cfn-nag 0.3.25 → 0.3.25.26
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/cfn_nag +36 -27
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: bf5726f04d07c111c0541fb8f56726be61f11f2d
|
4
|
+
data.tar.gz: b3c98358b4bc53fd75d3cdaf29ff79e7afa70a0a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 39d6ae274d8d13dcc7332010956a463ce514e781067e59357a3678dde9af9ab1624b0c8bfea258a974fe1da29d647981020996c86b7dadfbf41463315595b7d0
|
7
|
+
data.tar.gz: b2ad25ba0a8c8f0c6082ce191c1d1146ab7cdfe7995378a53ba94cb0b2a4bc783c0d9bbb3000efdfbd73e1ebd5dafc607fec5c95fa97616936e75c01e9a9856a
|
data/bin/cfn_nag
CHANGED
@@ -5,20 +5,36 @@ require 'logging'
|
|
5
5
|
require 'json'
|
6
6
|
require 'rubygems/specification'
|
7
7
|
|
8
|
-
opts = Trollop
|
9
|
-
usage '[options] <cloudformation template path
|
8
|
+
opts = Trollop.options do
|
9
|
+
usage '[options] <cloudformation template path ...>|' \
|
10
|
+
'<cloudformation template in STDIN>'
|
10
11
|
version Gem::Specification.find_by_name('cfn-nag').version
|
11
12
|
|
12
|
-
opt :debug, 'Enable debug output', type: :boolean, required: false,
|
13
|
-
|
14
|
-
opt :
|
15
|
-
|
16
|
-
|
17
|
-
opt :
|
18
|
-
|
13
|
+
opt :debug, 'Enable debug output', type: :boolean, required: false,
|
14
|
+
default: false
|
15
|
+
opt :allow_suppression,
|
16
|
+
'Allow using Metadata to suppress violations',
|
17
|
+
type: :boolean, required: false, default: true
|
18
|
+
opt :print_suppression, 'Emit suppressions to stderr', type: :boolean,
|
19
|
+
required: false,
|
20
|
+
default: false
|
21
|
+
opt :rule_directory, 'Extra rule directory', type: :io,
|
22
|
+
required: false,
|
23
|
+
default: nil
|
24
|
+
opt :profile_path, 'Path to a profile file', type: :io,
|
25
|
+
required: false,
|
26
|
+
default: nil
|
27
|
+
opt :parameter_values_path,
|
28
|
+
'Path to a JSON file to pull Parameter values from', type: :io,
|
29
|
+
required: false,
|
30
|
+
default: nil
|
31
|
+
opt :isolate_custom_rule_exceptions,
|
32
|
+
'Isolate custom rule exceptions - just emit the exception ' \
|
33
|
+
'without stack trace and keep chugging',
|
34
|
+
type: :boolean, required: false, default: false
|
19
35
|
end
|
20
36
|
|
21
|
-
CfnNag
|
37
|
+
CfnNag.configure_logging(opts)
|
22
38
|
|
23
39
|
profile_definition = nil
|
24
40
|
unless opts[:profile_path].nil?
|
@@ -34,25 +50,18 @@ cfn_nag = CfnNag.new(profile_definition: profile_definition,
|
|
34
50
|
rule_directory: opts[:rule_directory],
|
35
51
|
allow_suppression: opts[:allow_suppression],
|
36
52
|
print_suppression: opts[:print_suppression],
|
37
|
-
isolate_custom_rule_exceptions:
|
53
|
+
isolate_custom_rule_exceptions:
|
54
|
+
opts[:isolate_custom_rule_exceptions])
|
38
55
|
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
56
|
+
total_failure_count = 0
|
57
|
+
until ARGF.closed?
|
58
|
+
results = cfn_nag.audit(cloudformation_string: ARGF.file.read,
|
59
|
+
parameter_values_string: parameter_values_string)
|
60
|
+
ARGF.close
|
43
61
|
|
44
|
-
|
62
|
+
total_failure_count += results[:failure_count]
|
63
|
+
results[:violations] = results[:violations].map(&:to_h)
|
45
64
|
puts JSON.pretty_generate(results)
|
46
|
-
exit results[:failure_count]
|
47
|
-
else
|
48
|
-
total_failure_count = 0
|
49
|
-
ARGV.each do |file_name|
|
50
|
-
results = cfn_nag.audit(cloudformation_string: IO.read(file_name), parameter_values_string: parameter_values_string)
|
51
|
-
|
52
|
-
total_failure_count += results[:failure_count]
|
53
|
-
results[:violations] = results[:violations].map { |violation| violation.to_h }
|
54
|
-
puts JSON.pretty_generate(results)
|
55
|
-
end
|
56
|
-
exit total_failure_count
|
57
65
|
end
|
58
66
|
|
67
|
+
exit total_failure_count
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cfn-nag
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.25
|
4
|
+
version: 0.3.25.26
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Eric Kascic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-03-
|
11
|
+
date: 2018-03-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: logging
|