-
Notifications
You must be signed in to change notification settings - Fork 597
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
19 changed files
with
990 additions
and
652 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
""" | ||
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
SPDX-License-Identifier: MIT-0 | ||
""" | ||
|
||
from cfnlint.rules.helpers.get_resource_by_name import get_resource_by_name | ||
from cfnlint.rules.helpers.get_value_from_path import get_value_from_path | ||
|
||
__all__ = [ | ||
"get_value_from_path", | ||
"get_resource_by_name", | ||
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
""" | ||
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
SPDX-License-Identifier: MIT-0 | ||
""" | ||
|
||
from __future__ import annotations | ||
|
||
from collections import deque | ||
from typing import Any, Sequence | ||
|
||
from cfnlint.context import Path | ||
from cfnlint.jsonschema import Validator | ||
|
||
|
||
def get_resource_by_name( | ||
validator: Validator, name: str, types: Sequence[str] | None = None | ||
) -> tuple[Any, Validator]: | ||
|
||
resource = validator.cfn.template.get("Resources", {}).get(name, {}) | ||
if not resource or not isinstance(resource, dict): | ||
return None, validator | ||
|
||
if types and resource.get("Type") not in types: | ||
return None, validator | ||
|
||
condition = resource.get("Condition", None) | ||
if condition: | ||
if not validator.cfn.conditions.can_imply( | ||
validator.context.conditions.status, condition | ||
): | ||
return None, validator | ||
validator = validator.evolve( | ||
context=validator.context.evolve( | ||
conditions=validator.context.conditions.evolve( | ||
{ | ||
condition: True, | ||
} | ||
), | ||
) | ||
) | ||
|
||
validator = validator.evolve( | ||
context=validator.context.evolve( | ||
path=Path( | ||
path=deque(["Resources", name]), | ||
cfn_path=deque(["Resources", resource.get("Type")]), | ||
) | ||
) | ||
) | ||
|
||
return resource, validator |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,121 @@ | ||
""" | ||
Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
SPDX-License-Identifier: MIT-0 | ||
""" | ||
|
||
from __future__ import annotations | ||
|
||
from collections import deque | ||
from typing import Any, Iterator | ||
|
||
from cfnlint.helpers import is_function | ||
from cfnlint.jsonschema import Validator | ||
|
||
|
||
def _get_relationship_fn_if( | ||
validator: Validator, key: Any, value: Any, path: deque[str | int] | ||
) -> Iterator[tuple[Any, Validator]]: | ||
if not isinstance(value, list) or len(value) != 3: | ||
return | ||
condition = value[0] | ||
# True path | ||
status = {k: set([v]) for k, v in validator.context.conditions.status.items()} | ||
if condition not in status: | ||
status[condition] = set([True, False]) | ||
for scenario in validator.cfn.conditions.build_scenarios(status): | ||
if_validator = validator.evolve( | ||
context=validator.context.evolve( | ||
conditions=validator.context.conditions.evolve( | ||
status=scenario, | ||
) | ||
) | ||
) | ||
|
||
i = 1 if scenario[condition] else 2 | ||
for r, v in get_value_from_path( | ||
validator.evolve( | ||
context=if_validator.context.evolve( | ||
path=if_validator.context.path.descend(path=key).descend(path=i) | ||
) | ||
), | ||
value[i], | ||
path.copy(), | ||
): | ||
yield r, v | ||
|
||
|
||
def _get_value_from_path_list( | ||
validator: Validator, instance: Any, path: deque[str | int] | ||
) -> Iterator[tuple[Any, Validator]]: | ||
for i, v in enumerate(instance): | ||
for r, v in get_value_from_path( | ||
validator.evolve( | ||
context=validator.context.evolve( | ||
path=validator.context.path.descend(path=i) | ||
), | ||
), | ||
v, | ||
path.copy(), | ||
): | ||
yield r, v | ||
|
||
|
||
def get_value_from_path( | ||
validator: Validator, instance: Any, path: deque[str | int] | ||
) -> Iterator[tuple[Any, Validator]]: | ||
""" | ||
Retrieve a value from a nested dictionary or list using a path. | ||
Args: | ||
validator (Validator): The validator instance | ||
data (Any): The dictionary or list to search. | ||
path (deque[str | int]): The path to the value. | ||
Returns: | ||
The value at the specified path, or None if the key doesn't exist. | ||
Examples: | ||
>>> data = {'a': {'b': {'c': 3}}} | ||
>>> get_value_from_path(data, ['a', 'b', 'c']) | ||
3 | ||
""" | ||
|
||
fn_k, fn_v = is_function(instance) | ||
if fn_k is not None: | ||
if fn_k == "Fn::If": | ||
yield from _get_relationship_fn_if(validator, fn_k, fn_v, path) | ||
elif fn_k == "Ref" and fn_v == "AWS::NoValue": | ||
yield None, validator.evolve( | ||
context=validator.context.evolve( | ||
path=validator.context.path.descend(path=fn_k) | ||
) | ||
) | ||
elif not path: | ||
yield instance, validator | ||
return | ||
|
||
if not path: | ||
yield instance, validator | ||
return | ||
|
||
key = path.popleft() | ||
if isinstance(instance, list) and key == "*": | ||
yield from _get_value_from_path_list(validator, instance, path) | ||
return | ||
|
||
if not isinstance(instance, dict): | ||
yield None, validator | ||
return | ||
|
||
for r, v in get_value_from_path( | ||
validator.evolve( | ||
context=validator.context.evolve( | ||
path=validator.context.path.descend(path=key) | ||
) | ||
), | ||
instance.get(key), | ||
path.copy(), | ||
): | ||
yield r, v | ||
|
||
return |
Oops, something went wrong.