Feature: Add Auditlog Retention and Cleanup #9208
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
settings_changes
Contextual Security AnalysisAs DryRun Security performs checks, we’ll summarize them here. You can always dive into the detailed results in the section below for checks.
Chat with your AI-powered Security Buddy by typing Install and configure more repositories at DryRun Security |
kiblik
reviewed
Dec 21, 2023
dojo/settings/settings.dist.py
Outdated
| @@ -223,7 +223,8 @@ | |||
| DD_EDITABLE_MITIGATED_DATA=(bool, False), | |||
| # new feature that tracks history across multiple reimports for the same test | |||
| DD_TRACK_IMPORT_HISTORY=(bool, True), | |||
|
|
|||
| # Delete Auditlogs older than x month; -1 to keep all logs | |||
| DD_AUDITLOG_FLUSH_RETENTION_PERIOD=(int, 12), | |||
There was a problem hiding this comment.
Good question, what should be the default value here?
There was a problem hiding this comment.
In my opinion, this should be set to a value that will mimic the current behavior. So a value of -1 should be the default to not affect any existing installations or expectations from system owners.
There was a problem hiding this comment.
I like the idea of using -1 as the default so there's no change in current behavior - aka people have to opt-in to this change in functionality.
There was a problem hiding this comment.
Alright I get your points. So I will switch it to -1 to keep the current behavior and users should actively change the value to enable the feature
Co-authored-by: kiblik <kiblik@gjh.sk>
Co-authored-by: kiblik <kiblik@gjh.sk>
Co-authored-by: kiblik <kiblik@gjh.sk>
Co-authored-by: kiblik <kiblik@gjh.sk>
3 tasks
kiblik
reviewed
Dec 25, 2023
Maffooch
previously approved these changes
Dec 26, 2023
Maffooch
dismissed
their stale review
Apologies, I did not notice the failing tests
Co-authored-by: kiblik <kiblik@gjh.sk>
removed spaces
|
Hi, so the tests run successfully, except the check for sensitive files. But I think this check is supposed to fail, since I edited the tasks.py File right? BR, |
|
@MarianG Correct about the sensitive files check - we're experimenting with that and using to signal approvers that 'important' files for the v3 work are being changed. Please see the comments Jay added recently and confirm that change has been made please. |
…cling and mimic the default behavior. Then no change will happen until a user actively sets/ changes this parameter
grendel513
approved these changes
Jan 3, 2024
Maffooch
approved these changes
Jan 3, 2024
cneill
approved these changes
Jan 3, 2024
inesmartins-swordhealth
added a commit
to SWORDHealth/django-DefectDojo
that referenced
this pull request
Jan 4, 2024
* Bump boto3 from 1.34.6 to 1.34.8 (DefectDojo#9229) Bumps [boto3](https://github.com/boto/boto3) from 1.34.6 to 1.34.8. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.34.6...1.34.8) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump boto3 from 1.34.8 to 1.34.9 (DefectDojo#9237) Bumps [boto3](https://github.com/boto/boto3) from 1.34.8 to 1.34.9. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.34.8...1.34.9) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump coverage from 7.3.4 to 7.4.0 (DefectDojo#9239) Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.3.4 to 7.4.0. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@7.3.4...7.4.0) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump djangosaml2 from 1.8.0 to 1.9.0 (DefectDojo#9238) Bumps [djangosaml2](https://github.com/IdentityPython/djangosaml2) from 1.8.0 to 1.9.0. - [Release notes](https://github.com/IdentityPython/djangosaml2/releases) - [Changelog](https://github.com/IdentityPython/djangosaml2/blob/master/CHANGES) - [Commits](IdentityPython/djangosaml2@v1.8.0...v1.9.0) --- updated-dependencies: - dependency-name: djangosaml2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump python-gitlab from 4.2.0 to 4.3.0 (DefectDojo#9236) Bumps [python-gitlab](https://github.com/python-gitlab/python-gitlab) from 4.2.0 to 4.3.0. - [Release notes](https://github.com/python-gitlab/python-gitlab/releases) - [Changelog](https://github.com/python-gitlab/python-gitlab/blob/main/CHANGELOG.md) - [Commits](python-gitlab/python-gitlab@v4.2.0...v4.3.0) --- updated-dependencies: - dependency-name: python-gitlab dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update rabbitmq Docker tag from 3.12.10 to v3.12.11 (docker-compose.yml) (DefectDojo#9233) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Bump openapitools/openapi-generator-cli from v7.1.0 to v7.2.0 (DefectDojo#9218) Bumps openapitools/openapi-generator-cli from v7.1.0 to v7.2.0. --- updated-dependencies: - dependency-name: openapitools/openapi-generator-cli dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump nginx from `3923f8d` to `a59278f` (DefectDojo#9217) Bumps nginx from `3923f8d` to `a59278f`. --- updated-dependencies: - dependency-name: nginx dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * 🐛 fix issue DefectDojo#9221 (DefectDojo#9222) * Trivy: Add k8 cluster resource objects (DefectDojo#9215) * 🐛 fix issue DefectDojo#9170 * typo * update according to review comment * Pinning of django versions into a helm release (DefectDojo#9160) * Pin docker version * fix indent * Fix name for helm release action * 🎉 remove unnecessary unique_id_from_tool in settings.dist.py (DefectDojo#9188) * 🎉 unittest to help remove unnecessary lines in settings.dist.py * 🐛 fix according to unittest * update according to review comment * fix typos in importing documentation (DefectDojo#9093) * fix typos in importing documentation * update according to review comment * 🐛 fix error 500 for ssh-audit (DefectDojo#9228) * 🎉 implement ms defender parser DefectDojo#8908 (DefectDojo#9232) * 🎉 implement ms defender parser DefectDojo#8908 * flake8 * fix * fix * Drop DEV branch from release-drafter (DefectDojo#9230) There are no releases on the `dev` branch * Improve Request Review Notifications (DefectDojo#9227) * Parser - Black Duck Binary Analysis (DefectDojo#9163) * Initial implementation of Black Duck Binary Analysis Parser * Initial implementation of Black Duck Binary Analysis Parser * Initial implementation of Black Duck Binary Analysis Parser #flake8 * Initial implementation of Black Duck Binary Analysis Parser #dedupe_algo * Initial implementation of Black Duck Binary Analysis Parser #dedupe_algo_bugfix * Initial implementation of Black Duck Binary Analysis Parser #extend_unittests_and_integrate_sha1_into_title * Initial implementation of Black Duck Binary Analysis Parser #extend_unittests_include_report_path * Initial implementation of Black Duck Binary Analysis Parser - update title since CVE can sometimes be blank (i.e. replacing CVE w/ Object SHA1) * Initial implementation of Black Duck Binary Analysis Parser - settings.dist.py #tweak * Initial implementation of Black Duck Binary Analysis Parser - parser.py, #bugfix in mismatched title * Initial implementation of Black Duck Binary Analysis Parser - Make Dedupe more resilient as it's also possible to have the same components in different object paths despite being the same object * Initial implementation of Black Duck Binary Analysis Parser - parser.py, #bugfix in mismatched description * Initial implementation of Black Duck Binary Analysis Parser - parser.py, slight tweak in description * Initial implementation of Black Duck Binary Analysis Parser - Make Dedupe more resilient as it's also possible for the same components in the same object full path to have different CVEs. There's also circumstances in which a component may not have a CVE. * Initial implementation of Black Duck Binary Analysis Parser - Slight tweak in Dedupe verification. Rely upon Object SHA1 in unique_id_from_tool field instead of including the object SHA1 in the title (i.e. reduce characters in title and make more readable). * Initial implementation of Black Duck Binary Analysis Parser - more resilient cvss score calculation * Initial implementation of Black Duck Binary Analysis Parser - more resilient cvss score calculation #bugfix * Initial implementation of Black Duck Binary Analysis Parser - more resilient cvss score calculation #flake8 * Initial implementation of Black Duck Binary Analysis Parser - if CVSS3 is available, update finding.cvssv3 && cvssv3_score. Otherwise, populate severity justification w/ CVSS2 vector and score * Initial implementation of Black Duck Binary Analysis Parser - if CVSS3 is available, update finding.cvssv3 && cvssv3_score. Otherwise, populate severity justification w/ CVSS2 vector and score #bugfix * Initial implementation of Black Duck Binary Analysis Parser - if CVSS3 is available, update finding.cvssv3 && cvssv3_score. Otherwise, populate severity justification w/ CVSS2 vector and score #bugfix2 * Initial implementation of Black Duck Binary Analysis Parser - prefer CVSSv3 over CVSSv2. If CVSSv2 is the only one available, use it else if nothing else set to Info * Initial implementation of Black Duck Binary Analysis Parser - prefer CVSSv3 over CVSSv2. If CVSSv2 is the only one available, use it else if nothing else set to Info #bugfix * Initial implementation of Black Duck Binary Analysis Parser - prefer CVSSv3 over CVSSv2. If CVSSv2 is the only one available, use it else if nothing else set to Info #simplify * Initial implementation of Black Duck Binary Analysis Parser - prefer CVSSv3 over CVSSv2. If CVSSv2 is the only one available, use it else if nothing else set to Info #bugfixes * Initial implementation of Black Duck Binary Analysis Parser - prefer CVSSv3 over CVSSv2. If CVSSv2 is the only one available, use it else if nothing else set to Info #more_bugfixes * Initial implementation of Black Duck Binary Analysis Parser - CVSSv2 vector massaging * Initial implementation of Black Duck Binary Analysis Parser - #bugfixes in unit tests. * Initial implementation of Black Duck Binary Analysis Parser - #bugfixes in unit tests...include get_unit_tests_path during import. * Initial implementation of Black Duck Binary Analysis Parser - #more_bugfixes in unit test * Initial implementation of Black Duck Binary Analysis Parser - Preserve original report name to include in description * Initial implementation of Black Duck Binary Analysis Parser - Preserve original report name to include in description #bugfix * Initial implementation of Black Duck Binary Analysis Parser - Enrich documentation * Initial implementation of Black Duck Binary Analysis Parser - 1. update unit test to check for expected fields.\n2. Update how dedupe is derived.\nImplement suggested changes per @Maffooch feedback. * Initial implementation of Black Duck Binary Analysis Parser - 1. unit test #tweak * Initial implementation of Black Duck Binary Analysis Parser - 1. unit test #tweak * Trivy: Improve package path parsing behavior (DefectDojo#9235) * 🐛 fix issue DefectDojo#9234 * retrigger failed pipeline with additional unittest * 🐛 fix typo for MSDefender in settings.dist.py (DefectDojo#9249) * Update versions in application files * Bump boto3 from 1.34.9 to 1.34.11 (DefectDojo#9254) Bumps [boto3](https://github.com/boto/boto3) from 1.34.9 to 1.34.11. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.34.9...1.34.11) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update release-x-manual-helm-chart.yml * Update release-x-manual-helm-chart.yml * Update versions in application files * Bump lxml from 4.9.4 to 5.0.0 (DefectDojo#9251) Bumps [lxml](https://github.com/lxml/lxml) from 4.9.4 to 5.0.0. - [Release notes](https://github.com/lxml/lxml/releases) - [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) - [Commits](lxml/lxml@lxml-4.9.4...lxml-5.0.0) --- updated-dependencies: - dependency-name: lxml dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update rabbitmq:3.12.11-alpine Docker digest from 3.12.11 to 3.12.11-alpine (docker-compose.yml) (DefectDojo#9240) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Bump sqlalchemy from 2.0.23 to 2.0.24 (DefectDojo#9244) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 2.0.23 to 2.0.24. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump drf-spectacular-sidecar from 2023.12.1 to 2024.1.1 (DefectDojo#9252) Bumps [drf-spectacular-sidecar](https://github.com/tfranzel/drf-spectacular-sidecar) from 2023.12.1 to 2024.1.1. - [Commits](tfranzel/drf-spectacular-sidecar@2023.12.1...2024.1.1) --- updated-dependencies: - dependency-name: drf-spectacular-sidecar dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update manusa/actions-setup-minikube action from v2.9.0 to v2.10.0 (.github/workflows/k8s-tests.yml) (DefectDojo#9257) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Bump sqlalchemy from 2.0.24 to 2.0.25 (DefectDojo#9266) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 2.0.24 to 2.0.25. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pillow from 10.1.0 to 10.2.0 (DefectDojo#9265) Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.1.0 to 10.2.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@10.1.0...10.2.0) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * 🐛 fix zap, issue DefectDojo#9242 (DefectDojo#9243) * 🐛 fix zap, issue DefectDojo#9242 * adapt identiation * API: Add Announcements (DefectDojo#9112) * Add Announcement to API * Add test_rest_framework * Add test_swagger_schema * Flake8 * Fix count * Skip test * Inc db_mig * Use DojoModelViewSet * inc db_mig * 🐛 None Type in cvss score in Trivy #9263e (DefectDojo#9268) * Feature: Add Auditlog Retention and Cleanup (DefectDojo#9208) * feat: add auditlog retention * linting: satisfy flake8 * fix: forgot imports in tasks.py * fix: add necessary test-data * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tasks.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update test_flush_auditlog.py removed spaces * fix: change default value for the retetion period to disable log recycling and mimic the default behavior. Then no change will happen until a user actively sets/ changes this parameter --------- Co-authored-by: MarianG <marian.gawron@deutschebahn.com> Co-authored-by: kiblik <kiblik@gjh.sk> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: manuelsommer <47991713+manuel-sommer@users.noreply.github.com> Co-authored-by: Sever <dubravko.sever@pan-net.eu> Co-authored-by: kiblik <tomas@kubla.sk> Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com> Co-authored-by: ninp0 <jake.hoopes@gmail.com> Co-authored-by: DefectDojo release bot <dojo-release-bot@users.noreply.github.com> Co-authored-by: MarianG <marian.gawron@gmail.com> Co-authored-by: MarianG <marian.gawron@deutschebahn.com> Co-authored-by: kiblik <kiblik@gjh.sk>
drJabber
pushed a commit
to drJabber/django-DefectDojo
that referenced
this pull request
Jan 4, 2024
…d appropriate doc update 🐛 fix typo for MSDefender in settings.dist.py (DefectDojo#9249) Bump boto3 from 1.34.9 to 1.34.11 (DefectDojo#9254) Bumps [boto3](https://github.com/boto/boto3) from 1.34.9 to 1.34.11. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.34.9...1.34.11) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Update versions in application files Update release-x-manual-helm-chart.yml Update release-x-manual-helm-chart.yml Update versions in application files Bump lxml from 4.9.4 to 5.0.0 (DefectDojo#9251) Bumps [lxml](https://github.com/lxml/lxml) from 4.9.4 to 5.0.0. - [Release notes](https://github.com/lxml/lxml/releases) - [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) - [Commits](lxml/lxml@lxml-4.9.4...lxml-5.0.0) --- updated-dependencies: - dependency-name: lxml dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Update rabbitmq:3.12.11-alpine Docker digest from 3.12.11 to 3.12.11-alpine (docker-compose.yml) (DefectDojo#9240) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Bump sqlalchemy from 2.0.23 to 2.0.24 (DefectDojo#9244) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 2.0.23 to 2.0.24. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump drf-spectacular-sidecar from 2023.12.1 to 2024.1.1 (DefectDojo#9252) Bumps [drf-spectacular-sidecar](https://github.com/tfranzel/drf-spectacular-sidecar) from 2023.12.1 to 2024.1.1. - [Commits](tfranzel/drf-spectacular-sidecar@2023.12.1...2024.1.1) --- updated-dependencies: - dependency-name: drf-spectacular-sidecar dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Update manusa/actions-setup-minikube action from v2.9.0 to v2.10.0 (.github/workflows/k8s-tests.yml) (DefectDojo#9257) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> fix pep8 fix imports Bump sqlalchemy from 2.0.24 to 2.0.25 (DefectDojo#9266) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 2.0.24 to 2.0.25. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump pillow from 10.1.0 to 10.2.0 (DefectDojo#9265) Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.1.0 to 10.2.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@10.1.0...10.2.0) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> :bug: fix zap, issue DefectDojo#9242 (DefectDojo#9243) * 🐛 fix zap, issue DefectDojo#9242 * adapt identiation API: Add Announcements (DefectDojo#9112) * Add Announcement to API * Add test_rest_framework * Add test_swagger_schema * Flake8 * Fix count * Skip test * Inc db_mig * Use DojoModelViewSet * inc db_mig :bug: None Type in cvss score in Trivy #9263e (DefectDojo#9268) Feature: Add Auditlog Retention and Cleanup (DefectDojo#9208) * feat: add auditlog retention * linting: satisfy flake8 * fix: forgot imports in tasks.py * fix: add necessary test-data * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tasks.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update test_flush_auditlog.py removed spaces * fix: change default value for the retetion period to disable log recycling and mimic the default behavior. Then no change will happen until a user actively sets/ changes this parameter --------- Co-authored-by: MarianG <marian.gawron@deutschebahn.com> Co-authored-by: kiblik <kiblik@gjh.sk> fix doc
blakeaowens
pushed a commit
that referenced
this pull request
Jan 10, 2024
* add bitbucket support for Finging view scm urls, some tests for it and appropriate doc update :bug: fix typo for MSDefender in settings.dist.py (#9249) Bump boto3 from 1.34.9 to 1.34.11 (#9254) Bumps [boto3](https://github.com/boto/boto3) from 1.34.9 to 1.34.11. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.34.9...1.34.11) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Update versions in application files Update release-x-manual-helm-chart.yml Update release-x-manual-helm-chart.yml Update versions in application files Bump lxml from 4.9.4 to 5.0.0 (#9251) Bumps [lxml](https://github.com/lxml/lxml) from 4.9.4 to 5.0.0. - [Release notes](https://github.com/lxml/lxml/releases) - [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) - [Commits](lxml/lxml@lxml-4.9.4...lxml-5.0.0) --- updated-dependencies: - dependency-name: lxml dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Update rabbitmq:3.12.11-alpine Docker digest from 3.12.11 to 3.12.11-alpine (docker-compose.yml) (#9240) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Bump sqlalchemy from 2.0.23 to 2.0.24 (#9244) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 2.0.23 to 2.0.24. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump drf-spectacular-sidecar from 2023.12.1 to 2024.1.1 (#9252) Bumps [drf-spectacular-sidecar](https://github.com/tfranzel/drf-spectacular-sidecar) from 2023.12.1 to 2024.1.1. - [Commits](tfranzel/drf-spectacular-sidecar@2023.12.1...2024.1.1) --- updated-dependencies: - dependency-name: drf-spectacular-sidecar dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Update manusa/actions-setup-minikube action from v2.9.0 to v2.10.0 (.github/workflows/k8s-tests.yml) (#9257) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> fix pep8 fix imports Bump sqlalchemy from 2.0.24 to 2.0.25 (#9266) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 2.0.24 to 2.0.25. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump pillow from 10.1.0 to 10.2.0 (#9265) Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.1.0 to 10.2.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@10.1.0...10.2.0) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> :bug: fix zap, issue #9242 (#9243) * 🐛 fix zap, issue #9242 * adapt identiation API: Add Announcements (#9112) * Add Announcement to API * Add test_rest_framework * Add test_swagger_schema * Flake8 * Fix count * Skip test * Inc db_mig * Use DojoModelViewSet * inc db_mig :bug: None Type in cvss score in Trivy #9263e (#9268) Feature: Add Auditlog Retention and Cleanup (#9208) * feat: add auditlog retention * linting: satisfy flake8 * fix: forgot imports in tasks.py * fix: add necessary test-data * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tasks.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update test_flush_auditlog.py removed spaces * fix: change default value for the retetion period to disable log recycling and mimic the default behavior. Then no change will happen until a user actively sets/ changes this parameter --------- Co-authored-by: MarianG <marian.gawron@deutschebahn.com> Co-authored-by: kiblik <kiblik@gjh.sk> fix doc * Update docs/content/en/integrations/source-code-repositories.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update docs/content/en/integrations/source-code-repositories.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/models.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/models.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> --------- Co-authored-by: DVSutyagin <dvsutyagin@greenatom.ru> Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
blakeaowens
pushed a commit
to blakeaowens/django-DefectDojo
that referenced
this pull request
Jan 10, 2024
* add bitbucket support for Finging view scm urls, some tests for it and appropriate doc update :bug: fix typo for MSDefender in settings.dist.py (DefectDojo#9249) Bump boto3 from 1.34.9 to 1.34.11 (DefectDojo#9254) Bumps [boto3](https://github.com/boto/boto3) from 1.34.9 to 1.34.11. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.34.9...1.34.11) --- updated-dependencies: - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Update versions in application files Update release-x-manual-helm-chart.yml Update release-x-manual-helm-chart.yml Update versions in application files Bump lxml from 4.9.4 to 5.0.0 (DefectDojo#9251) Bumps [lxml](https://github.com/lxml/lxml) from 4.9.4 to 5.0.0. - [Release notes](https://github.com/lxml/lxml/releases) - [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) - [Commits](lxml/lxml@lxml-4.9.4...lxml-5.0.0) --- updated-dependencies: - dependency-name: lxml dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Update rabbitmq:3.12.11-alpine Docker digest from 3.12.11 to 3.12.11-alpine (docker-compose.yml) (DefectDojo#9240) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Bump sqlalchemy from 2.0.23 to 2.0.24 (DefectDojo#9244) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 2.0.23 to 2.0.24. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump drf-spectacular-sidecar from 2023.12.1 to 2024.1.1 (DefectDojo#9252) Bumps [drf-spectacular-sidecar](https://github.com/tfranzel/drf-spectacular-sidecar) from 2023.12.1 to 2024.1.1. - [Commits](tfranzel/drf-spectacular-sidecar@2023.12.1...2024.1.1) --- updated-dependencies: - dependency-name: drf-spectacular-sidecar dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Update manusa/actions-setup-minikube action from v2.9.0 to v2.10.0 (.github/workflows/k8s-tests.yml) (DefectDojo#9257) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> fix pep8 fix imports Bump sqlalchemy from 2.0.24 to 2.0.25 (DefectDojo#9266) Bumps [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) from 2.0.24 to 2.0.25. - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) --- updated-dependencies: - dependency-name: sqlalchemy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump pillow from 10.1.0 to 10.2.0 (DefectDojo#9265) Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.1.0 to 10.2.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@10.1.0...10.2.0) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> :bug: fix zap, issue DefectDojo#9242 (DefectDojo#9243) * 🐛 fix zap, issue DefectDojo#9242 * adapt identiation API: Add Announcements (DefectDojo#9112) * Add Announcement to API * Add test_rest_framework * Add test_swagger_schema * Flake8 * Fix count * Skip test * Inc db_mig * Use DojoModelViewSet * inc db_mig :bug: None Type in cvss score in Trivy #9263e (DefectDojo#9268) Feature: Add Auditlog Retention and Cleanup (DefectDojo#9208) * feat: add auditlog retention * linting: satisfy flake8 * fix: forgot imports in tasks.py * fix: add necessary test-data * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update dojo/tasks.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update unittests/test_flush_auditlog.py Co-authored-by: kiblik <kiblik@gjh.sk> * Update test_flush_auditlog.py removed spaces * fix: change default value for the retetion period to disable log recycling and mimic the default behavior. Then no change will happen until a user actively sets/ changes this parameter --------- Co-authored-by: MarianG <marian.gawron@deutschebahn.com> Co-authored-by: kiblik <kiblik@gjh.sk> fix doc * Update docs/content/en/integrations/source-code-repositories.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update docs/content/en/integrations/source-code-repositories.md Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/models.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> * Update dojo/models.py Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com> --------- Co-authored-by: DVSutyagin <dvsutyagin@greenatom.ru> Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR creates the possiblity to recycle the auditlogs that are generated by DefectDojo.
You can simply specify a retention period in the settings-file DD_AUDITLOG_FLUSH_RETENTION_PERIOD. If you set the value to "-1" the flushing is disabled.
1 Point to highlight is that I explicitly used the raw_delete method since we had a lot of trouble with the performance of the default delete. I also think that it is feasible here, since we do not have external references to the log-entries.
Test results
There are 3 more tests added in the unit-tests that should cover the most important points of the new feature (check if disabling works, check if logs are flushed, check if only the logs are flushed that fall into the specified period)
Checklist
This checklist is for your information.
dev.dev.bugfixbranch.On behalf of DB Systel GmbH