Changes
This release contains the following changes 🎉. Help spread the word or leave a GitHub star if you like it 😉
⚠️ Upgrade Notes
This update adds new fields to the Custom Resource Definitions (CRDs), Helm does not update CRDs after the initial installation.
To upgrade the CRDs you can run the following script or grab the latest CRDs from the git repo at the v3.3.0 tag:
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v3.3.0/operator/crds/cascading.securecodebox.io_cascadingrules.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v3.3.0/operator/crds/execution.securecodebox.io_parsedefinitions.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v3.3.0/operator/crds/execution.securecodebox.io_scancompletionhooks.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v3.3.0/operator/crds/execution.securecodebox.io_scans.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v3.3.0/operator/crds/execution.securecodebox.io_scantypes.yaml
kubectl apply -f https://raw.githubusercontent.com/secureCodeBox/secureCodeBox/v3.3.0/operator/crds/execution.securecodebox.io_scheduledscans.yaml🚀 Features
- Added new SAST scanner
semgrep@malexmave (#744) - Added optional mode to run
DefectDojowith a lower privileged user @J12934 (#747) - Let AutoDiscovery create ScheduledScans with
RetriggerOnScanTypeChangeenabled @J12934 (#748) - Enable templating of environmental variables in cascading scans @malexmave (#773)
🚓 Security Scanner
- [SCB-Bot] Upgraded
amassfrom 3.14 to 3.14.1 @github-actions (#743) - [SCB-Bot] Upgraded
amassfrom 3.14.1 to 3.14.2 @github-actions (#776) - [SCB-Bot] Upgraded
zap-advancedfrom 2.10.0 to 2.11.0 @github-actions (#768) - [SCB-Bot] Upgraded
zapfrom 2.10.0 to 2.11.0 @github-actions (#767) - [SCB-Bot] Upgraded
sslyzefrom 4.0.4 to 4.1.0 @github-actions (#764) - [SCB-Bot] Upgraded
kube-hunterfrom 0.6.1 to 0.6.3 @github-actions (#762) - Added new SAST scanner
semgrep@malexmave (#744) - Git-Repo-Scanner: Optionally include commit information in output @malexmave (#775)
⚓️ Hooks
- Added initContainer support in cascading scan rules @malexmave (#734)
🐛 Bug Fixes
- Symlink license file into toplevel dir @Weltraumschaf (#774)
- Fixed Issue in Helm Release Process @J12934 (#753)
- Fixed incompatibility with BSD Unix sed in makefile (closes #749) @Weltraumschaf (#751)
- Fixed timezone issues with
git-repo-scanner@malexmave (#745)
📚 Documentation
- Added a warning about
DefectDojodeduplication issue to the documentation @malexmave (#760)
🔧 Maintenance
- Aligned common targets for SDK makefile @EndPositive (#758)
📌 Dependencies
- [SCB-Bot] Upgraded
amassfrom 3.14 to 3.14.1 @github-actions (#743) - [SCB-Bot] Upgraded
amassfrom 3.14.1 to 3.14.2 @github-actions (#776) - [Snyk] Upgrade axios from 0.21.4 to 0.22.0 @snyk-bot (#772)
- [SCB-Bot] Upgraded
zap-advancedfrom 2.10.0 to 2.11.0 @github-actions (#768) - [SCB-Bot] Upgraded
zapfrom 2.10.0 to 2.11.0 @github-actions (#767) - [SCB-Bot] Upgraded
sslyzefrom 4.0.4 to 4.1.0 @github-actions (#764) - [SCB-Bot] Upgraded
kube-hunterfrom 0.6.1 to 0.6.3 @github-actions (#762) - [Snyk] Upgrade axios from 0.21.4 to 0.22.0 @snyk-bot (#771)
- Enabled SCB-Bot scanner upgrades @rseedorff (#769)
Distribution
Contributers
Thx to all our contributers supporting this project 🤗
@EndPositive, @J12934, @Weltraumschaf, @github-actions, @malexmave, @rseedorff, @secureCodeBoxBot and @snyk-bot