stackfix 0.1.0__py3-none-any.whl

cloudgym/inverter/_cf_utils.py

@@ -0,0 +1,202 @@
+"""CloudFormation dict manipulation helpers for fault injection."""
+
+from __future__ import annotations
+
+from typing import Any
+
+
+# Required properties by resource type (non-exhaustive, covers common resources)
+REQUIRED_PROPERTIES: dict[str, list[str]] = {
+    "AWS::EC2::Instance": ["ImageId"],
+    "AWS::EC2::SecurityGroup": ["GroupDescription"],
+    "AWS::EC2::Subnet": ["VpcId", "CidrBlock"],
+    "AWS::EC2::VPC": ["CidrBlock"],
+    "AWS::EC2::InternetGateway": [],
+    "AWS::EC2::RouteTable": ["VpcId"],
+    "AWS::EC2::Route": ["RouteTableId"],
+    "AWS::S3::Bucket": [],
+    "AWS::RDS::DBInstance": ["DBInstanceClass", "Engine"],
+    "AWS::Lambda::Function": ["Code", "Handler", "Role", "Runtime"],
+    "AWS::IAM::Role": ["AssumeRolePolicyDocument"],
+    "AWS::IAM::Policy": ["PolicyDocument", "PolicyName"],
+    "AWS::SNS::Topic": [],
+    "AWS::SQS::Queue": [],
+    "AWS::DynamoDB::Table": ["KeySchema", "AttributeDefinitions"],
+    "AWS::ECS::Cluster": [],
+    "AWS::ECS::TaskDefinition": ["ContainerDefinitions"],
+    "AWS::ECS::Service": ["TaskDefinition"],
+    "AWS::ElasticLoadBalancingV2::LoadBalancer": [],
+    "AWS::ElasticLoadBalancingV2::TargetGroup": [],
+    "AWS::AutoScaling::AutoScalingGroup": ["MinSize", "MaxSize"],
+    "AWS::AutoScaling::LaunchConfiguration": ["ImageId", "InstanceType"],
+    "AWS::CloudWatch::Alarm": [
+        "ComparisonOperator", "EvaluationPeriods", "MetricName",
+        "Namespace", "Period", "Statistic", "Threshold",
+    ],
+}
+
+# Common resource type typos for injection
+RESOURCE_TYPE_TYPOS: dict[str, str] = {
+    "AWS::EC2::Instance": "AWS::EC2::VirtualMachine",
+    "AWS::S3::Bucket": "AWS::S3::Storage",
+    "AWS::Lambda::Function": "AWS::Lambda::Lambda",
+    "AWS::RDS::DBInstance": "AWS::RDS::Database",
+    "AWS::IAM::Role": "AWS::IAM::ServiceRole",
+    "AWS::EC2::SecurityGroup": "AWS::EC2::FirewallGroup",
+    "AWS::EC2::VPC": "AWS::EC2::VirtualPrivateCloud",
+    "AWS::DynamoDB::Table": "AWS::DynamoDB::Database",
+    "AWS::SNS::Topic": "AWS::SNS::Notification",
+    "AWS::SQS::Queue": "AWS::SQS::MessageQueue",
+}
+
+
+def find_refs(template: dict) -> list[tuple[str, list[str]]]:
+    """Find all !Ref / Fn::Ref targets in a template.
+
+    Returns list of (ref_target, json_path) pairs.
+    """
+    results: list[tuple[str, list[str]]] = []
+    _walk(template, [], lambda path, k, v: (
+        results.append((v, list(path) + [k]))
+        if k in ("Ref", "Fn::Ref") and isinstance(v, str)
+        else None
+    ))
+    return results
+
+
+def find_getatt(template: dict) -> list[tuple[list, list[str]]]:
+    """Find all !GetAtt / Fn::GetAtt targets.
+
+    Returns list of (getatt_value, json_path) pairs.
+    """
+    results: list[tuple[list, list[str]]] = []
+
+    def visitor(path: list, key: str, value: Any) -> None:
+        if key in ("GetAtt", "Fn::GetAtt"):
+            results.append((value, list(path) + [key]))
+
+    _walk(template, [], visitor)
+    return results
+
+
+def find_subs(template: dict) -> list[tuple[Any, list[str]]]:
+    """Find all !Sub / Fn::Sub expressions."""
+    results: list[tuple[Any, list[str]]] = []
+
+    def visitor(path: list, key: str, value: Any) -> None:
+        if key in ("Sub", "Fn::Sub"):
+            results.append((value, list(path) + [key]))
+
+    _walk(template, [], visitor)
+    return results
+
+
+def find_selects(template: dict) -> list[tuple[Any, list[str]]]:
+    """Find all !Select / Fn::Select expressions."""
+    results: list[tuple[Any, list[str]]] = []
+
+    def visitor(path: list, key: str, value: Any) -> None:
+        if key in ("Select", "Fn::Select"):
+            results.append((value, list(path) + [key]))
+
+    _walk(template, [], visitor)
+    return results
+
+
+def find_ifs(template: dict) -> list[tuple[Any, list[str]]]:
+    """Find all !If / Fn::If expressions."""
+    results: list[tuple[Any, list[str]]] = []
+
+    def visitor(path: list, key: str, value: Any) -> None:
+        if key in ("If", "Fn::If"):
+            results.append((value, list(path) + [key]))
+
+    _walk(template, [], visitor)
+    return results
+
+
+def find_joins(template: dict) -> list[tuple[Any, list[str]]]:
+    """Find all !Join / Fn::Join expressions."""
+    results: list[tuple[Any, list[str]]] = []
+
+    def visitor(path: list, key: str, value: Any) -> None:
+        if key in ("Join", "Fn::Join"):
+            results.append((value, list(path) + [key]))
+
+    _walk(template, [], visitor)
+    return results
+
+
+def get_resource_logical_ids(template: dict) -> list[str]:
+    """Get all logical IDs from the Resources section."""
+    resources = template.get("Resources", {})
+    if isinstance(resources, dict):
+        return list(resources.keys())
+    return []
+
+
+def get_parameter_names(template: dict) -> list[str]:
+    """Get all parameter names from the Parameters section."""
+    params = template.get("Parameters", {})
+    if isinstance(params, dict):
+        return list(params.keys())
+    return []
+
+
+def get_condition_names(template: dict) -> list[str]:
+    """Get all condition names from the Conditions section."""
+    conditions = template.get("Conditions", {})
+    if isinstance(conditions, dict):
+        return list(conditions.keys())
+    return []
+
+
+def get_resource_type(template: dict, logical_id: str) -> str | None:
+    """Get the Type of a resource by logical ID."""
+    resources = template.get("Resources", {})
+    resource = resources.get(logical_id, {})
+    return resource.get("Type")
+
+
+def set_nested(d: dict, path: list[str], value: Any) -> None:
+    """Set a value at a nested path in a dict."""
+    for key in path[:-1]:
+        if isinstance(d, dict):
+            d = d.setdefault(key, {})
+        elif isinstance(d, list) and key.isdigit():
+            d = d[int(key)]
+        else:
+            return
+    if isinstance(d, dict) and path:
+        d[path[-1]] = value
+
+
+def get_nested(d: dict, path: list[str]) -> Any:
+    """Get a value at a nested path in a dict."""
+    for key in path:
+        if isinstance(d, dict):
+            d = d.get(key)
+        elif isinstance(d, list) and key.isdigit():
+            idx = int(key)
+            d = d[idx] if idx < len(d) else None
+        else:
+            return None
+        if d is None:
+            return None
+    return d
+
+
+def walk_template(template: dict, visitor_fn: Any) -> None:
+    """Recursively walk a CF template dict, calling visitor_fn(path, key, value)."""
+    _walk(template, [], visitor_fn)
+
+
+def _walk(obj: Any, path: list, visitor: Any) -> None:
+    """Internal recursive walker."""
+    if isinstance(obj, dict):
+        for key, value in obj.items():
+            visitor(path, key, value)
+            _walk(value, path + [key], visitor)
+    elif isinstance(obj, list):
+        for i, item in enumerate(obj):
+            _walk(item, path + [str(i)], visitor)

cloudgym/inverter/_hcl_utils.py

@@ -0,0 +1,182 @@
+"""HCL text manipulation helpers for Terraform fault injection.
+
+python-hcl2 is read-only (parses HCL to dicts but can't write back),
+so we use a parse-then-regex approach: parse to understand structure,
+then do targeted string manipulation on the raw text.
+"""
+
+from __future__ import annotations
+
+import re
+
+
+def find_block_boundaries(
+    text: str, block_type: str, block_name: str | None = None
+) -> list[tuple[int, int]]:
+    """Find start/end character offsets of HCL blocks by brace-depth counting.
+
+    Args:
+        text: Raw HCL text.
+        block_type: e.g. "resource", "variable", "provider", "terraform".
+        block_name: Optional label to match (e.g. "aws_instance" or "\"main\"").
+
+    Returns:
+        List of (start_offset, end_offset) tuples for matching blocks.
+    """
+    results = []
+    # Match block headers like: resource "aws_instance" "main" {
+    if block_name:
+        pattern = re.compile(
+            rf'^[ \t]*{re.escape(block_type)}\s+["\']?{re.escape(block_name)}["\']?'
+            r'(?:\s+["\'][^"\']*["\'])?\s*\{',
+            re.MULTILINE,
+        )
+    else:
+        pattern = re.compile(
+            rf'^[ \t]*{re.escape(block_type)}\s+.*?\{{',
+            re.MULTILINE,
+        )
+
+    for match in pattern.finditer(text):
+        start = match.start()
+        brace_pos = match.end() - 1  # Position of opening brace
+        depth = 1
+        pos = brace_pos + 1
+
+        while pos < len(text) and depth > 0:
+            ch = text[pos]
+            if ch == '{':
+                depth += 1
+            elif ch == '}':
+                depth -= 1
+            elif ch == '"':
+                # Skip string content
+                pos += 1
+                while pos < len(text) and text[pos] != '"':
+                    if text[pos] == '\\':
+                        pos += 1
+                    pos += 1
+            elif ch == '#':
+                # Skip line comment
+                while pos < len(text) and text[pos] != '\n':
+                    pos += 1
+            pos += 1
+
+        if depth == 0:
+            results.append((start, pos))
+
+    return results
+
+
+def find_attribute_line(
+    text: str, block_start: int, block_end: int, attr_name: str
+) -> int | None:
+    """Find the line number of a specific attribute assignment within a block.
+
+    Returns 0-based line number or None if not found.
+    """
+    block_text = text[block_start:block_end]
+    lines = text[:block_start].count('\n')
+
+    for i, line in enumerate(block_text.split('\n')):
+        stripped = line.strip()
+        # Match attr = value or attr= value patterns
+        if re.match(rf'{re.escape(attr_name)}\s*=', stripped):
+            return lines + i
+
+    return None
+
+
+def remove_lines(text: str, start_line: int, end_line: int) -> str:
+    """Remove line range [start_line, end_line] (0-based, inclusive)."""
+    lines = text.split('\n')
+    result = lines[:start_line] + lines[end_line + 1:]
+    return '\n'.join(result)
+
+
+def replace_value(text: str, line_num: int, old_val: str, new_val: str) -> str:
+    """Replace a value on a specific line (0-based)."""
+    lines = text.split('\n')
+    if 0 <= line_num < len(lines):
+        lines[line_num] = lines[line_num].replace(old_val, new_val, 1)
+    return '\n'.join(lines)
+
+
+def find_all_attributes(text: str, block_start: int, block_end: int) -> list[tuple[str, int]]:
+    """Find all attribute assignments within a block.
+
+    Returns list of (attr_name, line_number) tuples.
+    """
+    block_text = text[block_start:block_end]
+    base_line = text[:block_start].count('\n')
+    attrs = []
+    depth = 0
+
+    for i, line in enumerate(block_text.split('\n')):
+        stripped = line.strip()
+        depth += stripped.count('{') - stripped.count('}')
+        if depth <= 1:  # Only top-level attributes of this block
+            m = re.match(r'(\w+)\s*=', stripped)
+            if m:
+                attrs.append((m.group(1), base_line + i))
+
+    return attrs
+
+
+def find_resource_blocks(text: str) -> list[tuple[str, str, int, int]]:
+    """Find all resource blocks and return (type, name, start, end) tuples."""
+    results = []
+    pattern = re.compile(
+        r'^[ \t]*resource\s+"([^"]+)"\s+"([^"]+)"\s*\{',
+        re.MULTILINE,
+    )
+
+    for match in pattern.finditer(text):
+        res_type = match.group(1)
+        res_name = match.group(2)
+        start = match.start()
+        brace_pos = match.end() - 1
+        depth = 1
+        pos = brace_pos + 1
+
+        while pos < len(text) and depth > 0:
+            ch = text[pos]
+            if ch == '{':
+                depth += 1
+            elif ch == '}':
+                depth -= 1
+            elif ch == '"':
+                pos += 1
+                while pos < len(text) and text[pos] != '"':
+                    if text[pos] == '\\':
+                        pos += 1
+                    pos += 1
+            pos += 1
+
+        if depth == 0:
+            results.append((res_type, res_name, start, pos))
+
+    return results
+
+
+def find_variable_refs(text: str) -> list[tuple[str, int]]:
+    """Find all var.X references and return (var_name, offset) pairs."""
+    results = []
+    for m in re.finditer(r'var\.(\w+)', text):
+        results.append((m.group(1), m.start()))
+    return results
+
+
+def find_resource_refs(text: str) -> list[tuple[str, str, int]]:
+    """Find all resource_type.resource_name references.
+
+    Returns (resource_type, resource_name, offset) triples.
+    """
+    results = []
+    # Match patterns like aws_instance.main.id or aws_vpc.default.id
+    for m in re.finditer(r'(\w+\.\w+)\.(\w+)', text):
+        full_ref = m.group(1)
+        parts = full_ref.split('.')
+        if len(parts) == 2 and not parts[0].startswith('var'):
+            results.append((parts[0], parts[1], m.start()))
+    return results