From c5af9605eeb769f229217b2ad680c96d86df8ddd Mon Sep 17 00:00:00 2001
From: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
Date: Thu, 8 Feb 2024 12:21:42 +0100
Subject: [PATCH] fix(alias): allow multiple check aliases (#3378)

---
 prowler/lib/check/checks_loader.py            | 33 +++++++++++--------
 ...ector2_active_findings_exist.metadata.json |  3 ++
 .../inspector2_is_enabled.metadata.json       |  3 ++
 tests/lib/check/check_loader_test.py          |  9 ++++-
 4 files changed, 34 insertions(+), 14 deletions(-)

diff --git a/prowler/lib/check/checks_loader.py b/prowler/lib/check/checks_loader.py
index 983b8940..6936f8c1 100644
--- a/prowler/lib/check/checks_loader.py
+++ b/prowler/lib/check/checks_loader.py
@@ -34,7 +34,9 @@ def load_checks_to_execute(
         for check, metadata in bulk_checks_metadata.items():
             # Aliases
             for alias in metadata.CheckAliases:
-                check_aliases[alias] = check
+                if alias not in check_aliases:
+                    check_aliases[alias] = []
+                check_aliases[alias].append(check)
 
             # Severities
             if metadata.Severity:
@@ -110,15 +112,20 @@ def update_checks_to_execute_with_aliases(
 ) -> set:
     """update_checks_to_execute_with_aliases returns the checks_to_execute updated using the check aliases."""
     # Verify if any input check is an alias of another check
-    for input_check in checks_to_execute:
-        if (
-            input_check in check_aliases
-            and check_aliases[input_check] not in checks_to_execute
-        ):
-            # Remove input check name and add the real one
-            checks_to_execute.remove(input_check)
-            checks_to_execute.add(check_aliases[input_check])
-            print(
-                f"\nUsing alias {Fore.YELLOW}{input_check}{Style.RESET_ALL} for check {Fore.YELLOW}{check_aliases[input_check]}{Style.RESET_ALL}...\n"
-            )
-    return checks_to_execute
+    try:
+        new_checks_to_execute = checks_to_execute.copy()
+        for input_check in checks_to_execute:
+            if input_check in check_aliases:
+                # Remove input check name and add the real one
+                new_checks_to_execute.remove(input_check)
+                for alias in check_aliases[input_check]:
+                    if alias not in new_checks_to_execute:
+                        new_checks_to_execute.add(alias)
+                        print(
+                            f"\nUsing alias {Fore.YELLOW}{input_check}{Style.RESET_ALL} for check {Fore.YELLOW}{alias}{Style.RESET_ALL}..."
+                        )
+        return new_checks_to_execute
+    except Exception as error:
+        logger.error(
+            f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}] -- {error}"
+        )
diff --git a/prowler/providers/aws/services/inspector2/inspector2_active_findings_exist/inspector2_active_findings_exist.metadata.json b/prowler/providers/aws/services/inspector2/inspector2_active_findings_exist/inspector2_active_findings_exist.metadata.json
index cc3e35a4..cc50df3f 100644
--- a/prowler/providers/aws/services/inspector2/inspector2_active_findings_exist/inspector2_active_findings_exist.metadata.json
+++ b/prowler/providers/aws/services/inspector2/inspector2_active_findings_exist/inspector2_active_findings_exist.metadata.json
@@ -2,6 +2,9 @@
   "Provider": "aws",
   "CheckID": "inspector2_active_findings_exist",
   "CheckTitle": "Check if Inspector2 findings exist",
+  "CheckAliases": [
+    "inspector2_findings_exist"
+  ],
   "CheckType": [],
   "ServiceName": "inspector2",
   "SubServiceName": "",
diff --git a/prowler/providers/aws/services/inspector2/inspector2_is_enabled/inspector2_is_enabled.metadata.json b/prowler/providers/aws/services/inspector2/inspector2_is_enabled/inspector2_is_enabled.metadata.json
index 20941c76..ec548c34 100644
--- a/prowler/providers/aws/services/inspector2/inspector2_is_enabled/inspector2_is_enabled.metadata.json
+++ b/prowler/providers/aws/services/inspector2/inspector2_is_enabled/inspector2_is_enabled.metadata.json
@@ -2,6 +2,9 @@
   "Provider": "aws",
   "CheckID": "inspector2_is_enabled",
   "CheckTitle": "Check if Inspector2 is enabled",
+  "CheckAliases": [
+    "inspector2_findings_exist"
+  ],
   "CheckType": [],
   "ServiceName": "inspector2",
   "SubServiceName": "",
diff --git a/tests/lib/check/check_loader_test.py b/tests/lib/check/check_loader_test.py
index 8d9f351f..5b887d3b 100644
--- a/tests/lib/check/check_loader_test.py
+++ b/tests/lib/check/check_loader_test.py
@@ -313,7 +313,14 @@ class TestCheckLoader:
 
     def test_update_checks_to_execute_with_aliases(self):
         checks_to_execute = {"renamed_check"}
-        check_aliases = {"renamed_check": "check_name"}
+        check_aliases = {"renamed_check": ["check_name"]}
         assert {"check_name"} == update_checks_to_execute_with_aliases(
             checks_to_execute, check_aliases
         )
+
+    def test_update_checks_to_execute_with_multiple_aliases(self):
+        checks_to_execute = {"renamed_check"}
+        check_aliases = {"renamed_check": ["check1_name", "check2_name"]}
+        assert {"check1_name", "check2_name"} == update_checks_to_execute_with_aliases(
+            checks_to_execute, check_aliases
+        )