Skip to main content

Integrating A New Scanner

In the secureCodeBox we created new Custom Resource Definitions (CRD) for Kubernetes to manage scanners (ScanType) and hooks (see Custom Resource Definitions). To add a new Scanner you need to add a new ScanType (see ScanType) and a parser for its results.

The directory structure of a scanner Helm Chart will look something like this:

scanners/nmap
├── cascading-rules
│   └── ...
├── docs
│   ├── README.ArtifactHub.md
│   ├── README.DockerHub-Parser.md
│   └── README.DockerHub-Scanner.md
├── examples
│   ├── demo-target-ssh
│   │   ├── findings.yaml
│   │   ├── nmap-results.xml
│   │   └── scan.yaml
│   └── ...
├── parser
│   ├── Dockerfile
│   ├── package.json
│   ├── package-lock.json
│   ├── parser.js
│   ├── parser.test.js
│   └── __testFiles__
│   └── ...
├── templates
│   ├── cascading-rules.yaml
│   ├── nmap-parse-definition.yaml
│   └── nmap-scan-type.yaml
├── scanner
│   └── Dockerfile
├── Chart.yaml
├── values.yaml
├── Makefile
├── README.md
├── .helm-docs.gotmpl
├── .helmignore
└── .gitignore

To create a new Helm Chart for your scanner you can use the following command (replace new-scanner with the name of the scanner):

make create-new-scanner NAME=new-scanner

This command will create a new directory named new-scanner and some template files provided by helm to simplify the creation of Helm Charts (see Helm | Getting Started).

The following pages describe the purpose of all files and how to configure them.