Skip to content

Commit

Permalink
Switch SnapStart check to check_value
Browse files Browse the repository at this point in the history
  • Loading branch information
@kddejong
kddejong committed Oct 16, 2023
1 parent fe80070 commit c43f172
Showing 1 changed file with 34 additions and 21 deletions.
55 changes: 34 additions & 21 deletions src/cfnlint/rules/resources/lmbd/SnapStart.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,30 @@ def __init__(self):
super().__init__()
self.resource_property_types.append("AWS::Lambda::Function")

def _check_value(self, value, path, **kwargs):
lambda_versions = kwargs["lambda_versions"]
cfn = kwargs["cfn"]

if value != "PublishedVersions":
return []

# SnapStart is enabled, validate if version is attached
matches = [
v
for v in lambda_versions
if any(edge == path[1] for edge in cfn.graph.graph.neighbors(v))
]

if len(matches) < 1:
return [
RuleMatch(
path,
"SnapStart is enabled but Lambda version is not attached",
)
]

return []

def match_resource_properties(self, properties, _, path, cfn):
"""Check CloudFormation Properties"""
matches = []
Expand All @@ -39,26 +63,15 @@ def match_resource_properties(self, properties, _, path, cfn):
if not snap_start:
continue

# Get safe removes any conditions nested
# since we aren't checking runtimes we just need to know if
# there is a scenario in which PublishedVersions is present
for apply_on in snap_start.get_safe("ApplyOn"):
if apply_on[0] != "PublishedVersions":
continue

# SnapStart is enabled, validate if version is attached
matches = [
v
for v in lambda_versions
if any(edge == path[1] for edge in cfn.graph.graph.neighbors(v))
]

if len(matches) < 1:
matches.append(
RuleMatch(
path + ["SnapStart", apply_on[1]],
"SnapStart is enabled but Lambda version is not attached",
)
)
matches.extend(
cfn.check_value(
snap_start,
"ApplyOn",
path,
check_value=self._check_value,
lambda_versions=lambda_versions,
cfn=cfn,
)
)

return matches

0 comments on commit c43f172

Please sign in to comment.