Merge branch 'dev' into probes

DefectDojo · Aug 12, 2024 · 0b71404 · 0b71404
2 parents ad4a293 + b581834
commit 0b71404
Show file tree

Hide file tree

Showing 733 changed files with 29,465 additions and 20,970 deletions.
diff --git a/.flake8 b/.flake8
diff --git a/.github/renovate.json b/.github/renovate.json
@@ -6,7 +6,8 @@
   "dependencyDashboardApproval": false,
   "baseBranches": ["dev"],
   "rebaseWhen": "conflicted",
-  "ignorePaths": ["requirements.txt", "components/package.json", "components/package-lock.json", "dojo/components/yarn.lock", "dojo/components/package.json", "Dockerfile**"],
+  "ignorePaths": ["requirements.txt", "requirements-lint.txt", "components/package.json", "components/package-lock.json", "dojo/components/yarn.lock", "dojo/components/package.json", "Dockerfile**"],
+  "ignoreDeps": [],
   "packageRules": [{
     "packagePatterns": ["*"],
     "commitMessageExtra": "from {{currentVersion}} to {{#if isMajor}}v{{{newMajor}}}{{else}}{{#if isSingleVersion}}v{{{toVersion}}}{{else}}{{{newValue}}}{{/if}}{{/if}}",

diff --git a/.github/workflows/fetch-oas.yml b/.github/workflows/fetch-oas.yml
@@ -33,7 +33,7 @@ jobs:
              docker images
 
       - name: Start Dojo
-        run: docker compose --profile postgres-redis --env-file ./docker/environments/postgres-redis.env up --no-deps -d postgres nginx uwsgi
+        run: docker compose up --no-deps -d postgres nginx uwsgi
         env:
           DJANGO_VERSION: ${{ env.release_version }}-alpine
           NGINX_VERSION: ${{ env.release_version }}-alpine
@@ -44,11 +44,11 @@ jobs:
 
       - name: Logs
         if: always()
-        run: docker compose --profile postgres-redis --env-file ./docker/environments/postgres-redis.env logs --tail="2500"
+        run: docker compose logs --tail="2500"
 
       - name: Shutdown
         if: always()
-        run: docker compose --profile postgres-redis --env-file ./docker/environments/postgres-redis.env down
+        run: docker compose down
 
       - name: Upload oas.${{ matrix.file-type }} as artifact
         uses:  actions/upload-artifact@v3

diff --git a/.github/workflows/flake8.yml b/.github/workflows/flake8.yml
diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml
@@ -36,7 +36,6 @@ jobs:
           "tests/tool_config.py",
           "openapi-validatator",
         ]
-        profile: ["postgres-rabbitmq", "postgres-redis"]
         os: [alpine, debian]
       fail-fast: false
 
@@ -59,39 +58,30 @@ jobs:
       - name: Set integration-test mode
         run: ln -s docker-compose.override.integration_tests.yml docker-compose.override.yml
 
-      # phased startup with PostgreSQL and RabbitMQ so we can use the exit code from integrationtest container
-      - name: Start Dojo PostgreSQL + RabbitMQ
-        if: matrix.profile == 'postgres-rabbitmq'
-        run: docker compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env up --no-deps -d postgres nginx celerybeat celeryworker mailhog uwsgi rabbitmq
-        env:
-          DJANGO_VERSION: ${{ matrix.os }}
-          NGINX_VERSION: ${{ matrix.os }}
-
-      - name: Start Dojo PostgreSQL + Redis
-        if: matrix.profile == 'postgres-redis'
-        run: docker compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env up --no-deps -d postgres nginx celerybeat celeryworker mailhog uwsgi redis
+      - name: Start Dojo 
+        run: docker compose up --no-deps -d postgres nginx celerybeat celeryworker mailhog uwsgi redis
         env:
           DJANGO_VERSION: ${{ matrix.os }}
           NGINX_VERSION: ${{ matrix.os }}
 
       - name: Initialize
         timeout-minutes: 10
-        run: docker compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env up --no-deps --exit-code-from initializer initializer
+        run: docker compose up --no-deps --exit-code-from initializer initializer
         env:
           DJANGO_VERSION: ${{ matrix.os }}
           NGINX_VERSION: ${{ matrix.os }}
 
       - name: Integration tests
         timeout-minutes: 10
-        run: docker compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env up --no-deps --exit-code-from integration-tests integration-tests
+        run: docker compose up --no-deps --exit-code-from integration-tests integration-tests
         env:
           DD_INTEGRATION_TEST_FILENAME: ${{ matrix.test-case }}
           INTEGRATION_TESTS_VERSION: debian
 
       - name: Logs
         if: always()
-        run: docker compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env logs --tail="2500"
+        run: docker compose logs --tail="2500"
 
       - name: Shutdown
         if: always()
-        run: docker compose --profile ${{ matrix.profile }} --env-file ./docker/environments/${{ matrix.profile }}.env down
+        run: docker compose down
diff --git a/.github/workflows/k8s-tests.yml b/.github/workflows/k8s-tests.yml
@@ -5,28 +5,14 @@ on:
 
 env:
   DD_HOSTNAME: defectdojo.default.minikube.local
-  HELM_RABBIT_BROKER_SETTINGS: " \
-    --set redis.enabled=false \
-    --set rabbitmq.enabled=true \
-    --set celery.broker=rabbitmq \
-    --set createRabbitMqSecret=true \
-    "
   HELM_REDIS_BROKER_SETTINGS: " \
     --set redis.enabled=true \
-    --set rabbitmq.enabled=false \
     --set celery.broker=redis \
     --set createRedisSecret=true \
     "
-  HELM_MYSQL_DATABASE_SETTINGS: " \
-    --set database=mysql \
-    --set postgresql.enabled=false \
-    --set mysql.enabled=true \
-    --set createMysqlSecret=true \
-    "
   HELM_PG_DATABASE_SETTINGS: " \
     --set database=postgresql \
     --set postgresql.enabled=true \
-    --set mysql.enabled=false \
     --set createPostgresqlSecret=true \
    "
 jobs:
@@ -44,23 +30,6 @@ jobs:
             brokers: redis
             k8s: 'v1.26.11'
             os: debian
-          - databases: mysql
-            brokers: rabbit
-            k8s: 'v1.26.11'
-            os: debian
-          - databases: pgsql
-            brokers: rabbit
-            k8s: 'v1.29.2'
-            os: debian
-          - databases: mysql
-            brokers: redis
-            k8s: 'v1.29.2'
-            os: debian
-          - databases: pgsql
-            brokers: rabbit
-            k8s: 'v1.29.2'
-            os: alpine
-
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -99,9 +68,7 @@ jobs:
         id: set
         run: |-
               echo "pgsql=${{ env.HELM_PG_DATABASE_SETTINGS }}" >> $GITHUB_ENV
-              echo "mysql=${{ env.HELM_MYSQL_DATABASE_SETTINGS }}" >> $GITHUB_ENV
               echo "redis=${{ env.HELM_REDIS_BROKER_SETTINGS }}" >> $GITHUB_ENV
-              echo "rabbit=${{ env.HELM_RABBIT_BROKER_SETTINGS }}" >> $GITHUB_ENV
 
       - name: Deploying Djano application with ${{ matrix.databases }} ${{ matrix.brokers }}
         timeout-minutes: 10 

diff --git a/.github/workflows/refresh_helm_lock_file.yaml b/.github/workflows/refresh_helm_lock_file.yaml
diff --git a/.github/workflows/release-1-create-pr.yml b/.github/workflows/release-1-create-pr.yml
@@ -51,9 +51,9 @@ jobs:
 
       - name: Update version numbers in key files
         run: |
-          sed -ri "s/__version__ = '.*'/__version__ = '${{ github.event.inputs.release_number }}'/" dojo/__init__.py
-          sed -ri "s/\"version\": \".*\"/\"version\": \"${{ github.event.inputs.release_number }}\"/" components/package.json
-          sed -ri "s/appVersion: \".*\"/appVersion: \"${{ github.event.inputs.release_number }}\"/" helm/defectdojo/Chart.yaml
+          sed -ri 's/__version__ = ".*"/__version__ = "${{ github.event.inputs.release_number }}"/' dojo/__init__.py
+          sed -ri 's/"version": ".*"/"version": "${{ github.event.inputs.release_number }}"/' components/package.json
+          sed -ri 's/appVersion: ".*"/appVersion: "${{ github.event.inputs.release_number }}"/' helm/defectdojo/Chart.yaml
 
           if grep "\-dev" helm/defectdojo/Chart.yaml; then
               echo "x.y.z-dev found in Chart.yaml, probably releasing a new minor version"

diff --git a/.github/workflows/release-3-master-into-dev.yml b/.github/workflows/release-3-master-into-dev.yml
@@ -44,9 +44,9 @@ jobs:
 
       - name: Update version numbers in key files
         run: |
-          sed -ri "s/__version__ = '.*'/__version__ = '${{ github.event.inputs.release_number_dev }}'/" dojo/__init__.py
-          sed -ri "s/appVersion: \".*\"/appVersion: \"${{ github.event.inputs.release_number_dev }}\"/" helm/defectdojo/Chart.yaml
-          sed -ri "s/\"version\": \".*\"/\"version\": \"${{ github.event.inputs.release_number_dev }}\"/" components/package.json
+          sed -ri 's/__version__ = ".*"/__version__ = "${{ github.event.inputs.release_number_dev }}"/' dojo/__init__.py
+          sed -ri 's/"version": ".*"/"version": "${{ github.event.inputs.release_number_dev }}"/' components/package.json
+          sed -ri 's/appVersion: ".*"/appVersion: "${{ github.event.inputs.release_number_dev }}"/' helm/defectdojo/Chart.yaml
           CURRENT_CHART_VERSION=$(grep -oP 'version: (\K\S*)?' helm/defectdojo/Chart.yaml | head -1)
           sed -ri "0,/version/s/version: \S+/$(echo "version: $CURRENT_CHART_VERSION" | awk -F. -v OFS=. 'NF==1{print ++$NF}; NF>1{$NF=sprintf("%0*d", length($NF), ($NF+1)); print}')-dev/" helm/defectdojo/Chart.yaml
       

diff --git a/.github/workflows/rest-framework-tests.yml b/.github/workflows/rest-framework-tests.yml
@@ -35,19 +35,19 @@ jobs:
 
       # phased startup so we can use the exit code from unit test container
       - name: Start Postgres
-        run: docker compose --env-file ./docker/environments/postgres-redis.env up -d postgres
+        run: docker compose up -d postgres
 
       # no celery or initializer needed for unit tests
       - name: Unit tests
         timeout-minutes: 10
-        run: docker compose --profile postgres-redis --env-file ./docker/environments/postgres-redis.env up --no-deps --exit-code-from uwsgi uwsgi
+        run: docker compose up --no-deps --exit-code-from uwsgi uwsgi
         env:
           DJANGO_VERSION: ${{ matrix.os }}
 
       - name: Logs
         if: failure()
-        run: docker compose --profile postgres-redis --env-file ./docker/environments/postgres-redis.env logs --tail="2500" uwsgi
+        run: docker compose logs --tail="2500" uwsgi
 
       - name: Shutdown
         if: always()
-        run: docker compose --profile postgres-redis --env-file ./docker/environments/postgres-redis.env down
+        run: docker compose down
diff --git a/.github/workflows/ruff.yml b/.github/workflows/ruff.yml
@@ -2,31 +2,13 @@ name: Ruff Linter
 
 on:
   workflow_dispatch:
-  pull_request_target:
   push:
-
+  pull_request:
 jobs:
   ruff-linting:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        if: github.event_name == 'pull_request' || github.event_name == 'pull_request_target'
-        uses: actions/checkout@v4
-        # by default the pull_requst_target event checks out the base branch, i.e. dev
-        # so we need to explicitly checkout the head of the PR
-        # we use fetch-depth 0 to make sure the full history is checked out and we can compare against
-        # the base commit (branch) of the PR
-        # more info https://github.community/t/github-actions-are-severely-limited-on-prs/18179/16
-        # we checkout merge_commit here as this contains all new code from dev also. we don't need to compare against base_commit
-        with:
-          persist-credentials: false
-          fetch-depth: 0
-          ref: refs/pull/${{ github.event.pull_request.number }}/merge
-          # repository: ${{github.event.pull_request.head.repo.full_name}}
-
-      - name: Checkout
-        # for non PR runs we just checkout the default, which is a sha on a branch probably
-        if: github.event_name != 'pull_request' && github.event_name != 'pull_request_target'
         uses: actions/checkout@v4
 
       - name: Install Ruff Linter