Installation:
git clone https://github.com/DefectDojo/django-DefectDojo cd django-DefectDojo # building docker-compose build # running docker-compose up # obtain admin credentials docker-compose logs initializer | grep "Admin password:"
To change Port :
Edit docker-compose.yml file and update published port value , before doing docker-compose up
now do docker-compose up and navigate to http://localhost:8888
Running docker in https: ( automatically created certificate)
run below in the defect dojo directory:
rm -f docker-compose.override.yml
ln -s docker-compose.override.https.yml docker-compose.override.yml
docker-compose up
Navigate to https://localhost:8443 ( If thats what set in docker compose.yml)
https using already exciting certificate:
edit dockerfile.nginx and below line of code after the mkdir
After:
RUN \ apk add --no-cache openssl && \ chmod -R g=u /var/cache/nginx && \ mkdir /var/run/defectdojo && \ chmod -R g=u /var/run/defectdojo && \ mkdir -p /etc/nginx/ssl && \ chmod -R g=u /etc/nginx && \ true
Add :
Note: syntax is COPY SRC SRC DEST
i had cert under currentdirectory/nginx , make sure you name crt and key as nginx.crt and nginx.key
COPY nginx/nginx.crt nginx/nginx.key /etc/nginx/ssl/
Now rebuild using docker-compose build and start using docker-compose up
Getting Started:
Create Product type : The main title : Eg Dublin Office Space
Create Product: : Actual product : eg : JuiceShop
Create Engagement: The activity carried out , Eg Continous security scanning
Now use below python code (Shell script):
!/usr/bin/python3
import the package
from defectdojo_api import defectdojo_apiv2 as defectdojo
import os
import sys
import pathlib
api_key = os.getenv("DefectDojoToken")
path = str(pathlib.Path().absolute())
setup DefectDojo connection information
host = "https://localhost:8443/"
user = "admin"
instantiate the DefectDojo api wrapper
dd = defectdojo.DefectDojoAPIv2(host, api_key, user, debug=True, verify_ssl=False)
time = os.getenv("BUILD_TIMESTAMP")
time = time.split(" ", 1)
time = time[0]
a = dd.upload_scan(
1,
"Retire.js Scan",
"../retire_Scan/target/retire_scan.json",
active="True",
verified="True",
tags="praveen",
close_old_findings="True",
skip_duplicates="True",
scan_date=time,
)
if a.response_code != 201:
sys.exit(1)
a = dd.upload_scan(
1,
"Snyk Scan",
"../snyk_Scan/snyk.json",
active="True",
verified="True",
tags="praveen",
close_old_findings="True",
skip_duplicates="True",
scan_date=time,
)
if a.response_code != 201:
sys.exit(1)
a = dd.upload_scan(
1,
"SonarQube Scan detailed",
"../Sonarqube_scan/sonar-report.html",
active="True",
verified="True",
tags="praveen",
close_old_findings="True",
skip_duplicates="True",
scan_date=time,
)
if a.response_code != 201:
sys.exit(1)
a = dd.upload_scan(
1,
"ZAP Scan",
"../Zap_Scan/reports/JENKINS_ZAP_VULNERABILITY_REPORT.xml",
active="True",
verified="True",
tags="praveen",
close_old_findings="True",
skip_duplicates="True",
scan_date=time,
)
if a.response_code != 201:
sys.exit(1)
Learn with praveen 