search

google / gcp_scanner

A comprehensive scanner for Google Cloud
Apache License 2.0
311 stars 97 forks source link

Implement "short" report generation option #135

Open mshudrak opened 1 year ago

mshudrak commented 1 year ago

Is your feature request related to a problem? Please describe. Right now, our scan result contains mostly all the data returned by GCP. It is hard to navigate and requires greping data.

Describe the solution you'd like We can implement a flag that would tell the scanner to return only the most important data from GCP.

We need to define what would be the most important fields to return. We also need to think about a flexible approach on defining what to omit/return from the report.

mshudrak commented 1 year ago

Implemented. We need to add tests for this feature and think about how to filter with our schema non-standard outputs.

SaxenaAnushka102 commented 1 year ago

Hi @mshudrak! Could you please mention some more details about what type of tests we need here?

mshudrak commented 1 year ago

Hi @SaxenaAnushka102, basically I implemented a new option for GCP Scanner to produce short version of the scanner report. We need to implement acceptance test similar to what we have for the whole scanner here: https://github.com/google/gcp_scanner/blob/main/src/gcp_scanner/test_acceptance.py

Bhardwaj-Himanshu commented 1 year ago

Hi @mshudrak , could you also mention the file we need to make these changes into?-->I know these sound naive but these do come from my lack of experience, my nearest clue is to implement these changes in scanner.py

Also, @SaxenaAnushka102 , do let me know if you are working on something and if I could be of any help. Thanks.

mshudrak commented 1 year ago

@Bhardwaj-Himanshu we need new test similar to what we have in test_acceptance.py. Likely new test file needed.

Bhardwaj-Himanshu commented 1 year ago

Like this https://github.com/google/gcp_scanner/blob/47fbba4f44233c179d9fdd61fd44f6fa689cc494/src/gcp_scanner/test_acceptance.py#L108-L114 ? @mshudrak

a new file or a new addition to the same? or a new file containing test like this-

def new_test_function():
  os.mkdir("res")
  testargs = ["some_more_repositories", "-o", "res"]
  with unittest.mock.patch("sys.argv", testargs):
    assert scanner.main() == 0
    assert len(os.listdir("res/")) == RESULTS_JSON_COUNT
    validate_result()

Do correct me and help on hints, if I am wrong anywhere, all feedbacks are welcomed. Also, could you mention few resources I could check out online to create a test_function in a new file for the same, or what would the file contain?

SaxenaAnushka102 commented 1 year ago

Thanks for the details @mshudrak! I'm reading docs related to tests & will update when I'll come up with a solution.

SaxenaAnushka102 commented 1 year ago

@Bhardwaj-Himanshu That's a nice idea, let's work on it!

Bhardwaj-Himanshu commented 1 year ago

Sure thing, @SaxenaAnushka102! Could you share the link of docs to me aswell! Thanks

SaxenaAnushka102 commented 1 year ago

@Bhardwaj-Himanshu I'm referring to the GCP Scanner's Wiki page and this Python documentation

mshudrak commented 1 year ago

@Bhardwaj-Himanshu yes, that's the right approach. Whether you choose to expand test_acceptance or create an independent test is up to you. I'd probably just expand test_acceptance with another function.

Bhardwaj-Himanshu commented 1 year ago

Thanks @SaxenaAnushka102 ;)

Bhardwaj-Himanshu commented 1 year ago

Gotcha @mshudrak, now could help me defining what are the values which are required in the output and once which need to be omitted.

But before that , I need to look into what a normal out report looks like in gcp_scanner_test_acceptance.py!

mshudrak commented 1 year ago

You can take a look at Github Actions, there are full logs response there. As for actual output, one option is to prepare the test and print output. On the second iteration you can add that in the check file.

Bhardwaj-Himanshu commented 1 year ago

Hi @mshudrak, first of all pardon me for a late response, got stuck under a very pleasant weather here(sarcasm, cause a storm came through chopping down all the electric lines for 5 days).

Anyways, coming to the code, as being unable to write the new_test.py files myself, if you could help me look at some resources/codebase internally from gcp_scanner or outside for a general overview of how to write the same and most probably going to attach the function inside the test_acceptance.py, rather than creating a new file and breaking the whole code base!

Thanks

mshudrak commented 1 year ago

You can use test_acceptance.py as an example and Github Actions to see produced logs. There is function that does it. You just need to provide extra argument and implemented expected output. Just take a look at code.

Bhardwaj-Himanshu commented 1 year ago

The function in the test_acceptance.py is most probably- https://github.com/google/gcp_scanner/blob/2b1ac6b8b9ffd181b70e69802f52b0167bcd32e5/src/gcp_scanner/test_acceptance.py#L108-L115

Which I am thinking to add another function as 

def new_test_function():
  os.mkdir("res")
  testargs = ["some_more_repositories", "-o", "res"] #but which repositories to target?
  with unittest.mock.patch("sys.argv", testargs): #and what arguments to run?
    assert scanner.main() == 0
    assert len(os.listdir("res/")) == RESULTS_JSON_COUNT
    validate_result()

Also, if you could tell me a way to contact you other than github, weather email or any social media handle. I had a few things/ideas to discuss, not regarding this pull request, but in regards to documentation and forming a community for the repository!!--> I am totally fine with discussing here too, let me know!