Support for some function expressions / stateful rules #361
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
joshfried-aws
requested review from
razcloud,
minhphuong98,
Neel-Renavikar,
Brianwithay21,
wkexiang,
reza-aws and
rpdutt
akshayrane
reviewed
Jun 8, 2023
…se no one actually understands regex
Brianwithay21
approved these changes
Jun 8, 2023
akshayrane
approved these changes
Jun 8, 2023
This was referenced Jun 8, 2023
joshfried-aws
added a commit
that referenced
this pull request
Jun 9, 2023
* bumping up to 3.0.0-alpha (#347) * bumping up to 3.0.0 alpha * typo * updating workflow * Populated filename in the output (#358) * Populated filename in the output * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * Support for some function expressions / stateful rules (#361) * init commit for function resolution / stateful rules * more tests + making test rules better * fixed bugs with validation of functions * small cleanup * fixes as per comments * cleanup * add todo * typos * fixed logical error breaking tests * added test for test command with a function * fixed unit test * added comment to clearly explain whats happening in regex_replace cause no one actually understands regex * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * Clap Autocompletions (#340) * temp * fixing commands * cleanup * temp * cleanup * adding valuehints * adding valuehints * removed powershell * cleanup * removing derive * removed unecessary ArgActions * bumping up version * refactor to use a function to generate commands * removing unused imports * removed random println * updating readme * fixes * typo * cleanup * typo * adding documentation for functions (#362) * adding documentation for functions * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * clarifying docs --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> * Deprecated migrate and previous engine (#364) * Deprecated migrate and previous engine * Removed a unit test for old engine --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * 3.0.0 beta release changes (#365) * Bump up version to 3.0.0-beta * Updated README.md * Add instances to rules integration tests (#351) * Added 2 runners to integration tests for rules registry * Fixed indent * Added explicit shell name * Moved shell to job parameters * Added powershell commands for windows * Removed test branch * Updated README.md (#352) * Updated README for Guard 3.0 * Update README.md Co-authored-by: Ben Bridts <ben.bridts@gmail.com> --------- Co-authored-by: Ben Bridts <ben.bridts@gmail.com> --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> * feat: Add cfn-guard-lambda deployment with SAM CLI (#354) * feat: Add cfn-guard-lambda deployment with SAM CLI * Renamed the logical ID for lambda in template & updated README.md * Updated the instructions and added least privileged IAM access policy --------- Co-authored-by: Ben Bridts <ben@cloudar.be> Co-authored-by: Akshay Rane <raneaks@amazon.com> * Revert "Added deprecated short flag for print-json in parse-tree" This reverts commit 93548a4 * Updated names of binaries to reflect v3 * Updated README.md to add new features * Added rogue_one branch to docker workflow * Bump enumflags2 to 0.7.7 --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be> --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be>
joshfried-aws
added a commit
that referenced
this pull request
Jun 12, 2023
* bumping up to 3.0.0-alpha (#347) * bumping up to 3.0.0 alpha * typo * updating workflow * Populated filename in the output (#358) * Populated filename in the output * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct --------- * Support for some function expressions / stateful rules (#361) * init commit for function resolution / stateful rules * more tests + making test rules better * fixed bugs with validation of functions * small cleanup * fixes as per comments * cleanup * add todo * typos * fixed logical error breaking tests * added test for test command with a function * fixed unit test * added comment to clearly explain whats happening in regex_replace cause no one actually understands regex * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- * Clap Autocompletions (#340) * temp * fixing commands * cleanup * temp * cleanup * adding valuehints * adding valuehints * removed powershell * cleanup * removing derive * removed unecessary ArgActions * bumping up version * refactor to use a function to generate commands * removing unused imports * removed random println * updating readme * fixes * typo * cleanup * typo * adding documentation for functions (#362) * adding documentation for functions * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- * clarifying docs --------- * Deprecated migrate and previous engine (#364) * Deprecated migrate and previous engine * Removed a unit test for old engine --------- * 3.0.0 beta release changes (#365) * Bump up version to 3.0.0-beta * Updated README.md * Add instances to rules integration tests (#351) * Added 2 runners to integration tests for rules registry * Fixed indent * Added explicit shell name * Moved shell to job parameters * Added powershell commands for windows * Removed test branch * Updated README.md (#352) * Updated README for Guard 3.0 * Update README.md --------- --------- * feat: Add cfn-guard-lambda deployment with SAM CLI (#354) * feat: Add cfn-guard-lambda deployment with SAM CLI * Renamed the logical ID for lambda in template & updated README.md * Updated the instructions and added least privileged IAM access policy --------- * Revert "Added deprecated short flag for print-json in parse-tree" This reverts commit 93548a4 * Updated names of binaries to reflect v3 * Updated README.md to add new features * Added rogue_one branch to docker workflow * Bump enumflags2 to 0.7.7 --------- --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be>
joshfried-aws
added a commit
that referenced
this pull request
Jun 29, 2023
* init commit for function resolution / stateful rules * more tests + making test rules better * fixed bugs with validation of functions * small cleanup * fixes as per comments * cleanup * add todo * typos * fixed logical error breaking tests * added test for test command with a function * fixed unit test * added comment to clearly explain whats happening in regex_replace cause no one actually understands regex
akshayrane
added a commit
that referenced
this pull request
Jun 29, 2023
* 3.0.0 Beta release (#366) * bumping up to 3.0.0-alpha (#347) * bumping up to 3.0.0 alpha * typo * updating workflow * Populated filename in the output (#358) * Populated filename in the output * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * Support for some function expressions / stateful rules (#361) * init commit for function resolution / stateful rules * more tests + making test rules better * fixed bugs with validation of functions * small cleanup * fixes as per comments * cleanup * add todo * typos * fixed logical error breaking tests * added test for test command with a function * fixed unit test * added comment to clearly explain whats happening in regex_replace cause no one actually understands regex * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * Clap Autocompletions (#340) * temp * fixing commands * cleanup * temp * cleanup * adding valuehints * adding valuehints * removed powershell * cleanup * removing derive * removed unecessary ArgActions * bumping up version * refactor to use a function to generate commands * removing unused imports * removed random println * updating readme * fixes * typo * cleanup * typo * adding documentation for functions (#362) * adding documentation for functions * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * clarifying docs --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> * Deprecated migrate and previous engine (#364) * Deprecated migrate and previous engine * Removed a unit test for old engine --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * 3.0.0 beta release changes (#365) * Bump up version to 3.0.0-beta * Updated README.md * Add instances to rules integration tests (#351) * Added 2 runners to integration tests for rules registry * Fixed indent * Added explicit shell name * Moved shell to job parameters * Added powershell commands for windows * Removed test branch * Updated README.md (#352) * Updated README for Guard 3.0 * Update README.md Co-authored-by: Ben Bridts <ben.bridts@gmail.com> --------- Co-authored-by: Ben Bridts <ben.bridts@gmail.com> --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> * feat: Add cfn-guard-lambda deployment with SAM CLI (#354) * feat: Add cfn-guard-lambda deployment with SAM CLI * Renamed the logical ID for lambda in template & updated README.md * Updated the instructions and added least privileged IAM access policy --------- Co-authored-by: Ben Bridts <ben@cloudar.be> Co-authored-by: Akshay Rane <raneaks@amazon.com> * Revert "Added deprecated short flag for print-json in parse-tree" This reverts commit 93548a4 * Updated names of binaries to reflect v3 * Updated README.md to add new features * Added rogue_one branch to docker workflow * Bump enumflags2 to 0.7.7 --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be> --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be> * Removed unused import --------- Co-authored-by: Josh Fried <112121129+joshfried-aws@users.noreply.github.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be>
joshfried-aws
added a commit
that referenced
this pull request
Jun 29, 2023
* bumping up to 3.0.0-alpha (#347) * bumping up to 3.0.0 alpha * typo * updating workflow * Populated filename in the output (#358) * Populated filename in the output * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * Support for some function expressions / stateful rules (#361) * init commit for function resolution / stateful rules * more tests + making test rules better * fixed bugs with validation of functions * small cleanup * fixes as per comments * cleanup * add todo * typos * fixed logical error breaking tests * added test for test command with a function * fixed unit test * added comment to clearly explain whats happening in regex_replace cause no one actually understands regex * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * Clap Autocompletions (#340) * temp * fixing commands * cleanup * temp * cleanup * adding valuehints * adding valuehints * removed powershell * cleanup * removing derive * removed unecessary ArgActions * bumping up version * refactor to use a function to generate commands * removing unused imports * removed random println * updating readme * fixes * typo * cleanup * typo * adding documentation for functions (#362) * adding documentation for functions * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * clarifying docs --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> * Deprecated migrate and previous engine (#364) * Deprecated migrate and previous engine * Removed a unit test for old engine --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * 3.0.0 beta release changes (#365) * Bump up version to 3.0.0-beta * Updated README.md * Add instances to rules integration tests (#351) * Added 2 runners to integration tests for rules registry * Fixed indent * Added explicit shell name * Moved shell to job parameters * Added powershell commands for windows * Removed test branch * Updated README.md (#352) * Updated README for Guard 3.0 * Update README.md Co-authored-by: Ben Bridts <ben.bridts@gmail.com> --------- Co-authored-by: Ben Bridts <ben.bridts@gmail.com> --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> * feat: Add cfn-guard-lambda deployment with SAM CLI (#354) * feat: Add cfn-guard-lambda deployment with SAM CLI * Renamed the logical ID for lambda in template & updated README.md * Updated the instructions and added least privileged IAM access policy --------- Co-authored-by: Ben Bridts <ben@cloudar.be> Co-authored-by: Akshay Rane <raneaks@amazon.com> * Revert "Added deprecated short flag for print-json in parse-tree" This reverts commit 93548a4 * Updated names of binaries to reflect v3 * Updated README.md to add new features * Added rogue_one branch to docker workflow * Bump enumflags2 to 0.7.7 --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be> * 3.0.0 Beta release (#366) (#369) * bumping up to 3.0.0-alpha (#347) * bumping up to 3.0.0 alpha * typo * updating workflow * Populated filename in the output (#358) * Populated filename in the output * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct --------- * Support for some function expressions / stateful rules (#361) * init commit for function resolution / stateful rules * more tests + making test rules better * fixed bugs with validation of functions * small cleanup * fixes as per comments * cleanup * add todo * typos * fixed logical error breaking tests * added test for test command with a function * fixed unit test * added comment to clearly explain whats happening in regex_replace cause no one actually understands regex * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- * Clap Autocompletions (#340) * temp * fixing commands * cleanup * temp * cleanup * adding valuehints * adding valuehints * removed powershell * cleanup * removing derive * removed unecessary ArgActions * bumping up version * refactor to use a function to generate commands * removing unused imports * removed random println * updating readme * fixes * typo * cleanup * typo * adding documentation for functions (#362) * adding documentation for functions * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- * clarifying docs --------- * Deprecated migrate and previous engine (#364) * Deprecated migrate and previous engine * Removed a unit test for old engine --------- * 3.0.0 beta release changes (#365) * Bump up version to 3.0.0-beta * Updated README.md * Add instances to rules integration tests (#351) * Added 2 runners to integration tests for rules registry * Fixed indent * Added explicit shell name * Moved shell to job parameters * Added powershell commands for windows * Removed test branch * Updated README.md (#352) * Updated README for Guard 3.0 * Update README.md --------- --------- * feat: Add cfn-guard-lambda deployment with SAM CLI (#354) * feat: Add cfn-guard-lambda deployment with SAM CLI * Renamed the logical ID for lambda in template & updated README.md * Updated the instructions and added least privileged IAM access policy --------- * Revert "Added deprecated short flag for print-json in parse-tree" This reverts commit 93548a4 * Updated names of binaries to reflect v3 * Updated README.md to add new features * Added rogue_one branch to docker workflow * Bump enumflags2 to 0.7.7 --------- --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be> * removed uneeded printing of error parser error on parse-tree command (#368) * improve error message for templates that cause an error (#370) * improve erro message for empty templates * addressing clippy lints for validate.rs * addressed comment, removed uneeded code paths, and cleaned some stuff up * Clippy lints + ci (#371) * init * aws_meta_appender_tests.rs clippy lints * parser.rs clippy lints * cfn_reporter.rs clippy lints * files.rs clippy lints * tf.rs clippy lints * tracker.rs clippy lints * operator.rs clippy lints * values.rs clippy lints * traversal.rs clippy lints * path_value.rs clippy lints * rules/mod.rs clippy lints * eval.rs clippy lints * rulegen.rs clippy lints * summary_table.rs clippy lints * aws_meta_appender.rs clippy lints * path_value_tests.rs clippy lints * eval_tests.rs clippy lints * utils.mod.rs clippy lints * parser_tests.rs clippy lints * traversal_tests.rs clippy lints * generic_summary.rs clippy lints * a bunch of misc clippy lints * tests/utils.rs clippy lints * test_command.rs clippy lints * main.rs clippy lints * tests/validate.rs clippy lints * tests/parse_tree.rs clippy lints * functional.rs clippy lints * helper.rs clippy lints * eval_context clippy lints * cfn.rs clippy lints * value_tests.rs clippy lints * last of the lints * adding linting to ci * last few lints * evaluate_tests.rs lints * fix for bug when introduced when rule fails and resource is not the parent of the node where the failure occurs + misc tests (#372) * Updating reporters to all use serde for both json and yaml + misc improvements (#373) * modifying json/yaml responses to ALL use serde_yaml/json for serialization * adding type information to error message * [Bugfix] Fixing improper console output when using single line summary (#378) * changing count.rs to return a pathawarevalue instead of a primitive * temp * adding unit test for show summary all when failing using count fn * removing unecesssary file * [Enhancement] creating a new error code for rule failures (#379) * temp * adding new exit code for when a rule fails * added integration test to validate error code for a failing test * cleanup * rebase + fix test * removed unecessary double 0 * Refined documentation for functions, join path bugfix & version bump (#381) * Updated table of contents and added a writeup for functions * Bug fix for set path for returned PathAwareValue for join function * Refined documentation for functions * Version bump to 3.0.0 * Added more detailed explanation for function usage limitation * Added integration test for join path bugfix --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * 3.0.0 release changes (#383) * 3.0.0 Beta release (#366) * bumping up to 3.0.0-alpha (#347) * bumping up to 3.0.0 alpha * typo * updating workflow * Populated filename in the output (#358) * Populated filename in the output * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * Support for some function expressions / stateful rules (#361) * init commit for function resolution / stateful rules * more tests + making test rules better * fixed bugs with validation of functions * small cleanup * fixes as per comments * cleanup * add todo * typos * fixed logical error breaking tests * added test for test command with a function * fixed unit test * added comment to clearly explain whats happening in regex_replace cause no one actually understands regex * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * Clap Autocompletions (#340) * temp * fixing commands * cleanup * temp * cleanup * adding valuehints * adding valuehints * removed powershell * cleanup * removing derive * removed unecessary ArgActions * bumping up version * refactor to use a function to generate commands * removing unused imports * removed random println * updating readme * fixes * typo * cleanup * typo * adding documentation for functions (#362) * adding documentation for functions * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * clarifying docs --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> * Deprecated migrate and previous engine (#364) * Deprecated migrate and previous engine * Removed a unit test for old engine --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * 3.0.0 beta release changes (#365) * Bump up version to 3.0.0-beta * Updated README.md * Add instances to rules integration tests (#351) * Added 2 runners to integration tests for rules registry * Fixed indent * Added explicit shell name * Moved shell to job parameters * Added powershell commands for windows * Removed test branch * Updated README.md (#352) * Updated README for Guard 3.0 * Update README.md Co-authored-by: Ben Bridts <ben.bridts@gmail.com> --------- Co-authored-by: Ben Bridts <ben.bridts@gmail.com> --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> * feat: Add cfn-guard-lambda deployment with SAM CLI (#354) * feat: Add cfn-guard-lambda deployment with SAM CLI * Renamed the logical ID for lambda in template & updated README.md * Updated the instructions and added least privileged IAM access policy --------- Co-authored-by: Ben Bridts <ben@cloudar.be> Co-authored-by: Akshay Rane <raneaks@amazon.com> * Revert "Added deprecated short flag for print-json in parse-tree" This reverts commit 93548a4 * Updated names of binaries to reflect v3 * Updated README.md to add new features * Added rogue_one branch to docker workflow * Bump enumflags2 to 0.7.7 --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be> --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be> * Removed unused import --------- Co-authored-by: Josh Fried <112121129+joshfried-aws@users.noreply.github.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be> * removing unused import --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be>
joshfried-aws
added a commit
to joshfried-aws/cloudformation-guard
that referenced
this pull request
Jun 30, 2023
…ation#361) * init commit for function resolution / stateful rules * more tests + making test rules better * fixed bugs with validation of functions * small cleanup * fixes as per comments * cleanup * add todo * typos * fixed logical error breaking tests * added test for test command with a function * fixed unit test * added comment to clearly explain whats happening in regex_replace cause no one actually understands regex
joshfried-aws
added a commit
to joshfried-aws/cloudformation-guard
that referenced
this pull request
Jun 30, 2023
* bumping up to 3.0.0-alpha (aws-cloudformation#347) * bumping up to 3.0.0 alpha * typo * updating workflow * Populated filename in the output (aws-cloudformation#358) * Populated filename in the output * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct --------- * Support for some function expressions / stateful rules (aws-cloudformation#361) * init commit for function resolution / stateful rules * more tests + making test rules better * fixed bugs with validation of functions * small cleanup * fixes as per comments * cleanup * add todo * typos * fixed logical error breaking tests * added test for test command with a function * fixed unit test * added comment to clearly explain whats happening in regex_replace cause no one actually understands regex * Combined structured output and updated default rule clause name to include file name (aws-cloudformation#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- * Clap Autocompletions (aws-cloudformation#340) * temp * fixing commands * cleanup * temp * cleanup * adding valuehints * adding valuehints * removed powershell * cleanup * removing derive * removed unecessary ArgActions * bumping up version * refactor to use a function to generate commands * removing unused imports * removed random println * updating readme * fixes * typo * cleanup * typo * adding documentation for functions (aws-cloudformation#362) * adding documentation for functions * Combined structured output and updated default rule clause name to include file name (aws-cloudformation#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- * clarifying docs --------- * Deprecated migrate and previous engine (aws-cloudformation#364) * Deprecated migrate and previous engine * Removed a unit test for old engine --------- * 3.0.0 beta release changes (aws-cloudformation#365) * Bump up version to 3.0.0-beta * Updated README.md * Add instances to rules integration tests (aws-cloudformation#351) * Added 2 runners to integration tests for rules registry * Fixed indent * Added explicit shell name * Moved shell to job parameters * Added powershell commands for windows * Removed test branch * Updated README.md (aws-cloudformation#352) * Updated README for Guard 3.0 * Update README.md --------- --------- * feat: Add cfn-guard-lambda deployment with SAM CLI (aws-cloudformation#354) * feat: Add cfn-guard-lambda deployment with SAM CLI * Renamed the logical ID for lambda in template & updated README.md * Updated the instructions and added least privileged IAM access policy --------- * Revert "Added deprecated short flag for print-json in parse-tree" This reverts commit 93548a4 * Updated names of binaries to reflect v3 * Updated README.md to add new features * Added rogue_one branch to docker workflow * Bump enumflags2 to 0.7.7 --------- --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue #, if available:
#295
#140
Description of changes:
Refactor all occurrences of
&'value PathAwareValuetoRc<PathAwareValue>while this has a performance impact, due to the way functions are computed we have no other choice, since&'valuelifetime refers to when the specific value was parsed, and thus values that are computed can never meet that requirement. This also allowed us to remove the lifetime constraints on many structs and functions. This refactor also made us add a dependency on theRcfeature in the serde crateRefactored the PathTree struct from
pub(super) type PathTree<'report, 'value> = BTreeMap<&'value str, Vec<std::rc::Rc<Node<'report, 'value>>>>;topub(super) type PathTree<'report, 'value> = BTreeMap<String, Vec<std::rc::Rc<Node<'report, 'value>>>>;this is a direct result of the change mentioned above
Add support for the following functions
count -
takes a single query result argument as a parameter and returns the number of occurrences. For examples please refer to
json_parse -
takes a single query result and attempts to convert a string into a json object.
regex_replace -
takes 3 arguments the first is a query result, the 2nd is the extracted regular expression, and the third is the replacement regular expression
substring -
takes 3 arguments the first is a query result, the 2nd is the starting index (inclusive), the 3rd is the last index (non inclusive)
to_lower -
takes a single query result and returns a string that is all lowercase
to_upper -
same as above except the returned string is all uppercase
url_decode -
takes a single queryy result and returns a url decoded version of the string
ex:This%20string%20will%20be%20URL%20encoded => "This string will be URL encoded"
for examples of these functions see the accompanying guard files
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license