Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False errors given with property relationships when conditions are used #112

Closed
4 tasks done
kddejong opened this issue Jun 8, 2018 · 4 comments · Fixed by #812
Closed
4 tasks done

False errors given with property relationships when conditions are used #112

kddejong opened this issue Jun 8, 2018 · 4 comments · Fixed by #812
Assignees
@kddejong
Labels
bug Something isn't working

Comments

@kddejong
Copy link
Contributor

kddejong commented Jun 8, 2018
edited
Loading

Right now we check for attributes that should or shouldn't be defined together. These scenarios can get tricky with conditions and AWS::NoValue.

  • Short term hotfix to not give errors when complex situations are found
  • Ability to analyze if a related resource is available when conditions are used
  • Pull out values of properties in an object when values include conditions
  • Related objects and their values when each object has a condition applied

Related issues:
@kisst kisst mentioned this issue Jun 11, 2018
Closed
@kddejong kddejong mentioned this issue Jun 13, 2018
Closed
@cmmeyer cmmeyer added the bug Something isn't working label Jun 25, 2018
@kddejong
Copy link
Contributor Author

Working to invalidate pull request #121. When the condition numbers are high the scenarios get large and can cause linting to be slow.
Working to replace with #352 which is more light weight and less costly.

As it exists #121 will build a list of scenarios for the conditions. That logic may have to be moved to a new rule that checks if Ref/GetAtt/DependsOn resources exist when using resource level conditions.

Conditions when used in place of a resource property have to be singular.

Properties:
   Fn::If: [myCondition, { "ImageId": "ami-123456"}, {"LaunchConfiguration": "myLaunch"}]

is valid but the following is invalid because you cannot put an Fn::If with other properties. (Still double checking this)

Properties:
  LaunchConfiguration: myLaunch
  Fn::If: [myCondition, { "ImageId": "ami-123456"}, {"Ref": "AWS::NoValue"}]

This means our Inclusive and Exclusive checks will be easier to write. If someone puts a condition in the properties section there isn't a mixing of properties from inside and outside of the condition that will cause confusion.

@kddejong
Copy link
Contributor Author

starting with pull request #523

Next will be to get property values when conditions are used for values of those properties.

@kddejong kddejong mentioned this issue Jan 9, 2019
Open
@ap-hyperbole
Copy link

ap-hyperbole commented Mar 22, 2019
edited
Loading

Facing a similar issue with E2540 linting error.

Error :

E2540 At least one stage in pipeline must contain an action that is not a source action.

Template

Pipeline:
    Type: AWS::CodePipeline::Pipeline
    Properties:
      RoleArn: !GetAtt CodePipelineServiceRole.Arn
      ArtifactStore:
        Location: !Ref PipelineBucket
        Type: S3
      Stages:
        - Name: Source
          Actions:
          - Name: Source
            ActionTypeId:
              Category: Source
              Owner: AWS
              Version: "1"
              Provider: S3
            Configuration:
              S3Bucket: !Ref ThisEnvBucket
              S3ObjectKey: !Sub ${ProjectName}.zip
            OutputArtifacts:
              - Name: SourceOutput
            RunOrder: 1
        - !If
          - NotCiEnv
          - Name: Deploy
            Actions:
            - Name: Deploy
              ActionTypeId:
                Category: Build
                Owner: AWS
                Version: '1'
                Provider: CodeBuild
              Configuration:
                ProjectName: !Ref SSMPushProjectUpperEnvs
              InputArtifacts:
                - Name: SourceOutput
              OutputArtifacts: []
              RunOrder: 2
          - !Ref 'AWS::NoValue'
        - !If
          - NeedApproval
          - Name: ApprovePromotion
            Actions:
            - Name: Approval
              ActionTypeId:
                Category: Approval
                Owner: AWS
                Version: '1'
                Provider: Manual
              InputArtifacts: []
              OutputArtifacts: []
              RunOrder: 3
          - !Ref 'AWS::NoValue'
        - !If
          - NextEnvExists
          - Name: Promote
            Actions:
            - Name: Promote
              ActionTypeId:
                Category: Build
                Owner: AWS
                Version: '1'
                Provider: CodeBuild
              Configuration:
                ProjectName: !Ref PromotionBuild
              InputArtifacts:
                - Name: SourceOutput
              OutputArtifacts: []
              RunOrder: 4
          - !Ref 'AWS::NoValue'

@kddejong
Copy link
Contributor Author

@ap-hyperbole been working on a bunch of logic to make this easier. I think I can work on this after I get #746 done. That one will basically strip out all the conditions from a nested object giving us the different scenarios to test.

@kddejong kddejong mentioned this issue Apr 7, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kddejong kddejong

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Remove all nested conditions before checking CodePipeline Syntax kddejong/cfn-python-lint
3 participants
@cmmeyer @ap-hyperbole @kddejong