Merge remote-tracking branch 'origin' into feat-improve-performance-s…

…can-multiline

.dockerignore

@@ -1,13 +1,11 @@
 # Ignore the logs
 app/logs/
-rabbitmq/logs/
+# Ignore rabbitmq and nginx
+rabbitmq
+nginx
 
 # Ignore apk directory
 app/media/apk
 
 # Ignoring git folders
-.git
-
-# Ignore certificates
-nginx/ssl/nginx.crt
-nginx/ssl/nginx.key
+.git

.gitignore

@@ -1,7 +1,9 @@
 *.DS_Store
 .env
+.vscode
 app/logs/*
 rabbitmq/logs/*
+nginx/logs/*
 app/media/*
 *.sqlite3
 *.sqlite

Dockerfile

@@ -6,13 +6,13 @@ RUN apt-get update && \
 	apt-get clean
 
 RUN apt-get update && \
-	apt-get install -y openjdk-11-jdk p11-kit wkhtmltopdf && \
+	apt-get install -y openjdk-11-jdk p11-kit wkhtmltopdf libqt5gui5 && \
 	apt-get install -y  && \
 	apt-get clean && \
 	update-ca-certificates -f
 
 # Get JADX Tool
-ENV JADX_VERSION 1.2.0
+ENV JADX_VERSION 1.4.5
 
 RUN \
     wget "https://github.com/skylot/jadx/releases/download/v$JADX_VERSION/jadx-$JADX_VERSION.zip" && \

app/config/urls.py

@@ -18,7 +18,6 @@
         license=openapi.License(name="GNU v3"),
     ),
     public=True,
-    url="http://localhost:8888/api/v1/"
 )
 
 # API router

app/integration.py

@@ -173,7 +173,7 @@ def create_finding_on_dojo(finding):
         'date': finding.created_on.strftime("%Y-%m-%d"),
         #'product': product_id,
         #'engagement': engagement_id,
-        'test': finding.scan.defectdojo_id,
+        'test': finding.scan.defectdojo_id if finding.scan.defectdojo_id else 1,
         'impact': "N/A",
         'active': True,
         #'verified': verified,
@@ -223,8 +223,10 @@ def create_finding_on_dojo(finding):
         response = requests.post(settings.DEFECTDOJO_API_URL + 'findings/', data = json_data, headers = headers, verify = False)
         json_response = response.json()
         logger.debug(json_response)
-        if (json_response['id']):
+        if ('id' in json_response and json_response['id']):
             finding.defectdojo_id = json_response['id']
             finding.save()
+        else:
+            logger.error(json_response)
     except Exception as e:
         logger.error(e)

app/views.py

@@ -88,7 +88,7 @@ def home(request):
         try:
             scans_data[scan.id]['antivirus'] = VirusTotalScan.objects.filter(scan=scan.id).latest('created_on')
         except Exception as e:
-            logger.error(e)
+            logger.debug(e)
 
     return render(request, 'home.html', {
         'apps': apps,
@@ -285,7 +285,7 @@ def findings(request, scan_id=''):
                     if (push_dojo and settings.DEFECTDOJO_ENABLED):
                         analysis.create_finding_on_dojo(f)
             except Exception as e:
-                logger.error(e)
+                logger.debug(e)
         if (edit and ok):
             messages.success(request, 'Edited successfully')
     else:

docker-compose.prod.yaml

@@ -35,6 +35,7 @@ services:
       - .:/app
       - ./nginx/app_tls.conf:/etc/nginx/conf.d/app_tls.conf
       - ./nginx/ssl:/etc/nginx/ssl
+      - ./nginx/logs:/var/log/nginx
     depends_on:
       - web
     restart: on-failure

docker-compose.yaml

@@ -34,6 +34,7 @@ services:
     volumes:
       - .:/app
       - ./nginx/app.conf:/etc/nginx/conf.d/app.conf
+      - ./nginx/logs:/var/log/nginx
     depends_on:
       - web
     restart: on-failure

nginx/app.conf

@@ -4,6 +4,9 @@ upstream web {
 
 server {   
 
+    access_log                /var/log/nginx/access.log;
+    error_log                 /var/log/nginx/error.log;
+
     client_max_body_size 300M;
     uwsgi_connect_timeout 500;
     uwsgi_read_timeout 500;

nginx/app_tls.conf

@@ -3,6 +3,9 @@ upstream app {
 }
 
 server {
+    access_log                /var/log/nginx/access.log;
+    error_log                 /var/log/nginx/error.log;
+
     ssl_certificate /etc/nginx/ssl/nginx.crt;
     ssl_certificate_key /etc/nginx/ssl/nginx.key;