Skip to content

Commit 2af278b

Browse files
aaronweaveraaronweaver
authored
Merge pull request #972 from DefectDojo/dev
Container fix, helm secrets and memory optimizations
2 parents daf9e3b + 5be3658 commit 2af278b

File tree

15 files changed

+73
-64
lines changed

15 files changed

+73
-64
lines changed

.travis.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,10 @@ env:
1616
- BROKER=redis DATABASE=postgresql
1717
- TEST=flake8
1818
- TEST=docker
19+
- TEST=snyk
20+
matrix:
21+
allow_failures:
22+
- env: TEST=snyk
1923
before_install: ['./travis/before-install.sh']
2024
before_script: ['./travis/before-script.sh']
2125
script: ['./travis/script.sh']

Dockerfile.django

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
1+
12
# code: language=Dockerfile
23
FROM python:2
34
WORKDIR /app
@@ -58,5 +59,6 @@ ENV \
5859
DD_CREDENTIAL_AES_256_KEY="&91a*agLqesc*0DJ+2*bAbsUZfR*4nLw" \
5960
DD_INITIALIZE=true \
6061
DD_UWSGI_MODE="socket" \
61-
DD_UWSGI_ENDPOINT="0.0.0.0:3031"
62-
ENTRYPOINT ["/entrypoint-uwsgi.sh"]
62+
DD_UWSGI_ENDPOINT="0.0.0.0:3031" \
63+
DD_DJANGO_ADMIN_ENABLED="on"
64+
ENTRYPOINT ["/entrypoint-uwsgi.sh"]

ISSUE_TEMPLATE.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,8 +15,9 @@ Please include the version number (ex: Ubuntu 16.04)
1515

1616
### Install
1717

18-
- [ ] setup.bash
19-
- [ ] docker
18+
- [ ] Kubernetes
19+
- [ ] Docker
20+
- [ ] setup.bash / legacy-setup.bash
2021

2122
### DefectDojo Version
2223

docker/entrypoint-initializer.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ echo "Admin user: ${DD_ADMIN_USER}"
1313

1414
if [ -z "${DD_ADMIN_PASSWORD}" ]
1515
then
16-
export DD_ADMIN_PASSWORD="$(cat /dev/random | LC_ALL=C tr -dc a-zA-Z0-9 | \
16+
export DD_ADMIN_PASSWORD="$(cat /dev/urandom | LC_ALL=C tr -dc a-zA-Z0-9 | \
1717
head -c 22)"
1818
echo "Admin password: ${DD_ADMIN_PASSWORD}"
1919
fi

dojo/endpoint/views.py

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,8 @@
1111
from django.shortcuts import render, get_object_or_404
1212
from django.utils.html import escape
1313
from django.utils import timezone
14+
from django.contrib.admin.utils import NestedObjects
15+
from django.db import DEFAULT_DB_ALIAS
1416
from dojo.filters import EndpointFilter
1517
from dojo.forms import EditEndpointForm, \
1618
DeleteEndpointForm, AddEndpointForm, DojoMetaDataForm
@@ -216,13 +218,6 @@ def delete_endpoint(request, eid):
216218
product = endpoint.product
217219
form = DeleteEndpointForm(instance=endpoint)
218220

219-
from django.contrib.admin.utils import NestedObjects
220-
from django.db import DEFAULT_DB_ALIAS
221-
222-
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
223-
collector.collect([endpoint])
224-
rels = collector.nested()
225-
226221
if request.method == 'POST':
227222
if 'id' in request.POST and str(endpoint.id) == request.POST['id']:
228223
form = DeleteEndpointForm(request.POST, instance=endpoint)
@@ -235,6 +230,10 @@ def delete_endpoint(request, eid):
235230
extra_tags='alert-success')
236231
return HttpResponseRedirect(reverse('view_endpoint', args=(product.id,)))
237232

233+
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
234+
collector.collect([endpoint])
235+
rels = collector.nested()
236+
238237
product_tab = Product_Tab(endpoint.product.id, "Delete Endpoint", tab="endpoints")
239238

240239
return render(request, 'dojo/delete_endpoint.html',

dojo/engagement/views.py

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,8 @@
1616
from django.views.decorators.cache import cache_page
1717
from django.utils import timezone
1818
from time import strftime
19+
from django.contrib.admin.utils import NestedObjects
20+
from django.db import DEFAULT_DB_ALIAS
1921

2022
from dojo.filters import EngagementFilter
2123
from dojo.forms import CheckForm, \
@@ -210,13 +212,6 @@ def delete_engagement(request, eid):
210212
product = engagement.product
211213
form = DeleteEngagementForm(instance=engagement)
212214

213-
from django.contrib.admin.utils import NestedObjects
214-
from django.db import DEFAULT_DB_ALIAS
215-
216-
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
217-
collector.collect([engagement])
218-
rels = collector.nested()
219-
220215
if request.method == 'POST':
221216
if 'id' in request.POST and str(engagement.id) == request.POST['id']:
222217
form = DeleteEngagementForm(request.POST, instance=engagement)
@@ -230,6 +225,10 @@ def delete_engagement(request, eid):
230225
extra_tags='alert-success')
231226
return HttpResponseRedirect(reverse("view_engagements", args=(product.id, )))
232227

228+
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
229+
collector.collect([engagement])
230+
rels = collector.nested()
231+
233232
product_tab = Product_Tab(product.id, title="Delete Engagement", tab="engagements")
234233
product_tab.setEngagement(engagement)
235234
return render(request, 'dojo/delete_engagement.html', {

dojo/jira_link/views.py

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -176,10 +176,6 @@ def delete_jira(request, tid):
176176
# TODO Make Form
177177
form = DeleteJIRAConfForm(instance=jira_instance)
178178

179-
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
180-
collector.collect([jira_instance])
181-
rels = collector.nested()
182-
183179
if request.method == 'POST':
184180
if 'id' in request.POST and str(jira_instance.id) == request.POST['id']:
185181
form = DeleteJIRAConfForm(request.POST, instance=jira_instance)
@@ -191,6 +187,10 @@ def delete_jira(request, tid):
191187
extra_tags='alert-success')
192188
return HttpResponseRedirect(reverse('jira'))
193189

190+
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
191+
collector.collect([jira_instance])
192+
rels = collector.nested()
193+
194194
add_breadcrumb(title="Delete", top_level=False, request=request)
195195
return render(request, 'dojo/delete_jira.html',
196196
{'inst': jira_instance,

dojo/product/views.py

Lines changed: 10 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@
1414
from django.contrib.contenttypes.models import ContentType
1515
from django.utils import timezone
1616
from django.db.models import Sum, Count, Q
17+
from django.contrib.admin.utils import NestedObjects
18+
from django.db import DEFAULT_DB_ALIAS
1719
from dojo.filters import ProductFilter, ProductFindingFilter, EngagementFilter
1820
from dojo.forms import ProductForm, EngForm, DeleteProductForm, DojoMetaDataForm, JIRAPKeyForm, JIRAFindingForm, AdHocFindingForm, \
1921
EngagementPresetsForm, DeleteEngagementPresetsForm
@@ -533,13 +535,6 @@ def delete_product(request, pid):
533535
product = get_object_or_404(Product, pk=pid)
534536
form = DeleteProductForm(instance=product)
535537

536-
from django.contrib.admin.utils import NestedObjects
537-
from django.db import DEFAULT_DB_ALIAS
538-
539-
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
540-
collector.collect([product])
541-
rels = collector.nested()
542-
543538
if request.method == 'POST':
544539
if 'id' in request.POST and str(product.id) == request.POST['id']:
545540
form = DeleteProductForm(request.POST, instance=product)
@@ -553,6 +548,10 @@ def delete_product(request, pid):
553548
extra_tags='alert-success')
554549
return HttpResponseRedirect(reverse('product'))
555550

551+
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
552+
collector.collect([product])
553+
rels = collector.nested()
554+
556555
product_tab = Product_Tab(pid, title="Product", tab="settings")
557556
return render(request, 'dojo/delete_product.html',
558557
{'product': product,
@@ -883,13 +882,6 @@ def delete_engagement_presets(request, pid, eid):
883882
preset = get_object_or_404(Engagement_Presets, id=eid)
884883
form = DeleteEngagementPresetsForm(instance=preset)
885884

886-
from django.contrib.admin.utils import NestedObjects
887-
from django.db import DEFAULT_DB_ALIAS
888-
889-
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
890-
collector.collect([preset])
891-
rels = collector.nested()
892-
893885
if request.method == 'POST':
894886
if 'id' in request.POST:
895887
form = DeleteEngagementPresetsForm(request.POST, instance=preset)
@@ -901,6 +893,10 @@ def delete_engagement_presets(request, pid, eid):
901893
extra_tags='alert-success')
902894
return HttpResponseRedirect(reverse('engagement_presets', args=(pid,)))
903895

896+
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
897+
collector.collect([preset])
898+
rels = collector.nested()
899+
904900
product_tab = Product_Tab(pid, title="Delete Engagement Preset", tab="settings")
905901
return render(request, 'dojo/delete_presets.html',
906902
{'product': product,

dojo/rules/views.py

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,8 @@
99
from django.core.urlresolvers import reverse
1010
from django.http import HttpResponseRedirect
1111
from django.shortcuts import render, get_object_or_404
12+
from django.contrib.admin.utils import NestedObjects
13+
from django.db import DEFAULT_DB_ALIAS
1214

1315
# Local application/library imports
1416
from dojo.models import Rule,\
@@ -130,13 +132,6 @@ def delete_rule(request, tid):
130132
rule = get_object_or_404(Rule, pk=tid)
131133
form = DeleteRuleForm(instance=rule)
132134

133-
from django.contrib.admin.utils import NestedObjects
134-
from django.db import DEFAULT_DB_ALIAS
135-
136-
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
137-
collector.collect([rule])
138-
rels = collector.nested()
139-
140135
if request.method == 'POST':
141136
print >> sys.stderr, 'id' in request.POST
142137
print >> sys.stderr, str(rule.id) == request.POST['id']
@@ -155,6 +150,10 @@ def delete_rule(request, tid):
155150
extra_tags='alert-success')
156151
return HttpResponseRedirect(reverse('rules'))
157152

153+
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
154+
collector.collect([rule])
155+
rels = collector.nested()
156+
158157
add_breadcrumb(parent=rule, title="Delete", top_level=False, request=request)
159158
system_settings = System_Settings.objects.get()
160159
return render(request, 'dojo/delete_rule.html',

dojo/test/views.py

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@
1313
from django.shortcuts import render, get_object_or_404
1414
from django.views.decorators.cache import cache_page
1515
from django.utils import timezone
16+
from django.contrib.admin.utils import NestedObjects
17+
from django.db import DEFAULT_DB_ALIAS
1618

1719
from dojo.filters import TemplateFindingFilter
1820
from dojo.forms import NoteForm, TestForm, FindingForm, \
@@ -117,13 +119,6 @@ def delete_test(request, tid):
117119
eng = test.engagement
118120
form = DeleteTestForm(instance=test)
119121

120-
from django.contrib.admin.utils import NestedObjects
121-
from django.db import DEFAULT_DB_ALIAS
122-
123-
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
124-
collector.collect([test])
125-
rels = collector.nested()
126-
127122
if request.method == 'POST':
128123
if 'id' in request.POST and str(test.id) == request.POST['id']:
129124
form = DeleteTestForm(request.POST, instance=test)
@@ -136,6 +131,10 @@ def delete_test(request, tid):
136131
extra_tags='alert-success')
137132
return HttpResponseRedirect(reverse('view_engagement', args=(eng.id,)))
138133

134+
collector = NestedObjects(using=DEFAULT_DB_ALIAS)
135+
collector.collect([test])
136+
rels = collector.nested()
137+
139138
product_tab = Product_Tab(test.engagement.product.id, title="Delete Test", tab="engagements")
140139
product_tab.setEngagement(test.engagement)
141140
return render(request, 'dojo/delete_test.html',

0 commit comments

Comments
 (0)