Add comprehensive unit tests for core modules

[kyhau]

Added extensive unit tests for aws_login, file_io, saml2aws_helper, and selector modules to improve code coverage and reliability. Tests cover various edge cases, error handling, and expected behaviors for CLI commands, file operations, and helper functions.

[amazon-q-developer]

⏳ Code review in progress. Analyzing for code quality issues and best practices. Detailed findings will be posted upon completion.

Using Amazon Q Developer for GitHub

Amazon Q Developer¹ is an AI-powered assistant that integrates directly into your GitHub workflow, enhancing your development process with intelligent features for code development, review, and transformation.

Slash Commands

Command	Description
/q <message>	Chat with the agent to ask questions or request revisions
/q review	Requests an Amazon Q powered code review
/q help	Displays usage information

Features

Agentic Chat
Enables interactive conversation with Amazon Q to ask questions about the pull request or request specific revisions. Use /q <message> in comment threads or the review body to engage with the agent directly.

Code Review
Analyzes pull requests for code quality, potential issues, and security concerns. Provides feedback and suggested fixes. Automatically triggered on new or reopened PRs (can be disabled for AWS registered installations), or manually with /q review slash command in a comment.

Customization

You can create project-specific rules for Amazon Q Developer to follow:

1. Create a .amazonq/rules folder in your project root.
2. Add Markdown files in this folder to define rules (e.g., cdk-rules.md).
3. Write detailed prompts in these files, such as coding standards or best practices.
4. Amazon Q Developer will automatically use these rules when generating code or providing assistance.

Example rule:

All Amazon S3 buckets must have encryption enabled, enforce SSL, and block public access.
All Amazon DynamoDB Streams tables must have encryption enabled.
All Amazon SNS topics must have encryption enabled and enforce SSL.
All Amazon SNS queues must enforce SSL.

Feedback

To provide feedback on Amazon Q Developer, create an issue in the Amazon Q Developer public repository.

For more detailed information, visit the Amazon Q for GitHub documentation.

Footnotes

1. Amazon Q Developer uses generative AI. You may need to verify generated code before using it in your environment. See the AWS Responsible AI Policy. ↩

[kyhau]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
⏩	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[amazon-q-developer]

Overall, this is a well-structured addition of comprehensive unit tests that significantly improves the project's test coverage. The tests are well-organized and cover important functionality including edge cases.

Key observations:

• Good coverage of core functionality in aws_login, file_io, saml2aws_helper, and selector modules
• Effective use of mocking for external dependencies
• Clear test organization using test classes

Suggestions for improvement:

1. Add tests for invalid input handling and edge cases
2. Include security-focused test cases for file operations
3. Consider adding concurrency tests
4. Add tests for international character support

Please address the inline comments to further strengthen the test suite. The changes look good to merge once the suggested improvements are implemented.

[amazon-q-developer]

Consider adding test cases for invalid role ARN formats to ensure the function handles malformed input gracefully. This would help catch potential issues with unexpected ARN formats.

[amazon-q-developer]

Consider adding test cases for error handling when subprocess.Popen raises exceptions (e.g., command not found, permission denied). This would improve the robustness of the test suite.

[amazon-q-developer]

🛑 Security Vulnerability: The test file operations should be performed in a secure temporary directory to prevent path traversal vulnerabilities¹. Consider using tempfile.mkdtemp() with appropriate permissions.

Footnotes

1. CWE-22: Path Traversal - https://cwe.mitre.org/data/definitions/22.html ↩

[amazon-q-developer]

Consider adding test cases for handling special characters and Unicode in profile/role names. This would ensure the selector works correctly with international characters and special symbols.

[amazon-q-developer]

Consider adding test cases for concurrent access to the credentials file. This would help ensure thread safety when multiple processes try to access AWS credentials simultaneously.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 98.92%. Comparing base (a074ae6) to head (c28a962).
⚠️ Report is 267 commits behind head on main.

Additional details and impacted files

@@             Coverage Diff             @@
##             main     #169       +/-   ##
===========================================
+ Coverage   33.17%   98.92%   +65.74%     
===========================================
  Files           4        8        +4     
  Lines         205      926      +721     
===========================================
+ Hits           68      916      +848     
+ Misses        137       10      -127     

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.