search

prowler-cloud / prowler

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
https://prowler.com
Apache License 2.0
10.76k stars 1.53k forks source link

feat(EC2): Change service to adjust the data saved in template_data in LaunchTemplateVersion #4848

Closed MarioRgzLpz closed 1 month ago

MarioRgzLpz commented 2 months ago

Context

While trying to do a new check I noticed that in__get_launch_template_versions__(now __describe_launch_template_version) method we were saving a big dictionary with a lot of data in LaunchTemplateVersion that we were not using later. To follow good practices I will change the service creating a new Model TemplateData in which we will save only the things we need to do the checks. This will lead to a change in ec2_launch_template_no_secrets check that is currently using the template_data and some adjustments on the service tests and check tests.

Description

I had to change the ec2_serviceadding TemplateData model and adding only two attributes user_data for the secrets check and associate_public_address for a new check. This lead to a change in the ec2_service_test and some changes in the ec2_launch_template_no_secrets check and his test.

Checklist

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

MarioRgzLpz commented 2 months ago

@sergargar Requested changes added in commit 2abc66e

jfagoagas commented 1 month ago

Please review the raw tests log here https://productionresultssa16.blob.core.windows.net/actions-results/0188922c-ba52-4c6b-8b6b-8e1e9f23ab91/workflow-job-run-312e9aa0-de28-546d-3462-8d46f0cf99e7/logs/job/job-logs.txt?rsct=text%2Fplain&se=2024-08-30T10%3A59%3A29Z&sig=mHp6MltV0SWpUcAWAJZVAdQg3TnefH2ueL6Jmbc08kQ%3D&ske=2024-08-30T20%3A15%3A52Z&skoid=ca7593d4-ee42-46cd-af88-8b886a2f84eb&sks=b&skt=2024-08-30T08%3A15%3A52Z&sktid=398a6654-997b-47e9-b12b-9515b896b4de&skv=2024-05-04&sp=r&spr=https&sr=b&st=2024-08-30T10%3A49%3A24Z&sv=2024-05-04

Something is broken in a type definition, I think in this line public_ip_addresses: list[IPv4Address | IPv6Address].

codecov[bot] commented 1 month ago

Codecov Report

Attention: Patch coverage is 76.74419% with 10 lines in your changes missing coverage. Please review.

Project coverage is 88.87%. Comparing base (39e8485) to head (bfb0eb3). Report is 1 commits behind head on master.

Files with missing lines Patch % Lines
prowler/providers/aws/services/ec2/ec2_service.py 75.00% 10 Missing :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #4848 +/- ## ========================================== - Coverage 88.89% 88.87% -0.03% ========================================== Files 941 941 Lines 28863 28897 +34 ========================================== + Hits 25657 25681 +24 - Misses 3206 3216 +10 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.