diff --git a/.coverage b/.coverage deleted file mode 100644 index b6ffacdf..00000000 Binary files a/.coverage and /dev/null differ diff --git a/.gitignore b/.gitignore index 080f1758..1d9de043 100644 --- a/.gitignore +++ b/.gitignore @@ -49,4 +49,5 @@ junit-reports/ # Coverage .coverage* +.coverage coverage* diff --git a/Makefile b/Makefile index 227f4073..c1aed215 100644 --- a/Makefile +++ b/Makefile @@ -2,20 +2,19 @@ ##@ Testing test: ## Test with pytest - pytest -n auto -vvv -s -x - rm -rf .coverage && \ - rm -rf ./htmlcov && \ - pytest -n auto --cov=./prowler --cov-report=xml tests + rm -rf .coverage && \ + pytest -n auto -vvv -s --cov=./prowler --cov-report=xml tests coverage: ## Show Test Coverage - coverage run --skip-covered -m pytest -v && \ - coverage report -m && \ - rm -rf .coverage - coverage report -m + coverage run --skip-covered -m pytest -v && \ + coverage report -m && \ + rm -rf .coverage && \ + coverage report -m coverage-html: ## Show Test Coverage - coverage html && \ - open htmlcov/index.html + rm -rf ./htmlcov && \ + coverage html && \ + open htmlcov/index.html ##@ Linting format: ## Format Code diff --git a/poetry.lock b/poetry.lock index 2bae892e..4842c8a0 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1374,13 +1374,13 @@ files = [ [[package]] name = "mock" -version = "5.0.2" +version = "5.1.0" description = "Rolling backport of unittest.mock for all Pythons" optional = false python-versions = ">=3.6" files = [ - {file = "mock-5.0.2-py3-none-any.whl", hash = "sha256:0e0bc5ba78b8db3667ad636d964eb963dc97a59f04c6f6214c5f0e4a8f726c56"}, - {file = "mock-5.0.2.tar.gz", hash = "sha256:06f18d7d65b44428202b145a9a36e99c2ee00d1eb992df0caf881d4664377891"}, + {file = "mock-5.1.0-py3-none-any.whl", hash = "sha256:18c694e5ae8a208cdb3d2c20a993ca1a7b0efa258c247a1e565150f477f83744"}, + {file = "mock-5.1.0.tar.gz", hash = "sha256:5e96aad5ccda4718e0a229ed94b2024df75cc2d55575ba5762d31f5767b8767d"}, ] [package.extras] @@ -2584,20 +2584,6 @@ files = [ [package.dependencies] pbr = ">=2.0.0,<2.1.0 || >2.1.0" -[[package]] -name = "sure" -version = "2.0.1" -description = "utility belt for automated testing in python for python" -optional = false -python-versions = "*" -files = [ - {file = "sure-2.0.1.tar.gz", hash = "sha256:c8fc6fabc0e7f6984eeabb942540e45646e5bef0bb99fe59e02da634e4d4b9ca"}, -] - -[package.dependencies] -mock = "*" -six = "*" - [[package]] name = "tabulate" version = "0.9.0" @@ -2907,4 +2893,4 @@ docs = ["mkdocs", "mkdocs-material"] [metadata] lock-version = "2.0" python-versions = "^3.9" -content-hash = "3e70fe34df97f080cc7698f420ee7564b8250b223ad826fba9aabcbe71a3309e" +content-hash = "7dc4127465abad1d20e55c5889ed9e3c61a241fd728c30646d48bf1f24129d5c" diff --git a/pyproject.toml b/pyproject.toml index 4f95cb46..af5bc7f1 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -60,6 +60,7 @@ coverage = "7.3.0" docker = "6.1.3" flake8 = "6.1.0" freezegun = "1.2.2" +mock = "5.1.0" moto = "4.1.14" openapi-spec-validator = "0.6.0" pylint = "2.17.5" @@ -68,7 +69,6 @@ pytest-cov = "4.1.0" pytest-randomly = "3.13.0" pytest-xdist = "3.3.1" safety = "2.3.5" -sure = "2.0.1" vulture = "2.8" [tool.poetry.scripts] diff --git a/tests/providers/aws/aws_provider_test.py b/tests/providers/aws/aws_provider_test.py index d2274731..0662b1c9 100644 --- a/tests/providers/aws/aws_provider_test.py +++ b/tests/providers/aws/aws_provider_test.py @@ -1,5 +1,6 @@ +from re import search + import boto3 -import sure # noqa from mock import patch from moto import mock_iam, mock_sts @@ -214,27 +215,30 @@ class Test_AWS_Provider: credentials = assume_role_response["Credentials"] # Test the response # SessionToken - credentials["SessionToken"].should.have.length_of(356) - credentials["SessionToken"].startswith("FQoGZXIvYXdzE") + assert len(credentials["SessionToken"]) == 356 + assert search(r"^FQoGZXIvYXdzE.*$", credentials["SessionToken"]) # AccessKeyId - credentials["AccessKeyId"].should.have.length_of(20) - credentials["AccessKeyId"].startswith("ASIA") + assert len(credentials["AccessKeyId"]) == 20 + assert search(r"^ASIA.*$", credentials["AccessKeyId"]) # SecretAccessKey - credentials["SecretAccessKey"].should.have.length_of(40) + assert len(credentials["SecretAccessKey"]) == 40 # Assumed Role - assume_role_response["AssumedRoleUser"]["Arn"].should.equal( - f"arn:aws:sts::{ACCOUNT_ID}:assumed-role/{role_name}/{sessionName}" + assert ( + assume_role_response["AssumedRoleUser"]["Arn"] + == f"arn:aws:sts::{ACCOUNT_ID}:assumed-role/{role_name}/{sessionName}" ) + # AssumedRoleUser - assert assume_role_response["AssumedRoleUser"]["AssumedRoleId"].startswith( - "AROA" + assert search( + r"^AROA.*$", assume_role_response["AssumedRoleUser"]["AssumedRoleId"] ) - assert assume_role_response["AssumedRoleUser"]["AssumedRoleId"].endswith( - ":" + sessionName + assert search( + rf"^.*:{sessionName}$", + assume_role_response["AssumedRoleUser"]["AssumedRoleId"], ) - assume_role_response["AssumedRoleUser"][ - "AssumedRoleId" - ].should.have.length_of(21 + 1 + len(sessionName)) + assert len( + assume_role_response["AssumedRoleUser"]["AssumedRoleId"] + ) == 21 + 1 + len(sessionName) @mock_iam @mock_sts @@ -301,27 +305,30 @@ class Test_AWS_Provider: credentials = assume_role_response["Credentials"] # Test the response # SessionToken - credentials["SessionToken"].should.have.length_of(356) - credentials["SessionToken"].startswith("FQoGZXIvYXdzE") + assert len(credentials["SessionToken"]) == 356 + assert search(r"^FQoGZXIvYXdzE.*$", credentials["SessionToken"]) # AccessKeyId - credentials["AccessKeyId"].should.have.length_of(20) - credentials["AccessKeyId"].startswith("ASIA") + assert len(credentials["AccessKeyId"]) == 20 + assert search(r"^ASIA.*$", credentials["AccessKeyId"]) # SecretAccessKey - credentials["SecretAccessKey"].should.have.length_of(40) + assert len(credentials["SecretAccessKey"]) == 40 # Assumed Role - assume_role_response["AssumedRoleUser"]["Arn"].should.equal( - f"arn:aws:sts::{ACCOUNT_ID}:assumed-role/{role_name}/{sessionName}" + assert ( + assume_role_response["AssumedRoleUser"]["Arn"] + == f"arn:aws:sts::{ACCOUNT_ID}:assumed-role/{role_name}/{sessionName}" ) + # AssumedRoleUser - assert assume_role_response["AssumedRoleUser"]["AssumedRoleId"].startswith( - "AROA" + assert search( + r"^AROA.*$", assume_role_response["AssumedRoleUser"]["AssumedRoleId"] ) - assert assume_role_response["AssumedRoleUser"]["AssumedRoleId"].endswith( - ":" + sessionName - ) - assume_role_response["AssumedRoleUser"]["AssumedRoleId"].should.have.length_of( - 21 + 1 + len(sessionName) + assert search( + rf"^.*:{sessionName}$", + assume_role_response["AssumedRoleUser"]["AssumedRoleId"], ) + assert len( + assume_role_response["AssumedRoleUser"]["AssumedRoleId"] + ) == 21 + 1 + len(sessionName) @mock_iam @mock_sts @@ -390,27 +397,30 @@ class Test_AWS_Provider: credentials = assume_role_response["Credentials"] # Test the response # SessionToken - credentials["SessionToken"].should.have.length_of(356) - credentials["SessionToken"].startswith("FQoGZXIvYXdzE") + assert len(credentials["SessionToken"]) == 356 + assert search(r"^FQoGZXIvYXdzE.*$", credentials["SessionToken"]) # AccessKeyId - credentials["AccessKeyId"].should.have.length_of(20) - credentials["AccessKeyId"].startswith("ASIA") + assert len(credentials["AccessKeyId"]) == 20 + assert search(r"^ASIA.*$", credentials["AccessKeyId"]) # SecretAccessKey - credentials["SecretAccessKey"].should.have.length_of(40) + assert len(credentials["SecretAccessKey"]) == 40 # Assumed Role - assume_role_response["AssumedRoleUser"]["Arn"].should.equal( - f"arn:aws:sts::{ACCOUNT_ID}:assumed-role/{role_name}/{sessionName}" + assert ( + assume_role_response["AssumedRoleUser"]["Arn"] + == f"arn:aws:sts::{ACCOUNT_ID}:assumed-role/{role_name}/{sessionName}" ) + # AssumedRoleUser - assert assume_role_response["AssumedRoleUser"]["AssumedRoleId"].startswith( - "AROA" + assert search( + r"^AROA.*$", assume_role_response["AssumedRoleUser"]["AssumedRoleId"] ) - assert assume_role_response["AssumedRoleUser"]["AssumedRoleId"].endswith( - ":" + sessionName - ) - assume_role_response["AssumedRoleUser"]["AssumedRoleId"].should.have.length_of( - 21 + 1 + len(sessionName) + assert search( + rf"^.*:{sessionName}$", + assume_role_response["AssumedRoleUser"]["AssumedRoleId"], ) + assert len( + assume_role_response["AssumedRoleUser"]["AssumedRoleId"] + ) == 21 + 1 + len(sessionName) def test_generate_regional_clients(self): # New Boto3 session with the previously create user diff --git a/tests/providers/aws/lib/arn/arn_test.py b/tests/providers/aws/lib/arn/arn_test.py index eab5f30e..71234a41 100644 --- a/tests/providers/aws/lib/arn/arn_test.py +++ b/tests/providers/aws/lib/arn/arn_test.py @@ -1,4 +1,3 @@ -import sure # noqa from pytest import raises from prowler.providers.aws.lib.arn.arn import is_valid_arn, parse_iam_credentials_arn @@ -250,12 +249,12 @@ class Test_ARN_Parsing: for test in test_cases: input_arn = test["input_arn"] parsed_arn = parse_iam_credentials_arn(input_arn) - parsed_arn.partition.should.equal(test["expected"]["partition"]) - parsed_arn.service.should.equal(test["expected"]["service"]) - parsed_arn.region.should.equal(test["expected"]["region"]) - parsed_arn.account_id.should.equal(test["expected"]["account_id"]) - parsed_arn.resource_type.should.equal(test["expected"]["resource_type"]) - parsed_arn.resource.should.equal(test["expected"]["resource"]) + assert parsed_arn.partition == test["expected"]["partition"] + assert parsed_arn.service == test["expected"]["service"] + assert parsed_arn.region == test["expected"]["region"] + assert parsed_arn.account_id == test["expected"]["account_id"] + assert parsed_arn.resource_type == test["expected"]["resource_type"] + assert parsed_arn.resource == test["expected"]["resource"] def test_iam_credentials_arn_parsing_raising_RoleArnParsingFailedMissingFields( self, diff --git a/tests/providers/aws/lib/organizations/organizations_test.py b/tests/providers/aws/lib/organizations/organizations_test.py index 78ecabd0..53953cfd 100644 --- a/tests/providers/aws/lib/organizations/organizations_test.py +++ b/tests/providers/aws/lib/organizations/organizations_test.py @@ -1,7 +1,6 @@ import json import boto3 -import sure # noqa from moto import mock_iam, mock_organizations, mock_sts from prowler.providers.aws.lib.organizations.organizations import ( @@ -52,10 +51,11 @@ class Test_AWS_Organizations: org = get_organizations_metadata(account_id, assumed_role) - org.account_details_email.should.equal(mockemail) - org.account_details_name.should.equal(mockname) - org.account_details_arn.should.equal( - f"arn:aws:organizations::{AWS_ACCOUNT_NUMBER}:account/{org_id}/{account_id}" + assert org.account_details_email == mockemail + assert org.account_details_name == mockname + assert ( + org.account_details_arn + == f"arn:aws:organizations::{AWS_ACCOUNT_NUMBER}:account/{org_id}/{account_id}" ) - org.account_details_org.should.equal(org_id) - org.account_details_tags.should.equal("key:value,") + assert org.account_details_org == org_id + assert org.account_details_tags == "key:value," diff --git a/tests/providers/common/audit_info_test.py b/tests/providers/common/audit_info_test.py index 66542a65..d8c9b5d7 100644 --- a/tests/providers/common/audit_info_test.py +++ b/tests/providers/common/audit_info_test.py @@ -1,7 +1,6 @@ import boto3 import botocore import pytest -import sure # noqa from boto3 import session from mock import patch from moto import mock_ec2, mock_resourcegroupstaggingapi