Merge pull request #77 from mpast/bug-fix-dd-export-issue-73

chore: improve error management in defect dojo export

.dockerignore

@@ -1,13 +1,11 @@
 # Ignore the logs
 app/logs/
-rabbitmq/logs/
+# Ignore rabbitmq and nginx
+rabbitmq
+nginx
 
 # Ignore apk directory
 app/media/apk
 
 # Ignoring git folders
-.git
-
-# Ignore certificates
-nginx/ssl/nginx.crt
-nginx/ssl/nginx.key
+.git

.gitignore

@@ -1,7 +1,9 @@
 *.DS_Store
 .env
+.vscode
 app/logs/*
 rabbitmq/logs/*
+nginx/logs/*
 app/media/*
 *.sqlite3
 *.sqlite

Dockerfile

@@ -1,69 +1,69 @@
-FROM python:3.9.7-buster@sha256:79a631c93960c5919f27f3403e734ec19b130008370a5f902141bcff2e6d6f4c
-# Update and package installation
-RUN apt-get update && \
-	apt-get clean && \
-	apt-get install -y ca-certificates-java --no-install-recommends && \
-	apt-get clean
-
-RUN apt-get update && \
-	apt-get install -y openjdk-11-jdk p11-kit wkhtmltopdf libqt5gui5 && \
-	apt-get install -y  && \
-	apt-get clean && \
-	update-ca-certificates -f
-
-# Get JADX Tool
-ENV JADX_VERSION 1.4.5
-
-RUN \
-    wget "https://github.com/skylot/jadx/releases/download/v$JADX_VERSION/jadx-$JADX_VERSION.zip" && \
-    unzip "jadx-$JADX_VERSION.zip"
-
-# Create user
-ARG uid=1000
-ARG gid=1000
-ARG user=app
-ARG group=app
-
-RUN groupadd -g ${gid} ${group} \
-        && useradd -u ${uid} -g ${group} -s /bin/sh ${user}
-
-# Copy entrypoints
-COPY entrypoint/web_entrypoint.sh \
-    entrypoint/worker_entrypoint.sh /
-
-RUN chown ${uid}:${gid} /web_entrypoint.sh /worker_entrypoint.sh && \
-        chmod u+x /web_entrypoint.sh /worker_entrypoint.sh
-
-# Create a directory in the container in /app
-RUN mkdir /app
-# Copy all to /app directory
-COPY . /app
-
-# Use /app as the workdir
-WORKDIR /app
-
-
-# Upgrade pip and install python dependencies
-RUN pip install --upgrade pip \
-	&& pip install -r requirements.txt
-
-# Encoding configuration
-ENV LANG en_US.UTF-8
-ENV LANGUAGE en_US:en
-ENV PYTHONIOENCODING utf8
-
-# Logs
-RUN mkdir -p app/logs
-RUN touch app/logs/debug.log
-
-# RabbitMQ directory
-RUN mkdir -p rabbitmq/logs
-
-# Set the permissions to the user
-RUN chown -R ${uid}:${gid} /app
-
-# Run the container as non-root user
-USER ${uid}
-
-# Expose the 8000 port
-EXPOSE 8000
+FROM python:3.9.7-buster@sha256:79a631c93960c5919f27f3403e734ec19b130008370a5f902141bcff2e6d6f4c
+# Update and package installation
+RUN apt-get update && \
+	apt-get clean && \
+	apt-get install -y ca-certificates-java --no-install-recommends && \
+	apt-get clean
+
+RUN apt-get update && \
+	apt-get install -y openjdk-11-jdk p11-kit wkhtmltopdf libqt5gui5 && \
+	apt-get install -y  && \
+	apt-get clean && \
+	update-ca-certificates -f
+
+# Get JADX Tool
+ENV JADX_VERSION 1.4.5
+
+RUN \
+    wget "https://github.com/skylot/jadx/releases/download/v$JADX_VERSION/jadx-$JADX_VERSION.zip" && \
+    unzip "jadx-$JADX_VERSION.zip"
+
+# Create user
+ARG uid=1000
+ARG gid=1000
+ARG user=app
+ARG group=app
+
+RUN groupadd -g ${gid} ${group} \
+        && useradd -u ${uid} -g ${group} -s /bin/sh ${user}
+
+# Copy entrypoints
+COPY entrypoint/web_entrypoint.sh \
+    entrypoint/worker_entrypoint.sh /
+
+RUN chown ${uid}:${gid} /web_entrypoint.sh /worker_entrypoint.sh && \
+        chmod u+x /web_entrypoint.sh /worker_entrypoint.sh
+
+# Create a directory in the container in /app
+RUN mkdir /app
+# Copy all to /app directory
+COPY . /app
+
+# Use /app as the workdir
+WORKDIR /app
+
+
+# Upgrade pip and install python dependencies
+RUN pip install --upgrade pip \
+	&& pip install -r requirements.txt
+
+# Encoding configuration
+ENV LANG en_US.UTF-8
+ENV LANGUAGE en_US:en
+ENV PYTHONIOENCODING utf8
+
+# Logs
+RUN mkdir -p app/logs
+RUN touch app/logs/debug.log
+
+# RabbitMQ directory
+RUN mkdir -p rabbitmq/logs
+
+# Set the permissions to the user
+RUN chown -R ${uid}:${gid} /app
+
+# Run the container as non-root user
+USER ${uid}
+
+# Expose the 8000 port
+EXPOSE 8000

app/config/urls.py

@@ -18,7 +18,6 @@
         license=openapi.License(name="GNU v3"),
     ),
     public=True,
-    url="http://localhost:8888/api/v1/"
 )
 
 # API router

app/integration.py

@@ -173,7 +173,7 @@ def create_finding_on_dojo(finding):
         'date': finding.created_on.strftime("%Y-%m-%d"),
         #'product': product_id,
         #'engagement': engagement_id,
-        'test': finding.scan.defectdojo_id,
+        'test': finding.scan.defectdojo_id if finding.scan.defectdojo_id else 1,
         'impact': "N/A",
         'active': True,
         #'verified': verified,
@@ -223,8 +223,10 @@ def create_finding_on_dojo(finding):
         response = requests.post(settings.DEFECTDOJO_API_URL + 'findings/', data = json_data, headers = headers, verify = False)
         json_response = response.json()
         logger.debug(json_response)
-        if (json_response['id']):
+        if ('id' in json_response and json_response['id']):
             finding.defectdojo_id = json_response['id']
             finding.save()
+        else:
+            logger.error(json_response)
     except Exception as e:
         logger.error(e)

app/views.py

@@ -88,7 +88,7 @@ def home(request):
         try:
             scans_data[scan.id]['antivirus'] = VirusTotalScan.objects.filter(scan=scan.id).latest('created_on')
         except Exception as e:
-            logger.error(e)
+            logger.debug(e)
 
     return render(request, 'home.html', {
         'apps': apps,
@@ -285,7 +285,7 @@ def findings(request, scan_id=''):
                     if (push_dojo and settings.DEFECTDOJO_ENABLED):
                         analysis.create_finding_on_dojo(f)
             except Exception as e:
-                logger.error(e)
+                logger.debug(e)
         if (edit and ok):
             messages.success(request, 'Edited successfully')
     else:

docker-compose.prod.yaml

@@ -35,6 +35,7 @@ services:
       - .:/app
       - ./nginx/app_tls.conf:/etc/nginx/conf.d/app_tls.conf
       - ./nginx/ssl:/etc/nginx/ssl
+      - ./nginx/logs:/var/log/nginx
     depends_on:
       - web
     restart: on-failure

docker-compose.yaml

@@ -34,6 +34,7 @@ services:
     volumes:
       - .:/app
       - ./nginx/app.conf:/etc/nginx/conf.d/app.conf
+      - ./nginx/logs:/var/log/nginx
     depends_on:
       - web
     restart: on-failure

nginx/app.conf

@@ -4,6 +4,9 @@ upstream web {
 
 server {   
 
+    access_log                /var/log/nginx/access.log;
+    error_log                 /var/log/nginx/error.log;
+
     client_max_body_size 300M;
     uwsgi_connect_timeout 500;
     uwsgi_read_timeout 500;

nginx/app_tls.conf

@@ -3,6 +3,9 @@ upstream app {
 }
 
 server {
+    access_log                /var/log/nginx/access.log;
+    error_log                 /var/log/nginx/error.log;
+
     ssl_certificate /etc/nginx/ssl/nginx.crt;
     ssl_certificate_key /etc/nginx/ssl/nginx.key;