cfn-nag 0.3.64 → 0.3.65

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cfn-nag/cfn_nag.rb +27 -20
  3. data/lib/cfn-nag/custom_rule_loader.rb +8 -3
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 960b1a143e3a08dafc5cfed366c18b2edb16b3e1a4b02b4f1c82a10e995e0f50
4
- data.tar.gz: 2df5d5eac2ad2577e5e9aa951b79dd273e694a1aecc15872a318f952dbe13356
3
+ metadata.gz: 783d680607fef0a7471c74e353264ebbc7758a8cf7ffcf61392b41c06739d09b
4
+ data.tar.gz: 38505a5993a099e5140a0e5ad35122c5ecea8f8f14c04afbcf045ae180bf6c27
5
5
  SHA512:
6
- metadata.gz: 6794ae9f495c2f0a67656911eb0801046a438eb5a63962badce7e4942dbb1d42f8162c05ef8e004f7ccbc6cfdb4e30242c9af052f32cc40ca4a15e10904fdc0e
7
- data.tar.gz: 9c60301df79b8c7466319ea16d83862eec1da3a3418dfdee46f453a4a7d72b0a2c292bfa510087e421493d173a94e906f287f90108810760a5985ca0925d7ee8
6
+ metadata.gz: 00c6718490e3ade00a21a2f42e8fc4be2373a1dc60b68308f96563ce2eb356d44b9e697733a9cb37bbab9603f0e4bc84ef1e1306a3ce6bf83a6b476a35cfec54
7
+ data.tar.gz: c96b56fc4fbe93b9d04e51eb58da0442d8e41c2d143eb80a8a10704872db64d0d7b167ed212910e85cc4020bfa6cbf418480c6e6c0f982b2bfe3997547f3f062
data/lib/cfn-nag/cfn_nag.rb CHANGED
@@ -64,6 +64,19 @@ class CfnNag
64
64
  aggregate_results
65
65
  end
66
66
 
67
+ def audit_result(violations)
68
+ {
69
+ failure_count: Violation.count_failures(violations),
70
+ violations: violations
71
+ }
72
+ end
73
+
74
+ def fatal_violation(message)
75
+ Violation.new(id: 'FATAL',
76
+ type: Violation::FAILING_VIOLATION,
77
+ message: message)
78
+ end
79
+
67
80
  ##
68
81
  # Given cloudformation json/yml, run all the rules against it
69
82
  #
@@ -74,26 +87,20 @@ class CfnNag
74
87
  #
75
88
  def audit(cloudformation_string:, parameter_values_string: nil)
76
89
  violations = []
77
- cfn_model = CfnParser.new.parse cloudformation_string,
78
- parameter_values_string
79
- violations += @custom_rule_loader.execute_custom_rules(cfn_model)
80
- violations = filter_violations_by_profile violations
81
- { failure_count: Violation.count_failures(violations),
82
- violations: violations }
83
- rescue Psych::SyntaxError, ParserError => parser_error
84
- violations << Violation.new(id: 'FATAL',
85
- type: Violation::FAILING_VIOLATION,
86
- message: parser_error.to_s)
87
- { failure_count: Violation.count_failures(violations),
88
- violations: violations }
89
- rescue JSON::ParserError => json_parameters_error
90
- violations << Violation.new(id: 'FATAL',
91
- type: Violation::FAILING_VIOLATION,
92
- message: "JSON Parameter values parse error: #{json_parameters_error.to_s}")
93
- {
94
- failure_count: Violation.count_failures(violations),
95
- violations: violations
96
- }
90
+
91
+ begin
92
+ cfn_model = CfnParser.new.parse cloudformation_string,
93
+ parameter_values_string
94
+ violations += @custom_rule_loader.execute_custom_rules(cfn_model)
95
+ violations = filter_violations_by_profile violations
96
+ rescue Psych::SyntaxError, ParserError => parser_error
97
+ violations << fatal_violation(parser_error.to_s)
98
+ rescue JSON::ParserError => json_parameters_error
99
+ error = "JSON Parameter values parse error: #{json_parameters_error.to_s}"
100
+ violations << fatal_violation(error)
101
+ end
102
+
103
+ audit_result(violations)
97
104
  end
98
105
 
99
106
  def self.configure_logging(opts)
data/lib/cfn-nag/custom_rule_loader.rb CHANGED
@@ -97,9 +97,7 @@ class CustomRuleLoader
97
97
  end
98
98
  end
99
99
 
100
- # XXX given mangled_metadatas is never used or returned,
101
- # STDERR emit can be moved to unless block
102
- def validate_cfn_nag_metadata(cfn_model)
100
+ def collect_mangled_metadata(cfn_model)
103
101
  mangled_metadatas = []
104
102
  cfn_model.resources.each do |logical_resource_id, resource|
105
103
  resource_rules_to_suppress = rules_to_suppress resource
@@ -111,6 +109,13 @@ class CustomRuleLoader
111
109
  mangled_metadatas << [logical_resource_id, mangled_rules]
112
110
  end
113
111
  end
112
+ mangled_metadatas
113
+ end
114
+
115
+ # XXX given mangled_metadatas is never used or returned,
116
+ # STDERR emit can be moved to unless block
117
+ def validate_cfn_nag_metadata(cfn_model)
118
+ mangled_metadatas = collect_mangled_metadata(cfn_model)
114
119
  mangled_metadatas.each do |mangled_metadata|
115
120
  logical_resource_id = mangled_metadata.first
116
121
  mangled_rules = mangled_metadata[1]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-nag
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.64
4
+ version: 0.3.65
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eric Kascic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-04-11 00:00:00.000000000 Z
11
+ date: 2019-04-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec