Skip to content

Commit

Permalink
Fix code artifact depenedency confusion check
Browse files Browse the repository at this point in the history
  • Loading branch information
@congon4tor
congon4tor authored Nov 3, 2023
1 parent 1a5742d commit 42fddaf
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 13 deletions.
2 changes: 1 addition & 1 deletion ...l_public_publishing_disabled/codeartifact_packages_external_public_publishing_disabled.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ def execute(self):
for package in repository.packages:
report = Check_Report_AWS(self.metadata())
report.region = repository.region
report.resource_id = package.name
report.resource_id = f"{repository.arn}/{package.namespace + ':' if package.namespace else ''}{package.name}"
report.resource_arn = repository.arn
report.resource_tags = repository.tags

Expand Down
41 changes: 29 additions & 12 deletions prowler/providers/aws/services/codeartifact/codeartifact_service.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ def __list_packages__(self, regional_client):
list_packages_parameters = {
"domain": self.repositories[repository].domain_name,
"domainOwner": self.repositories[repository].domain_owner,
"repository": repository,
"repository": self.repositories[repository].name,
}
packages = []
for page in list_packages_paginator.paginate(
Expand All @@ -83,18 +83,33 @@ def __list_packages__(self, regional_client):
]
)
# Get Latest Package Version
latest_version_information = (
regional_client.list_package_versions(
domain=self.repositories[repository].domain_name,
domainOwner=self.repositories[
repository
].domain_owner,
repository=repository,
format=package_format,
package=package_name,
sortBy="PUBLISHED_TIME",
if package_namespace:
latest_version_information = (
regional_client.list_package_versions(
domain=self.repositories[repository].domain_name,
domainOwner=self.repositories[
repository
].domain_owner,
repository=self.repositories[repository].name,
format=package_format,
namespace=package_namespace,
package=package_name,
sortBy="PUBLISHED_TIME",
)
)
else:
latest_version_information = (
regional_client.list_package_versions(
domain=self.repositories[repository].domain_name,
domainOwner=self.repositories[
repository
].domain_owner,
repository=self.repositories[repository].name,
format=package_format,
package=package_name,
sortBy="PUBLISHED_TIME",
)
)
)
latest_version = ""
latest_origin_type = "UNKNOWN"
latest_status = "Published"
Expand Down Expand Up @@ -133,6 +148,8 @@ def __list_packages__(self, regional_client):
)
# Save all the packages information
self.repositories[repository].packages = packages
if self.repositories[repository].name == "cfn":
print(packages)

except ClientError as error:
if error.response["Error"]["Code"] == "ResourceNotFoundException":
Expand Down

0 comments on commit 42fddaf

Please sign in to comment.