cfn-nag 0.8.9 → 0.8.10

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cfn-nag/cfn_nag_config.rb +4 -2
  3. data/lib/cfn-nag/cfn_nag_executor.rb +2 -1
  4. data/lib/cfn-nag/cli_options.rb +5 -0
  5. data/lib/cfn-nag/custom_rule_loader.rb +5 -2
  6. data/lib/cfn-nag/rule_repos/file_based_rule_repo.rb +18 -7
  7. data/lib/cfn-nag/version.rb +1 -1
  8. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f4a16eb5cda1347c3d70d1dba6c5408df9cc1eb6fd59ddf9ceab8bc35e4c2a1f
4
- data.tar.gz: acf74edd1722eb6703cb9b3984c0c6656f154564fdb8e4ad758ce00c60a0d52c
3
+ metadata.gz: 40a08198632607ba6b27da6855a68dce9296ac85e7d5c0b511efd64297c24089
4
+ data.tar.gz: df6fb8ea0508ebff5ae8d5f74dd4e403294152adfcf43b306e426de33b12eec8
5
5
  SHA512:
6
- metadata.gz: ce414a1ff11e5a981b410d6dd0f37ae8e677a333aafe66de03fd50cac3fb7d9edc46a229708950cfd03965d1b972f449308c7d241f6869d59159c889b4fc2ca2
7
- data.tar.gz: 7ddefcb9485dd9283fca42013fdcf0975358ebb7026acdc6038e38d7438489b8a9367b866bbe7d79e2572907e02b90af212a89ca64a9eb23f7d7d4a6e568af00
6
+ metadata.gz: bc4b6426631b6777c2a77eb3c7be2fbf776ae1027675c9f420c558cbcc6e2682368889438e05e52a91b0709b06cd4bfcef46ea67d2b051d62b0bbc84b2e843a2
7
+ data.tar.gz: 69874dc93fee2a9f3aca39c2eef7b5d27f2d2805350792b5dcbb8e8b5ad0d9b4a97c97f98f7d15bf75d1588dfee0c6c31a2ad9a4962a6b834aa8babf9ae7cfaa
data/lib/cfn-nag/cfn_nag_config.rb CHANGED
@@ -11,14 +11,16 @@ class CfnNagConfig
11
11
  fail_on_warnings: false,
12
12
  ignore_fatal: false,
13
13
  rule_repository_definitions: [],
14
- rule_arguments: {})
14
+ rule_arguments: {},
15
+ rule_directory_recursive: false)
15
16
  @rule_directory = rule_directory
16
17
  @custom_rule_loader = CustomRuleLoader.new(
17
18
  rule_directory: rule_directory,
18
19
  allow_suppression: allow_suppression,
19
20
  print_suppression: print_suppression,
20
21
  isolate_custom_rule_exceptions: isolate_custom_rule_exceptions,
21
- rule_repository_definitions: rule_repository_definitions
22
+ rule_repository_definitions: rule_repository_definitions,
23
+ rule_directory_recursive: rule_directory_recursive
22
24
  )
23
25
  @profile_definition = profile_definition
24
26
  @deny_list_definition = deny_list_definition
data/lib/cfn-nag/cfn_nag_executor.rb CHANGED
@@ -130,7 +130,8 @@ class CfnNagExecutor
130
130
  fail_on_warnings: opts[:fail_on_warnings],
131
131
  rule_repository_definitions: @rule_repository_definitions,
132
132
  ignore_fatal: opts[:ignore_fatal],
133
- rule_arguments: merge_rule_arguments(opts)
133
+ rule_arguments: merge_rule_arguments(opts),
134
+ rule_directory_recursive: opts[:rule_directory_recursive]
134
135
  )
135
136
  end
136
137
 
data/lib/cfn-nag/cli_options.rb CHANGED
@@ -54,6 +54,11 @@ class Options
54
54
  type: :string,
55
55
  required: false,
56
56
  default: nil
57
+ opt :rule_directory_recursive,
58
+ 'Recursively search extra rule directory',
59
+ type: :boolean,
60
+ required: false,
61
+ default: false
57
62
  opt :profile_path,
58
63
  'Path to a profile file',
59
64
  type: :string,
data/lib/cfn-nag/custom_rule_loader.rb CHANGED
@@ -27,12 +27,14 @@ class CustomRuleLoader
27
27
  allow_suppression: true,
28
28
  print_suppression: false,
29
29
  isolate_custom_rule_exceptions: false,
30
- rule_repository_definitions: [])
30
+ rule_repository_definitions: [],
31
+ rule_directory_recursive: false)
31
32
  @rule_directory = rule_directory
32
33
  @allow_suppression = allow_suppression
33
34
  @print_suppression = print_suppression
34
35
  @isolate_custom_rule_exceptions = isolate_custom_rule_exceptions
35
36
  @rule_repository_definitions = rule_repository_definitions
37
+ @rule_directory_recursive = rule_directory_recursive
36
38
  @registry = nil
37
39
  end
38
40
 
@@ -43,7 +45,8 @@ class CustomRuleLoader
43
45
  #
44
46
  def rule_definitions(force_refresh: false)
45
47
  if @registry.nil? || force_refresh
46
- @registry = FileBasedRuleRepo.new(@rule_directory).discover_rules
48
+ @registry = FileBasedRuleRepo.new(@rule_directory,
49
+ rule_directory_recursive: @rule_directory_recursive).discover_rules
47
50
  @registry.merge! GemBasedRuleRepo.new.discover_rules
48
51
 
49
52
  @registry = RuleRepositoryLoader.new.merge(@registry, @rule_repository_definitions)
data/lib/cfn-nag/rule_repos/file_based_rule_repo.rb CHANGED
@@ -8,8 +8,9 @@ require 'logging'
8
8
  # client's choosing
9
9
  #
10
10
  class FileBasedRuleRepo
11
- def initialize(rule_directory)
11
+ def initialize(rule_directory, rule_directory_recursive: false)
12
12
  @rule_directory = rule_directory
13
+ @rule_directory_recursive = rule_directory_recursive
13
14
  validate_extra_rule_directory rule_directory
14
15
  end
15
16
 
@@ -19,7 +20,8 @@ class FileBasedRuleRepo
19
20
  # we look on the file system, and we load from the file system into a Class
20
21
  # that the runtime can refer back to later from the registry which is effectively
21
22
  # just a set of rule definitons
22
- discover_rule_classes(@rule_directory).each do |rule_class|
23
+ discover_rule_classes(@rule_directory,
24
+ rule_directory_recursive: @rule_directory_recursive).each do |rule_class|
23
25
  rule_registry.definition(rule_class)
24
26
  end
25
27
 
@@ -34,12 +36,18 @@ class FileBasedRuleRepo
34
36
  raise "Not a real directory #{rule_directory}"
35
37
  end
36
38
 
37
- def discover_rule_filenames(rule_directory)
39
+ def locate_rule_files(rule_directory, rule_directory_recursive)
40
+ return Dir.glob(File.join(rule_directory, '**/*Rule.rb')).sort if rule_directory_recursive
41
+
42
+ Dir[File.join(rule_directory, '*Rule.rb')].sort
43
+ end
44
+
45
+ def discover_rule_filenames(rule_directory, rule_directory_recursive: false)
38
46
  rule_filenames = []
39
47
  unless rule_directory.nil?
40
- rule_filenames += Dir[File.join(rule_directory, '*Rule.rb')].sort
48
+ rule_filenames += locate_rule_files(rule_directory, rule_directory_recursive)
41
49
  end
42
- rule_filenames += Dir[File.join(__dir__, '..', 'custom_rules', '*Rule.rb')].sort
50
+ rule_filenames += locate_rule_files(File.join(__dir__, '..', 'custom_rules'), rule_directory_recursive)
43
51
 
44
52
  # Windows fix when running ruby from Command Prompt and not bash
45
53
  rule_filenames.reject! { |filename| filename =~ /_rule.rb$/ }
@@ -47,10 +55,13 @@ class FileBasedRuleRepo
47
55
  rule_filenames
48
56
  end
49
57
 
50
- def discover_rule_classes(rule_directory)
58
+ def discover_rule_classes(rule_directory, rule_directory_recursive: false)
51
59
  rule_classes = []
52
60
 
53
- rule_filenames = discover_rule_filenames(rule_directory)
61
+ rule_filenames = discover_rule_filenames(
62
+ rule_directory,
63
+ rule_directory_recursive: rule_directory_recursive
64
+ )
54
65
  rule_filenames.each do |rule_filename|
55
66
  require(File.absolute_path(rule_filename))
56
67
  rule_classname = File.basename(rule_filename, '.rb')
data/lib/cfn-nag/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
 
3
3
  module CfnNagVersion
4
4
  # This is managed at release time via scripts/publish.sh
5
- VERSION = '0.8.9'
5
+ VERSION = '0.8.10'
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-nag
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.9
4
+ version: 0.8.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eric Kascic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-01-03 00:00:00.000000000 Z
11
+ date: 2022-05-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake