Skip to content

feat: add scripts for dojo management tasks #55

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: add scripts for dojo management tasks #55

wants to merge 1 commit into from

Conversation

iago-r
Copy link

@iago-r iago-r commented Apr 22, 2025

This PR adds two scripts for:

  • Creating new users and products via the DefectDojo API (create_users_and_products.py);
  • Sending credentials by email to new users (send_emails.py);.

cunha
cunha reviewed Apr 23, 2025
View reviewed changes
dojo/scripts/SEND_EMAILS.md Outdated
@@ -0,0 +1,10 @@
### Email Sending
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Check out https://marketplace.visualstudio.com/items?itemName=DavidAnson.vscode-markdownlint

cunha
cunha reviewed Apr 23, 2025
View reviewed changes
dojo/scripts/send_emails.py Outdated
SENDER = f"CHANGE_FOR_THE_USER_TO_APPEAR <{SMTP_USER}>"
USERS_FILE = "user_credentials.txt"

EMAIL_TEMPLATE = """\
Copy link
Member

@cunha cunha Apr 23, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let break the e-mail sendingn function into a separate module that we can later import into other scripts.

This way I could use it to send other e-mails (e.g., like the welcome message I sent on Tuesday).

cunha
cunha approved these changes Apr 23, 2025
View reviewed changes
Copy link
Member

@cunha cunha left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

create_users script looks good, but it seems we need some additional code to split the vulnerabilities into different products.

@iago-r
Copy link
Author

iago-r commented Apr 26, 2025
edited
Loading

@cunha, I updated the scripts for the flow of:

  • adding users, products and associating them;
  • anonymizing the reports (encrypting_reports) -> for now a placeholder for @LeoOMaia 's script
  • dividing the reports (partitioning_findings) -> for now a placeholder for @LeoOMaia 's script
  • sending emails to users

With the possibility of skipping steps of the flow if necessary.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cunha cunha cunha approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@iago-r @cunha