[go: nahoru, domu]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor(ASFF): create class #4368

Merged
merged 16 commits into from
Jul 4, 2024
Merged

refactor(ASFF): create class #4368

merged 16 commits into from
Jul 4, 2024

Conversation

jfagoagas
Copy link
Member

Context

We are creating modular outputs for Prowler, now is the time for the AWS Security Finding Format.

Description

  • Create the ASFF(Output) class.
  • Add documentation for all the functions.
  • Refactor the filter_security_hub_findings_per_region since now we don't need to recreate the ASFF findings, we've been doing it twice 🤦
  • Adapt the tests.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@jfagoagas jfagoagas requested review from a team as code owners July 3, 2024 08:25
@github-actions github-actions bot added the provider/aws Issues/PRs related with the AWS provider label Jul 3, 2024
jfagoagas
jfagoagas commented Jul 3, 2024
View reviewed changes
prowler/lib/outputs/csv/models.py
@@ -39,6 +39,7 @@ def batch_write_data_to_file(self) -> None:
csv_writer.writeheader()
for finding in self._data:
csv_writer.writerow(finding)
self._file_descriptor.close()
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added to the CSV class since it was missing.

jfagoagas
jfagoagas commented Jul 3, 2024
View reviewed changes
prowler/lib/outputs/csv/models.py
@@ -30,7 +30,7 @@ def transform(self, findings: list[Finding]) -> None:
def batch_write_data_to_file(self) -> None:
"""Writes the findings to a file using the CSV format using the `Output._file_descriptor`."""
try:
if self._file_descriptor:
if self._file_descriptor and not self._file_descriptor.closed:
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good to check that the file descriptor is not closed.

jfagoagas
jfagoagas commented Jul 3, 2024
View reviewed changes
prowler/lib/outputs/json_asff/json_asff.py Outdated
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Move to the the asff.py

jfagoagas
jfagoagas commented Jul 3, 2024
View reviewed changes
prowler/lib/outputs/json_asff/models.py Outdated
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Move to the the asff.py

sergargar
sergargar reviewed Jul 3, 2024
View reviewed changes
prowler/lib/outputs/file_descriptors.py
Comment on lines +79 to +80
elif output_mode == "json-asff":
continue
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this needed? As compliance does not use it, I think we can remove it

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think is needed for now until we solve Compliance, am I right @pedrooot ?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

when all the output PRs are merged we can delete all the ifs and maintain only the specifics for compliance.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I still think that this can be removed, this output_mode is not used in compliance...

@sergargar
Copy link
Member

Tested locally and it perfectly works!

@jfagoagas jfagoagas requested a review from sergargar July 4, 2024 06:48
@pedrooot pedrooot mentioned this pull request Jul 4, 2024
Merged
@codecov Codecov
Copy link
codecov bot commented Jul 4, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 74.09326% with 50 lines in your changes missing coverage. Please review.

Project coverage is 87.39%. Comparing base (2345a73) to head (c7e9264).

Files Patch % Lines
prowler/lib/outputs/asff/asff.py 85.91% 20 Missing ⚠️
prowler/lib/outputs/file_descriptors.py 10.00% 18 Missing ⚠️
prowler/__main__.py 0.00% 8 Missing ⚠️
...ler/providers/aws/lib/security_hub/security_hub.py 78.94% 4 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #4368      +/-   ##
==========================================
- Coverage   87.56%   87.39%   -0.17%     
==========================================
  Files         852      851       -1     
  Lines       26592    26618      +26     
==========================================
- Hits        23284    23262      -22     
- Misses       3308     3356      +48

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@pedrooot
Copy link
Member
pedrooot commented Jul 4, 2024

Now, batch_send_to_security_hub use _send_findings_to_security_hub passing the findings as a dict and the finding format in AWSSecurityFindingFormat. The real problem it's that resolve_security_hub_previous_findings pass the findings in dict function. I've made a "parse" in _send_findings_to_security_hub and depending the data structure it makes a different behaviour. This is not correct so I'll work on standardize all

@pedrooot
Copy link
Member
pedrooot commented Jul 4, 2024

The final approach it's that all the findings passed to _send_findings_to_security_hub are dict

@jfagoagas jfagoagas requested a review from pedrooot July 4, 2024 15:37
pedrooot
pedrooot approved these changes Jul 4, 2024
View reviewed changes
Copy link
Member
@pedrooot pedrooot left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

giphy

@sergargar sergargar merged commit 673619c into master Jul 4, 2024
9 of 11 checks passed
@sergargar sergargar deleted the PRWLR-4023-generate-the-asff-output-object-from-a-list-of-findings branch July 4, 2024 16:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pedrooot pedrooot pedrooot approved these changes

@sergargar sergargar Awaiting requested review from sergargar

Assignees
No one assigned
Labels
provider/aws Issues/PRs related with the AWS provider
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jfagoagas @sergargar @pedrooot