Closed bcncarlesc closed 3 years ago
I found what is the problem
I'm working with docker version and when I tried tu upload file the file is upload into docker image django-defectdojo_uwsgi_1 that it doesn't have permition to copy
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
This is the same issue as with the finding images not working in docker-compose (release) mode.
we need to at least update the docs for 1.7.0
Actually, I don't think it is.
If you exec into uwsgi and do a mkdir /app/media/threat
, then you can upload your model. The file appears on the server well and good (scp'ing it and all, file is OK).. yet if you then -- through dojo -- download it, you have a 0 byte file.. :man_shrugging:
To upload images in finding, it seems to be it's looking into the nginx and not uwsgi?
Or not even getting uploaded to the right place? Just dumping stuff here for later.
$ ls -l media/
1f71805a-c000-4860-b138-453b7056e69b.JPG finding_images/
42553918-725c-4711-83b8-f15c74b26b3a.JPG threat/
CACHE/
Seems to me like there's several ways to get this resolved:
(1) Make DefectDojo serve uploaded files. The simplest but likely not as performant having Django serve static files vs nginx
(2) Bind mount a directory on the host into both nginx and uwsgi containers - provides shared storage but could be tricky depending on how persistent storage is done esp for things like Kubernetes.
(3) Use a Docker volume to provide storage that is shared between nginx and uwsgi containers.
I can confirm with a bind mount that has a threat sub-directory manually created inside the DefectDojo media works fine for uploading but does have the 0 byte download issue mentioned above.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Bug description I've created an engagement and I want add a Threat Modeling document. When I tried it a receive this error
FileNotFoundError at /engagement/46/threatmodel/upload
Steps to reproduce Steps to reproduce the behavior:
*Expected behavior
Deployment method (select with an
X
)Environment information
Operating System: [e.g. Ubuntu 18.04] uname -a Linux ubuntu 5.3.0-28-generic #30~18.04.1-Ubuntu SMP Fri Jan 17 06:14:09 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
DefectDojo Commit Message: [use
git show -s --format="%h: %s [%ci]"
] 0d64c07d: Merge pull request #1698 from madchap/fix-1653 [2020-01-14 16:15:14 -0600]Sample scan files (optional) If applicable, add sample scan files to help reproduce your problem.
Screenshots (optional) If applicable, add screenshots to help explain your problem.![image](https://user-images.githubusercontent.com/51196641/75067178-545bed80-54a1-11ea-9852-df76f8bfc4e9.png)
Console logs (optional) If applicable, add console logs to help explain your problem.![image](https://user-images.githubusercontent.com/51196641/75067272-80776e80-54a1-11ea-845e-5f59527fd0ca.png)
Additional context (optional) Add any other context about the problem here. I would like debug with vscode but I don't know how I need configure de projects to do it. If you have any guide to config it I will try to debug imself