tester to concentrate on the major security issues.
+
+
+The secureCodeBox project is running on [Kubernetes](https://kubernetes.io/). To install it you need [Helm](https://helm.sh), a package manager for Kubernetes. It is also possible to start the different integrated security vulnerability scanners based on a docker infrastructure.
+
+### Quickstart with secureCodeBox on kubernetes
+
+You can find resources to help you get started on our [documentation website](https://docs.securecodebox.io) including instruction on how to [install the secureCodeBox project](https://docs.securecodebox.io/docs/getting-started/installation) and guides to help you [run your first scans](https://docs.securecodebox.io/docs/getting-started/first-scans) with it.
+{{- end }}
+
+{{- define "extra.chartDeploymentSection" -}}
+## Deployment
+The {{ template "chart.name" . }} `scanType` can be deployed via helm:
+
+```bash
+# Install HelmChart (use -n to configure another namespace)
+helm upgrade --install {{ template "chart.name" . }} secureCodeBox/{{ template "chart.name" . }}
+```
+{{- end }}
+
+{{- define "extra.licenseSection" -}}
+## License
+[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
+
+Code of secureCodeBox is licensed under the [Apache License 2.0][scb-license].
+{{- end }}
+
+{{- define "extra.dockerLicenseSection" -}}
+## License
+[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
+
+View [license information](https://github.com/secureCodeBox/secureCodeBox/blob/master/LICENSE) for the software contained in this image. 
+
+As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).
+
+As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.
+{{- end }}
+
+{{- define "extra.communitySection" -}}
+## Community
+
+You are welcome, please join us on... 👋
+
+- [GitHub][scb-github]
+- [Slack][scb-slack]
+- [Twitter][scb-twitter]
+
+secureCodeBox is an official [OWASP][scb-owasp] project.
+
+{{- end }}
+
+{{- define "extra.contributionSection" -}}
+## Contributing
+
+Contributions are welcome and extremely helpful 🙌
+Please have a look at [Contributing](./CONTRIBUTING.md)
+{{- end }}
+
+{{- define "extra.generalLinksSection" -}}
+[scb-owasp]: https://www.owasp.org/index.php/OWASP_secureCodeBox
+[scb-docs]: https://docs.securecodebox.io/
+[scb-site]: https://www.securecodebox.io/
+[scb-github]: https://github.com/secureCodeBox/
+[scb-twitter]: https://twitter.com/secureCodeBox
+[scb-slack]: https://join.slack.com/t/securecodebox/shared_invite/enQtNDU3MTUyOTM0NTMwLTBjOWRjNjVkNGEyMjQ0ZGMyNDdlYTQxYWQ4MzNiNGY3MDMxNThkZjJmMzY2NDRhMTk3ZWM3OWFkYmY1YzUxNTU
+[scb-license]: https://github.com/secureCodeBox/secureCodeBox/blob/master/LICENSE
+{{- end }}