clicknull
diff --git a/‎.dockerignore‎
Lines changed: 4 additions & 0 deletions b/‎.dockerignore‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎.flake8‎
Lines changed: 2 additions & 0 deletions b/‎.flake8‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 10 additions & 0 deletions b/‎.gitignore‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎.travis.yml‎
Lines changed: 19 additions & 102 deletions b/‎.travis.yml‎
Lines changed: 19 additions & 102 deletions
diff --git a/‎CONTRIBUTING.md‎
Lines changed: 2 additions & 2 deletions b/‎CONTRIBUTING.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎DOCKER.md‎
Lines changed: 41 additions & 0 deletions b/‎DOCKER.md‎
Lines changed: 41 additions & 0 deletions
diff --git a/‎DefectDojoMaintainers.md‎
Lines changed: 1 addition & 1 deletion b/‎DefectDojoMaintainers.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎Dockerfile‎
Lines changed: 0 additions & 53 deletions b/‎Dockerfile‎
Lines changed: 0 additions & 53 deletions
diff --git a/‎Dockerfile.django‎
Lines changed: 62 additions & 0 deletions b/‎Dockerfile.django‎
Lines changed: 62 additions & 0 deletions
diff --git a/‎Dockerfile.nginx‎
Lines changed: 39 additions & 0 deletions b/‎Dockerfile.nginx‎
Lines changed: 39 additions & 0 deletions
@@ -0,0 +1,4 @@
+.git
+.gitignore
+*.md
+.env*
@@ -23,6 +23,8 @@ ignore =
     E402
     E126
     E128
+    # line break after binary operator
+    W504
 
 exclude =
     # No need to traverse our git directory
 
@@ -1,3 +1,10 @@
+# Docker container persistent data
+docker/data/
+docker/static/
+
+# VS Code
+.vscode/
+
 # Byte-compiled / optimized / DLL files
 __pycache__/
 *.py[cod]
@@ -70,6 +77,7 @@ dojo/uploads/threat/*
 *.sqlite
 *.db
 celerybeat.pid
+*.env*
 
 weekly.txt
 Monthly.txt
@@ -91,3 +99,5 @@ dojo/media
 .venv/
 venv/
 ENV/
+quick.bash
+*.tgz
@@ -1,105 +1,22 @@
+dist: xenial
+language: minimal
 sudo: required
-language: python
-install: true
-
-env:
-  - TEST=smoke-test
-  - TEST=integration-test
-  - TEST=unit-test
-  - TEST=bandit
-  - TEST=docker-bench-security
-  - TEST=ansible
-  - TEST=flake8-complete
-  - TEST=flake8
-
-matrix:
-  allow_failures:
-    - env: TEST=smoke-test
-    - env: TEST=bandit
-    - env: TEST=sourceclear
-    - env: TEST=flake8-complete
-
 services:
   - docker
-
-before_script:
-  - export -f travis_fold
-  - export REPO=appsecpipeline/django-defectdojo
-  - export TAG=`if [ "$TRAVIS_BRANCH" == "master" ]; then echo "latest"; else echo $TRAVIS_BRANCH ; fi`
-
-script:
-  - |
-    echo "Running test=$TEST"
-    case "$TEST" in
-      smoke-test)
-        travis_fold start "smoke-test"
-        bash entrypoint_scripts/test/travis-smoke-test.sh || exit 1
-        travis_fold end "smoke-test"
-        ;;
-      unit-test)
-        travis_fold start "unit-test"
-        bash entrypoint_scripts/test/travis-unit-test.sh || exit 1
-        travis_fold end "unit-test"
-        ;;
-      integration-test)
-        travis_fold start "integration-test"
-        bash entrypoint_scripts/test/travis-integration-test.sh || exit 1
-        travis_fold end "integration-test"
-        ;;
-      sourceclear)
-        ## Run the SRC:CLR Scan
-        curl -sSL https://download.sourceclear.com/ci.sh | bash
-        ;;
-      bandit)
-        # install bandit
-        pip install bandit
-
-        ## Run Bandit python static code
-        bandit -r * -x venv,tests,ansible
-        ;;
-      docker-bench-security)
-        ## Run Docker Bench for Security
-        git clone https://github.com/docker/docker-bench-security.git
-        cd docker-bench-security
-        sh docker-bench-security.sh
-        ;;
-      ansible)
-        true
-        ;;
-      pep8)
-        pip install flake8
-        flake8 .
-        ;;
-      flake8)
-        echo "$TRAVIS_BRANCH"
-        if [ "$TRAVIS_BRANCH" == "dev" ]
-        then
-            echo "Running Flake8 tests on dev branch aka pull requests"
-            # We need to checkout dev for flake8-diff to work properly
-            git checkout dev
-            pip install pep8 flake8 flake8-diff
-            flake8-diff
-        else
-            echo "true"
-        fi
-    esac
-
-after_success:
-  #Push to docker repo
-  - |
-    if [ "$TRAVIS_TAG" != "" ] && [ "$DOCKER_USER" != "" ] && [  "$DOCKER_PASS" != "" ]; then
-      docker tag $REPO $REPO:$TRAVIS_TAG
-      docker login -u "$DOCKER_USER" -p "$DOCKER_PASS";
-      docker push $REPO ;
-    fi
-
-notifications:
-  slack:
-    rooms:
-      secure: nPXwHnPcf37yGkCkLimx5UmY9LTtOHL0lw88cAQeXCNNjeZuhS2jS5xGUOwwp3SrsYE4tZhD0WuVEHGDcyIhmBZh9Qqk3NHKz+tQDD/e0GE/8uTTfR1Eh+pq1YOIcLYzzKA2khmJSeHqqDriVZZoWpn67oHtrui9FYesapZ8AX0=
-    on_success: never
-    on_failure: never
-    on_start: never
-addons:
-  firefox: "45.0"
-  chrome: stable
+env:
+  global:
+    - K8S_VERSION=v1.13.4
+    - MINIKUBE_VERSION=v0.35.0
+    - HELM_VERSION=v2.13.0
+    - CHANGE_MINIKUBE_NONE_USER=true
+  matrix:
+    - BROKER=rabbitmq DATABASE=mysql
+    - BROKER=rabbitmq DATABASE=postgresql
+    - BROKER=redis DATABASE=mysql
+    - BROKER=redis DATABASE=postgresql
+    - TEST=flake8
+    - TEST=docker
+before_install: ['./travis/before-install.sh']
+before_script: ['./travis/before-script.sh']
+script: ['./travis/script.sh']
+after_success: ['./travis/after-success-script.sh']
@@ -14,9 +14,9 @@ Here are a few things to keep in mind when making changes to DefectDojo.
 
 ## Modifying DefectDojo and Testing
 
-Please use [these test scripts](./tests) to test your changes. These are the exact scripts we run in our [Travis Build](https://travis-ci.org/OWASP/django-DefectDojo)
+Please use [these test scripts](./tests) to test your changes. These are the exact scripts we run in our [Travis Build](https://travis-ci.org/OWASP/django-DefectDojo).
 
-For changes that require additional settings. settings.dist.py is the file you want to change. settings.py is populated by setup.bash from settings.dist.py
+For changes that require additional settings, settings.dist.py is the file you want to change. Settings.py is created by setup.bash from settings.dist.py
 
 ## Submitting Pull Requests
 
 
@@ -0,0 +1,41 @@
+# Run with Docker Compose
+
+Docker compose is not intended for production use.
+If you want to deploy a containerized DefectDojo to a production environment,
+use the [Helm and Kubernetes](KUBERNETES.md) approach.
+
+## Setup via Docker Compose
+
+If you start your DefectDojo instance on Docker Compose for the first time, just
+run `docker-compose up`.
+
+Navigate to <http://localhost:8080> where you can log in with username admin.
+To find out the admin user’s password, check the very beginning of the console
+output of the initializer container, typically name 'django-defectdojo_initializer_1', or run the following:
+
+```zsh
+container_id=(`docker ps -a \
+--filter "name=django-defectdojo_initializer_1" \
+| awk 'FNR == 2 {print $1}'`) && \
+docker logs $container_id 2>&1 | grep "Admin password:"
+```
+
+If you ran DefectDojo with compose before and you want to prevent the
+initializer container from running again, define an environment variable
+DD_INITIALIZE=false to prevent re-initialization.
+
+### Build Images Locally
+
+Build the docker containers locally for testing purposes.
+
+```zsh
+# Build images
+docker build -t defectdojo/defectdojo-django -f Dockerfile.django .
+docker build -t defectdojo/defectdojo-nginx -f Dockerfile.nginx .
+```
+
+### Clean up Docker Compose
+
+```zsh
+docker-compose down --volumes
+```
@@ -1 +1 @@
-Greg Anderson, Aaron Weaver and Matt Tesauro.
+Greg Anderson, Aaron Weaver and Matt Tesauro.
@@ -0,0 +1,62 @@
+# code: language=Dockerfile
+FROM python:2
+WORKDIR /app
+RUN \
+  apt-get -y update && \
+  apt-get -y install \
+    dnsutils \
+    mysql-client \
+    postgresql-client \
+    && \
+  apt-get clean && \
+  rm -rf /var/lib/apt/lists && \
+  true
+COPY requirements.txt ./
+RUN pip install -r ./requirements.txt
+COPY \
+  docker/entrypoint-celery-beat.sh \
+  docker/entrypoint-celery-worker.sh \
+  docker/entrypoint-initializer.sh \
+  docker/entrypoint-uwsgi.sh \
+  docker/entrypoint-unit-tests.sh \
+  docker/wait-for-it.sh \
+  /
+COPY wsgi.py manage.py tests/unit-tests.sh ./
+COPY dojo/ ./dojo/
+# Legacy installs need the modified settings.py, do not remove!
+RUN \
+  cp dojo/settings/settings.dist.py dojo/settings/settings.py
+COPY tests/ ./tests/
+RUN \
+  mkdir dojo/migrations && \
+  chmod g=u dojo/migrations && \
+  chmod g=u /var/run && \
+  true
+USER 1001
+ENV \
+  DD_ADMIN_USER=admin \
+  [email protected] \
+  DD_ADMIN_PASSWORD= \
+  DD_ADMIN_FIRST_NAME=Administrator \
+  DD_ADMIN_LAST_NAME=User \
+  DD_ALLOWED_HOSTS="*" \
+  DD_CELERY_BEAT_SCHEDULE_FILENAME="/run/celery-beat-schedule" \
+  DD_CELERY_BROKER_SCHEME="amqp" \
+  DD_CELERY_BROKER_USER="defectdojo" \
+  DD_CELERY_BROKER_PASSWORD="defectdojo" \
+  DD_CELERY_BROKER_HOST="rabbitmq" \
+  DD_CELERY_BROKER_PORT="5672" \
+  DD_CELERY_BROKER_PATH="//" \
+  DD_CELERY_LOG_LEVEL="INFO" \
+  DD_DATABASE_ENGINE="django.db.backends.mysql" \
+  DD_DATABASE_HOST="mysql" \
+  DD_DATABASE_NAME="defectdojo" \
+  DD_DATABASE_PASSWORD="defectdojo" \
+  DD_DATABASE_PORT="3306" \
+  DD_DATABASE_USER="defectdojo" \
+  DD_SECRET_KEY="hhZCp@D28z!n@NED*yB!ROMt+WzsY*iq" \
+  DD_CREDENTIAL_AES_256_KEY="&91a*agLqesc*0DJ+2*bAbsUZfR*4nLw" \
+  DD_INITIALIZE=true \
+  DD_UWSGI_MODE="socket" \
+  DD_UWSGI_ENDPOINT="0.0.0.0:3031"
+ENTRYPOINT ["/entrypoint-uwsgi.sh"]
@@ -0,0 +1,39 @@
+# code: language=Dockerfile
+FROM defectdojo/defectdojo-django:latest AS build
+
+USER root
+RUN \
+  apt-get -y update && \
+  apt-get -y install apt-transport-https ca-certificates && \
+  curl -sSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - && \
+  echo "deb https://deb.nodesource.com/node_11.x stretch main" | tee /etc/apt/sources.list.d/nodesource.list && \
+  curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
+  echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \
+  apt-get -y update && \
+  apt-get -y install nodejs && \
+  apt-get -y install --no-install-recommends yarn && \
+  apt-get clean && \
+  rm -rf /var/lib/apt/lists && \
+  true
+COPY components/ ./components/
+RUN \
+  cd components && \
+  yarn && \
+  cd .. && \
+  python manage.py collectstatic && \
+  true
+
+FROM nginx
+COPY --from=build /app/static/ /usr/share/nginx/html/static/
+COPY wsgi_params nginx/nginx.conf /etc/nginx/
+COPY docker/entrypoint-nginx.sh /
+RUN \
+  chmod -R g=u /var/cache/nginx && \
+  chmod -R g=u /var/run && \
+  true
+ENV \
+  DD_UWSGI_PASS="uwsgi_server" \
+  DD_UWSGI_HOST="uwsgi" \
+  DD_UWSGI_PORT="3031"
+USER 1001
+ENTRYPOINT ["/entrypoint-nginx.sh"]
-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +.git
 +.gitignore
 +*.md
 +.env*
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-Greg Anderson, Aaron Weaver and Matt Tesauro.`
	`1`	`+Greg Anderson, Aaron Weaver and Matt Tesauro.`