cfn-check 0.3.0__tar.gz → 0.3.2__tar.gz

{cfn_check-0.3.0 → cfn_check-0.3.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cfn-check
-Version: 0.3.0
+Version: 0.3.2
 Summary: Validate Cloud Formation
 Author-email: Ada Lundhe <adalundhe@lundhe.audio>
 License: MIT License
@@ -50,7 +50,7 @@ Dynamic: license-file
 
 | Package     | cfn-check                                                           |
 | ----------- | -----------                                                     |
-| Version     | 0.2.0                                                           |
+| Version     | 0.3.2                                                           |
 | Download    | https://pypi.org/project/cfn-check/                             | 
 | Source      | https://github.com/adalundhe/cfn-check                          |
 | Keywords    | cloud-formation, testing, aws, cli                              |
@@ -314,7 +314,7 @@ class ValidateSecurityGroups(Collection):
         "Resources::SecurityGroup::Properties::(SecurityGroup)",
         "It checks Security Groups are correctly definined",
     )
-    def validate_test(self, value: list[dict]):
+    def validate_security_groups(self, value: list[dict]):
       assert len(value) > 0
       
       for item in value:
@@ -352,7 +352,7 @@ To select all `Resource` objects, then further extract the `Type` field from eac
 Ranges allow you to perform sophisticated selection of objects or data within a CloudFormation document.
 
 > [!IMPORTANT]
-> Range Tokens *only* work on list items. This means that any
+> Range Tokens *only* work on arrays. This means that any
 > values or other objects/data in the selected section of the
 > CloudFormation document will be *ignored* and filtered out.
 
@@ -456,7 +456,7 @@ The Rule will fail as below:
 error: ❌ No results matching results for query Resources::[*]::Type
 ```
 
-As we're selecting objects, not an array! A valid use would be in validating the deeply nested zipfile code of a Lambda's `AppendItemToListFunction`:
+as we're selecting objects, not an array! A valid use would be in validating the deeply nested zipfile code of a Lambda's `AppendItemToListFunction`:
 
 ```yaml
   AppendItemToListFunction:
@@ -514,7 +514,7 @@ will select any EC2 ImageIds that start with either `AWSRegion` or `Custom`.
 
 ### Nested Ranges
 
-CloudFormation often involes nested arrays, and navigates these can make for long and difficult-to-read Queries. To help reduce Query length, `cfn-check` supports nesting Range Tokens. For example, when evaluating:
+CloudFormation often involes nested arrays, and navigating these can make for long and difficult-to-read Queries. To help reduce Query length, `cfn-check` supports nesting Range Tokens. For example, when evaluating:
 
 ```yaml
 ZipFile: !Join

{cfn_check-0.3.0 → cfn_check-0.3.2}/README.md

@@ -9,7 +9,7 @@
 
 | Package     | cfn-check                                                           |
 | ----------- | -----------                                                     |
-| Version     | 0.2.0                                                           |
+| Version     | 0.3.2                                                           |
 | Download    | https://pypi.org/project/cfn-check/                             | 
 | Source      | https://github.com/adalundhe/cfn-check                          |
 | Keywords    | cloud-formation, testing, aws, cli                              |
@@ -273,7 +273,7 @@ class ValidateSecurityGroups(Collection):
         "Resources::SecurityGroup::Properties::(SecurityGroup)",
         "It checks Security Groups are correctly definined",
     )
-    def validate_test(self, value: list[dict]):
+    def validate_security_groups(self, value: list[dict]):
       assert len(value) > 0
       
       for item in value:
@@ -311,7 +311,7 @@ To select all `Resource` objects, then further extract the `Type` field from eac
 Ranges allow you to perform sophisticated selection of objects or data within a CloudFormation document.
 
 > [!IMPORTANT]
-> Range Tokens *only* work on list items. This means that any
+> Range Tokens *only* work on arrays. This means that any
 > values or other objects/data in the selected section of the
 > CloudFormation document will be *ignored* and filtered out.
 
@@ -415,7 +415,7 @@ The Rule will fail as below:
 error: ❌ No results matching results for query Resources::[*]::Type
 ```
 
-As we're selecting objects, not an array! A valid use would be in validating the deeply nested zipfile code of a Lambda's `AppendItemToListFunction`:
+as we're selecting objects, not an array! A valid use would be in validating the deeply nested zipfile code of a Lambda's `AppendItemToListFunction`:
 
 ```yaml
   AppendItemToListFunction:
@@ -473,7 +473,7 @@ will select any EC2 ImageIds that start with either `AWSRegion` or `Custom`.
 
 ### Nested Ranges
 
-CloudFormation often involes nested arrays, and navigates these can make for long and difficult-to-read Queries. To help reduce Query length, `cfn-check` supports nesting Range Tokens. For example, when evaluating:
+CloudFormation often involes nested arrays, and navigating these can make for long and difficult-to-read Queries. To help reduce Query length, `cfn-check` supports nesting Range Tokens. For example, when evaluating:
 
 ```yaml
 ZipFile: !Join

{cfn_check-0.3.0 → cfn_check-0.3.2}/cfn_check/cli/validate.py

@@ -11,9 +11,7 @@ from cfn_check.collection.collection import Collection
 from cfn_check.validation.validator import Validator
 
 
-@CLI.command(
-    display_help_on_error=False,
-)
+@CLI.command()
 async def validate(
     path: str,
     file_pattern: str | None = None,

{cfn_check-0.3.0 → cfn_check-0.3.2}/cfn_check/evaluation/parsing/token.py

@@ -146,7 +146,7 @@ class Token:
             (idx, item)
             for idx, item in enumerate(node)
             if self.selector.match(item) or (
-                isinstance(item, dict, list)
+                isinstance(item, (dict, list))
                 and any([
                     self.selector.match(val)
                     for val in item
@@ -155,8 +155,8 @@ class Token:
         ]
         
         return (
-            [str(idx) for idx in matches],
-            [item for item in matches]
+            [str(idx) for idx, _ in matches],
+            [item for _, item in matches]
         )
     
     def _match_unbound_range(
@@ -185,14 +185,29 @@ class Token:
             ) for idx, value in enumerate(node) if (
                 str(value) == self.selector
             ) or (
-                isinstance(value, dict, list)
-                and value in self.selector
+                isinstance(value, (dict, list))
+                and self.selector in value
             )
         ]
 
+        for idx, match in enumerate(matches):
+            match_idx, item = match
+
+            if isinstance(item, dict):
+                matches[idx] = (
+                    match_idx,
+                    item.get(self.selector),
+                )
+
+            elif isinstance(item, list):
+                match_idx[idx] = (
+                    match_idx,
+                    matches[match_idx],
+                )
+
         return (
-            [str(idx) for idx in matches],
-            [item for item in matches]
+            [str(idx) for idx, _ in matches],
+            [item for _, item in matches]
         )
     
     def _match_nested_range(

{cfn_check-0.3.0 → cfn_check-0.3.2}/cfn_check.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cfn-check
-Version: 0.3.0
+Version: 0.3.2
 Summary: Validate Cloud Formation
 Author-email: Ada Lundhe <adalundhe@lundhe.audio>
 License: MIT License
@@ -50,7 +50,7 @@ Dynamic: license-file
 
 | Package     | cfn-check                                                           |
 | ----------- | -----------                                                     |
-| Version     | 0.2.0                                                           |
+| Version     | 0.3.2                                                           |
 | Download    | https://pypi.org/project/cfn-check/                             | 
 | Source      | https://github.com/adalundhe/cfn-check                          |
 | Keywords    | cloud-formation, testing, aws, cli                              |
@@ -314,7 +314,7 @@ class ValidateSecurityGroups(Collection):
         "Resources::SecurityGroup::Properties::(SecurityGroup)",
         "It checks Security Groups are correctly definined",
     )
-    def validate_test(self, value: list[dict]):
+    def validate_security_groups(self, value: list[dict]):
       assert len(value) > 0
       
       for item in value:
@@ -352,7 +352,7 @@ To select all `Resource` objects, then further extract the `Type` field from eac
 Ranges allow you to perform sophisticated selection of objects or data within a CloudFormation document.
 
 > [!IMPORTANT]
-> Range Tokens *only* work on list items. This means that any
+> Range Tokens *only* work on arrays. This means that any
 > values or other objects/data in the selected section of the
 > CloudFormation document will be *ignored* and filtered out.
 
@@ -456,7 +456,7 @@ The Rule will fail as below:
 error: ❌ No results matching results for query Resources::[*]::Type
 ```
 
-As we're selecting objects, not an array! A valid use would be in validating the deeply nested zipfile code of a Lambda's `AppendItemToListFunction`:
+as we're selecting objects, not an array! A valid use would be in validating the deeply nested zipfile code of a Lambda's `AppendItemToListFunction`:
 
 ```yaml
   AppendItemToListFunction:
@@ -514,7 +514,7 @@ will select any EC2 ImageIds that start with either `AWSRegion` or `Custom`.
 
 ### Nested Ranges
 
-CloudFormation often involes nested arrays, and navigates these can make for long and difficult-to-read Queries. To help reduce Query length, `cfn-check` supports nesting Range Tokens. For example, when evaluating:
+CloudFormation often involes nested arrays, and navigating these can make for long and difficult-to-read Queries. To help reduce Query length, `cfn-check` supports nesting Range Tokens. For example, when evaluating:
 
 ```yaml
 ZipFile: !Join

{cfn_check-0.3.0 → cfn_check-0.3.2}/example/rules.py

@@ -41,7 +41,7 @@ class ResourcesChecks(Collection):
         "Resources::SecurityGroup::Properties::(SecurityGroup)::[]",
         "It checks Security Groups are correctly definined",
     )
-    def validate_test(self, value: list[dict]):
+    def validate_security_groups(self, value: list[dict]):
       assert len(value) > 0
       
       for item in value:
@@ -68,4 +68,13 @@ class ResourcesChecks(Collection):
     def validate_lambda_code_zipfile(self, value: list[str]):
         assert value is not None, '❌ Lambda zipfile code is not defined'
         assert isinstance(value, list), '❌ Lambda execution zipfile code not a list'
-        assert len(value) > 0,'❌ Lambda execution zipfile code empty'
+        assert len(value) > 0,'❌ Lambda execution zipfile code empty'
+
+    @Rule(
+        "Resources::SecurityGroup::Properties::(SecurityGroup)::[IpProtocol]",
+        "It checks Security Groups IpProtocols are tcp",
+    )
+    def validate_ip_protocols(self, ip_protocol: str):
+        assert ip_protocol is not None
+        assert isinstance(ip_protocol, str)
+        assert ip_protocol == "tcp"

{cfn_check-0.3.0 → cfn_check-0.3.2}/pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "cfn-check"
-version = "0.3.0"
+version = "0.3.2"
 requires-python = ">=3.12"
 description = "Validate Cloud Formation"
 readme = "README.md"