3.8 KiB
3.8 KiB
title, date, draft, tags, categories, summary, author
| title | date | draft | tags | categories | summary | author | ||||
|---|---|---|---|---|---|---|---|---|---|---|
| [bojemoi] feat(vuln-mgmt): migrate Faraday CE → DefectDojo | 2026-04-15T23:00:02+02:00 | false |
|
|
Commit 4fa26f4 par Betty dans bojemoi | Betty |
Commit 4fa26f4
| Repository | bojemoi |
| Branch | main |
| Author | Betty |
| Hash | 4fa26f4a4ccf477472a6642963dcd9578daf9b83 |
Description
Replace Faraday CE with DefectDojo across the full stack:
- stack/70-service-defectdojo.yml: new stack (nginx+uwsgi+celery+initializer+triage)
- mcp-server/tools/defectdojo.py: DefectDojo API v2 client (list_products, get_findings, add_finding)
- medved/honeypot/defectdojo_reporter.py: token-based reporter, idempotent DB column migration
- faraday-triage/triage.py: rewrite to use REST API instead of direct PostgreSQL access
- borodino, nuclei-api, zap-scanner: FARADAY_* → DEFECTDOJO_* env vars + dojo_api_token secret
- nginx: faraday.conf → defectdojo.conf, upstream faraday → defectdojo
- prometheus: FaradayDown → DefectDojoDown, faraday_vulnerabilities → triage_findings_pending
Fixes: NYM_PROXY :+ interpolation, postgres role password sync, uwsgi DNS alias, node.labels.defectdojo=true on meta-68, old honeypot stack removal.
Co-Authored-By: Claude Sonnet 4.6 noreply@anthropic.com
Files Changed
A faraday-triage/Dockerfile
A faraday-triage/requirements.txt
A faraday-triage/triage.py
M mcp-server/server.py
A mcp-server/tools/defectdojo.py
D mcp-server/tools/faraday.py
M medved/honeypot/config.py
M medved/honeypot/db.py
A medved/honeypot/defectdojo_reporter.py
D medved/honeypot/faraday_reporter.py
M medved/honeypot/main.py
M medved/honeypot/metrics.py
M oblast-1/zap_scanner.py
M samsonov/nuclei_api/main.py
D samsonov/pentest_orchestrator/plugins/plugin_faraday.py
M stack/40-service-borodino.yml
M stack/49-service-mcp.yml
M stack/65-service-medved.yml
A stack/70-service-defectdojo.yml
M volumes/nginx/conf.d/default.conf
A volumes/nginx/conf.d/sites/defectdojo.conf
D volumes/nginx/conf.d/sites/faraday.conf
M volumes/nginx/conf.d/upstreams/upstreams.conf
M volumes/prometheus/rules/alert_rules.yml
M volumes/prometheus/rules/alerts.yml
Diff Summary
faraday-triage/Dockerfile | 10 +
faraday-triage/requirements.txt | 3 +
faraday-triage/triage.py | 354 ++++++++++++++
mcp-server/server.py | 49 +-
mcp-server/tools/defectdojo.py | 190 ++++++++
mcp-server/tools/faraday.py | 126 -----
medved/honeypot/config.py | 16 +-
medved/honeypot/db.py | 29 +-
medved/honeypot/defectdojo_reporter.py | 234 +++++++++
medved/honeypot/faraday_reporter.py | 200 --------
medved/honeypot/main.py | 6 +-
medved/honeypot/metrics.py | 6 +-
oblast-1/zap_scanner.py | 212 ++++++---
samsonov/nuclei_api/main.py | 212 +++++----
.../pentest_orchestrator/plugins/plugin_faraday.py | 522 ---------------------
stack/40-service-borodino.yml | 99 +---
stack/49-service-mcp.yml | 7 +-
stack/65-service-medved.yml | 14 +-
stack/70-service-defectdojo.yml | 295 ++++++++++++
volumes/nginx/conf.d/default.conf | 6 +-
volumes/nginx/conf.d/sites/defectdojo.conf | 31 ++
volumes/nginx/conf.d/sites/faraday.conf | 65 ---
volumes/nginx/conf.d/upstreams/upstreams.conf | 6 +-
volumes/prometheus/rules/alert_rules.yml | 8 +-
volumes/prometheus/rules/alerts.yml | 52 +-
25 files changed, 1502 insertions(+), 1250 deletions(-)