add additional variables

deploy/deployment.yaml

@@ -38,3 +38,23 @@ spec:
           value: ""
         - name: LABEL_VALUE
           value: ""
+        - name: DEFECT_DOJO_ACTIVE
+          value: true
+        - name: DEFECT_DOJO_VERIFIED
+          value: false
+        - name: DEFECT_DOJO_CLOSE_OLD_FINDINGS
+          value: false
+        - name: DEFECT_DOJO_CLOSE_OLD_FINDINGS_PRODUCT_SCOPE
+          value: false
+        - name: DEFECT_DOJO_PUSH_TO_JIRA
+          value: false
+        - name: DEFECT_DOJO_MINIMUM_SEVERITY
+          value: "Info"
+        - name: DEFECT_DOJO_AUTO_CREATE_CONTEXT
+          value: true
+        - name: DEFECT_DOJO_DEDUPLICATION_ON_ENGAGEMENT
+          value: true
+        - name: DEFECT_DOJO_PRODUCT_TYPE_NAME
+          value: "Research and Development"
+        - name: DEFECT_DOJO_TEST_TITLE
+          value: "Kubernetes"

src/handlers.py

@@ -50,19 +50,19 @@ def send_to_dojo(body, meta, logger, **_):
     }
 
     data: dict = {
-        "active": "true",
-        "verified": "false",
-        "close_old_findings": "false",
-        "close_old_findings_product_scope": "false",
-        "push_to_jira": "false",
-        "minimum_severity": "Info",
-        "auto_create_context": "true",
-        "deduplication_on_engagement": "true",
+        "active": settings.DEFECT_DOJO_ACTIVE,
+        "verified": settings.DEFECT_DOJO_VERIFIED,
+        "close_old_findings": settings.DEFECT_DOJO_CLOSE_OLD_FINDINGS,
+        "close_old_findings_product_scope": settings.DEFECT_DOJO_CLOSE_OLD_FINDINGS_PRODUCT_SCOPE,
+        "push_to_jira": settings.DEFECT_DOJO_PUSH_TO_JIRA,
+        "minimum_severity": settings.DEFECT_DOJO_MINIMUM_SEVERITY,
+        "auto_create_context": settings.DEFECT_DOJO_AUTO_CREATE_CONTEXT,
+        "deduplication_on_engagement": settings.DEFECT_DOJO_DEDUPLICATION_ON_ENGAGEMENT,
         "scan_type": "Trivy Operator Scan",
         "engagement_name": meta["creationTimestamp"],
         "product_name": body["report"]["artifact"]["repository"],
-        #"product_type_name": "Research and Development",
-        "test_title": "kubernetes",
+        "product_type_name": settings.DEFECT_DOJO_PRODUCT_TYPE_NAME,
+        "test_title": settings.DEFECT_DOJO_TEST_TITLE,
     }
 
     try:

src/settings.py

@@ -30,3 +30,14 @@
 
 DEFECT_DOJO_API_KEY = get_required_env_var('DEFECT_DOJO_API_KEY')
 DEFECT_DOJO_URL = get_required_env_var('DEFECT_DOJO_URL')
+
+DEFECT_DOJO_ACTIVE = os.getenv('DEFECT_DOJO_ACTIVE', True)
+DEFECT_DOJO_VERIFIED = os.getenv('DEFECT_DOJO_VERIFIED', False)
+DEFECT_DOJO_CLOSE_OLD_FINDINGS = os.getenv('DEFECT_DOJO_CLOSE_OLD_FINDINGS', False)
+DEFECT_DOJO_CLOSE_OLD_FINDINGS_PRODUCT_SCOPE = os.getenv('DEFECT_DOJO_CLOSE_OLD_FINDINGS_PRODUCT_SCOPE', False)
+DEFECT_DOJO_PUSH_TO_JIRA = os.getenv('DEFECT_DOJO_PUSH_TO_JIRA', False)
+DEFECT_DOJO_MINIMUM_SEVERITY = os.getenv('DEFECT_DOJO_MINIMUM_SEVERITY', "Info")
+DEFECT_DOJO_AUTO_CREATE_CONTEXT = os.getenv('DEFECT_DOJO_AUTO_CREATE_CONTEXT', True)
+DEFECT_DOJO_DEDUPLICATION_ON_ENGAGEMENT = os.getenv('DEFECT_DOJO_DEDUPLICATION_ON_ENGAGEMENT', True)
+DEFECT_DOJO_PRODUCT_TYPE_NAME = os.getenv('DEFECT_DOJO_PRODUCT_TYPE_NAME', "Research and Development")
+DEFECT_DOJO_TEST_TITLE = os.getenv('DEFECT_DOJO_TEST_TITLE', "Kubernetes")