✨ implement krakend audit parser

[manuel-sommer]

Implement a parser for KrakenD audits

[dryrunsecurity]

DryRun Security Summary

The provided code changes include the addition of a new security scanner, updates to the configuration settings, and the implementation of unit tests for the KrakenD Audit Parser, all aimed at improving the security and robustness of the application.

Expand for full summary

Summary:

The provided code changes cover a range of updates, including the addition of a new security scanner, updates to the configuration settings, and the implementation of unit tests for the KrakenD Audit Parser. From an application security perspective, these changes generally appear to be positive and aimed at improving the security and robustness of the application.

The key highlights are:

1. The addition of the "KrakenD Audit Scan" feature, which allows the integration of the KrakenD API gateway security audit into the application's security workflow. This is a valuable security enhancement that can help identify potential issues in the KrakenD configuration.

2. The updates to the configuration settings, such as the mapping of SAML2 attributes and the deduplication algorithm for the KrakenD Audit Scan, demonstrate a thoughtful approach to managing the security-related aspects of the application.

3. The implementation of unit tests for the KrakenD Audit Parser ensures that the parser can accurately process the output of the KrakenD audit tool, including scenarios with and without findings. This helps improve the overall reliability and security of the application.

Files Changed:

• dojo/tools/krakend_audit/__init__.py: This change adds the author attribute to the file, which is a minor update that does not raise any immediate security concerns.
• dojo/settings/.settings.dist.py.sha256sum: This change updates the SHA256 hash value for the .settings.dist.py file, which is used to verify the integrity of the configuration file template.
• docs/content/en/integrations/parsers/file/krakend_audit.md: This change adds documentation for the KrakenD Audit Scan feature, providing clear instructions for users on how to perform the audit and integrate the results with the DefectDojo application security platform.
• dojo/settings/settings.dist.py: This change adds support for the "KrakenD Audit Scan" in the saml2_attrib_map_format and DEDUPLICATION_ALGORITHM_PER_PARSER dictionaries, which is a positive security enhancement.
• unittests/tools/test_krakend_audit_parser.py: This change introduces unit tests for the KrakenDAuditParser class, ensuring that the parser can correctly process the output of the KrakenD audit tool.
• unittests/scans/krakend_audit/many_findings.json: This file contains a set of security and performance recommendations from the KrakenD Audit Scan, which should be reviewed and addressed as appropriate.
• dojo/tools/krakend_audit/parser.py: This change implements the KrakenDAuditParser class, which is responsible for parsing the KrakenD Audit Scan reports and creating corresponding Finding objects. The implementation appears to be reasonable, but it's important to ensure proper input validation to prevent potential security issues.
• unittests/scans/krakend_audit/no_findings.json: This file represents a scenario where the KrakenD Audit Scan did not find any security findings, and it is likely used for testing purposes.

Overall, the code changes in this pull request appear to be focused on improving the security and reliability of the application, and they do not raise any immediate security concerns. However, as with any code changes, it's important to thoroughly review the implementation and ensure that it aligns with the application's security requirements and best practices.

Code Analysis

We ran 9 analyzers against 8 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

[manuel-sommer]

@Maffooch why is this unittest failing? And: Since a couple of releases I can't test unitests locally anymore.
I always get the following error:

`
ERROR: unittests (unittest.loader._FailedTest.unittests)

ImportError: Failed to import test module: unittests
Traceback (most recent call last):
File "/usr/local/lib/python3.11/unittest/loader.py", line 162, in loadTestsFromName
module = import(module_name)
^^^^^^^^^^^^^^^^^^^^^^^
ModuleNotFoundError: No module named 'unittests'
`

[manuel-sommer]

I just wanted to reopen this to retrigger the pipeline. This is not working anymore. Could you please reopen this @mtesauro ?

[Maffooch]

@manuel-sommer Hmm not sure on that one. I have not see it before. Also just ran unit tests a few moments ago on another PR. How are you running unit tests?

[mtesauro]

Approved

[manuel-sommer]

@manuel-sommer Hmm not sure on that one. I have not see it before. Also just ran unit tests a few moments ago on another PR. How are you running unit tests?

@Maffooch I run unittests of a specific parser like this:
./dc-unittest.sh --profile postgres-rabbitmq --test-case unittests.tools.test_npm_audit_7_plus_parser.TestNpmAudit7PlusParser

This behaviour affects all parsers on my side, not only this example. I have also made docker system prune -a and docker volume prune.