Working on the consistency of all scanner files, it was noticed that our own scanners (SCB scanners), that is test-scan, git-repo-scanner and zap-advanced, use a different versioning scheme which is linked to the scb releases. This leads to an inconsistent and potentially confusing use of Chart.Version vs. Chart.AppVersion in the scan-type.yaml file:
Git-Repo-Scanner (SCB) - Chart.Version (linked to SCB release):
- name: git-repo-scanner
image: "{{ .Values.scanner.image.repository }}:{{ .Values.scanner.image.tag | default .Chart.Version }}"Nmap (Extern) - Chart.AppVersion (linked to current nmap release):
- name: nmap
image: "{{ .Values.scanner.image.repository }}:{{ .Values.scanner.image.tag | default .Chart.AppVersion }}"Although this is a minor issue, it should probably kept in mind when new internally maintained scanners are added to the SCB.
Also affects scanner.image.tag in values.yaml.
The following scanners are affected:
Working on the consistency of all scanner files, it was noticed that our own scanners (SCB scanners), that is test-scan, git-repo-scanner and zap-advanced, use a different versioning scheme which is linked to the scb releases. This leads to an inconsistent and potentially confusing use of Chart.Version vs. Chart.AppVersion in the scan-type.yaml file:
Git-Repo-Scanner (SCB) - Chart.Version (linked to SCB release):
Nmap (Extern) - Chart.AppVersion (linked to current nmap release):
Although this is a minor issue, it should probably kept in mind when new internally maintained scanners are added to the SCB.
Also affects scanner.image.tag in values.yaml.
The following scanners are affected: