Merge branch 'master' of github.com:prowler-cloud/prowler into depend…

…abot/pip/api/django-5.1.4
prowler-cloud · Jan 9, 2025 · aeaacf3 · aeaacf3
2 parents 49af78b + e6b4035
commit aeaacf3
Show file tree

Hide file tree

Showing 37 changed files with 4,002 additions and 2,670 deletions.
diff --git a/.github/workflows/api-pull-request.yml b/.github/workflows/api-pull-request.yml
@@ -89,7 +89,7 @@ jobs:
         if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
         run: |
           python -m pip install --upgrade pip
-          pipx install poetry
+          pipx install poetry==1.8.5
 
       - name: Set up Python ${{ matrix.python-version }}
         if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
@@ -114,7 +114,7 @@ jobs:
         working-directory: ./api
         if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
         run: |
-          poetry lock --check
+          poetry check --lock
 
       - name: Lint with ruff
         working-directory: ./api

diff --git a/.github/workflows/sdk-build-lint-push-containers.yml b/.github/workflows/sdk-build-lint-push-containers.yml
@@ -68,7 +68,7 @@ jobs:
 
       - name: Install Poetry
         run: |
-          pipx install poetry
+          pipx install poetry==1.8.5
           pipx inject poetry poetry-bumpversion
 
       - name: Get Prowler version

diff --git a/.github/workflows/sdk-pull-request.yml b/.github/workflows/sdk-pull-request.yml
@@ -43,7 +43,7 @@ jobs:
         if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
         run: |
           python -m pip install --upgrade pip
-          pipx install poetry
+          pipx install poetry==1.8.5
 
       - name: Set up Python ${{ matrix.python-version }}
         if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
@@ -66,7 +66,7 @@ jobs:
       - name: Poetry check
         if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
         run: |
-          poetry lock --check
+          poetry check --lock
 
       - name: Lint with flake8
         if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'

diff --git a/.github/workflows/sdk-pypi-release.yml b/.github/workflows/sdk-pypi-release.yml
@@ -68,7 +68,7 @@ jobs:
 
       - name: Install dependencies
         run: |
-          pipx install poetry
+          pipx install poetry==1.8.5
 
       - name: Setup Python
         uses: actions/setup-python@v5

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -90,7 +90,7 @@ repos:
       - id: bandit
         name: bandit
         description: "Bandit is a tool for finding common security issues in Python code"
-        entry: bash -c 'bandit -q -lll -x '*_test.py,./contrib/' -r .'
+        entry: bash -c 'bandit -q -lll -x '*_test.py,./contrib/,./.venv/' -r .'
         language: system
         files: '.*\.py'
 
@@ -103,7 +103,6 @@ repos:
       - id: vulture
         name: vulture
         description: "Vulture finds unused code in Python programs."
-        entry: bash -c 'vulture --exclude "contrib" --min-confidence 100 .'
-        exclude: 'api/src/backend/'
+        entry: bash -c 'vulture --exclude "contrib,.venv,api/src/backend/api/tests/,api/src/backend/conftest.py,api/src/backend/tasks/tests/" --min-confidence 100 .'
         language: system
         files: '.*\.py'
diff --git a/poetry.lock b/poetry.lock
diff --git a/prowler/config/config.yaml b/prowler/config/config.yaml
@@ -73,6 +73,10 @@ aws:
   # aws.cloudwatch_log_group_retention_policy_specific_days_enabled --> by default is 365 days
   log_group_retention_days: 365
 
+  # AWS CloudFormation Configuration
+  # cloudformation_stack_cdktoolkit_bootstrap_version --> by default is 21
+  recommended_cdk_bootstrap_version: 21
+
   # AWS AppStream Session Configuration
   # aws.appstream_fleet_session_idle_disconnect_timeout
   max_idle_disconnect_timeout_in_seconds: 600 # 10 Minutes