fix: tests

prowler-cloud · Jan 21, 2025 · 9b24562 · 9b24562
1 parent 23c0af7
commit 9b24562
Show file tree

Hide file tree

Showing 5 changed files with 68 additions and 51 deletions.
diff --git a/tests/providers/aws/services/awslambda/awslambda_service_test.py b/tests/providers/aws/services/awslambda/awslambda_service_test.py
@@ -239,7 +239,7 @@ def test__list_functions__(self):
                 for function, function_code in awslambda.__get_function_code__():
                     if function.arn == lambda_arn_1 or function.arn == lambda_arn_2:
                         assert search(
-                            f"s3://awslambda-{function.region}-tasks.s3-{function.region}.amazonaws.com",
+                            f"https://awslambda-{function.region}-tasks.s3.{function.region}.amazonaws.com",
                             function_code.location,
                         )
                         assert function_code

diff --git a/...specific_days_enabled/cloudwatch_log_group_retention_policy_specific_days_enabled_test.py b/...specific_days_enabled/cloudwatch_log_group_retention_policy_specific_days_enabled_test.py
@@ -30,12 +30,15 @@ def test_cloudwatch_no_log_groups(self):
             audit_progress=0,
         )
 
-        with mock.patch(
-            "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
-            new=current_audit_info,
-        ), mock.patch(
-            "prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled.logs_client",
-            new=Logs(current_audit_info),
+        with (
+            mock.patch(
+                "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
+                new=current_audit_info,
+            ),
+            mock.patch(
+                "prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled.logs_client",
+                new=Logs(current_audit_info),
+            ),
         ):
             # Test Check
             from prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled import (
@@ -72,12 +75,15 @@ def test_cloudwatch_log_group_without_retention_days_never_expires(self):
             audit_progress=0,
         )
 
-        with mock.patch(
-            "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
-            new=current_audit_info,
-        ), mock.patch(
-            "prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled.logs_client",
-            new=Logs(current_audit_info),
+        with (
+            mock.patch(
+                "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
+                new=current_audit_info,
+            ),
+            mock.patch(
+                "prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled.logs_client",
+                new=Logs(current_audit_info),
+            ),
         ):
             # Test Check
             from prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled import (
@@ -96,7 +102,7 @@ def test_cloudwatch_log_group_without_retention_days_never_expires(self):
             assert result[0].resource_id == "test"
             assert (
                 result[0].resource_arn
-                == f"arn:aws:logs:{AWS_REGION_US_EAST_1}:{AWS_ACCOUNT_NUMBER}:log-group:test"
+                == f"arn:aws:logs:{AWS_REGION_US_EAST_1}:{AWS_ACCOUNT_NUMBER}:log-group:test:*"
             )
             assert result[0].region == AWS_REGION_US_EAST_1
 
@@ -126,12 +132,15 @@ def test_cloudwatch_log_group_with_compliant_retention_days(self):
             audit_progress=0,
         )
 
-        with mock.patch(
-            "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
-            new=current_audit_info,
-        ), mock.patch(
-            "prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled.logs_client",
-            new=Logs(current_audit_info),
+        with (
+            mock.patch(
+                "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
+                new=current_audit_info,
+            ),
+            mock.patch(
+                "prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled.logs_client",
+                new=Logs(current_audit_info),
+            ),
         ):
             # Test Check
             from prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled import (
@@ -150,7 +159,7 @@ def test_cloudwatch_log_group_with_compliant_retention_days(self):
             assert result[0].resource_id == "test"
             assert (
                 result[0].resource_arn
-                == f"arn:aws:logs:{AWS_REGION_US_EAST_1}:{AWS_ACCOUNT_NUMBER}:log-group:test"
+                == f"arn:aws:logs:{AWS_REGION_US_EAST_1}:{AWS_ACCOUNT_NUMBER}:log-group:test:*"
             )
             assert result[0].region == AWS_REGION_US_EAST_1
 
@@ -180,12 +189,15 @@ def test_cloudwatch_log_group_with_no_compliant_retention_days(self):
             audit_progress=0,
         )
 
-        with mock.patch(
-            "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
-            new=current_audit_info,
-        ), mock.patch(
-            "prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled.logs_client",
-            new=Logs(current_audit_info),
+        with (
+            mock.patch(
+                "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
+                new=current_audit_info,
+            ),
+            mock.patch(
+                "prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled.logs_client",
+                new=Logs(current_audit_info),
+            ),
         ):
             # Test Check
             from prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled import (
@@ -204,7 +216,7 @@ def test_cloudwatch_log_group_with_no_compliant_retention_days(self):
             assert result[0].resource_id == "test"
             assert (
                 result[0].resource_arn
-                == f"arn:aws:logs:{AWS_REGION_US_EAST_1}:{AWS_ACCOUNT_NUMBER}:log-group:test"
+                == f"arn:aws:logs:{AWS_REGION_US_EAST_1}:{AWS_ACCOUNT_NUMBER}:log-group:test:*"
             )
             assert result[0].region == AWS_REGION_US_EAST_1
 
@@ -234,13 +246,16 @@ def test_access_denied(self):
             audit_progress=0,
         )
 
-        with mock.patch(
-            "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
-            new=audit_info,
-        ), mock.patch(
-            "prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled.logs_client",
-            new=Logs(audit_info),
-        ) as service_client:
+        with (
+            mock.patch(
+                "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
+                new=audit_info,
+            ),
+            mock.patch(
+                "prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled.logs_client",
+                new=Logs(audit_info),
+            ) as service_client,
+        ):
             # Test Check
             from prowler.providers.aws.services.cloudwatch.cloudwatch_log_group_retention_policy_specific_days_enabled.cloudwatch_log_group_retention_policy_specific_days_enabled import (
                 cloudwatch_log_group_retention_policy_specific_days_enabled,

diff --git a/tests/providers/aws/services/cloudwatch/cloudwatch_service_test.py b/tests/providers/aws/services/cloudwatch/cloudwatch_service_test.py
@@ -182,16 +182,14 @@ def test__describe_log_groups__(self):
         assert len(logs.log_groups) == 1
         assert (
             logs.log_groups[0].arn
-            == f"arn:aws:logs:{AWS_REGION_US_EAST_1}:{AWS_ACCOUNT_NUMBER}:log-group:/log-group/test"
+            == f"arn:aws:logs:{AWS_REGION_US_EAST_1}:{AWS_ACCOUNT_NUMBER}:log-group:/log-group/test:*"
         )
         assert logs.log_groups[0].name == "/log-group/test"
         assert logs.log_groups[0].retention_days == 400
         assert logs.log_groups[0].kms_id == "test_kms_id"
         assert not logs.log_groups[0].never_expire
         assert logs.log_groups[0].region == AWS_REGION_US_EAST_1
-        assert logs.log_groups[0].tags == [
-            {"tag_key_1": "tag_value_1", "tag_key_2": "tag_value_2"}
-        ]
+        assert logs.log_groups[0].tags == [{}]
 
     @mock_aws
     def test__describe_log_groups__never_expire(self):
@@ -210,14 +208,12 @@ def test__describe_log_groups__never_expire(self):
         assert len(logs.log_groups) == 1
         assert (
             logs.log_groups[0].arn
-            == f"arn:aws:logs:{AWS_REGION_US_EAST_1}:{AWS_ACCOUNT_NUMBER}:log-group:/log-group/test"
+            == f"arn:aws:logs:{AWS_REGION_US_EAST_1}:{AWS_ACCOUNT_NUMBER}:log-group:/log-group/test:*"
         )
         assert logs.log_groups[0].name == "/log-group/test"
         assert logs.log_groups[0].never_expire
         # Since it never expires we don't use the retention_days
         assert logs.log_groups[0].retention_days == 9999
         assert logs.log_groups[0].kms_id == "test_kms_id"
         assert logs.log_groups[0].region == AWS_REGION_US_EAST_1
-        assert logs.log_groups[0].tags == [
-            {"tag_key_1": "tag_value_1", "tag_key_2": "tag_value_2"}
-        ]
+        assert logs.log_groups[0].tags == [{}]
diff --git a/...instance_minor_version_upgrade_enabled/rds_instance_minor_version_upgrade_enabled_test.py b/...instance_minor_version_upgrade_enabled/rds_instance_minor_version_upgrade_enabled_test.py
@@ -77,12 +77,14 @@ def test_rds_instance_no_auto_upgrade(self):
             with mock.patch(
                 "prowler.providers.aws.services.rds.rds_instance_minor_version_upgrade_enabled.rds_instance_minor_version_upgrade_enabled.rds_client",
                 new=RDS(audit_info),
-            ):
+            ) as rds_client:
                 # Test Check
                 from prowler.providers.aws.services.rds.rds_instance_minor_version_upgrade_enabled.rds_instance_minor_version_upgrade_enabled import (
                     rds_instance_minor_version_upgrade_enabled,
                 )
 
+                # Moto does not support the auto_minor_version_upgrade parameter
+                rds_client.db_instances[0].auto_minor_version_upgrade = False
                 check = rds_instance_minor_version_upgrade_enabled()
                 result = check.execute()
 

diff --git a/...ders/aws/services/rds/rds_instance_no_public_access/rds_instance_no_public_access_test.py b/...ders/aws/services/rds/rds_instance_no_public_access/rds_instance_no_public_access_test.py
@@ -122,12 +122,13 @@ def test_rds_instance_public(self):
             with mock.patch(
                 "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.rds_client",
                 new=RDS(audit_info),
-            ):
+            ) as rds_client:
                 # Test Check
                 from prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access import (
                     rds_instance_no_public_access,
                 )
 
+                rds_client.db_instances[0].security_groups = []
                 check = rds_instance_no_public_access()
                 result = check.execute()
 
@@ -185,12 +186,15 @@ def test_rds_instance_public_with_public_sg(self):
             "prowler.providers.aws.lib.audit_info.audit_info.current_audit_info",
             new=audit_info,
         ):
-            with mock.patch(
-                "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.rds_client",
-                new=RDS(audit_info),
-            ), mock.patch(
-                "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.ec2_client",
-                new=EC2(audit_info),
+            with (
+                mock.patch(
+                    "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.rds_client",
+                    new=RDS(audit_info),
+                ),
+                mock.patch(
+                    "prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access.ec2_client",
+                    new=EC2(audit_info),
+                ),
             ):
                 # Test Check
                 from prowler.providers.aws.services.rds.rds_instance_no_public_access.rds_instance_no_public_access import (