Added new setup.bash which works for Python 2.x and 3.x

Author: mtesauro

setup/README.MD

@@ -0,0 +1,116 @@
+## Documentation on setup.bash 
+
+The bash script setup.bash was created to automate installation of Defect Dojo and allow for the following install situations to be automated:
+
+### Supported Installs
+
+* Single Server - simplest DefectDojo install where DefectDojo, Dojo dependencies and 3rd party services are installed on a single server. [default install]
+* Dev Install - install for local development where a Single Server install is run with credentials and other passwords set to known values.  
+* Stand-alone Server - install DefectDojo & Dojo dependencies only where 3rd party services (database) is running on other infrastructure.
+* ? Docker Single Server - a Single Server install where DefectDojo, Dojo dependencies and 3rd party services are installed in a single container
+* ? Docker Stand-alone - a Stand-alone Server install DefectDojo & Dojo dependencies only are installed in a single container.  
+
+Note: Cloning the DefectDojo repo and running ./setup.bash does a single server interactive install.  Doing other install methods requires setting configuration values and/or using command-line options.  
+
+### TDB install situations
+
+* Docker Dev Install - a dev install that uses docker + a mounted local directory structure to isolate dojo code from the rest of the run-time.
+* Fronted Dojo Installs - a install of DefectDojo where a separate HTTP server answers the initial requests for DefectDojo such as using Nginx upstream of DefectDojo
+
+### Assumptions
+
+All installs make these assumption:
+
+* DefectDojo will be run in a virtualenv
+* All installs support an interactive and non-interactive install methods
+* All installation configuration lives in ./dojo/settings/template-env
+* * Running setup.bash without editing template-env assumes a single-server install.
+* * Running setup.bash without editing template-env non-interactively assumes a single-server install with MySQL
+* Any install configuration variable can be overridden by setting an environmental variable
+* One of the following OSes is used as the base for the install
+* * Ubuntu Linux - officially supported versions: 16.04 LTS, 18.04 LTS
+* * CentOS - officially supported versions: ?
+* * Mac OS X - officially supported versions: ?
+
+### Definitions
+
+* DefectDojo - the source code and supporting files for DefectDojo contained in the Github repo at https://github.com/DefectDojo/django-DefectDojo
+* Dojo dependencies - any additional software, libraries or services needed to install and run the software in the DefectDojo repo.  This includes Django and other pip packages, celery workers, and any binaries required to run DefectDojo such as wkhtmltopdf
+* 3rd party services - additional services not maintained by DefectDojo but needed to run DefectDojo - currently a database
+
+### Command-line options
+
+```
+ ./setup.bash --help
+Usage: ./setup.bash [OPTION]...
+
+Install DefectDojo in an interactive (default) or non-interactive method
+
+Options:
+  -h or --help             Display this help message and exit with a status code of 0
+  -n or --non-interactive  Run install non-interactivity e.g. for Dockerfiles or automation
+
+Note: No options are required, all are optional
+```
+
+### Installer details
+
+setup.bash relies on the following files and directory structure:
+
+```
+setup.bash => the main install program
+├── scripts
+    ├── common
+        ├── config-vars.sh
+        ├── cmd-args.sh
+        ├── prompt.sh
+```
+
+Install configuration is in config-vars.sh contains the following install options and default values:
+
+**Format for this list:** *install option* [default value] - *definition*
+
+* PROMPT [true] - Run the install in interactive mode aka prompt the user for config values
+* DB_TYPE [MySQL] - The database type to be used by DefectDojo
+* DB_LOCAL [true] - Boolean for if the database is installed locally aka on the same OS as DefectDojo
+* DB_EXISTS [false] - Boolean for if the database already exists for DefectDojo to use aka doesn't need to be installed
+* DB_NAME [dojodb] - Name of the database created to store DefectDojo data
+* DB_USER [dojodbusr] - Database username used to access the DefectDojo database
+* DB_PASS [vee0Thoanae1daePooz0ieka] - Default password used only for Dev installs, otherwise a random 24 character password is created at install time
+* DB_HOST [localhost] - Database hostname where the DefectDojo database is located
+* DB_PORT [3306] - Port database is listening on, default port is for the default database MySQL
+* DB_DROP_EXISTING [true] - If the database name already exists in database server for DefectDojo, drop that database if this is true.  If false and a database name match occurs, throw an error and exit the installer.
+* OS_USER=${OS_USER:-"dojo-srv"}
+* OS_PASS=${OS_PASS:-"wahlieboojoKa8aitheibai3"}
+* OS_GROUP=${OS_GROUP:-"dojo-srv"}
+* INSTALL_ROOT=${INSTALL_ROOT:-"/opt/dojo"}
+* DOJO_SOURCE=${DOJO_SOURCE:-"$INSTALL_ROOT/django-DefectDojo"}
+* DOJO_FILES=${DOJO_FILES:-"$INSTALL_ROOT/local"}
+* MEDIA_ROOT=${MEDIA_ROOT:-"$DOJO_FILES/media"}
+* STATIC_ROOT=${STATIC_ROOT:-"$DOJO_FILES/static"}
+* ADMIN_USER=${ADMIN_USER:-"admin"}
+* ADMIN_PASS=${ADMIN_PASS:-"admin"}
+* ADMIN_EMAIL=${ADMIN_EMAIL:-"[email protected]"}
+
+Configuration items for setup.py are in template-env in ./dojo/settings/ and contain
+
+* 
+
+### Installers workflow
+
+1. Check for command-line arguments, if none, do an interactive single server install
+2. Check for install OS
+3. Bootstrap any software needed by the install process
+4. Install Dojo dependencies
+5. Install 3rd party services
+
+
+### Installer Bash variables
+
+* SETUP_BASE : The full path to where the setup.bash file is located e.g ./setup if starting from the Dojo repository root
+* REPO_BASE : The full path to where the DefectDojo source was cloned usually /opt/dojo/django-DefectDojo
+* LIB_PATH : The full path to where the configuration values and libraries are for the DefectDojo installer which is SETUP_BASE + /scripts/common/
+* DB_TYPPE : The database type DefectDojo will use - currently either SQLite, MySQL or PostgreSQL
+* 
+
+

setup/mysql.txt

@@ -0,0 +1,5 @@
+# Pip installs needed for MySQL DB support
+-r requirements.txt
+mysqlclient==1.3.12
+#mysqlclient==1.4.1
+mysql-connector-python==8.0.14

setup/postgresql.txt

@@ -0,0 +1,3 @@
+# Pip installs needed for PostgreSQL DB support 
+-r requirements.txt
+psycopg2-binary==2.7.5

setup/requirements-2.txt

@@ -0,0 +1,50 @@
+# requirements.txt for DefectDojo using Python 2.x
+asteval==0.9.12
+bleach>=3.1.0
+bleach-whitelist>=0.0.10
+celery==4.2.1
+coverage==4.5.1
+defusedxml==0.5.0
+django_celery_results==1.0.4
+django-auditlog==0.4.5
+django-custom-field==2.9
+django-dbbackup>=3.2.0
+django-environ==0.4.5
+django-filter==1.0.4
+django-imagekit==4.0.2
+django-multiselectfield==0.1.8
+django-overextends==0.4.3
+django-polymorphic==1.2
+django-rest-swagger==2.1.2
+django-slack==5.11.1
+django-tagging==0.4.6
+django-taggit-serializer==0.1.7
+django-tastypie-swagger==0.1.4
+django-tastypie==0.14.0
+django-watson==1.5.2
+Django==1.11.20
+djangorestframework==3.7.7
+gunicorn==19.7.1
+html2text==2018.1.9
+humanize==0.5.1
+jira==1.0.13
+lxml==4.2.5
+Markdown==3.0.1
+mysqlclient==1.3.12
+pandas>=0.22.0
+pdfkit==0.6.1
+Pillow==5.0.0  # required by django-imagekit
+psycopg2-binary==2.7.5
+pycrypto==2.6.1
+pygments==2.2.0
+python-dateutil==2.6.0
+python-nmap==0.6.1
+pytz==2017.3
+redis==3.2.0
+requests>=2.2.1
+sqlalchemy  # Required by Celery broker transport
+supervisor==3.3.3
+urllib3==1.24
+uWSGI==2.0.18
+vobject==0.9.5
+whitenoise>=4.0

setup/requirements-3.txt

@@ -0,0 +1,50 @@
+# requirements.txt for DefectDojo using Python 3.x
+celery==4.3.0rc2 # updated from 4.1.1 for django 2.1.5, rc because of a bug in 4.2.1: https://github.com/celery/celery/issues/4849
+coverage==4.5.1
+defusedxml==0.5.0
+Django==2.0.10 # updated from 1.11.16
+django-auditlog==0.4.5
+git+https://[email protected]/Maffooch/django-custom-field.git
+django-filter==1.0.4
+django-imagekit==4.0.2
+django-multiselectfield==0.1.8
+# May not be needed - though ~may~ require some code changes
+# See: https://github.com/stephenmcd/django-overextends/issues/36
+#      and https://code.djangoproject.com/ticket/15053
+django-overextends==0.4.3  # Required for extensions # No Django 2.0 Support
+django-polymorphic==2.0 # updated from 1.2 for django 2.1.5
+django-slack==5.11.1
+django-rest-swagger==2.1.2
+django-tagging==0.4.6
+django-tastypie==0.14.2 # updated from 0.14.0
+git+https://[email protected]/Maffooch/django-tastypie-swagger.git
+django-watson==1.5.2
+django-rest-swagger==2.1.2
+djangorestframework==3.9.0
+gunicorn==19.7.1
+html2text==2018.1.9
+humanize==0.5.1
+jira==1.0.13
+lxml==4.1.1
+# TODO mysql-connector-python==8.0.14 # Needs to have the following somewhere : DD_DATABASE_URL=mysql.connector.django://user:[email protected]:3306/dojodb3
+pdfkit==0.6.1
+Pillow==5.0.0  # required by django-imagekit
+# TODO psycopg2-binary==2.7.5
+pycrypto==2.6.1
+python-dateutil==2.6.0 # downgraded from 2.6.1 to work with django-auditlog 0.4.5
+python-nmap==0.6.1
+pytz==2018.9
+requests>=2.2.1
+sqlalchemy==1.2.17  # Required by Celery broker transport
+urllib3==1.22
+vobject==0.9.5
+asteval==0.9.12
+Markdown==3.0.1
+pandas>=0.22.0
+django-dbbackup>=3.2.0
+django-markdownx>=2.0.23
+django-environ==0.4.5
+django-taggit-serializer==0.1.7
+whitenoise>=4.0
+django-environ==0.4.5
+pygments==2.2.0

setup/scripts/common/cmd-args.sh

@@ -0,0 +1,48 @@
+# DefectDojo install 'library' to handle command-line arguments
+#
+
+function help() {
+    echo "Usage: $0 [OPTION]..."
+    echo ""
+    echo "Install DefectDojo in an interactive (default) or non-interactive method"
+    echo ""
+    echo "Options:"
+    echo "  -h or --help             Display this help message and exit with a status code of 0"
+    echo "  -n or --non-interactive  Run install non-interactivity e.g. for Dockerfiles or automation"
+    echo ""
+    echo "Note: No options are required, all are optional"
+}
+
+function welcome_msg() {
+    echo ""
+ 	echo "        ____       ____          __     ____          _      "
+	echo "       / __ \___  / __/__  _____/ /_   / __ \____    (_)___  "
+	echo "      / / / / _ \/ /_/ _ \/ ___/ __/  / / / / __ \  / / __ \ "
+	echo "     / /_/ /  __/ __/  __/ /__/ /_   / /_/ / /_/ / / / /_/ / "
+	echo "    /_____/\___/_/  \___/\___/\__/  /_____/\____/_/ /\____/  "
+	echo "                                               /___/         "
+    echo ""
+	echo " Welcome to DefectDojo! This is a quick script to get you up and running."
+	echo " For more info on how ${0##*/} does an install, see:"
+	echo "   https://github.com/DefectDojo/django-DefectDojo/tree/master/setup"
+	echo ""
+}
+
+function read_cmd_args() {
+    # Check the arguments sent to setup.bash
+    # from: https://stackoverflow.com/questions/192249/how-do-i-parse-command-line-arguments-in-bash Method #1
+    for i in ${BASH_ARGV[*]}
+	  do
+	    case $i in
+	      -h|--help)
+	      help
+	      exit 0
+	      ;;
+	      -n|--non-interactive)
+	      PROMPT=false
+	      ;;
+	    esac
+	done
+
+    welcome_msg
+}