updated anchore engine parser for upto date output format

[pUrGe12]

Description

According to the discussion at #11552 I have updated the anchore engine parser for the relevant output format.

Test results

Have tested it locally using the provided file in #11552. I didn't have more files so haven't tried others.

Documentation

Have updated the docs to include the relevant information

Checklist

This checklist is for your information.

• Make sure to rebase your PR against the very latest dev.
• Features/Changes should be submitted against the dev.
• Bugfixes should be submitted against the bugfix branch.
• Give a meaningful name to your PR, as it may end up being used in the release notes.
• Your code is flake8 compliant.
• Your code is python 3.11 compliant.
• If this is a new feature and not a bug fix, you've included the proper documentation in the docs at https://github.com/DefectDojo/django-DefectDojo/tree/dev/docs as part of this PR.
• Model changes must include the necessary migrations in the dojo/db_migrations folder.
• Add applicable tests to the unit tests.
• Add the proper label to categorize your PR.

[dryrunsecurity]

DryRun Security Summary

The pull request enhances Anchore Engine's vulnerability reporting capabilities by updating documentation, JSON schema, and parser implementation while addressing security concerns related to sensitive information exposure, input validation, and critical vulnerabilities in system components.

Expand for full summary

The pull request updates the Anchore Engine parser documentation and implementation, modifying JSON schema, parser logic, and test files to support more comprehensive vulnerability reporting. Security findings include: 1) Sensitive information exposure through image digest and timestamp details in docs/content/en/connecting_your_tools/parsers/file/anchore_engine.md, 2) Potential input validation concerns in dojo/tools/anchore_engine/parser.py due to reliance on .get() method with default values, 3) Critical vulnerabilities discovered in the test scan file (CVE-2024-50379, CVE-2024-56337 with CVSS Base Scores of 9.8), and 4) Multiple unpatched vulnerabilities across system libraries in various Tomcat and Java components.

Code Analysis

We ran 9 analyzers against 6 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

[pUrGe12]

I think I am going astray. Does changing the parser and data input require some database config changes as well?

[mtesauro]

@pUrGe12 There was an fix added to 2.43.2 that was released yesterday that should fix the tests that are failing for you.
Can you rebase this PR?

[pUrGe12]

That didn't work. Should I rebase onto master, cause now I did onto bugfix? Also, is there a way to run the docker tests locally?

[Maffooch]

@pUrGe12 it looks like the failing tests are related to the anchore changes made in this PR

[pUrGe12]

Can you let me know why that's happening?

[Maffooch]

So looking at the failures in the test in the GHA, it looks like there is a time format being supplied that is not accepted by the Finding model at the database level:

uwsgi-1  | django.core.exceptions.ValidationError: ['“2025-01-10T15:09:00Z” value has an invalid date format. It must be in YYYY-MM-DD format.']

It looks like the finding model takes a date field, so that is the likely culprit

django-DefectDojo/dojo/models.py

Lines 2298 to 2300 in b1f9c5b

	date = models.DateField(default=get_current_date,
	verbose_name=_("Date"),
	help_text=_("The date the flaw was discovered."))

[pUrGe12]

Thanks for that! I'll fix the code. I have removed the "detected at" date field entirely. Lemme know if that is a necessity in which case I'll fix the format and add it.

[pUrGe12]

I am guessing this has to do with the lack of unittests (I have only 1 file available with me so I have added only that) or some other database issue. I am not sure why its storing 83 Test_Import_Finding_Action objects instead of 4. Can someone guide me here.