Merge branch 'master' into update-docker-image-group

Author: J12934

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,31 +1,42 @@
 ---
-name: Bug report
-about: Create a report to help us improve
+name: "🐞 Bug report"
+about: Please create a bug report if you encouter any project specific issue.
+labels: bug
 
 ---
+<!--
+Thank you for reporting an issue in our project 🙌
+
+Before opening a new issue, please make sure that we do not have any duplicates already open. You can ensure this by searching the issue list for this repository. If there is a duplicate, please close your issue and add a comment to the existing issue instead.
+-->
 
 **Describe the bug**
-A clear and concise description of what the bug is.
+<!-- A clear and concise description of what the bug is. -->
 
 **To Reproduce**
+<!--
 Steps to reproduce the behavior:
 1. Go to '...'
 2. Click on '....'
 3. Scroll down to '....'
 4. See error
+-->
 
 **Expected behavior**
-A clear and concise description of what you expected to happen.
+<!-- A clear and concise description of what you expected to happen. -->
 
 
 **System (please complete the following information):**
+<!--
+ - secureCodeBox Version/Release
  - OS: [e.g. iOS]
+ - Kubernetes Version [command: `kubectl version`]
  - Docker Version [command: `docker -v`]
- - Docker Compose Version [command: `docker-compose -v`]
- - Browser [e.g. chrome, safari]
+ - Browser [e.g. chrome, safari, firefox,...]
+-->
 
 **Screenshots / Logs**
-If applicable, add screenshots to help explain your problem.
+<!-- If applicable, add screenshots to help explain your problem. -->
 
 **Additional context**
-Add any other context about the problem here.
+<!-- Add any other context about the problem here. -->

.github/ISSUE_TEMPLATE/documentation_issue.md

@@ -0,0 +1,20 @@
+---
+name: "📚 Documentation Issue"
+about: "Did you come across parts of our documentation that should be fixed?"
+labels: documentation
+
+---
+<!--
+Thank you for reporting an issue in our documentation 🙌
+
+Before opening a new issue, please make sure that we do not have any duplicates already open. You can ensure this by searching the issue list for this repository. If there is a duplicate, please close your issue and add a comment to the existing issue instead.
+-->
+
+## Where to find the issue
+<!-- Be as specific as possible by naming the document, page, and ideally paragraph. -->
+
+## Describe the issue
+<!-- Please let us know what exactly is the issue with that part of the documentation -->
+
+## Suggested change
+<!-- If you have ideas on how to fix this issue, please note them here, or consider creating a Pull Request -->

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,17 +1,22 @@
 ---
-name: Feature request
-about: Suggest an idea for this project
+name: "➹ Feature request"
+about: "Suggest an idea for this project"
 
 ---
+<!--
+Thank you for reporting an issue in our documentation 🙌
+
+Before opening a new issue, please make sure that we do not have any duplicates already open. You can ensure this by searching the issue list for this repository. If there is a duplicate, please close your issue and add a comment to the existing issue instead.
+-->
 
 **Is your feature request related to a problem? Please describe.**
-A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+<!-- A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] -->
 
 **Describe the solution you'd like**
-A clear and concise description of what you want to happen.
+<!-- A clear and concise description of what you want to happen. -->
 
 **Describe alternatives you've considered**
-A clear and concise description of any alternative solutions or features you've considered.
+<!-- A clear and concise description of any alternative solutions or features you've considered. -->
 
 **Additional context**
-Add any other context or screenshots about the feature request here.
+<!-- Add any other context or screenshots about the feature request here. -->

.github/ISSUE_TEMPLATE/new_hook.md

@@ -0,0 +1,38 @@
+---
+name: '⚓️ New Hook request'
+about: 'Suggest an idea for a new data processing or integration hook in this project.'
+labels: 'hook'
+---
+
+<!--
+Thank you for contributing to our project 🙌
+
+Before opening a new issue, please make sure that we do not have any duplicates already open. You can ensure this by searching the issue list for this repository. If there is a duplicate, please close your issue and add a comment to the existing issue instead. Also, please, have a look at our FAQs and existing questions before opening a new question.
+-->
+
+## New Hook implementation request
+
+**Is your feature request related to a problem? Please describe.**
+<!-- A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] -->
+
+**Describe the solution you'd like**
+<!-- A clear and concise description of what you want to happen. -->
+
+**Describe alternatives you've considered**
+<!-- A clear and concise description of any alternative solutions or features you've considered. -->
+
+**Additional context**
+<!-- Add any other context or screenshots about the feature request here. -->
+
+## Steps to implement a new Hook
+<!--
+Hint: A general guide how to implement a new scanner is documented [here](https://github.com/secureCodeBox/secureCodeBox-v2/tree/master/docs/developer-guide)
+-->
+
+- [ ] Create a new folder with the name of the [hook here](https://github.com/secureCodeBox/secureCodeBox-v2/tree/master/hooks)
+- [ ] Add a README and give a brief overview of the scanner and its configuration options.
+- [ ] Add (optional) a Dockerfile for the scanner if there is no existing one publicly available on dockerHub
+- [ ] Use the [Hook-SDK](https://github.com/secureCodeBox/secureCodeBox-v2/tree/master/hook-sdk) to implement a new hook (currently based on NodeJS)
+- [ ] Add unit tests with at minimum 80% test coverage
+- [ ] Add some example scan.yaml and finding.yaml files in the example folder
+- [ ] Implement a new integration test for the hook [here](https://github.com/secureCodeBox/secureCodeBox-v2/tree/master/tests/integration)

.github/ISSUE_TEMPLATE/new_security_scanner.md

@@ -1,35 +1,39 @@
 ---
-name: 'New Security Scanner request'
+name: '🚓 New Security Scanner request'
 about: 'Suggest an idea for a new security scanner to integrate in this project.'
-labels: 'security scanner'
+labels: 'scanner'
 ---
+
+<!--
+Thank you for contributing to our project 🙌
+
+Before opening a new issue, please make sure that we do not have any duplicates already open. You can ensure this by searching the issue list for this repository. If there is a duplicate, please close your issue and add a comment to the existing issue instead. Also, please, have a look at our FAQs and existing questions before opening a new question.
+-->
+
 ## New Scanner implementation request
 
 **Is your feature request related to a problem? Please describe.**
-- _A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]_
+<!-- A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] -->
 
 **Describe the solution you'd like**
-- _A clear and concise description of what you want to happen._
+<!-- A clear and concise description of what you want to happen. -->
 
 **Describe alternatives you've considered**
-- _A clear and concise description of any alternative solutions or features you've considered._
+<!-- A clear and concise description of any alternative solutions or features you've considered. -->
 
 **Additional context**
-- _Add any other context or screenshots about the feature request here._
+<!-- Add any other context or screenshots about the feature request here. -->
 
 ## Steps to implement a new scanner
-> Hint: A general guide how to implement a new scanner is documented [here]( https://github.com/secureCodeBox/secureCodeBox/blob/master/docs/developer-guide/README.md#developing-own-processes)
-
-### Must have
-- [ ] Create a [new public secureCodeBox repository](https://github.com/organizations/secureCodeBox/repositories/new) for the scanner implementation
-- [ ] Implement a new scanner microservice an reuse some of the existing stuff, if possible
-- [ ] Check if there is a [healthcheck](https://github.com/secureCodeBox/secureCodeBox/blob/master/docs/developer-guide/README.md#healthchecks-for-scanner-microservices) for the microservice implemented
-- [ ] Implement a [new basic security process](https://github.com/secureCodeBox/secureCodeBox/blob/master/docs/developer-guide/README.md#developing-a-process-model) for the scanner
-- [ ] Update the [docker-compose](https://github.com/secureCodeBox/secureCodeBox/blob/master/docker-compose.yml) files and integrate your new scanner there
-- [ ] Update the [user guide](https://github.com/secureCodeBox/secureCodeBox/tree/master/docs/user-guide) and [developer guide](https://github.com/secureCodeBox/secureCodeBox/tree/master/docs/developer-guide)
-- [ ] Implement a integration test for the scanner [here](https://github.com/secureCodeBox/secureCodeBox/tree/master/test)
-
-### Should have
-- [ ] Update the [CLI examples](https://github.com/secureCodeBox/secureCodeBox/tree/master/cli)
-- [ ] Update the [Jenkins Pipeline](https://github.com/secureCodeBox/integration-pipeline-jenkins-examples) examples
-- [ ] Update the [OpenShift Container Setup](https://github.com/secureCodeBox/ansible-role-securecodebox-openshift)
+<!--
+Hint: A general guide how to implement a new scanner is documented [here](https://github.com/secureCodeBox/secureCodeBox-v2/tree/master/docs/developer-guide)
+-->
+
+- [ ] Create a new folder with the name of the [scanner here](https://github.com/secureCodeBox/secureCodeBox-v2/tree/master/scanners)
+- [ ] Add a README.md and give a brief overview of the scanner and its configuration options.
+- [ ] Implement a new scanner specific scan-type.yaml
+- [ ] Implement a new scanner specific parse-definition.yaml
+- [ ] Add (optional) some cascading-rules.yaml
+- [ ] Add (optional) a Dockerfile for the scanner if there is no existing one publicly available on dockerHub
+- [ ] Use the [parser-SDK](https://github.com/secureCodeBox/secureCodeBox-v2/tree/master/parser-sdk) to implement a new findings parser (currently based on NodeJS)
+- [ ] Add unit tests with at minimum 80% test coverage

.github/ISSUE_TEMPLATE/question.md

@@ -0,0 +1,14 @@
+---
+name: "🤨 Question"
+about: "If you have *specific* questions about the project, please post them here."
+labels: question
+
+---
+<!--
+Thank you for supporting our project 🙌
+
+Before opening a new issue, please make sure that we do not have any duplicates already open. You can ensure this by searching the issue list for this repository. If there is a duplicate, please close your issue and add a comment to the existing issue instead. Also, please, have a look at our FAQs and existing questions before opening a new question.
+-->
+
+## Your Question
+<!-- Include details about your question. -->

.github/pull_request_template.md

@@ -0,0 +1,20 @@
+<!-- 
+Thank you for your contribution to our Project 🙌 
+
+Before submitting your Pull Request, please take the time to check the points below and provide some descriptive information.
+* [ ] If this PR comes from a fork, please [Allow edits from maintainers](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/allowing-changes-to-a-pull-request-branch-created-from-a-fork)
+* [ ] Set a meaningful title. Format: {task_name} (closes #{issue_number}). For example: Use logger (closes #41)
+* [ ] [Link your Pull Request to an issue](https://help.github.com/en/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue) (if applicable)
+* [ ] Create Draft pull requests if you need clarification or an explicit review before you can continue your work item.
+* [ ] Make sure that your PR is not introducing _unncessary_ reformatting (e.g., introduced by on-save hooks in your IDE)
+* [ ] Make sure each new source file you add has a correct license header.
+-->
+
+## Checklist
+
+* [ ] Test your changes as thoroughly as possible before you commit them. Preferably, automate your test by unit/integration tests.
+* [ ] Make sure `npm test` runs for the whole project.
+
+## Description
+
+<!-- Please be brief in describing which issue is solved by your PR or which enhancement it brings -->

.github/workflows/ci.yaml

@@ -47,7 +47,7 @@ jobs:
       - name: "Run tests & publish code coverage"
         uses: paambaati/codeclimate-action@v2.6.0
         env:
-          CC_TEST_REPORTER_ID: 80b305e484240da8cecbd1d017dfb365d3ee7f4508b5ed8fd9e9348efd286406
+          CC_TEST_REPORTER_ID: 545b7af20f13dc58a3284275828532a26d89a8e90c8f276fb54a23d78bae7a19
         with:
           coverageCommand: npm test -- --ci --colors --coverage
   operator:

.github/workflows/helm-charts.yaml

@@ -11,23 +11,51 @@ jobs:
       - name: "Install yq"
         run: |
           sudo snap install yq
-      - name: Parse Tag 
+      - name: Parse Tag
         run: echo ::set-env name=RELEASE_VERSION::${GITHUB_REF#refs/*/}
-      - name: "Publish Helm Chart"
+      - name: "Publish Helm3 Charts"
         env:
           HELM_REGISTRY: https://charts.securecodebox.io
           USERNAME: ${{ secrets.HELM_REGISTRY_USERNAME }}
           PASSWORD: ${{ secrets.HELM_REGISTRY_PASSWORD }}
         run: |
-          # Publish charts in all folders containing a `Chart.yaml` file
+          # Publish all helm3 charts in all folders containing a `Chart.yaml` file
           # https://github.com/koalaman/shellcheck/wiki/SC2044
           find . -type f -name Chart.yaml -print0 | while IFS= read -r -d '' chart; do
           (
             dir="$(dirname "${chart}")"
             cd "${dir}" || exit
-            echo "Processing Chart in $dir"
+            echo "Processing Helm3 Chart in $dir"
             helm package --version $RELEASE_VERSION .
             NAME=$(yq read - name < Chart.yaml)
             curl --silent --show-error --user "${USERNAME}:${PASSWORD}" --data-binary "@${NAME}-${RELEASE_VERSION}.tgz" "${HELM_REGISTRY}/api/charts"
           )
-          done
+          done
+      - name: "Publish Helm2 Charts"
+        env:
+          HELM_REGISTRY: https://charts-helm2.securecodebox.io
+          USERNAME: ${{ secrets.HELM_REGISTRY_USERNAME }}
+          PASSWORD: ${{ secrets.HELM_REGISTRY_PASSWORD }}
+        run: |
+          # Publish all helm2 charts in all folders containing a `helm2.Chart.yaml` file
+          # https://github.com/koalaman/shellcheck/wiki/SC2044
+          find . -type f -name helm2.Chart.yaml -print0 | while IFS= read -r -d '' chart; do
+          (
+            dir="$(dirname "${chart}")"
+            cd "${dir}" || exit
+            mv Chart.yaml helm3.Chart.yaml
+            mv helm2.Chart.yaml Chart.yaml
+            if [ "$(basename "$PWD")" = "operator" ]
+            then
+                echo "Copying CRDS to templates folder, as helm2 doesn't have native crds support."
+                cp -R crds templates/crds
+            fi
+            echo "Restoring Helm2 Chart and replace Helm3 Chart temporary"
+            [ ! -f helm2.requirements.lock ] || mv helm2.requirements.lock requirements.lock
+            [ ! -f helm2.requirements.yaml ] || mv helm2.requirements.yaml requirements.yaml
+            echo "Processing Helm2 Chart in $dir"
+            helm package --version $RELEASE_VERSION .
+            NAME=$(yq read - name < Chart.yaml)
+            curl --silent --show-error --user "${USERNAME}:${PASSWORD}" --data-binary "@${NAME}-${RELEASE_VERSION}.tgz" "${HELM_REGISTRY}/api/charts"
+          )
+          done

.github/workflows/helm-docs.yaml

@@ -0,0 +1,32 @@
+name: "Update Helm Docs"
+
+on:
+  push:
+
+jobs:
+  helm-docs:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          ref: ${{ github.head_ref }}
+
+      - name: Download Helm Docs
+        run: |
+          mkdir helm-docs
+          cd helm-docs
+
+          curl --output helm-docs.tar.gz --location https://github.com/norwoodj/helm-docs/releases/download/v0.15.0/helm-docs_0.15.0_Linux_x86_64.tar.gz
+          tar -xvf helm-docs.tar.gz
+          # Verify install
+          ./helm-docs --version
+
+      - name: Generate Helm Docs
+        run: |
+          ./helm-docs/helm-docs
+          # Remove helm-docs download to ensure they dont get commited back
+          rm -rf helm-docs
+      - uses: stefanzweifel/git-auto-commit-action@v4.5.1
+        with:
+          commit_message: Updating Helm Docs