Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix detect interpreter #498

Merged
merged 12 commits into from
Jul 18, 2023
Merged

Fix detect interpreter #498

merged 12 commits into from
Jul 18, 2023

Conversation

Will-NOQ
Copy link
Collaborator

@Will-NOQ Will-NOQ commented Jul 14, 2023
edited by smoy
Loading

BUG FIXES:

  • Fixed race condition on iambic detect not using templated resource id grouping resources.
  • Fixed issue where a resource could show as excluded on a resource it was never evaluated on.

ENHANCEMENTS:

  • Improved ordering of template attributes.
  • base_group_dict_attribute is now more deterministic in its grouping.
  • iambic detect performance optimizations.
    • Now only evaluates on the account a resource id change is detected on as opposed to all accounts.
    • Example if engineering is on all accounts and detect is ran for account a, only engineering on account a is evaluated.
  • Removed remaining AWS provider references from core.

@Will-NOQ
Now passing the template based value to template_generation functions…
740e331 
… in the AWS detect handler.
@Will-NOQ
Added dedicated function for rendering a jinja string value with a pr…
8d84d0c 
…ovider child. New functions for aggregating detect messages.
@Will-NOQ
Fixes to the way roles are resolved as part of iambic detect.
cb3db27
@Will-NOQ
Make template optional in generate_template_output. Performing a recu…
6fb73a2 
…rsive sort on the provider child dicts in base_group_dict_attribute.
@Will-NOQ
Fixes to the IAM Groups detect behavior.
cc542b7
@Will-NOQ
Fixes to the IAM Managed Policy detect behavior.
c221277
@Will-NOQ
Fixes to the IAM Users detect behavior. Clean up generate_role_resour…
def328c 
…ce_file_for_all_accounts.
@Will-NOQ
Fixes to the IdentityCenter PermissionSet import behavior.
6c7e2f9
@Will-NOQ
Merge branch 'main' of github.com:noqdev/iambic into fix-detect-inter…
9db4718 
…preter
@Will-NOQ
Updated CHANGELOG
83716d0
@Will-NOQ Will-NOQ marked this pull request as ready for review July 17, 2023 16:16
@codecov
Copy link

codecov bot commented Jul 17, 2023
edited
Loading

Codecov Report

Patch coverage: 78.80% and project coverage change: -10.02 ⚠️

Comparison is base (2e9116a) 85.74% compared to head (78e1ec3) 75.73%.

Additional details and impacted files 
@@             Coverage Diff             @@
##             main     #498       +/-   ##
===========================================
- Coverage   85.74%   75.73%   -10.02%     
===========================================
  Files         102      103        +1     
  Lines       11637    11727       +90     
===========================================
- Hits         9978     8881     -1097     
- Misses       1659     2846     +1187
Flag Coverage Δ
functional_tests ?
functional_tests_config_discovery ?
unit_tests 75.73% <78.80%> (-0.07%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
iambic/plugins/v0_1_0/aws/iam/policy/models.py 64.58% <0.00%> (-29.07%) ⬇️
iambic/core/detect.py 45.45% <45.45%> (ø)
iambic/core/models.py 83.81% <50.00%> (-5.76%) ⬇️
iambic/plugins/v0_1_0/aws/handlers.py 30.00% <50.00%> (-25.18%) ⬇️
iambic/plugins/v0_1_0/aws/iam/group/utils.py 84.17% <66.66%> (-13.92%) ⬇️
iambic/plugins/v0_1_0/aws/iam/role/utils.py 80.55% <75.00%> (-11.05%) ⬇️
...ugins/v0_1_0/aws/iam/policy/template_generation.py 80.72% <84.21%> (-15.34%) ⬇️
iambic/core/utils.py 84.18% <85.71%> (-4.35%) ⬇️
...plugins/v0_1_0/aws/iam/role/template_generation.py 84.06% <91.30%> (-12.59%) ⬇️
...lugins/v0_1_0/aws/iam/group/template_generation.py 82.60% <94.44%> (-13.36%) ⬇️
... and 3 more

... and 36 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@smoy smoy merged commit eae94c6 into main Jul 18, 2023
5 checks passed
@smoy smoy deleted the fix-detect-interpreter branch July 18, 2023 18:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smoy smoy smoy approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@Will-NOQ @smoy