bojemoi/blog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

post: commit 4fa26f4 in bojemoi
Some checks failed
Hugo Build & Deploy / build-deploy (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Betty
2026-04-15 23:00:02 +02:00
committed by Betty
parent cb7b97b11d
commit 5c4f867167
1 changed files with 97 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
content/posts/commits/2026-04-15-commit-4fa26f4.md Normal file
View File

@@ -0,0 +1,97 @@
---
title: "[bojemoi] feat(vuln-mgmt): migrate Faraday CE → DefectDojo"
date: 2026-04-15T23:00:02+02:00
draft: false
tags: ["commit", "bojemoi", "main"]
categories: ["Git Activity"]
summary: "Commit 4fa26f4 par Betty dans bojemoi"
author: "Betty"
---
## Commit `4fa26f4`
| | |
|---|---|
| **Repository** | bojemoi |
| **Branch** | `main` |
| **Author** | Betty |
| **Hash** | `4fa26f4a4ccf477472a6642963dcd9578daf9b83` |
### Description
Replace Faraday CE with DefectDojo across the full stack:
- stack/70-service-defectdojo.yml: new stack (nginx+uwsgi+celery+initializer+triage)
- mcp-server/tools/defectdojo.py: DefectDojo API v2 client (list_products, get_findings, add_finding)
- medved/honeypot/defectdojo_reporter.py: token-based reporter, idempotent DB column migration
- faraday-triage/triage.py: rewrite to use REST API instead of direct PostgreSQL access
- borodino, nuclei-api, zap-scanner: FARADAY_* → DEFECTDOJO_* env vars + dojo_api_token secret
- nginx: faraday.conf → defectdojo.conf, upstream faraday → defectdojo
- prometheus: FaradayDown → DefectDojoDown, faraday_vulnerabilities → triage_findings_pending
Fixes: NYM_PROXY :+ interpolation, postgres role password sync, uwsgi DNS alias,
node.labels.defectdojo=true on meta-68, old honeypot stack removal.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
### Files Changed
```
A faraday-triage/Dockerfile
A faraday-triage/requirements.txt
A faraday-triage/triage.py
M mcp-server/server.py
A mcp-server/tools/defectdojo.py
D mcp-server/tools/faraday.py
M medved/honeypot/config.py
M medved/honeypot/db.py
A medved/honeypot/defectdojo_reporter.py
D medved/honeypot/faraday_reporter.py
M medved/honeypot/main.py
M medved/honeypot/metrics.py
M oblast-1/zap_scanner.py
M samsonov/nuclei_api/main.py
D samsonov/pentest_orchestrator/plugins/plugin_faraday.py
M stack/40-service-borodino.yml
M stack/49-service-mcp.yml
M stack/65-service-medved.yml
A stack/70-service-defectdojo.yml
M volumes/nginx/conf.d/default.conf
A volumes/nginx/conf.d/sites/defectdojo.conf
D volumes/nginx/conf.d/sites/faraday.conf
M volumes/nginx/conf.d/upstreams/upstreams.conf
M volumes/prometheus/rules/alert_rules.yml
M volumes/prometheus/rules/alerts.yml
```
### Diff Summary
```
faraday-triage/Dockerfile | 10 +
faraday-triage/requirements.txt | 3 +
faraday-triage/triage.py | 354 ++++++++++++++
mcp-server/server.py | 49 +-
mcp-server/tools/defectdojo.py | 190 ++++++++
mcp-server/tools/faraday.py | 126 -----
medved/honeypot/config.py | 16 +-
medved/honeypot/db.py | 29 +-
medved/honeypot/defectdojo_reporter.py | 234 +++++++++
medved/honeypot/faraday_reporter.py | 200 --------
medved/honeypot/main.py | 6 +-
medved/honeypot/metrics.py | 6 +-
oblast-1/zap_scanner.py | 212 ++++++---
samsonov/nuclei_api/main.py | 212 +++++----
.../pentest_orchestrator/plugins/plugin_faraday.py | 522 ---------------------
stack/40-service-borodino.yml | 99 +---
stack/49-service-mcp.yml | 7 +-
stack/65-service-medved.yml | 14 +-
stack/70-service-defectdojo.yml | 295 ++++++++++++
volumes/nginx/conf.d/default.conf | 6 +-
volumes/nginx/conf.d/sites/defectdojo.conf | 31 ++
volumes/nginx/conf.d/sites/faraday.conf | 65 ---
volumes/nginx/conf.d/upstreams/upstreams.conf | 6 +-
volumes/prometheus/rules/alert_rules.yml | 8 +-
volumes/prometheus/rules/alerts.yml | 52 +-
25 files changed, 1502 insertions(+), 1250 deletions(-)
```