update readme

felixhammerl · Oct 17, 2023 · 88f9194 · 88f9194
1 parent 49297ef
commit 88f9194
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -2,7 +2,7 @@
 
 This repository contains all of the code necessary to scan infra in AWS with [Cloudsploit](https://github.com/aquasecurity/cloudsploit).
 
-It orchestrates AWS Step Functions, Lambda, and ECS to do all the heavy lifting around CSPM scanning. 
+It orchestrates AWS Step Functions, Lambda, and ECS to do all the heavy lifting around CSPM scanning.
 
 ## Features
 
@@ -11,10 +11,10 @@ It orchestrates AWS Step Functions, Lambda, and ECS to do all the heavy lifting
 - [x] Assume `OrganizationAccountAccessRole` to scan child accounts.
 - [x] Write the scan reports to `s3://$S3_BUCKET/$DATE/$ACCOUNT.json`.
 - [ ] Trigger the step function daily on a cronjob.
-- [ ] Add GH Actions pipeline to continuously deploy to AWS account.
+- [x] Add GH Actions pipeline to continuously deploy to AWS account.
 - [ ] Add a way to exclude accounts.
 - [ ] Soft fail when `OrganizationAccountAccessRole` is not present.
-- [ ] Gather the scan reports from all accounts in a single report.
+- [x] Gather the scan reports from all accounts in a single report.
 - [ ] Transform the unified scan report into a nice HTML view.
 - [ ] Add a static S3+Cloudfront site displaying the scan results.
 - [ ] Add simple HTTP auth for the scan result site

diff --git a/steps/gather/test/fixture/__init__.py b/steps/gather/test/fixture/__init__.py
@@ -14,3 +14,7 @@ def read_test_scan_reports():
         for report in report_files
     ]
     return reports
+
+
+def read_fixture(filename):
+    return open(Path(__file__).with_name(filename)).read()
diff --git a/steps/gather/test/unit/handler/test_gather.py b/steps/gather/test/unit/handler/test_gather.py
@@ -9,7 +9,7 @@
 
 
 from src.handler.gather import gather_results
-from test.fixture import read_test_scan_reports
+from test.fixture import read_test_scan_reports, read_fixture
 
 BUCKET = "some_bucket"
 
@@ -36,6 +36,9 @@ def test_should_create_master_report():
     text = result["Body"].read().decode()
     report_from_s3 = json.loads(text)
 
+    report_from_fixture = json.loads(read_fixture(filename="report.json"))
+    assert_that(report_from_fixture, is_not(equal_to(report_from_s3)))
+
     assert_that(report_from_s3, is_not(empty()))
 
     for category, plugins in report_from_s3.items():