secureCodeBox · J12934 · Jul 12, 2023 · Jul 11, 2023 · Jul 12, 2023
diff --git a/.github/workflows/release-build.yaml b/.github/workflows/release-build.yaml
@@ -340,6 +340,7 @@ jobs:
           - screenshooter
           - semgrep
           - ssh-scan
+          - ssh-audit
           - sslyze
           - test-scan
           - trivy
@@ -420,6 +421,7 @@ jobs:
           - ncrack
           - nmap
           - nikto
+          - ssh-scan
           - ssh-audit
           - sslyze
           - typo3scan

diff --git a/.github/workflows/scb-bot.yaml b/.github/workflows/scb-bot.yaml
@@ -1,9 +1,9 @@
-# This is a Github Action workflow that runs daily at 9:15 AM UTC Time. 
-# It checks if any of the scanners listed in the matrix section are outdated. 
+# This is a Github Action workflow that runs daily at 9:15 AM UTC Time.
+# It checks if any of the scanners listed in the matrix section are outdated.
 # If a scanner is outdated, it checks if a pull request to upgrade that scanner already exists.
-# If it does not, it creates a new pull request with a title that includes the current and new versions of the scanner. 
+# If it does not, it creates a new pull request with a title that includes the current and new versions of the scanner.
 # It also includes the changelog for the new version of the scanner in the body of the pull request.
-# This workflow uses a number of third-party actions to accomplish these tasks, 
+# This workflow uses a number of third-party actions to accomplish these tasks,
 # including mikefarah/yq to fetch local and remote versions of the scanners,
 # crazy-max/ghaction-import-gpg to import a GPG key, and jq to parse the JSON output of the scanner version API.
 
@@ -68,49 +68,49 @@ jobs:
       # Fetching scanner version from remote API and making sure it's in the same format as the local version
       - name: Fetch latest release scanner version
         run: |
-            # Set the -e and -o pipefail options to cause the script to exit immediately
-            # if any command returns a non-zero exit status
-            set -e
-            set -o pipefail
-
-            local=${{env.local}}
-            release=$(curl -sL ${{env.versionApi}}  | jq -er ".tag_name" ) 
-            upgrade=$release
-
-            # Check the exit status of the curl and jq command
-            if [[ $? -ne 0 ]] ; then
-              echo "Error: Failed to download release version"
-              exit 1
-            fi
-
-            # We check if the first characters of local and release are different i.e whether it's "v1.0.0" or "1.0.0"
-            # This is to make sure that we don't compare "v1.0.0" to "1.0.0" which would result in an upgrade
-            # And also we want to keep the version format the same in the helm chart so that it will still correspond the the docker image tag.
-            # Therefore We make sure to add or remove the "v" character when necessary
-
-            if [[ ${local:0:1} != ${release:0:1} ]] ; then
-              # Check if the first character of local is "v"
-              # In this case docker/local format is "v1.0.0" and github format is "1.0.1"
-              # We want the upgrade to be "v1.0.1" 
-              if [[ ${local:0:1} == "v" ]] ; then
-                # set upgrade to "v" followed by the value of release.
-                upgrade=v${release};
-              # Check if the first character of release is "v"  
-              # in this case docker/local format is "1.0.0" and github format is "v1.0.1"
-              # We want the upgrade to be "1.0.1"
-              elif [[ ${release:0:1} == "v" ]] ; then
-                # set upgrade to the value of release without the "v" character
-                upgrade=$(echo $release| tr -d "v")
-              fi
+          # Set the -e and -o pipefail options to cause the script to exit immediately
+          # if any command returns a non-zero exit status
+          set -e
+          set -o pipefail
+
+          local=${{env.local}}
+          release=$(curl -sL ${{env.versionApi}}  | jq -er ".tag_name" ) 
+          upgrade=$release
+
+          # Check the exit status of the curl and jq command
+          if [[ $? -ne 0 ]] ; then
+            echo "Error: Failed to download release version"
+            exit 1
+          fi
+
+          # We check if the first characters of local and release are different i.e whether it's "v1.0.0" or "1.0.0"
+          # This is to make sure that we don't compare "v1.0.0" to "1.0.0" which would result in an upgrade
+          # And also we want to keep the version format the same in the helm chart so that it will still correspond the the docker image tag.
+          # Therefore We make sure to add or remove the "v" character when necessary
+
+          if [[ ${local:0:1} != ${release:0:1} ]] ; then
+            # Check if the first character of local is "v"
+            # In this case docker/local format is "v1.0.0" and github format is "1.0.1"
+            # We want the upgrade to be "v1.0.1" 
+            if [[ ${local:0:1} == "v" ]] ; then
+              # set upgrade to "v" followed by the value of release.
+              upgrade=v${release};
+            # Check if the first character of release is "v"  
+            # in this case docker/local format is "1.0.0" and github format is "v1.0.1"
+            # We want the upgrade to be "1.0.1"
+            elif [[ ${release:0:1} == "v" ]] ; then
+              # set upgrade to the value of release without the "v" character
+              upgrade=$(echo $release| tr -d "v")
             fi
+          fi
 
 
-            # Save how the latest release version looks in github releases to an environment variable
-            echo releaseGithub=$release >> $GITHUB_ENV
-            # Save how the latest release version looks in docker images to an environment variable
-            echo release=$upgrade >> $GITHUB_ENV
-            # Output bash exit code
-            echo exitCode=$?
+          # Save how the latest release version looks in github releases to an environment variable
+          echo releaseGithub=$release >> $GITHUB_ENV
+          # Save how the latest release version looks in docker images to an environment variable
+          echo release=$upgrade >> $GITHUB_ENV
+          # Output bash exit code
+          echo exitCode=$?
 
       - name: Check if scanner is outdated and if PR already exists
         if: ${{ env.release != env.local && env.release != null }}

diff --git a/operator/internal/telemetry/telemetry.go b/operator/internal/telemetry/telemetry.go
@@ -38,6 +38,7 @@ var officialScanTypes map[string]bool = map[string]bool{
 	"nuclei":              true,
 	"screenshooter":       true,
 	"semgrep":             true,
+	"ssh-audit":           true,
 	"ssh-scan":            true,
 	"sslyze":              true,
 	"trivy-image":         true,