fix(docker-compose): Remove 'version' from docker-compose

[kiblik]

I missed one file in #9831

[dryrunsecurity]

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security	Status	Findings
Configured Codepaths Analyzer	✅	0 findings
IDOR Analyzer	✅	0 findings
Sensitive Files Analyzer	✅	0 findings
Server-Side Request Forgery Analyzer	✅	0 findings
SQL Injection Analyzer	✅	0 findings
Authn/Authz Analyzer	✅	0 findings
Secrets Analyzer	✅	0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective.

Summary:

The code changes provided are related to the Docker Compose configuration file for running unit tests for the DefectDojo application. The changes primarily involve modifying the configuration to skip certain services, such as Nginx, Celery, and RabbitMQ, and instead focus on setting up the database services (MySQL and PostgreSQL) and the Django application service for running unit tests.

From an application security perspective, the changes do not appear to introduce any obvious security concerns. The modifications are focused on the test environment setup and do not directly impact the production deployment of the application. However, it's important to review the overall application architecture and security practices to ensure that the application is secure, even in the test environment.

Files Changed:

• docker-compose.override.unit_tests.yml: This file is a Docker Compose configuration file for running unit tests for the DefectDojo application. The changes include:
  • Removal of the version: '3.8' line from the file.
  • Skipping of certain services, such as Nginx, Celery, and RabbitMQ, by setting their entrypoints to ['echo', 'skipping', 'service_name'].
  • Configuration of the MySQL and PostgreSQL services with environment variables and volume mounts for the unit test database.
  • Configuration of the Django application service to use the django-unittests build target and run the wait-for-it.sh script to wait for the database to be available before running the unit tests.
  • Definition of several volumes, including defectdojo_data_unit_tests, defectdojo_postgres_unit_tests, and defectdojo_media_unit_tests.

Powered by DryRun Security

[mtesauro]

Approved