feat(parsers): add Lacework api importer

[GoldraK]

Description

Add a new Lacework API importer/parser for vulnerability ingestion via the Lacework API v2.0. This importer fetches container and host vulnerabilities directly from Lacework without requiring file uploads, following the same pattern as the existing SonarQube API importer.

What this PR introduces:

New module dojo/tools/api_lacework/:

• api_client.py — Full Lacework API v2.0 client with Bearer token authentication, automatic pagination, rate limiting, and configurable import options via the Extras field
• importer.py — Core importer logic that fetches container and host vulnerabilities and maps them to DefectDojo Finding objects. Supports filtering by repository name via Service key 1
• parser.py — Parser interface (ApiLaceworkParser) that exposes scan type Lacework API Import, declares requires_file=False, and delegates to the importer
• updater.py — Placeholder updater for future Lacework vulnerability exception sync (currently logs a no-op)

Management commands:

• lacework_import_all.py — Bulk import all repositories, auto-creates Products/Engagements/Tests per repository
• lacework_debug_vuln.py — Debug command to examine raw Lacework vulnerability data for containers or hosts

Settings (settings.dist.py):

• DD_LACEWORK_API_IMPORTER_INCLUDE_HOSTS — Enable/disable host vulnerability import (default: True)
• DD_LACEWORK_API_IMPORTER_TIMEDELTA_HOURS — Time window in hours for API queries (default: 24, max 168)
• Hashcode deduplication fields: ["vuln_id_from_tool", "component_name", "file_path"]
• Deduplication algorithm: DEDUPE_ALGO_HASH_CODE

Integration points:

• tool_config/factory.py — Registered LaceworkAPI in SCAN_APIS factory
• tool_issue_updater.py — Added LaceworkApiUpdater dispatch for future status sync

Field mapping:

Lacework Field	Finding Field
vulnId	vuln_id_from_tool
severity (or inferred from riskScore)	severity
cveProps.description + featureProps.introduced_in	description
featureKey.name / featureKey.version	component_name / component_version
featureProps.src	file_path
fixInfo.fix_available / fixInfo.fixed_version	fix_available / fix_version
cveRiskScore / riskScore	cvssv3_score

Test results

Added comprehensive unit tests in unittests/test_api_lacework.py with 30 test methods covering:

• Severity mapping (Critical, High, Medium, Low, Info, Unknown)
• CVSSv3 score extraction from NVD metadata, NVD CVSSv3 vector, and risk score fallback
• CWE extraction from CWE lists and CWE IDs
• Finding creation from container vulnerabilities (full field mapping)
• Finding creation from host vulnerabilities (full field mapping)
• Parser contract compliance (scan types, labels, descriptions, requires_file, requires_tool_type)
• End-to-end importer flow with mocked API responses

Not yet tested:

• Live integration against a real Lacework instance (requires API credentials)
• Management commands (lacework_import_all, lacework_debug_vuln) — run manually

Documentation

Updated documentation at docs/content/supported_tools/parsers/api/lacework.md covering:

• Tool Configuration setup (URL, key ID, API secret, Extras options)
• Product-level configuration (Service key 1 filtering)
• Management command usage (lacework_import_all, lacework_debug_vuln)
• Complete field mapping table
• Deduplication strategy explanation

Checklist

• Make sure to rebase your PR against the very latest dev.
• Features/Changes should be submitted against the dev.
• Give a meaningful name to your PR, as it may end up being used in the release notes.
• Your code is Ruff compliant (see ruff.toml).
• Your code is python 3.13 compliant.
• If this is a new feature and not a bug fix, you've included the proper documentation in the docs as part of this PR.
• Model changes must include the necessary migrations in the dojo/db_migrations folder. (No model changes — this PR only adds API importer code)
• Add applicable tests to the unit tests.
• Add the proper label to categorize your PR. → Import Scans