[aws][feat] Take only active findings for GuardDuty and Inspector2 se… #4145
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Check the model of all collector plugins for consistency. | |
name: Model Check | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
paths: | |
- 'fixlib/**' | |
- 'plugins/aws/**' | |
- 'plugins/azure/**' | |
- 'plugins/digitalocean/**' | |
- 'plugins/example_collector/**' | |
- 'plugins/gcp/**' | |
- 'plugins/github/**' | |
- 'plugins/k8s/**' | |
- 'plugins/onelogin/**' | |
- 'plugins/slack/**' | |
- '.github/**' | |
- 'requirements-all.txt' | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
model: | |
name: "model" | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.12' | |
architecture: 'x64' | |
- name: Restore dependency cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.cache/pip | |
key: ${{ runner.os }}-pip-${{hashFiles('./fixlib/pyproject.toml')}}-${{hashFiles('./fixlib/requirements-test.txt')}}-${{hashFiles('./plugins/**/pyproject.toml')}} | |
restore-keys: | | |
${{ runner.os }}-pip- | |
- name: Install Dependencies | |
run: | | |
python -m pip install --upgrade pip | |
python -m pip install -r requirements-all.txt | |
pip install fixlib/ plugins/aws/ plugins/azure/ plugins/digitalocean/ plugins/dockerhub/ plugins/example_collector/ plugins/gcp/ plugins/github/ plugins/k8s/ plugins/onelogin/ plugins/posthog/ plugins/random/ plugins/scarf/ plugins/slack/ | |
pip install fixinventory-plugin-vsphere | |
pip install fixinventory-plugin-onprem | |
- name: Run tests | |
working-directory: ./fixlib | |
env: | |
MODEL_CHECK: "true" | |
run: pytest test/core/model_check_test.py |