ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-13 00:05:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(exclude-groups-and-services) (#1205)

Browse Source
This commit is contained in:
Pepe Fagoaga
2022-06-21 08:05:32 +02:00
committed by GitHub
parent e52ab12696
commit 21f8f56c18
4 changed files with 157 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
lib/check/check_test.py
View File

@@ -2,6 +2,8 @@ import os
from lib.check.check import (
exclude_checks_to_run,
exclude_groups_to_run,
exclude_services_to_run,
parse_checks_from_file,
parse_groups_from_file,
)
@@ -37,14 +39,21 @@ class Test_Check:
def test_parse_groups_from_file(self):
test_cases = [
{
"input": {"groups": ["gdpr"], "provider": "aws"},
"input": {
"groups": ["gdpr"],
"provider": "aws",
"group_file": f"{os.path.dirname(os.path.realpath(__name__))}/groups.json",
},
"expected": {"check11", "check12"},
}
]
for test in test_cases:
provider = test["input"]["provider"]
groups = test["input"]["groups"]
assert parse_groups_from_file(groups, provider) == test["expected"]
group_file = test["input"]["group_file"]
assert (
parse_groups_from_file(group_file, groups, provider) == test["expected"]
)
def test_exclude_checks_to_run(self):
test_cases = [
@@ -69,3 +78,77 @@ class Test_Check:
assert (
exclude_checks_to_run(check_list, excluded_checks) == test["expected"]
)
def test_exclude_groups_to_run(self):
test_cases = [
{
"input": {
"excluded_group_list": {"gdpr"},
"provider": "aws",
"checks_to_run": {
"iam_disable_30_days_credentials",
"iam_disable_90_days_credentials",
},
},
"expected": {
"iam_disable_30_days_credentials",
"iam_disable_90_days_credentials",
},
},
{
"input": {
"excluded_group_list": {"iam"},
"provider": "aws",
"checks_to_run": {
"iam_disable_30_days_credentials",
"iam_disable_90_days_credentials",
},
},
"expected": set(),
},
]
for test in test_cases:
excluded_group_list = test["input"]["excluded_group_list"]
checks_to_run = test["input"]["checks_to_run"]
provider = test["input"]["provider"]
assert (
exclude_groups_to_run(checks_to_run, excluded_group_list, provider)
== test["expected"]
)
def test_exclude_services_to_run(self):
test_cases = [
{
"input": {
"checks_to_run": {
"iam_disable_30_days_credentials",
"iam_disable_90_days_credentials",
},
"excluded_services": {"ec2"},
"provider": "aws",
},
"expected": {
"iam_disable_30_days_credentials",
"iam_disable_90_days_credentials",
},
},
{
"input": {
"checks_to_run": {
"iam_disable_30_days_credentials",
"iam_disable_90_days_credentials",
},
"excluded_services": {"iam"},
"provider": "aws",
},
"expected": set(),
},
]
for test in test_cases:
excluded_services = test["input"]["excluded_services"]
checks_to_run = test["input"]["checks_to_run"]
provider = test["input"]["provider"]
assert (
exclude_services_to_run(checks_to_run, excluded_services, provider)
== test["expected"]
)