From 31b3f2d9d3d922257e01a3396f2435f047b543e4 Mon Sep 17 00:00:00 2001 From: Chris Rehn Date: Fri, 16 Dec 2022 00:30:41 -0800 Subject: [PATCH 1/2] chore: re-enable cfn-lint --- .cfnlintrc.yaml | 92 --------------------------------------------- Makefile | 2 + bin/run_cfn_lint.sh | 2 +- 3 files changed, 3 insertions(+), 93 deletions(-) diff --git a/.cfnlintrc.yaml b/.cfnlintrc.yaml index d1e7e1b680..e28260faae 100644 --- a/.cfnlintrc.yaml +++ b/.cfnlintrc.yaml @@ -2,43 +2,18 @@ templates: - tests/translator/output/**/*.json ignore_templates: - tests/translator/output/**/error_*.json # Fail by design - - tests/translator/output/**/api_cache.json - - tests/translator/output/**/api_description.json - - tests/translator/output/**/api_endpoint_configuration.json - - tests/translator/output/**/api_endpoint_configuration_with_vpcendpoint.json - tests/translator/output/**/api_http_paths_with_if_condition.json - tests/translator/output/**/api_http_paths_with_if_condition_no_value_else_case.json - tests/translator/output/**/api_http_paths_with_if_condition_no_value_then_case.json - tests/translator/output/**/api_http_with_default_iam_authorizer.json - - tests/translator/output/**/api_request_model.json - - tests/translator/output/**/api_request_model_openapi_3.json - - tests/translator/output/**/api_request_model_with_validator.json - - tests/translator/output/**/api_request_model_with_validator_openapi_3.json - tests/translator/output/**/api_rest_paths_with_if_condition_openapi.json - tests/translator/output/**/api_rest_paths_with_if_condition_openapi_no_value_else_case.json - tests/translator/output/**/api_rest_paths_with_if_condition_openapi_no_value_then_case.json - tests/translator/output/**/api_rest_paths_with_if_condition_swagger.json - tests/translator/output/**/api_rest_paths_with_if_condition_swagger_no_value_else_case.json - tests/translator/output/**/api_rest_paths_with_if_condition_swagger_no_value_then_case.json - - tests/translator/output/**/api_swagger_integration_with_ref_intrinsic_api_id.json - - tests/translator/output/**/api_swagger_integration_with_string_api_id.json - - tests/translator/output/**/api_with_access_log_setting.json - tests/translator/output/**/api_with_any_method_in_swagger.json - - tests/translator/output/**/api_with_apikey_default_override.json - - tests/translator/output/**/api_with_apikey_required.json - - tests/translator/output/**/api_with_apikey_required_openapi_3.json - - tests/translator/output/**/api_with_apikey_source.json - - tests/translator/output/**/api_with_auth_all_maximum.json - - tests/translator/output/**/api_with_auth_all_maximum_openapi_3.json - - tests/translator/output/**/api_with_auth_all_minimum.json - - tests/translator/output/**/api_with_auth_all_minimum_openapi.json - tests/translator/output/**/api_with_auth_and_conditions_all_max.json - - tests/translator/output/**/api_with_auth_no_default.json - - tests/translator/output/**/api_with_auth_with_default_scopes.json - - tests/translator/output/**/api_with_auth_with_default_scopes_openapi.json - - tests/translator/output/**/api_with_aws_account_blacklist.json - - tests/translator/output/**/api_with_aws_account_whitelist.json - - tests/translator/output/**/api_with_aws_iam_auth_overrides.json - tests/translator/output/**/api_with_basic_custom_domain.json - tests/translator/output/**/api_with_basic_custom_domain_http.json - tests/translator/output/**/api_with_basic_custom_domain_intrinsics.json @@ -46,71 +21,28 @@ ignore_templates: - tests/translator/output/**/api_with_binary_media_types.json - tests/translator/output/**/api_with_binary_media_types_definition_body.json - tests/translator/output/**/api_with_canary_setting.json - - tests/translator/output/**/api_with_cors.json - - tests/translator/output/**/api_with_cors_and_auth_no_preflight_auth.json - - tests/translator/output/**/api_with_cors_and_auth_preflight_auth.json - tests/translator/output/**/api_with_cors_and_conditions_no_definitionbody.json - - tests/translator/output/**/api_with_cors_and_only_credentials_false.json - - tests/translator/output/**/api_with_cors_and_only_headers.json - - tests/translator/output/**/api_with_cors_and_only_maxage.json - - tests/translator/output/**/api_with_cors_and_only_methods.json - - tests/translator/output/**/api_with_cors_and_only_origins.json - - tests/translator/output/**/api_with_cors_no_definitionbody.json - - tests/translator/output/**/api_with_cors_openapi_3.json - tests/translator/output/**/api_with_custom_base_path.json - tests/translator/output/**/api_with_custom_domain_route53.json - tests/translator/output/**/api_with_custom_domain_route53_hosted_zone_name.json - tests/translator/output/**/api_with_custom_domain_route53_hosted_zone_name_http.json - tests/translator/output/**/api_with_custom_domain_route53_http.json - tests/translator/output/**/api_with_custom_domain_route53_multiple_intrinsic_hostedzoneid.json - - tests/translator/output/**/api_with_default_aws_iam_auth.json - - tests/translator/output/**/api_with_default_aws_iam_auth_and_no_auth_route.json - - tests/translator/output/**/api_with_disable_api_execute_endpoint.json - - tests/translator/output/**/api_with_disable_api_execute_endpoint_openapi_3.json - - tests/translator/output/**/api_with_fail_on_warnings.json - - tests/translator/output/**/api_with_gateway_responses.json - - tests/translator/output/**/api_with_gateway_responses_all.json - - tests/translator/output/**/api_with_gateway_responses_all_openapi_3.json - - tests/translator/output/**/api_with_gateway_responses_implicit.json - - tests/translator/output/**/api_with_gateway_responses_minimal.json - - tests/translator/output/**/api_with_gateway_responses_string_status_code.json - tests/translator/output/**/api_with_identity_intrinsic.json - tests/translator/output/**/api_with_if_conditional_with_resource_policy.json - - tests/translator/output/**/api_with_incompatible_stage_name.json - - tests/translator/output/**/api_with_ip_range_blacklist.json - - tests/translator/output/**/api_with_ip_range_whitelist.json - - tests/translator/output/**/api_with_method_aws_iam_auth.json - - tests/translator/output/**/api_with_method_settings.json - - tests/translator/output/**/api_with_minimum_compression_size.json - - tests/translator/output/**/api_with_mode.json - - tests/translator/output/**/api_with_open_api_version.json - - tests/translator/output/**/api_with_open_api_version_2.json - - tests/translator/output/**/api_with_openapi_definition_body_no_flag.json - - tests/translator/output/**/api_with_path_parameters.json - - tests/translator/output/**/api_with_resource_policy.json - tests/translator/output/**/api_with_resource_policy_global.json - - tests/translator/output/**/api_with_resource_policy_global_implicit.json - - tests/translator/output/**/api_with_resource_refs.json - - tests/translator/output/**/api_with_security_definition_and_components.json - - tests/translator/output/**/api_with_security_definition_and_no_components.json - tests/translator/output/**/api_with_security_definition_and_none_components.json - - tests/translator/output/**/api_with_source_vpc_blacklist.json - tests/translator/output/**/api_with_source_vpc_whitelist.json - - tests/translator/output/**/api_with_swagger_and_openapi_with_auth.json - - tests/translator/output/**/api_with_swagger_authorizer_none.json - tests/translator/output/**/api_with_usageplans.json - tests/translator/output/**/api_with_usageplans_intrinsics.json - tests/translator/output/**/api_with_usageplans_shared_attributes_three.json - tests/translator/output/**/api_with_usageplans_shared_attributes_two.json - tests/translator/output/**/api_with_usageplans_shared_no_side_effect_1.json - tests/translator/output/**/api_with_usageplans_shared_no_side_effect_2.json - - tests/translator/output/**/api_with_xray_tracing.json - tests/translator/output/**/application_with_intrinsics.json - tests/translator/output/**/basic_function_withimageuri.json - tests/translator/output/**/basic_layer.json - - tests/translator/output/**/cloudwatch_logs_with_ref.json - tests/translator/output/**/cloudwatchevent_intrinsics.json - - tests/translator/output/**/cloudwatchlog.json - tests/translator/output/**/congito_userpool_with_sms_configuration.json - tests/translator/output/**/connector_bucket_to_function.json - tests/translator/output/**/connector_dependson_replace.json @@ -125,14 +57,9 @@ ignore_templates: - tests/translator/output/**/connector_sfn_to_function.json - tests/translator/output/**/connector_sns_to_function.json - tests/translator/output/**/connector_table_to_function.json - - tests/translator/output/**/depends_on.json - tests/translator/output/**/eventbridgerule_with_dlq.json - - tests/translator/output/**/explicit_api.json - - tests/translator/output/**/explicit_api_openapi_3.json - - tests/translator/output/**/explicit_api_with_invalid_events_config.json - tests/translator/output/**/function_event_conditions.json - tests/translator/output/**/function_with_alias_and_code_sha256.json - - tests/translator/output/**/function_with_alias_and_event_sources.json - tests/translator/output/**/function_with_alias_intrinsics.json - tests/translator/output/**/function_with_condition.json - tests/translator/output/**/function_with_conditional_managed_policy.json @@ -149,7 +76,6 @@ ignore_templates: - tests/translator/output/**/function_with_deployment_preference_multiple_combinations_conditions_with_passthrough.json - tests/translator/output/**/function_with_deployment_preference_multiple_combinations_conditions_without_passthrough.json - tests/translator/output/**/function_with_deployment_preference_passthrough_condition_with_supported_intrinsics.json - - tests/translator/output/**/function_with_disabled_traffic_hook.json - tests/translator/output/**/function_with_dlq.json - tests/translator/output/**/function_with_event_dest.json - tests/translator/output/**/function_with_event_dest_basic.json @@ -160,43 +86,28 @@ ignore_templates: - tests/translator/output/**/function_with_globals_role_path.json - tests/translator/output/**/function_with_intrinsic_architecture.json - tests/translator/output/**/function_with_kmskeyarn.json - - tests/translator/output/**/function_with_many_layers.json - - tests/translator/output/**/function_with_msk.json - - tests/translator/output/**/function_with_request_parameters.json - tests/translator/output/**/function_with_resource_refs.json - tests/translator/output/**/function_with_role_and_role_path.json - tests/translator/output/**/function_with_role_path.json - - tests/translator/output/**/global_handle_path_level_parameter.json - - tests/translator/output/**/globals_for_api.json - tests/translator/output/**/http_api_custom_iam_auth.json - tests/translator/output/**/http_api_existing_openapi.json - tests/translator/output/**/http_api_existing_openapi_conditions.json - tests/translator/output/**/http_api_explicit_stage.json - tests/translator/output/**/http_api_global_iam_auth_enabled.json - - tests/translator/output/**/http_api_lambda_auth.json - - tests/translator/output/**/http_api_lambda_auth_full.json - tests/translator/output/**/http_api_local_iam_auth_enabled.json - - tests/translator/output/**/http_api_multiple_authorizers.json - tests/translator/output/**/http_api_with_cors.json - tests/translator/output/**/implicit_and_explicit_api_with_conditions.json - - tests/translator/output/**/implicit_api.json - - tests/translator/output/**/implicit_api_deletion_policy_precedence.json - tests/translator/output/**/implicit_api_with_auth_and_conditions_max.json - tests/translator/output/**/implicit_api_with_many_conditions.json - - tests/translator/output/**/implicit_api_with_serverless_rest_api_resource.json - tests/translator/output/**/implicit_http_api_with_many_conditions.json - tests/translator/output/**/intrinsic_functions.json - - tests/translator/output/**/iot_rule.json - tests/translator/output/**/kinesis_intrinsics.json - tests/translator/output/**/layers_all_properties.json - tests/translator/output/**/layers_with_intrinsics.json - - tests/translator/output/**/no_implicit_api_with_serverless_rest_api_resource.json - tests/translator/output/**/s3_create_remove.json - tests/translator/output/**/s3_intrinsics.json - tests/translator/output/**/schema_validation_1.json - tests/translator/output/**/self_managed_kafka_with_intrinsics.json - - tests/translator/output/**/state_machine_with_api_authorizer.json - - tests/translator/output/**/state_machine_with_api_authorizer_maximum.json - tests/translator/output/**/state_machine_with_condition.json - tests/translator/output/**/state_machine_with_condition_and_events.json - tests/translator/output/**/state_machine_with_eb_dlq_target_id.json @@ -207,6 +118,3 @@ ignore_checks: - E2531 # Deprecated runtime; not relevant for transform tests - W2531 # EOL runtime; not relevant for transform tests - E3001 # Invalid or unsupported Type; common in transform tests since they focus on SAM resources -include_checks: - # Informational rules not enabled by default: https://github.com/aws-cloudformation/cfn-lint/blob/7219faeabe48063e68e1a3e63f0301c5b337d36e/README.md#info-rules - - I3042 # Hardcoded ARN partition/account diff --git a/Makefile b/Makefile index 2b2ef25bb4..e9a65d6ea8 100755 --- a/Makefile +++ b/Makefile @@ -38,6 +38,8 @@ lint: mypy --strict samtranslator bin # Linter performs static analysis to catch latent bugs pylint --rcfile .pylintrc samtranslator + # cfn-lint to make sure generated CloudFormation makes sense + bin/run_cfn_lint.sh prepare-companion-stack: pytest -v --no-cov integration/setup -m setup diff --git a/bin/run_cfn_lint.sh b/bin/run_cfn_lint.sh index 4f83cbe947..7183ef1a99 100755 --- a/bin/run_cfn_lint.sh +++ b/bin/run_cfn_lint.sh @@ -10,4 +10,4 @@ if [ ! -d "${VENV}" ]; then "${VENV}/bin/python" -m pip install cfn-lint==0.72.2 fi -"${VENV}/bin/cfn-lint" +"${VENV}/bin/cfn-lint" --format parseable From 863e3840e7036a055bced23f115e14fad1e37936 Mon Sep 17 00:00:00 2001 From: Chris Rehn Date: Fri, 16 Dec 2022 00:41:18 -0800 Subject: [PATCH 2/2] Quiet install --- bin/run_cfn_lint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/run_cfn_lint.sh b/bin/run_cfn_lint.sh index 7183ef1a99..0d75895610 100755 --- a/bin/run_cfn_lint.sh +++ b/bin/run_cfn_lint.sh @@ -7,7 +7,7 @@ VENV=.venv_cfn_lint # See https://github.com/aws/serverless-application-model/issues/1042 if [ ! -d "${VENV}" ]; then python3 -m venv "${VENV}" - "${VENV}/bin/python" -m pip install cfn-lint==0.72.2 + "${VENV}/bin/python" -m pip install cfn-lint==0.72.2 --quiet fi "${VENV}/bin/cfn-lint" --format parseable