feat: added tests and adjust collection

someengineering · Oct 18, 2024 · b6b0e65 · b6b0e65
1 parent 6120e6b
commit b6b0e65
Show file tree

Hide file tree

Showing 5 changed files with 213 additions and 203 deletions.
diff --git a/plugins/aws/fix_plugin_aws/resource/base.py b/plugins/aws/fix_plugin_aws/resource/base.py
@@ -487,7 +487,6 @@ def __init__(
         graph_nodes_access: Optional[RWLock] = None,
         graph_edges_access: Optional[RWLock] = None,
         last_run_started_at: Optional[datetime] = None,
-        assessment_findings: Optional[Dict[Tuple[str, str, str], Dict[str, List[Finding]]]] = None,
     ) -> None:
         self.graph = graph
         self.cloud = cloud
@@ -504,8 +503,8 @@ def __init__(
         self.last_run_started_at = last_run_started_at
         self.created_at = utc()
         self.__builder_cache = {region.safe_name: self}
-        self._assessment_findings: Dict[Tuple[str, str, str], Dict[str, List[Finding]]] = (
-            assessment_findings or defaultdict(lambda: defaultdict(list))
+        self._assessment_findings: Dict[Tuple[str, str, str], Dict[str, List[Finding]]] = defaultdict(
+            lambda: defaultdict(list)
         )
         """
         AWS assessment findings that hold a list of AwsInspectorFinding or AwsGuardDutyFinding.
@@ -547,7 +546,10 @@ def suppress(self, message: str) -> SuppressWithFeedback:
         return SuppressWithFeedback(message, self.core_feedback, log)
 
     def add_finding(self, provider: str, class_name: str, region: str, class_id: str, finding: Finding) -> None:
-        self._assessment_findings[(provider, region, class_name)][class_id].append(finding)
+        global_builder = self.__builder_cache.get("global", None)
+        if not global_builder:
+            return
+        global_builder._assessment_findings[(provider, region, class_name)][class_id].append(finding)
 
     def submit_work(self, service: str, fn: Callable[..., T], *args: Any, **kwargs: Any) -> Future[T]:
         """
@@ -755,7 +757,7 @@ def for_region(self, region: AwsRegion) -> GraphBuilder:
             self.graph_nodes_access,
             self.graph_edges_access,
             self.last_run_started_at,
-            self._assessment_findings,
         )
+        builder.__builder_cache["global"] = self
         self.__builder_cache[region.safe_name] = builder
         return builder
diff --git a/plugins/aws/fix_plugin_aws/resource/ecr.py b/plugins/aws/fix_plugin_aws/resource/ecr.py
@@ -8,7 +8,7 @@
 
 from fix_plugin_aws.resource.base import AwsResource, AwsApiSpec, GraphBuilder
 from fix_plugin_aws.utils import ToDict
-from fixlib.baseresources import HasResourcePolicy, PolicySource, PolicySourceKind
+from fixlib.baseresources import HasResourcePolicy, ModelReference, PolicySource, PolicySourceKind
 from fixlib.json import sort_json
 from fixlib.json_bender import Bender, S, Bend
 from fixlib.types import Json
@@ -34,6 +34,7 @@ class AwsEcrRepository(AwsResource, HasResourcePolicy):
     _kind_service: ClassVar[Optional[str]] = service_name
     _metadata: ClassVar[Dict[str, Any]] = {"icon": "repository", "group": "compute"}
     _aws_metadata: ClassVar[Dict[str, Any]] = {"provider_link_tpl": "https://{region_id}.console.aws.amazon.com/ecr/repositories/{name}?region={region}", "arn_tpl": "arn:{partition}:ecr:{region}:{account}:repository/{name}"}  # fmt: skip
+    _reference_kinds: ClassVar[ModelReference] = {}
     api_spec: ClassVar[AwsApiSpec] = AwsApiSpec("ecr", "describe-repositories", "repositories")
     public_spec: ClassVar[AwsApiSpec] = AwsApiSpec("ecr-public", "describe-repositories", "repositories")
     mapping: ClassVar[Dict[str, Bender]] = {

diff --git a/plugins/aws/test/collector_test.py b/plugins/aws/test/collector_test.py
@@ -13,6 +13,7 @@
 )
 from fix_plugin_aws.resource.base import AwsResource, AwsApiSpec, GraphBuilder, AwsRegion
 from fix_plugin_aws.resource.ec2 import AwsEc2Instance
+from fix_plugin_aws.resource.inspector import AwsInspectorFinding
 from fixlib.baseresources import BaseResource
 from fixlib.core.model_export import dataclasses_to_fixcore_model
 from test import account_collector, builder, aws_client, aws_config, no_feedback  # noqa: F401
@@ -29,13 +30,16 @@ def count_kind(clazz: Type[AwsResource]) -> int:
         return count
 
     for resource in all_resources:
+        # we do not add findings to the graph --> skip check
+        if not isinstance(resource, AwsInspectorFinding):
+            continue
         assert count_kind(resource) > 0, f"No instances of {resource.__name__} found"
 
     # make sure all threads have been joined
     assert len(threading.enumerate()) == 1
     # ensure the correct number of nodes and edges
-    assert count_kind(AwsResource) == 262
-    assert len(account_collector.graph.edges) == 576
+    assert count_kind(AwsResource) == 261
+    assert len(account_collector.graph.edges) == 575
     assert len(account_collector.graph.deferred_edges) == 2
     for node in account_collector.graph.nodes:
         if isinstance(node, AwsRegion):