-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds support for using Fn::If in function policies #988
Conversation
Codecov Report
@@ Coverage Diff @@
## develop #988 +/- ##
===========================================
+ Coverage 94.71% 94.86% +0.15%
===========================================
Files 69 69
Lines 3160 3333 +173
Branches 606 651 +45
===========================================
+ Hits 2993 3162 +169
- Misses 85 89 +4
Partials 82 82
Continue to review full report at Codecov.
|
merge Release/v1.12.0 into master
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So sorry for the delay on getting back to you on this. Really appreciate the work you've put into this PR so far!
- You'll need to add end to end unit tests of the translator (input and expected output templates). Here's an example PR showing what it looks like to add that type of unit test.
- Great catch on PolicyTemplatesForFunctionPlugin throwing an error. That class will need to be updated such that it can support the case where the policy passed to it is an
Fn::If
dictionary. You'll have to recursively traverse that dictionary and find any policy template statements within it and callself._policy_template_processor.convert()
on each one of them.
Again, really appreciate the work you've put into this so far! Looking forward to your updates. 😊
… model. Added end to end tests for intrinsic if. Addressed pr comments.
Added support for intrinsic if to the policy plugin and sam resource. Made suggested changes. Added end to end test. Was able to verify stack launch with the end to end test outputs. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks great. Thank you for the test coverage as well as the feature, this will be very useful!
if is_intrinsic_no_value(else_data): | ||
return if_data_type | ||
|
||
raise InvalidTemplateException("Different policy types within the same Fn::If statement is unsupported. " |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a great limitation, makes this feature easier and cuts down on edge cases. Thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great! Can you merge it in? Looks like its still blocked for me on some "code changes requested".
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Terrific work on this PR! Really appreciate you adding the updates. I called out two super minor variable renames, but I'll go ahead and commit those changes and get this merged in. Thanks so much for this great contribution!
Issue #, if available:
#874
Description of changes:
Adds support for using Fn::If in function policies.
Description of how you validated changes:
Unit testing
Checklist:
make pr
passesexamples/2016-10-31
Implemented according to jlhood's suggestions on Issue 874.
bin/sam-translate.py fails when the !If function resolves to the policy template type.
This seems to be because the PolicyTemplatesForFunctionPlugin class expects a policy template object to be passed to it, but in this case we pass the entire If object. How should I proceed?
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.