feat(api): add provider group filters

[AdriiiPRodri]

Context

Provider group filtering should be available wherever API consumers can already filter cloud-scoped data by provider type, so provider group based workflows can query the same API surfaces without expanding groups client-side.

Description

This PR adds provider_groups and provider_groups__in filters across the API filtersets and overview paths that already support cloud provider filtering.

The change covers exact provider group matching, comma-separated __in matching, distinct result handling for providers that belong to multiple groups, and OpenAPI filter documentation for the affected routes. Lighthouse endpoints are intentionally excluded because their provider_type parameter refers to LLM providers such as openai and bedrock, not Prowler cloud providers.

The API changelog includes the new provider group filters entry for this PR.

Steps to review

1. Review api/src/backend/api/filters.py and confirm provider_groups / provider_groups__in are added alongside cloud provider type filters.
2. Review api/src/backend/api/v1/views.py and confirm overview/manual filter handling includes provider groups, including overviews/threatscore query parameters.
3. Review api/src/backend/api/tests/test_views.py for exact and __in coverage across providers, scans, resources, findings, finding groups, and overviews.
4. Run uv run pytest src/backend/api/tests/test_views.py -k provider_groups -q from api/.
5. Run uv run ruff check src/backend/api/filters.py src/backend/api/tests/test_views.py src/backend/api/v1/views.py from api/.
6. Optionally run the local E2E helper in local_scripts/provider_groups_filter_e2e.py against the dev API to recreate provider groups and compare provider group filters against equivalent provider ID filters.

Checklist

Community Checklist

• This feature/issue is listed in here or roadmap.prowler.com
• Is it assigned to me, if not, request it via the issue/feature in here or Prowler Community Slack

• Review if the code is being covered by tests.
• Review if code is being documented following this specification https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings
• Review if backport is needed.
• Review if is needed to change the Readme.md
• Ensure new entries are added to CHANGELOG.md, if applicable.

SDK/CLI

• Are there new checks included in this PR? No
  • If so, do we need to update permissions for the provider? No

UI

• All issue/task requirements work as expected on the UI
• If this PR adds or updates npm dependencies, include package-health evidence (maintenance, popularity, known vulnerabilities, license, release age) and explain why existing/native alternatives are insufficient.
• Screenshots/Video of the functionality flow (if applicable) - Mobile (X < 640px)
• Screenshots/Video of the functionality flow (if applicable) - Table (640px > X < 1024px)
• Screenshots/Video of the functionality flow (if applicable) - Desktop (X > 1024px)
• Ensure new entries are added to CHANGELOG.md, if applicable.

API

• All issue/task requirements work as expected on the API
• Endpoint response output (if applicable)
• EXPLAIN ANALYZE output for new/modified queries or indexes (if applicable)
• Performance test results (if applicable)
• Any other relevant evidence of the implementation (if applicable)
• Verify if API specs need to be regenerated.
• Check if version updates are required (e.g., specs, uv, etc.).
• Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Summary by CodeRabbit

Release Notes

• New Features

  • Extended API filtering to support provider groups across endpoints including providers, scans, resources, findings, and overview data. Both exact-match and batch filtering options are available.

• Documentation

  • Updated API schema documentation to reflect new provider-group filtering capabilities.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR extends the Prowler API to support filtering by provider groups across multiple endpoints. Filter classes are updated with provider_groups and provider_groups__in fields; view logic extracts and applies these parameters; and comprehensive test coverage validates filtering behavior across provider, scan, resource, finding, and aggregated overview endpoints.

Changes

Provider Group Filtering Support

Layer / File(s)	Summary
Filter infrastructure for provider groups api/CHANGELOG.md, api/src/backend/api/filters.py	Extends BaseProviderFilter, BaseScanProviderFilter, CommonFindingFilters, ProviderFilter, ProviderRelationshipFilterSet, FindingGroupSummaryFilter, LatestFindingGroupSummaryFilter, ScanSummaryFilter, DailySeveritySummaryFilter, ThreatScoreSnapshotFilter, and ResourceGroupOverviewFilter with provider_groups and provider_groups__in filter fields mapped via ORM traversals with distinct=True. Docstrings updated across all modified filters.
View integration of provider-group filtering api/src/backend/api/v1/views.py	OverviewViewSet parses filter[provider_groups] and filter[provider_groups__in] into provider-group ID constraints. Provider-filter exclusion lists in categories and resource_groups actions extended. OpenAPI schema for threatscore endpoint and FindingGroupViewSet.latest description updated to document and clarify new filtering support.
Test coverage for provider-group filtering api/src/backend/api/tests/test_views.py	Adds test methods for provider, scan, resource, finding, overview findings, overview categories/groups, compliance watchlist, and finding-group endpoints validating filter[provider_groups] and filter[provider_groups__in] behavior. Extends parameterized tests with provider-group cases. Improves assertion messages across 15+ existing test sites for clearer diagnostics.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested reviewers

• alejandrobailo
• josema-xyz
• danibarranqueroo

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 32.56% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'feat(api): add provider group filters' accurately and clearly summarizes the main change in the changeset.
Description check	✅ Passed	The PR description is comprehensive and complete, covering context, detailed implementation summary, clear review steps, and relevant checklist items with evidenced completions.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch implement-provider-groups-filter

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

✅ Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

[github-actions]

✅ All necessary CHANGELOG.md files have been updated.

[github-actions]

🔒 Container Security Scan

Image: prowler-api:0d0350b
Last scan: 2026-06-12 17:16:21 UTC

📊 Vulnerability Summary

Severity	Count
🔴 Critical	22
Total	22

16 package(s) affected

⚠️ Action Required

Critical severity vulnerabilities detected. These should be addressed before merging:

• Review the detailed scan results
• Update affected packages to patched versions
• Consider using a different base image if updates are unavailable

---

📋 Resources:

• Download full report (see artifacts)
• View in Security tab
• Scanned with Trivy

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

api/src/backend/api/tests/test_views.py (1)

1414-18238: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Run ruff formatter to fix code style.

The pipeline indicates this file needs reformatting.

Run the following command to fix:

uv run ruff format src/backend/api/tests/test_views.py

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@api/src/backend/api/tests/test_views.py` around lines 1414 - 18238, Summary:
The test file src/backend/api/tests/test_views.py is not formatted to project
style (ruff) causing CI failures. Fix: run the project formatter (ruff) over the
file and commit the changes; e.g. execute the ruff format command the reviewer
suggested to automatically reformat the whole file including tests like
test_providers_filter_provider_groups, TestProviderGroupViewSet, and other
test_* functions; verify no functional changes and then add/commit the formatted
file and push. Ensure you run the same command in CI/pre-commit locally (uv run
ruff format src/backend/api/tests/test_views.py) so lint/format passes.

Source: Pipeline failures

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@api/src/backend/api/tests/test_views.py`:
- Around line 1414-18238: Summary: The test file
src/backend/api/tests/test_views.py is not formatted to project style (ruff)
causing CI failures. Fix: run the project formatter (ruff) over the file and
commit the changes; e.g. execute the ruff format command the reviewer suggested
to automatically reformat the whole file including tests like
test_providers_filter_provider_groups, TestProviderGroupViewSet, and other
test_* functions; verify no functional changes and then add/commit the formatted
file and push. Ensure you run the same command in CI/pre-commit locally (uv run
ruff format src/backend/api/tests/test_views.py) so lint/format passes.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 43caf620-81dd-49e3-a170-f580de34e505

📥 Commits

Reviewing files that changed from the base of the PR and between dc3433a and 9e5df42.

📒 Files selected for processing (4)

• api/CHANGELOG.md
• api/src/backend/api/filters.py
• api/src/backend/api/tests/test_views.py
• api/src/backend/api/v1/views.py

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 94.05%. Comparing base (a394c0f) to head (9e5df42).
⚠️ Report is 7 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #11573      +/-   ##
==========================================
+ Coverage   94.02%   94.05%   +0.02%     
==========================================
  Files         241      241              
  Lines       35705    35872     +167     
==========================================
+ Hits        33573    33740     +167     
  Misses       2132     2132              

Flag	Coverage Δ
api	94.05% <100.00%> (+0.02%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
prowler	∅ <ø> (∅)
api	94.05% <100.00%> (+0.02%)	⬆️

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.