PyPI - runbooks - Versions diffs - 0.2.5__py3-none-any.whl → 0.6.1__py3-none-any.whl - Mend

runbooks 0.2.5py3-none-any.whl → 0.6.1py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (221) hide show

conftest.py +26 -0
jupyter-agent/.env.template +2 -0
jupyter-agent/.gitattributes +35 -0
jupyter-agent/README.md +16 -0
jupyter-agent/app.py +256 -0
jupyter-agent/cloudops-agent.png +0 -0
jupyter-agent/ds-system-prompt.txt +154 -0
jupyter-agent/jupyter-agent.png +0 -0
jupyter-agent/llama3_template.jinja +123 -0
jupyter-agent/requirements.txt +9 -0
jupyter-agent/utils.py +409 -0
runbooks/__init__.py +71 -3
runbooks/__main__.py +13 -0
runbooks/aws/ec2_describe_instances.py +1 -1
runbooks/aws/ec2_run_instances.py +8 -2
runbooks/aws/ec2_start_stop_instances.py +17 -4
runbooks/aws/ec2_unused_volumes.py +5 -1
runbooks/aws/s3_create_bucket.py +4 -2
runbooks/aws/s3_list_objects.py +6 -1
runbooks/aws/tagging_lambda_handler.py +13 -2
runbooks/aws/tags.json +12 -0
runbooks/base.py +353 -0
runbooks/cfat/README.md +49 -0
runbooks/cfat/__init__.py +74 -0
runbooks/cfat/app.ts +644 -0
runbooks/cfat/assessment/__init__.py +40 -0
runbooks/cfat/assessment/asana-import.csv +39 -0
runbooks/cfat/assessment/cfat-checks.csv +31 -0
runbooks/cfat/assessment/cfat.txt +520 -0
runbooks/cfat/assessment/collectors.py +200 -0
runbooks/cfat/assessment/jira-import.csv +39 -0
runbooks/cfat/assessment/runner.py +387 -0
runbooks/cfat/assessment/validators.py +290 -0
runbooks/cfat/cli.py +103 -0
runbooks/cfat/docs/asana-import.csv +24 -0
runbooks/cfat/docs/cfat-checks.csv +31 -0
runbooks/cfat/docs/cfat.txt +335 -0
runbooks/cfat/docs/checks-output.png +0 -0
runbooks/cfat/docs/cloudshell-console-run.png +0 -0
runbooks/cfat/docs/cloudshell-download.png +0 -0
runbooks/cfat/docs/cloudshell-output.png +0 -0
runbooks/cfat/docs/downloadfile.png +0 -0
runbooks/cfat/docs/jira-import.csv +24 -0
runbooks/cfat/docs/open-cloudshell.png +0 -0
runbooks/cfat/docs/report-header.png +0 -0
runbooks/cfat/models.py +1026 -0
runbooks/cfat/package-lock.json +5116 -0
runbooks/cfat/package.json +38 -0
runbooks/cfat/report.py +496 -0
runbooks/cfat/reporting/__init__.py +46 -0
runbooks/cfat/reporting/exporters.py +337 -0
runbooks/cfat/reporting/formatters.py +496 -0
runbooks/cfat/reporting/templates.py +135 -0
runbooks/cfat/run-assessment.sh +23 -0
runbooks/cfat/runner.py +69 -0
runbooks/cfat/src/actions/check-cloudtrail-existence.ts +43 -0
runbooks/cfat/src/actions/check-config-existence.ts +37 -0
runbooks/cfat/src/actions/check-control-tower.ts +37 -0
runbooks/cfat/src/actions/check-ec2-existence.ts +46 -0
runbooks/cfat/src/actions/check-iam-users.ts +50 -0
runbooks/cfat/src/actions/check-legacy-cur.ts +30 -0
runbooks/cfat/src/actions/check-org-cloudformation.ts +30 -0
runbooks/cfat/src/actions/check-vpc-existence.ts +43 -0
runbooks/cfat/src/actions/create-asanaimport.ts +14 -0
runbooks/cfat/src/actions/create-backlog.ts +372 -0
runbooks/cfat/src/actions/create-jiraimport.ts +15 -0
runbooks/cfat/src/actions/create-report.ts +616 -0
runbooks/cfat/src/actions/define-account-type.ts +51 -0
runbooks/cfat/src/actions/get-enabled-org-policy-types.ts +40 -0
runbooks/cfat/src/actions/get-enabled-org-services.ts +26 -0
runbooks/cfat/src/actions/get-idc-info.ts +34 -0
runbooks/cfat/src/actions/get-org-da-accounts.ts +34 -0
runbooks/cfat/src/actions/get-org-details.ts +35 -0
runbooks/cfat/src/actions/get-org-member-accounts.ts +44 -0
runbooks/cfat/src/actions/get-org-ous.ts +35 -0
runbooks/cfat/src/actions/get-regions.ts +22 -0
runbooks/cfat/src/actions/zip-assessment.ts +27 -0
runbooks/cfat/src/types/index.d.ts +147 -0
runbooks/cfat/tests/__init__.py +141 -0
runbooks/cfat/tests/test_cli.py +340 -0
runbooks/cfat/tests/test_integration.py +290 -0
runbooks/cfat/tests/test_models.py +505 -0
runbooks/cfat/tests/test_reporting.py +354 -0
runbooks/cfat/tsconfig.json +16 -0
runbooks/cfat/webpack.config.cjs +27 -0
runbooks/config.py +260 -0
runbooks/finops/__init__.py +88 -0
runbooks/finops/aws_client.py +245 -0
runbooks/finops/cli.py +151 -0
runbooks/finops/cost_processor.py +410 -0
runbooks/finops/dashboard_runner.py +448 -0
runbooks/finops/helpers.py +355 -0
runbooks/finops/main.py +14 -0
runbooks/finops/profile_processor.py +174 -0
runbooks/finops/types.py +66 -0
runbooks/finops/visualisations.py +80 -0
runbooks/inventory/.gitignore +354 -0
runbooks/inventory/ArgumentsClass.py +261 -0
runbooks/inventory/Inventory_Modules.py +6130 -0
runbooks/inventory/LandingZone/delete_lz.py +1075 -0
runbooks/inventory/README.md +1320 -0
runbooks/inventory/__init__.py +62 -0
runbooks/inventory/account_class.py +532 -0
runbooks/inventory/all_my_instances_wrapper.py +123 -0
runbooks/inventory/aws_decorators.py +201 -0
runbooks/inventory/cfn_move_stack_instances.py +1526 -0
runbooks/inventory/check_cloudtrail_compliance.py +614 -0
runbooks/inventory/check_controltower_readiness.py +1107 -0
runbooks/inventory/check_landingzone_readiness.py +711 -0
runbooks/inventory/cloudtrail.md +727 -0
runbooks/inventory/collectors/__init__.py +20 -0
runbooks/inventory/collectors/aws_compute.py +518 -0
runbooks/inventory/collectors/aws_networking.py +275 -0
runbooks/inventory/collectors/base.py +222 -0
runbooks/inventory/core/__init__.py +19 -0
runbooks/inventory/core/collector.py +303 -0
runbooks/inventory/core/formatter.py +296 -0
runbooks/inventory/delete_s3_buckets_objects.py +169 -0
runbooks/inventory/discovery.md +81 -0
runbooks/inventory/draw_org_structure.py +748 -0
runbooks/inventory/ec2_vpc_utils.py +341 -0
runbooks/inventory/find_cfn_drift_detection.py +272 -0
runbooks/inventory/find_cfn_orphaned_stacks.py +719 -0
runbooks/inventory/find_cfn_stackset_drift.py +733 -0
runbooks/inventory/find_ec2_security_groups.py +669 -0
runbooks/inventory/find_landingzone_versions.py +201 -0
runbooks/inventory/find_vpc_flow_logs.py +1221 -0
runbooks/inventory/inventory.sh +659 -0
runbooks/inventory/list_cfn_stacks.py +558 -0
runbooks/inventory/list_cfn_stackset_operation_results.py +252 -0
runbooks/inventory/list_cfn_stackset_operations.py +734 -0
runbooks/inventory/list_cfn_stacksets.py +453 -0
runbooks/inventory/list_config_recorders_delivery_channels.py +681 -0
runbooks/inventory/list_ds_directories.py +354 -0
runbooks/inventory/list_ec2_availability_zones.py +286 -0
runbooks/inventory/list_ec2_ebs_volumes.py +244 -0
runbooks/inventory/list_ec2_instances.py +425 -0
runbooks/inventory/list_ecs_clusters_and_tasks.py +562 -0
runbooks/inventory/list_elbs_load_balancers.py +411 -0
runbooks/inventory/list_enis_network_interfaces.py +526 -0
runbooks/inventory/list_guardduty_detectors.py +568 -0
runbooks/inventory/list_iam_policies.py +404 -0
runbooks/inventory/list_iam_roles.py +518 -0
runbooks/inventory/list_iam_saml_providers.py +359 -0
runbooks/inventory/list_lambda_functions.py +882 -0
runbooks/inventory/list_org_accounts.py +446 -0
runbooks/inventory/list_org_accounts_users.py +354 -0
runbooks/inventory/list_rds_db_instances.py +406 -0
runbooks/inventory/list_route53_hosted_zones.py +318 -0
runbooks/inventory/list_servicecatalog_provisioned_products.py +575 -0
runbooks/inventory/list_sns_topics.py +360 -0
runbooks/inventory/list_ssm_parameters.py +402 -0
runbooks/inventory/list_vpc_subnets.py +433 -0
runbooks/inventory/list_vpcs.py +422 -0
runbooks/inventory/lockdown_cfn_stackset_role.py +224 -0
runbooks/inventory/models/__init__.py +24 -0
runbooks/inventory/models/account.py +192 -0
runbooks/inventory/models/inventory.py +309 -0
runbooks/inventory/models/resource.py +247 -0
runbooks/inventory/recover_cfn_stack_ids.py +205 -0
runbooks/inventory/requirements.txt +12 -0
runbooks/inventory/run_on_multi_accounts.py +211 -0
runbooks/inventory/tests/common_test_data.py +3661 -0
runbooks/inventory/tests/common_test_functions.py +204 -0
runbooks/inventory/tests/script_test_data.py +0 -0
runbooks/inventory/tests/setup.py +24 -0
runbooks/inventory/tests/src.py +18 -0
runbooks/inventory/tests/test_cfn_describe_stacks.py +208 -0
runbooks/inventory/tests/test_ec2_describe_instances.py +162 -0
runbooks/inventory/tests/test_inventory_modules.py +55 -0
runbooks/inventory/tests/test_lambda_list_functions.py +86 -0
runbooks/inventory/tests/test_moto_integration_example.py +273 -0
runbooks/inventory/tests/test_org_list_accounts.py +49 -0
runbooks/inventory/update_aws_actions.py +173 -0
runbooks/inventory/update_cfn_stacksets.py +1215 -0
runbooks/inventory/update_cloudwatch_logs_retention_policy.py +294 -0
runbooks/inventory/update_iam_roles_cross_accounts.py +478 -0
runbooks/inventory/update_s3_public_access_block.py +539 -0
runbooks/inventory/utils/__init__.py +23 -0
runbooks/inventory/utils/aws_helpers.py +510 -0
runbooks/inventory/utils/threading_utils.py +493 -0
runbooks/inventory/utils/validation.py +682 -0
runbooks/inventory/verify_ec2_security_groups.py +1430 -0
runbooks/main.py +785 -0
runbooks/organizations/__init__.py +12 -0
runbooks/organizations/manager.py +374 -0
runbooks/security_baseline/README.md +324 -0
runbooks/security_baseline/checklist/alternate_contacts.py +8 -1
runbooks/security_baseline/checklist/bucket_public_access.py +4 -1
runbooks/security_baseline/checklist/cloudwatch_alarm_configuration.py +9 -2
runbooks/security_baseline/checklist/guardduty_enabled.py +9 -2
runbooks/security_baseline/checklist/multi_region_instance_usage.py +5 -1
runbooks/security_baseline/checklist/root_access_key.py +6 -1
runbooks/security_baseline/config-origin.json +1 -1
runbooks/security_baseline/config.json +1 -1
runbooks/security_baseline/permission.json +1 -1
runbooks/security_baseline/report_generator.py +10 -2
runbooks/security_baseline/report_template_en.html +7 -7
runbooks/security_baseline/report_template_jp.html +7 -7
runbooks/security_baseline/report_template_kr.html +12 -12
runbooks/security_baseline/report_template_vn.html +7 -7
runbooks/security_baseline/requirements.txt +7 -0
runbooks/security_baseline/run_script.py +8 -2
runbooks/security_baseline/security_baseline_tester.py +10 -2
runbooks/security_baseline/utils/common.py +5 -1
runbooks/utils/__init__.py +204 -0
runbooks-0.6.1.dist-info/METADATA +373 -0
runbooks-0.6.1.dist-info/RECORD +237 -0
{runbooks-0.2.5.dist-info → runbooks-0.6.1.dist-info}/WHEEL +1 -1
runbooks-0.6.1.dist-info/entry_points.txt +7 -0
runbooks-0.6.1.dist-info/licenses/LICENSE +201 -0
runbooks-0.6.1.dist-info/top_level.txt +3 -0
runbooks/python101/calculator.py +0 -34
runbooks/python101/config.py +0 -1
runbooks/python101/exceptions.py +0 -16
runbooks/python101/file_manager.py +0 -218
runbooks/python101/toolkit.py +0 -153
runbooks-0.2.5.dist-info/METADATA +0 -439
runbooks-0.2.5.dist-info/RECORD +0 -61
runbooks-0.2.5.dist-info/entry_points.txt +0 -3
runbooks-0.2.5.dist-info/top_level.txt +0 -1

runbooks/cfat/tests/test_models.py ADDED Viewed

@@ -0,0 +1,505 @@
+"""
+Unit tests for CFAT data models.
+Tests comprehensive validation, serialization, and business logic
+of enhanced Pydantic models including field validation, type checking,
+and model consistency.
+"""
+import json
+from datetime import datetime
+from typing import Any, Dict
+import pytest
+from runbooks.cfat.models import (
+    AssessmentConfig,
+    AssessmentReport,
+    AssessmentResult,
+    AssessmentSummary,
+    CheckConfig,
+    CheckStatus,
+    Severity,
+)
+from runbooks.cfat.tests import (
+    TEST_ACCOUNT_ID,
+    TEST_PROFILE,
+    TEST_REGION,
+    create_sample_assessment_report,
+    create_sample_assessment_result,
+    create_sample_assessment_summary,
+)
+class TestSeverityEnum:
+    """Test Severity enumeration."""
+    def test_severity_values(self):
+        """Test severity enum values."""
+        assert Severity.INFO == "INFO"
+        assert Severity.WARNING == "WARNING"
+        assert Severity.CRITICAL == "CRITICAL"
+    def test_severity_ordering(self):
+        """Test severity enum values."""
+        # String enums can't be compared directly, but we can check the values
+        severity_order = {Severity.INFO: 0, Severity.WARNING: 1, Severity.CRITICAL: 2}
+        assert severity_order[Severity.INFO] < severity_order[Severity.WARNING] < severity_order[Severity.CRITICAL]
+class TestCheckStatusEnum:
+    """Test CheckStatus enumeration."""
+    def test_status_values(self):
+        """Test status enum values."""
+        assert CheckStatus.PASS == "PASS"
+        assert CheckStatus.FAIL == "FAIL"
+        assert CheckStatus.SKIP == "SKIP"
+        assert CheckStatus.ERROR == "ERROR"
+@pytest.mark.models
+class TestAssessmentResult:
+    """Test AssessmentResult model."""
+    def test_create_valid_result(self):
+        """Test creating valid assessment result."""
+        result = create_sample_assessment_result()
+        assert result.finding_id == "TEST-001"
+        assert result.check_name == "test_check"
+        assert result.check_category == "test"
+        assert result.status == CheckStatus.PASS
+        assert result.severity == Severity.INFO
+        assert result.message == "Test check passed"
+        assert result.execution_time == 0.1
+        assert isinstance(result.timestamp, datetime)
+    def test_result_properties(self):
+        """Test assessment result properties."""
+        passed_result = create_sample_assessment_result(status=CheckStatus.PASS)
+        assert passed_result.passed is True
+        assert passed_result.failed is False
+        failed_result = create_sample_assessment_result(status=CheckStatus.FAIL)
+        assert failed_result.passed is False
+        assert failed_result.failed is True
+    def test_severity_properties(self):
+        """Test severity-based properties."""
+        critical_result = create_sample_assessment_result(severity=Severity.CRITICAL)
+        assert critical_result.is_critical is True
+        assert critical_result.is_warning is False
+        warning_result = create_sample_assessment_result(severity=Severity.WARNING)
+        assert warning_result.is_critical is False
+        assert warning_result.is_warning is True
+    def test_finding_id_validation(self):
+        """Test finding ID validation and formatting."""
+        result = AssessmentResult(
+            finding_id="iam-001",  # lowercase
+            check_name="test",
+            check_category="iam",
+            status=CheckStatus.PASS,
+            severity=Severity.INFO,
+            message="test",
+            execution_time=0.1,
+        )
+        # Should be converted to uppercase
+        assert result.finding_id == "IAM-001"
+    def test_finding_id_empty_validation(self):
+        """Test finding ID cannot be empty."""
+        from pydantic import ValidationError
+        with pytest.raises(ValidationError, match="String should have at least 1 character"):
+            AssessmentResult(
+                finding_id="",
+                check_name="test",
+                check_category="iam",
+                status=CheckStatus.PASS,
+                severity=Severity.INFO,
+                message="test",
+                execution_time=0.1,
+            )
+    def test_arn_validation(self):
+        """Test AWS ARN validation."""
+        # Valid ARN should pass
+        result = AssessmentResult(
+            finding_id="TEST-001",
+            check_name="test",
+            check_category="iam",
+            status=CheckStatus.PASS,
+            severity=Severity.INFO,
+            message="test",
+            resource_arn="arn:aws:iam::123456789012:user/test",
+            execution_time=0.1,
+        )
+        assert result.resource_arn == "arn:aws:iam::123456789012:user/test"
+        # Invalid ARN should log warning but not fail
+        result = AssessmentResult(
+            finding_id="TEST-002",
+            check_name="test",
+            check_category="iam",
+            status=CheckStatus.PASS,
+            severity=Severity.INFO,
+            message="test",
+            resource_arn="invalid-arn",
+            execution_time=0.1,
+        )
+        assert result.resource_arn == "invalid-arn"
+    def test_add_recommendation(self):
+        """Test adding recommendations."""
+        result = create_sample_assessment_result()
+        result.add_recommendation("New recommendation")
+        assert "New recommendation" in result.recommendations
+        # Adding duplicate should not create duplicate
+        result.add_recommendation("New recommendation")
+        assert result.recommendations.count("New recommendation") == 1
+    def test_category_prefix(self):
+        """Test category prefix extraction."""
+        result = create_sample_assessment_result(finding_id="IAM-001")
+        assert result.category_prefix == "IAM"
+        result_no_dash = create_sample_assessment_result(finding_id="NOHYPHEN")
+        assert result_no_dash.category_prefix == "TEST"  # Falls back to category
+    def test_to_dict(self):
+        """Test dictionary conversion."""
+        result = create_sample_assessment_result()
+        result_dict = result.to_dict()
+        assert isinstance(result_dict, dict)
+        assert result_dict["finding_id"] == "TEST-001"
+        assert result_dict["check_name"] == "test_check"
+        assert result_dict["status"] == "PASS"
+    def test_serialization(self):
+        """Test JSON serialization."""
+        result = create_sample_assessment_result()
+        # Should be able to serialize to JSON
+        json_str = json.dumps(result.model_dump(), default=str)
+        assert isinstance(json_str, str)
+        # Should be able to deserialize
+        data = json.loads(json_str)
+        assert data["finding_id"] == "TEST-001"
+@pytest.mark.models
+class TestAssessmentSummary:
+    """Test AssessmentSummary model."""
+    def test_create_valid_summary(self):
+        """Test creating valid assessment summary."""
+        summary = create_sample_assessment_summary()
+        assert summary.total_checks == 10
+        assert summary.passed_checks == 8
+        assert summary.failed_checks == 2
+        assert summary.pass_rate == 80.0
+    def test_pass_rate_calculation(self):
+        """Test pass rate calculation."""
+        summary = create_sample_assessment_summary(total_checks=4, passed_checks=3, failed_checks=1)
+        assert summary.pass_rate == 75.0
+        # Edge case: no checks
+        empty_summary = create_sample_assessment_summary(total_checks=0, passed_checks=0, failed_checks=0)
+        assert empty_summary.pass_rate == 0.0
+    def test_failure_rate_calculation(self):
+        """Test failure rate calculation."""
+        summary = create_sample_assessment_summary(total_checks=10, passed_checks=7, failed_checks=3)
+        assert summary.failure_rate == 30.0
+    def test_compliance_score_calculation(self):
+        """Test compliance score calculation with weighted severity."""
+        # Perfect score scenario
+        perfect_summary = create_sample_assessment_summary(
+            total_checks=5, passed_checks=5, failed_checks=0, critical_issues=0
+        )
+        assert perfect_summary.compliance_score == 100
+        # Critical issues should heavily penalize score
+        critical_summary = create_sample_assessment_summary(
+            total_checks=5, passed_checks=3, failed_checks=2, critical_issues=2
+        )
+        assert critical_summary.compliance_score < 50  # Should be significantly penalized
+    def test_risk_level_assessment(self):
+        """Test risk level assessment."""
+        # High risk: has critical issues
+        high_risk = create_sample_assessment_summary(critical_issues=1)
+        assert high_risk.risk_level == "HIGH"
+        # Medium risk: low compliance score
+        medium_risk = create_sample_assessment_summary(
+            total_checks=10, passed_checks=3, failed_checks=7, critical_issues=0
+        )
+        assert medium_risk.risk_level == "MEDIUM"
+        # Low risk: decent compliance score
+        low_risk = create_sample_assessment_summary(
+            total_checks=10, passed_checks=9, failed_checks=1, critical_issues=0, warnings=0
+        )
+        assert low_risk.risk_level in ["LOW", "MINIMAL"]
+    def test_execution_summary(self):
+        """Test execution summary generation."""
+        summary = create_sample_assessment_summary(total_checks=10, total_execution_time=20.0)
+        exec_summary = summary.execution_summary
+        assert "10 checks" in exec_summary
+        assert "20.0s" in exec_summary
+        assert "2.00s per check" in exec_summary
+    def test_avg_execution_time(self):
+        """Test average execution time calculation."""
+        summary = create_sample_assessment_summary(total_checks=5, total_execution_time=10.0)
+        assert summary.avg_execution_time == 2.0
+        # Edge case: no checks
+        empty_summary = create_sample_assessment_summary(total_checks=0, total_execution_time=0.0)
+        assert empty_summary.avg_execution_time == 0.0
+@pytest.mark.models
+class TestAssessmentReport:
+    """Test AssessmentReport model."""
+    def test_create_valid_report(self):
+        """Test creating valid assessment report."""
+        report = create_sample_assessment_report()
+        assert report.account_id == TEST_ACCOUNT_ID
+        assert report.region == TEST_REGION
+        assert report.profile == "test"
+        assert len(report.results) == 5
+        assert isinstance(report.summary, AssessmentSummary)
+        assert isinstance(report.timestamp, datetime)
+    def test_account_id_validation(self):
+        """Test AWS account ID validation."""
+        # Valid 12-digit account ID
+        report = AssessmentReport(
+            account_id="123456789012",
+            region="us-east-1",
+            profile="test",
+            version="0.5.0",
+            included_checks=["test"],
+            severity_threshold=Severity.INFO,
+            results=[],
+            summary=create_sample_assessment_summary(),
+        )
+        assert report.account_id == "123456789012"
+        # Invalid account ID should raise validation error
+        from pydantic import ValidationError
+        with pytest.raises(ValidationError):
+            AssessmentReport(
+                account_id="invalid",
+                region="us-east-1",
+                profile="test",
+                version="0.5.0",
+                included_checks=["test"],
+                severity_threshold=Severity.INFO,
+                results=[],
+                summary=create_sample_assessment_summary(),
+            )
+    def test_query_methods(self):
+        """Test report query methods."""
+        report = create_sample_assessment_report(num_results=10)
+        # Test category filtering
+        test_results = report.get_results_by_category("test")
+        assert len(test_results) == 10  # All results are in "test" category
+        empty_results = report.get_results_by_category("nonexistent")
+        assert len(empty_results) == 0
+        # Test severity filtering
+        critical_results = report.get_results_by_severity(Severity.CRITICAL)
+        assert len(critical_results) > 0
+        # Test failed results
+        failed_results = report.get_failed_results()
+        assert len(failed_results) > 0
+        # Test passed results
+        passed_results = report.get_passed_results()
+        assert len(passed_results) > 0
+        # Test critical results
+        critical_results = report.get_critical_results()
+        assert len(critical_results) > 0
+    def test_categories_extraction(self):
+        """Test category extraction from results."""
+        report = create_sample_assessment_report()
+        categories = report.get_categories()
+        assert isinstance(categories, list)
+        assert "test" in categories
+        assert categories == sorted(categories)  # Should be sorted
+    def test_category_summary(self):
+        """Test category summary generation."""
+        report = create_sample_assessment_report(num_results=6)
+        category_summary = report.get_category_summary()
+        assert isinstance(category_summary, dict)
+        assert "test" in category_summary
+        test_stats = category_summary["test"]
+        assert "total" in test_stats
+        assert "passed" in test_stats
+        assert "failed" in test_stats
+        assert "critical" in test_stats
+        assert test_stats["total"] == 6
+    def test_report_export_methods(self):
+        """Test report export method signatures."""
+        report = create_sample_assessment_report()
+        # These should not raise exceptions (actual file operations tested separately)
+        assert hasattr(report, "to_html")
+        assert hasattr(report, "to_json")
+        assert hasattr(report, "to_csv")
+        assert hasattr(report, "to_markdown")
+@pytest.mark.models
+class TestCheckConfig:
+    """Test CheckConfig model."""
+    def test_create_valid_config(self):
+        """Test creating valid check configuration."""
+        config = CheckConfig(
+            name="iam_root_mfa",
+            enabled=True,
+            severity=Severity.CRITICAL,
+            timeout=30,
+            description="Check root MFA",
+            category="iam",
+        )
+        assert config.name == "iam_root_mfa"
+        assert config.enabled is True
+        assert config.severity == Severity.CRITICAL
+        assert config.timeout == 30
+    def test_name_validation_and_normalization(self):
+        """Test check name validation and normalization."""
+        config = CheckConfig(name="IAM Root MFA")
+        assert config.name == "iam_root_mfa"  # Should be normalized
+        config = CheckConfig(name="vpc-flow-logs")
+        assert config.name == "vpc_flow_logs"  # Hyphens to underscores
+    def test_parameter_methods(self):
+        """Test parameter get/set methods."""
+        config = CheckConfig(name="test_check")
+        # Test setting parameter
+        config.set_parameter("timeout", 60)
+        assert config.get_parameter("timeout") == 60
+        # Test default value
+        assert config.get_parameter("nonexistent", "default") == "default"
+        assert config.get_parameter("nonexistent") is None
+@pytest.mark.models
+class TestAssessmentConfig:
+    """Test AssessmentConfig model."""
+    def test_create_default_config(self):
+        """Test creating default assessment configuration."""
+        config = AssessmentConfig()
+        assert "iam" in config.included_categories
+        assert "vpc" in config.included_categories
+        assert config.parallel_execution is True
+        assert config.max_workers == 10
+        assert config.severity_threshold == Severity.WARNING
+    def test_max_workers_validation(self):
+        """Test max workers validation."""
+        # Valid worker count
+        config = AssessmentConfig(max_workers=5)
+        assert config.max_workers == 5
+        # Invalid worker count should raise error
+        from pydantic import ValidationError
+        with pytest.raises(ValidationError):
+            AssessmentConfig(max_workers=0)
+    def test_category_validation(self):
+        """Test category name validation and normalization."""
+        config = AssessmentConfig(included_categories=["IAM", "VPC", "CloudTrail"], excluded_categories=["EC2"])
+        # Should be normalized to lowercase
+        assert "iam" in config.included_categories
+        assert "vpc" in config.included_categories
+        assert "cloudtrail" in config.included_categories
+        assert "ec2" in config.excluded_categories
+    def test_check_config_methods(self):
+        """Test check configuration management."""
+        config = AssessmentConfig()
+        # Add check config
+        check_config = CheckConfig(name="test_check", severity=Severity.CRITICAL)
+        config.add_check_config("test_check", check_config)
+        retrieved = config.get_check_config("test_check")
+        assert retrieved.severity == Severity.CRITICAL
+        # Add via dictionary
+        config.add_check_config("another_check", {"severity": Severity.WARNING})
+        retrieved = config.get_check_config("another_check")
+        assert retrieved.severity == Severity.WARNING
+        # Remove config
+        assert config.remove_check_config("test_check") is True
+        assert config.remove_check_config("nonexistent") is False
+    def test_effective_checks_calculation(self):
+        """Test effective checks calculation."""
+        config = AssessmentConfig(included_categories=["iam"], excluded_checks=["iam_unused_credentials"])
+        available_checks = [
+            "iam_root_mfa",
+            "iam_unused_credentials",
+            "iam_password_policy",
+            "vpc_flow_logs",
+            "ec2_security_groups",
+        ]
+        effective = config.get_effective_checks(available_checks)
+        # Should include IAM checks but exclude the specific one
+        assert "iam_root_mfa" in effective
+        assert "iam_password_policy" in effective
+        assert "iam_unused_credentials" not in effective
+        assert "vpc_flow_logs" not in effective  # Not in included categories
+    def test_to_dict(self):
+        """Test configuration serialization."""
+        config = AssessmentConfig(compliance_framework="SOC2")
+        config_dict = config.to_dict()
+        assert isinstance(config_dict, dict)
+        assert config_dict["compliance_framework"] == "SOC2"

runbooks 0.2.5__py3-none-any.whl → 0.6.1__py3-none-any.whl

runbooks 0.2.5py3-none-any.whl → 0.6.1py3-none-any.whl