Skip to main content

ParseDefinition

ParseDefinitions are Custom Resource Definitions (CRD's) used to describe to the secureCodeBox how it can convert a raw finding report (e.g. XML report from nmap) into the generic secureCodeBox finding format.

ParseDefinitions are generally packaged together with a ScanType. A scanType will reference the name of a ParseDefinition via the extractResults.type field.

Specification (Spec)#

Image (Required)#

image is the reference to the parser container image which can transform the raw scan report into findings.

To see how to write parsers and package them into images, checkout the documentation page on integrating new scanners.

ImagePullSecrets (Optional)#

imagePullSecrets can be used to integrate private parser images. This uses the kubernetes default imagePullSecrets structure.

TTLSecondsAfterFinished (Optional)#

ttlSecondsAfterFinished can be used to automatically delete the completed Kubernetes job used to run the parser. This sets the ttlSecondsAfterFinished field on the created job. This requires your cluster to have the TTLAfterFinished feature gate enabled in your cluster.

Example#

apiVersion: execution.securecodebox.io/v1kind: ParseDefinitionmetadata:  name: zap-jsonspec:  image: docker.io/securecodebox/parser-zap  imagePullSecrets:  - name: dockerhub-token  ttlSecondsAfterFinished: 60