-
Notifications
You must be signed in to change notification settings - Fork 208
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Templates are not getting scanned recursively. #140
Comments
hmm..... well mileage may vary under wind0ze - we only run the tests on a *nix variant but..... looking at your command line, i'd suggest two things:
also beware of the shell globbing your asterisk/wildcard. in *nix land, you might need a single quote to make it a literal so that the shell doesn't substitute/swallow the specification before cfn-nag sees it. please let me know if this helps. will have time this weekend to follow-up |
@Black742 any feedback on advice? |
@erickascic Have tried your suggestion and getting the issue below CMD: cfn_nag_scan --input-path ~/src/sample/templates --template-pattern '*.template.yaml' But, this syntax is working fine in the Linux machine. |
So this problem is particular to Wind0ze? Are you using cygwin or something so that the tilde will be substituted properly? I guess I'd try with the real path to the template e.g. C:/Users/tests/src/sample/templates |
The problem definitely seems particular to Windows. Although I am not using on *nix$ cfn_nag_scan --input-path ./
------------------------------------------------------------
./foo/bar/foo.json
------------------------------------------------------------
Failures count: 0
Warnings count: 0
------------------------------------------------------------
./foo/foo/bar.json
------------------------------------------------------------------------------------------------------------------------
| WARN W12
|
| Resources: ["BarPolicy"]
|
| IAM policy should not allow * resource
Failures count: 0
Warnings count: 1
------------------------------------------------------------
./bar/foo/foo.yml
------------------------------------------------------------
Failures count: 0
Warnings count: 0
------------------------------------------------------------
./bar/foo/bar.json
------------------------------------------------------------
Failures count: 0
Warnings count: 0 $ bash --version
GNU bash, version 4.2.46(2)-release (x86_64-redhat-linux-gnu)
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. on Windows$ cfn_nag_scan --input-path ./
Error: file or url for option 'input_path' cannot be opened: Is a directory @ rb_sysopen - ./.
Try --help for help. I have also tried I am able to get the tool to "work"(scan the first item in a directory) on Windows if I do $ bash --version
bash --version
GNU bash, version 4.4.19(2)-release (x86_64-pc-msys)
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. |
I downloaded the zip file, changed the input path argument type to string instead of io, rebuilt, and it works on windows now like it should. opt :input_path, to opt :input_path, |
i had a chance to review this and reproduce... underneath trollop/optimist is a call to open-uri that is failing: require 'open-uri' Will try to get back to this to fix this week |
@erickascic Any update? |
@Black742 - Fix coming shortly! |
The tool working good, however its not scanning all the files under a directory.
I have dir call templates and had lots file underneath, when i apply the cfn_nag_scan for that directory its scanning only a file file in that directory.
cfn_nag_scan --input-path ~/src/sample/templates/** --template-pattern ..*.template.json
C:/Users/test/src/sample/templates/testStack.template.json
Failures count: 0
Warnings count: 0
Could you please suggest me how to scan all the files underneath the directory?
The text was updated successfully, but these errors were encountered: