Refined documentation for functions, join path bugfix & version bump #381
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
akshayrane
requested review from
joshfried-aws,
razcloud,
Brianwithay21,
wkexiang,
reza-aws,
rpdutt and
minhphuong98
rpdutt
approved these changes
Jun 29, 2023
razcloud
approved these changes
Jun 29, 2023
joshfried-aws
requested changes
Jun 29, 2023
docs/KNOWN_ISSUES.md
Outdated
| @@ -35,3 +35,4 @@ let api_gws = Resources.*[ Type == 'AWS::ApiGateway::RestApi' ] | |||
| 3. When performing `!=` comparison, if the values are incompatible like comparing a `string` to `int`, an error is thrown internally but currently suppressed and converted to `false` to satisfy the requirements of Rust’s [PartialEq](https://doc.rust-lang.org/std/cmp/trait.PartialEq.html). We are tracking to release a fix for this issue soon. | |||
| 4. `exists` and `empty` checks do not display the JSON pointer path inside the document in the error messages. Both these clauses often have retrieval errors which does not maintain this traversal information today. We are tracking to resolve this issue. | |||
| 5. Currently, for `string` literals, Guard does not support embedded escaped strings. We are tracking to resolve this issue soon. | |||
| 6. We have support for built-in functions, however, this is currently limited to assignment of the return value to a variable. For example, we can use a function and assign its result to a variable such as `let no_of_instances = count(Instances.*)` and then this variable can be used elsewhere in the conditions such as `%no_of_instances < 2`. However, we **cannot** re-write the same condition as `count(Instances.*) < 2` at this point of time. | |||
There was a problem hiding this comment.
I think we can explain this more thorough. We should probably mention that anytime a function is called it needs to be assigned before it is used anywhere. I.e parameterized rules, other function params, clauses, etc..
There was a problem hiding this comment.
added explanation
| ur.traversed_to, ur.remaining_query | ||
| ))); | ||
| } | ||
| } | ||
| } | ||
| Ok(PathAwareValue::String((Path::root(), aggr))) | ||
|
|
||
| match args.is_empty() { |
There was a problem hiding this comment.
Should we add an integration test for this like I did with count yesterday?
There was a problem hiding this comment.
good catch, I was planning to, but over the course of raising the PR I forgot to.
joshfried-aws
approved these changes
Jun 29, 2023
joshfried-aws
force-pushed
the
rogue_one
branch
2 times, most recently
from
3bb9f94
to
300c782
Compare
joshfried-aws
added a commit
that referenced
this pull request
Jun 29, 2023
* bumping up to 3.0.0-alpha (#347) * bumping up to 3.0.0 alpha * typo * updating workflow * Populated filename in the output (#358) * Populated filename in the output * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * Support for some function expressions / stateful rules (#361) * init commit for function resolution / stateful rules * more tests + making test rules better * fixed bugs with validation of functions * small cleanup * fixes as per comments * cleanup * add todo * typos * fixed logical error breaking tests * added test for test command with a function * fixed unit test * added comment to clearly explain whats happening in regex_replace cause no one actually understands regex * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * Clap Autocompletions (#340) * temp * fixing commands * cleanup * temp * cleanup * adding valuehints * adding valuehints * removed powershell * cleanup * removing derive * removed unecessary ArgActions * bumping up version * refactor to use a function to generate commands * removing unused imports * removed random println * updating readme * fixes * typo * cleanup * typo * adding documentation for functions (#362) * adding documentation for functions * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * clarifying docs --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> * Deprecated migrate and previous engine (#364) * Deprecated migrate and previous engine * Removed a unit test for old engine --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * 3.0.0 beta release changes (#365) * Bump up version to 3.0.0-beta * Updated README.md * Add instances to rules integration tests (#351) * Added 2 runners to integration tests for rules registry * Fixed indent * Added explicit shell name * Moved shell to job parameters * Added powershell commands for windows * Removed test branch * Updated README.md (#352) * Updated README for Guard 3.0 * Update README.md Co-authored-by: Ben Bridts <ben.bridts@gmail.com> --------- Co-authored-by: Ben Bridts <ben.bridts@gmail.com> --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> * feat: Add cfn-guard-lambda deployment with SAM CLI (#354) * feat: Add cfn-guard-lambda deployment with SAM CLI * Renamed the logical ID for lambda in template & updated README.md * Updated the instructions and added least privileged IAM access policy --------- Co-authored-by: Ben Bridts <ben@cloudar.be> Co-authored-by: Akshay Rane <raneaks@amazon.com> * Revert "Added deprecated short flag for print-json in parse-tree" This reverts commit 93548a4 * Updated names of binaries to reflect v3 * Updated README.md to add new features * Added rogue_one branch to docker workflow * Bump enumflags2 to 0.7.7 --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be> * 3.0.0 Beta release (#366) (#369) * bumping up to 3.0.0-alpha (#347) * bumping up to 3.0.0 alpha * typo * updating workflow * Populated filename in the output (#358) * Populated filename in the output * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct --------- * Support for some function expressions / stateful rules (#361) * init commit for function resolution / stateful rules * more tests + making test rules better * fixed bugs with validation of functions * small cleanup * fixes as per comments * cleanup * add todo * typos * fixed logical error breaking tests * added test for test command with a function * fixed unit test * added comment to clearly explain whats happening in regex_replace cause no one actually understands regex * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- * Clap Autocompletions (#340) * temp * fixing commands * cleanup * temp * cleanup * adding valuehints * adding valuehints * removed powershell * cleanup * removing derive * removed unecessary ArgActions * bumping up version * refactor to use a function to generate commands * removing unused imports * removed random println * updating readme * fixes * typo * cleanup * typo * adding documentation for functions (#362) * adding documentation for functions * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- * clarifying docs --------- * Deprecated migrate and previous engine (#364) * Deprecated migrate and previous engine * Removed a unit test for old engine --------- * 3.0.0 beta release changes (#365) * Bump up version to 3.0.0-beta * Updated README.md * Add instances to rules integration tests (#351) * Added 2 runners to integration tests for rules registry * Fixed indent * Added explicit shell name * Moved shell to job parameters * Added powershell commands for windows * Removed test branch * Updated README.md (#352) * Updated README for Guard 3.0 * Update README.md --------- --------- * feat: Add cfn-guard-lambda deployment with SAM CLI (#354) * feat: Add cfn-guard-lambda deployment with SAM CLI * Renamed the logical ID for lambda in template & updated README.md * Updated the instructions and added least privileged IAM access policy --------- * Revert "Added deprecated short flag for print-json in parse-tree" This reverts commit 93548a4 * Updated names of binaries to reflect v3 * Updated README.md to add new features * Added rogue_one branch to docker workflow * Bump enumflags2 to 0.7.7 --------- --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be> * removed uneeded printing of error parser error on parse-tree command (#368) * improve error message for templates that cause an error (#370) * improve erro message for empty templates * addressing clippy lints for validate.rs * addressed comment, removed uneeded code paths, and cleaned some stuff up * Clippy lints + ci (#371) * init * aws_meta_appender_tests.rs clippy lints * parser.rs clippy lints * cfn_reporter.rs clippy lints * files.rs clippy lints * tf.rs clippy lints * tracker.rs clippy lints * operator.rs clippy lints * values.rs clippy lints * traversal.rs clippy lints * path_value.rs clippy lints * rules/mod.rs clippy lints * eval.rs clippy lints * rulegen.rs clippy lints * summary_table.rs clippy lints * aws_meta_appender.rs clippy lints * path_value_tests.rs clippy lints * eval_tests.rs clippy lints * utils.mod.rs clippy lints * parser_tests.rs clippy lints * traversal_tests.rs clippy lints * generic_summary.rs clippy lints * a bunch of misc clippy lints * tests/utils.rs clippy lints * test_command.rs clippy lints * main.rs clippy lints * tests/validate.rs clippy lints * tests/parse_tree.rs clippy lints * functional.rs clippy lints * helper.rs clippy lints * eval_context clippy lints * cfn.rs clippy lints * value_tests.rs clippy lints * last of the lints * adding linting to ci * last few lints * evaluate_tests.rs lints * fix for bug when introduced when rule fails and resource is not the parent of the node where the failure occurs + misc tests (#372) * Updating reporters to all use serde for both json and yaml + misc improvements (#373) * modifying json/yaml responses to ALL use serde_yaml/json for serialization * adding type information to error message * [Bugfix] Fixing improper console output when using single line summary (#378) * changing count.rs to return a pathawarevalue instead of a primitive * temp * adding unit test for show summary all when failing using count fn * removing unecesssary file * [Enhancement] creating a new error code for rule failures (#379) * temp * adding new exit code for when a rule fails * added integration test to validate error code for a failing test * cleanup * rebase + fix test * removed unecessary double 0 * Refined documentation for functions, join path bugfix & version bump (#381) * Updated table of contents and added a writeup for functions * Bug fix for set path for returned PathAwareValue for join function * Refined documentation for functions * Version bump to 3.0.0 * Added more detailed explanation for function usage limitation * Added integration test for join path bugfix --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * 3.0.0 release changes (#383) * 3.0.0 Beta release (#366) * bumping up to 3.0.0-alpha (#347) * bumping up to 3.0.0 alpha * typo * updating workflow * Populated filename in the output (#358) * Populated filename in the output * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * Support for some function expressions / stateful rules (#361) * init commit for function resolution / stateful rules * more tests + making test rules better * fixed bugs with validation of functions * small cleanup * fixes as per comments * cleanup * add todo * typos * fixed logical error breaking tests * added test for test command with a function * fixed unit test * added comment to clearly explain whats happening in regex_replace cause no one actually understands regex * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * Clap Autocompletions (#340) * temp * fixing commands * cleanup * temp * cleanup * adding valuehints * adding valuehints * removed powershell * cleanup * removing derive * removed unecessary ArgActions * bumping up version * refactor to use a function to generate commands * removing unused imports * removed random println * updating readme * fixes * typo * cleanup * typo * adding documentation for functions (#362) * adding documentation for functions * Combined structured output and updated default rule clause name to include file name (#360) * Populated filename in the output * Structured combine * Changed FileData into DataFile and handle error differently * Resolved lifetime issue with FileReport combine method * Updated status and method * Refactored to use existing DataFile struct * Changed FileData into DataFile and handle error differently * Refactored to use existing DataFile struct * Merged file report * Interim commit for structured * Resolved unit tests * Temporary commit for default rule names * Working prototype for formatting issue --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * clarifying docs --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> * Deprecated migrate and previous engine (#364) * Deprecated migrate and previous engine * Removed a unit test for old engine --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> * 3.0.0 beta release changes (#365) * Bump up version to 3.0.0-beta * Updated README.md * Add instances to rules integration tests (#351) * Added 2 runners to integration tests for rules registry * Fixed indent * Added explicit shell name * Moved shell to job parameters * Added powershell commands for windows * Removed test branch * Updated README.md (#352) * Updated README for Guard 3.0 * Update README.md Co-authored-by: Ben Bridts <ben.bridts@gmail.com> --------- Co-authored-by: Ben Bridts <ben.bridts@gmail.com> --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> * feat: Add cfn-guard-lambda deployment with SAM CLI (#354) * feat: Add cfn-guard-lambda deployment with SAM CLI * Renamed the logical ID for lambda in template & updated README.md * Updated the instructions and added least privileged IAM access policy --------- Co-authored-by: Ben Bridts <ben@cloudar.be> Co-authored-by: Akshay Rane <raneaks@amazon.com> * Revert "Added deprecated short flag for print-json in parse-tree" This reverts commit 93548a4 * Updated names of binaries to reflect v3 * Updated README.md to add new features * Added rogue_one branch to docker workflow * Bump enumflags2 to 0.7.7 --------- Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be> --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be> * Removed unused import --------- Co-authored-by: Josh Fried <112121129+joshfried-aws@users.noreply.github.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be> * removing unused import --------- Co-authored-by: Akshay Rane <aks.rane@gmail.com> Co-authored-by: Akshay Rane <raneaks@amazon.com> Co-authored-by: razcloud <34892703+razcloud@users.noreply.github.com> Co-authored-by: Ben Bridts <ben.bridts@gmail.com> Co-authored-by: Ben Bridts <ben@cloudar.be>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue #, if available:
Description of changes:
joinfunction not returning the path in templateBy submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license