cfn-nag 0.4.8 → 0.4.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/cfn-nag/cfn_nag.rb +6 -5
- data/lib/cfn-nag/cfn_nag_executor.rb +29 -12
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f0a90e09ae75e36f29393f58e8ebf4bb760412a12c69a11003d78ea66ab21492
|
4
|
+
data.tar.gz: 65a8f4267aa774711a9187fa4b5b0d1381daaf2115cbc01045a389122c1f3801
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 883b3336ebc81586edad1b2b766133dbaed59d8c8241bc82420c02afd66eb3142b1c593ccdc989a46715831f13cc56b7e6d5f8020522f3bc70da16e3dc96cac3
|
7
|
+
data.tar.gz: 984513bf48cf99a90b9bc79e8cc83132f1bf32ae08d95270843fe7e21eeaf01aa6fe3c35a40edebf5f4ac2bb7e62661d070a80a19b7e34271637e092caa28c8f
|
data/lib/cfn-nag/cfn_nag.rb
CHANGED
@@ -25,6 +25,7 @@ class CfnNag
|
|
25
25
|
output_format: 'txt',
|
26
26
|
parameter_values_path: nil,
|
27
27
|
template_pattern: '..*\.json|..*\.yaml|..*\.yml|..*\.template')
|
28
|
+
|
28
29
|
aggregate_results = audit_aggregate_across_files input_path: input_path,
|
29
30
|
parameter_values_path: parameter_values_path,
|
30
31
|
template_pattern: template_pattern
|
@@ -90,6 +91,11 @@ class CfnNag
|
|
90
91
|
audit_result(violations)
|
91
92
|
end
|
92
93
|
|
94
|
+
def render_results(aggregate_results:,
|
95
|
+
output_format:)
|
96
|
+
results_renderer(output_format).new.render(aggregate_results)
|
97
|
+
end
|
98
|
+
|
93
99
|
private
|
94
100
|
|
95
101
|
def mark_line_numbers(violations, cfn_model)
|
@@ -134,11 +140,6 @@ class CfnNag
|
|
134
140
|
message: message)
|
135
141
|
end
|
136
142
|
|
137
|
-
def render_results(aggregate_results:,
|
138
|
-
output_format:)
|
139
|
-
results_renderer(output_format).new.render(aggregate_results)
|
140
|
-
end
|
141
|
-
|
142
143
|
def results_renderer(output_format)
|
143
144
|
registry = {
|
144
145
|
'txt' => SimpleStdoutResults,
|
@@ -12,6 +12,8 @@ class CfnNagExecutor
|
|
12
12
|
end
|
13
13
|
|
14
14
|
def scan(options_type:)
|
15
|
+
@total_failure_count = 0
|
16
|
+
|
15
17
|
options = Options.for(options_type)
|
16
18
|
validate_options(options)
|
17
19
|
execute_io_options(options)
|
@@ -28,22 +30,17 @@ class CfnNagExecutor
|
|
28
30
|
private
|
29
31
|
|
30
32
|
def execute_file_or_piped_scan(cfn_nag, opts)
|
31
|
-
|
33
|
+
aggregate_results = []
|
34
|
+
|
32
35
|
until argf_finished?
|
33
|
-
|
34
|
-
parameter_values_string: @parameter_values_string)
|
36
|
+
aggregate_results << scan_file(cfn_nag, opts[:fail_on_warnings])
|
35
37
|
argf_close
|
38
|
+
end
|
36
39
|
|
37
|
-
|
38
|
-
|
39
|
-
else
|
40
|
-
results[:failure_count]
|
41
|
-
end
|
40
|
+
cfn_nag.render_results(aggregate_results: aggregate_results,
|
41
|
+
output_format: opts[:output_format])
|
42
42
|
|
43
|
-
|
44
|
-
puts JSON.pretty_generate(results)
|
45
|
-
end
|
46
|
-
total_failure_count
|
43
|
+
@total_failure_count
|
47
44
|
end
|
48
45
|
|
49
46
|
def execute_aggregate_scan(cfn_nag, opts)
|
@@ -55,6 +52,22 @@ class CfnNagExecutor
|
|
55
52
|
)
|
56
53
|
end
|
57
54
|
|
55
|
+
def scan_file(cfn_nag, fail_on_warnings)
|
56
|
+
audit_result = cfn_nag.audit(cloudformation_string: argf_read,
|
57
|
+
parameter_values_string: @parameter_values_string)
|
58
|
+
|
59
|
+
@total_failure_count += if fail_on_warnings
|
60
|
+
audit_result[:violations].length
|
61
|
+
else
|
62
|
+
audit_result[:failure_count]
|
63
|
+
end
|
64
|
+
|
65
|
+
{
|
66
|
+
filename: argf_filename,
|
67
|
+
file_results: audit_result
|
68
|
+
}
|
69
|
+
end
|
70
|
+
|
58
71
|
def validate_options(opts)
|
59
72
|
unless opts[:output_format].nil? || %w[txt json].include?(opts[:output_format])
|
60
73
|
Trollop.die(:output_format,
|
@@ -99,4 +112,8 @@ class CfnNagExecutor
|
|
99
112
|
def argf_read
|
100
113
|
ARGF.file.read
|
101
114
|
end
|
115
|
+
|
116
|
+
def argf_filename
|
117
|
+
ARGF.filename
|
118
|
+
end
|
102
119
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cfn-nag
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.9
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Eric Kascic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-
|
11
|
+
date: 2019-06-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rspec
|