cfn-nag 0.3.30 → 0.3.31
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/cfn-nag/result_view/rules_view.rb +19 -10
- data/lib/cfn-nag/result_view/simple_stdout_results.rb +22 -7
- data/lib/cfn-nag/template_discovery.rb +10 -10
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bf68cbb1d8b4e0711fb0ef50f053223f65e14b24
|
|
4
|
+
data.tar.gz: d4b56316b952e80a7098932fd05b2397e80a7a72
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2d484bb7b0ee1fce0a49ffc3fb05184dfb8cf2756e8d63f6f65c3b5b9379645638767273c51fb26699a314a9005e7def27fd190caf3df2b0d87cd9dea8a8366a
|
|
7
|
+
data.tar.gz: 6df463d3d3f978703ac68cb2ea5930f163ee9ace24241920ecc22787a8fde571caf7f622530a54d0319a6bf8c1226c2c1ddace9ef5da6a2159484188724c819b
|
|
@@ -1,26 +1,35 @@
|
|
|
1
|
+
# View rules warnings/failings
|
|
1
2
|
class RulesView
|
|
2
3
|
def emit(rule_registry, profile)
|
|
3
4
|
puts 'WARNING VIOLATIONS:'
|
|
4
|
-
rule_registry.warnings
|
|
5
|
+
emit_warnings rule_registry.warnings, profile
|
|
6
|
+
puts
|
|
7
|
+
puts 'FAILING VIOLATIONS:'
|
|
8
|
+
emit_failings rule_registry.failings, profile
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
private
|
|
12
|
+
|
|
13
|
+
def emit_warnings(warnings, profile)
|
|
14
|
+
warnings.sort { |left, right| sort_id(left, right) }.each do |warning|
|
|
5
15
|
if profile.nil?
|
|
6
16
|
puts "#{warning.id} #{warning.message}"
|
|
7
|
-
|
|
8
|
-
puts "#{warning.id} #{warning.message}"
|
|
17
|
+
elsif profile.execute_rule?(warning.id)
|
|
18
|
+
puts "#{warning.id} #{warning.message}"
|
|
9
19
|
end
|
|
10
20
|
end
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def emit_failings(failings, profile)
|
|
24
|
+
failings.sort { |left, right| sort_id(left, right) }.each do |failing|
|
|
14
25
|
if profile.nil?
|
|
15
26
|
puts "#{failing.id} #{failing.message}"
|
|
16
|
-
|
|
17
|
-
puts "#{failing.id} #{failing.message}"
|
|
27
|
+
elsif profile.execute_rule?(failing.id)
|
|
28
|
+
puts "#{failing.id} #{failing.message}"
|
|
18
29
|
end
|
|
19
30
|
end
|
|
20
31
|
end
|
|
21
32
|
|
|
22
|
-
private
|
|
23
|
-
|
|
24
33
|
def sort_id(left, right)
|
|
25
34
|
if left.id.match(/[FW][0-9]+/) && right.id.match(/[FW][0-9]+/)
|
|
26
35
|
left.id[1..-1].to_i <=> right.id[1..-1].to_i
|
|
@@ -1,19 +1,34 @@
|
|
|
1
1
|
require 'cfn-nag/violation'
|
|
2
2
|
|
|
3
|
+
# Print results to STDOUT
|
|
3
4
|
class SimpleStdoutResults
|
|
5
|
+
def message_violations(violations)
|
|
6
|
+
violations.each do |violation|
|
|
7
|
+
message message_type: "#{violation.type} #{violation.id}",
|
|
8
|
+
message: violation.message,
|
|
9
|
+
logical_resource_ids: violation.logical_resource_ids
|
|
10
|
+
end
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
def print_failures(violations)
|
|
14
|
+
puts "\nFailures count: #{Violation.count_failures(violations)}"
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
def print_warnings(violations)
|
|
18
|
+
puts "Warnings count: #{Violation.count_warnings(violations)}"
|
|
19
|
+
end
|
|
20
|
+
|
|
4
21
|
def render(results)
|
|
5
22
|
results.each do |result|
|
|
6
23
|
60.times { print '-' }
|
|
7
24
|
puts "\n" + result[:filename]
|
|
8
25
|
60.times { print '-' }
|
|
9
26
|
|
|
10
|
-
result[:file_results][:violations]
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
puts "\nFailures count: #{Violation.count_failures(result[:file_results][:violations])}"
|
|
16
|
-
puts "Warnings count: #{Violation.count_warnings(result[:file_results][:violations])}"
|
|
27
|
+
violations = result[:file_results][:violations]
|
|
28
|
+
|
|
29
|
+
message_violations violations
|
|
30
|
+
print_failures violations
|
|
31
|
+
print_warnings violations
|
|
17
32
|
end
|
|
18
33
|
end
|
|
19
34
|
|
|
@@ -1,21 +1,21 @@
|
|
|
1
|
+
# Container for discovering templates
|
|
1
2
|
class TemplateDiscovery
|
|
3
|
+
# input_json_path can be a directory, filename, or File
|
|
2
4
|
def discover_templates(input_json_path)
|
|
3
5
|
if ::File.directory? input_json_path
|
|
4
|
-
|
|
5
|
-
elsif ::File.file? input_json_path
|
|
6
|
-
templates = if input_json_path.is_a? File
|
|
7
|
-
[input_json_path.path]
|
|
8
|
-
else
|
|
9
|
-
[input_json_path]
|
|
10
|
-
end
|
|
11
|
-
else
|
|
12
|
-
raise "#{input_json_path} is not a proper path"
|
|
6
|
+
return find_templates_in_directory(directory: input_json_path)
|
|
13
7
|
end
|
|
14
|
-
|
|
8
|
+
return [render_path(input_json_path)] if ::File.file? input_json_path
|
|
9
|
+
raise "#{input_json_path} is not a proper path"
|
|
15
10
|
end
|
|
16
11
|
|
|
17
12
|
private
|
|
18
13
|
|
|
14
|
+
def render_path(path)
|
|
15
|
+
return path.path if path.is_a? File
|
|
16
|
+
path
|
|
17
|
+
end
|
|
18
|
+
|
|
19
19
|
def find_templates_in_directory(directory:,
|
|
20
20
|
cfn_extensions: %w[json yaml yml template])
|
|
21
21
|
|