Skip to content

Commit

Permalink
Merge branch 'main' into setup-gdi
Browse files Browse the repository at this point in the history
  • Loading branch information
@kddejong
kddejong authored Apr 30, 2024
2 parents 24a197d + f67306c commit fd948a5
Show file tree
Hide file tree
Showing 544 changed files with 98,125 additions and 85,017 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/pypi.yaml → .github/workflows/cd-pypi.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Upload Python Package
name: "[CD] Upload to pypi"

on:
release:
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/test.yaml → .github/workflows/ci-branch.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
name: Testing
name: "[CI] Test branch"

on: [push, pull_request]
on: [push]

jobs:
unitlint:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
python: [ 3.7, 3.8, 3.9, "3.10", "3.11", "3.12" ]
python: [ 3.8, 3.9, "3.10", "3.11", "3.12" ]

steps:
- uses: actions/checkout@v4
Expand All @@ -23,7 +23,7 @@ jobs:
tox -e style
tox -e type
tox -e py
- uses: codecov/codecov-action@v3.1.4
- uses: codecov/codecov-action@v4.3.0
if: matrix.os == 'ubuntu-latest'
with:
token: ${{ secrets.CODECOV_TOKEN }}
Expand Down
31 changes: 31 additions & 0 deletions .github/workflows/ci-pr-coverage.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
name: "[CI] Upload PR coverage"

on:
workflow_run:
workflows: ["[CI] Test PR"]
types:
- completed

jobs:
upload-coverage:
if: ${{ github.event.workflow_run.conclusion == 'success' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- name: Download All Artifacts
uses: actions/download-artifact@v4
with:
pattern: coverage-*
merge-multiple: true

- name: Upload coverage report
if: '!cancelled()'
uses: codecov/codecov-action@v3
with:
override_commit: ${{ github.event.workflow_run.head_sha }}
override_pr: ${{ github.event.workflow_run.pull_requests[0].number }}
token: ${{ secrets.CODECOV_TOKEN }}
files: "coverage-*.xml"
fail_ci_if_error: true
verbose: true
73 changes: 73 additions & 0 deletions .github/workflows/ci-pr.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
name: "[CI] Test PR"

on: [pull_request]

jobs:
unitlint:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
python: [ 3.8, 3.9, "3.10", "3.11", "3.12" ]

steps:
- uses: actions/checkout@v4
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python }}
- name: Install Tox and any other packages
run: pip install tox
- name: Run Tox
run: |
tox -e style
tox -e type
tox -e py
env:
COVERAGE_FILE: ".coverage.${{ matrix.python }}"
- name: Store coverage file
uses: actions/upload-artifact@v4
if: matrix.os == 'ubuntu-latest'
with:
name: coverage-${{ matrix.python }}
path: .coverage.${{ matrix.python }}
integration:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
python: [3.8]
steps:
- uses: actions/checkout@v4
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python }}
- name: Install cfn-lint
run: |
pip3 install -e .
- name: Run cfn-lint
run: |
cfn-lint test/fixtures/templates/good/generic.yaml
cat test/fixtures/templates/good/generic.yaml | cfn-lint
dependencies:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest]
python: [3.8]
steps:
- uses: actions/checkout@v4
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python }}
- name: Install cfn-lint
run: |
pip3 install -e .
pip install --upgrade pip
pip install --upgrade setuptools
- uses: pypa/[email protected]
with:
ignore-vulns: |
GHSA-r9hx-vwmv-q579
11 changes: 7 additions & 4 deletions .github/workflows/maintenance.yaml → .github/workflows/maintenance-v0.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,21 +1,23 @@
name: Automated Maintenance
name: Automated Maintenance v0
on:
schedule:
- cron: '0 */2 * * *'
- cron: '0 4,8,16,20 * * *'
workflow_dispatch: # Enables on-demand/manual triggering: https://docs.github.com/en/free-pro-team@latest/actions/managing-workflow-runs/manually-running-a-workflow
jobs:
job:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: 'main'
- uses: actions/setup-python@v5
with:
python-version: 3
-
id: maintenance
run: |
latest_sam_cli=`curl -s https://api.github.com/repos/aws/aws-sam-cli/releases/latest | jq -r .tag_name | cut -c 2-`
latest=`curl "https://pypi.org/pypi/aws-sam-cli/$latest_sam_cli/json" -s | jq -r '.info.requires_dist[] | select(contains("aws-sam-translator"))' | cut -c 22-`
latest=`curl "https://pypi.org/pypi/aws-sam-cli/$latest_sam_cli/json" -s | jq -r '.info.requires_dist[] | select(contains("aws-sam-translator"))' | cut -c 21-`
sed -i -E "s/aws-sam-translator>=[0-9.]+/aws-sam-translator>=$latest/" setup.py
pip install -e .
rm -rf src/cfnlint/data/DownloadsMetadata/*
Expand All @@ -30,8 +32,9 @@ jobs:
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- uses: peter-evans/create-pull-request@v5
- uses: peter-evans/create-pull-request@v6
with:
branch: create-pull-request/maintenance-v0
commit-message: |
Update CloudFormation specs to ${{ steps.maintenance.outputs.specversion }}
body: |
Expand Down
45 changes: 45 additions & 0 deletions .github/workflows/maintenance-v1.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
name: Automated Maintenance v1
on:
schedule:
- cron: '0 0,6,12,18 * * *'
workflow_dispatch: # Enables on-demand/manual triggering: https://docs.github.com/en/free-pro-team@latest/actions/managing-workflow-runs/manually-running-a-workflow
jobs:
job:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: 'v1'
- uses: actions/setup-python@v5
with:
python-version: 3
-
id: maintenance
run: |
latest_sam_cli=`curl -s https://api.github.com/repos/aws/aws-sam-cli/releases/latest | jq -r .tag_name | cut -c 2-`
latest=`curl "https://pypi.org/pypi/aws-sam-cli/$latest_sam_cli/json" -s | jq -r '.info.requires_dist[] | select(contains("aws-sam-translator"))' | cut -c 21-`
sed -i -E "s/aws-sam-translator>=[0-9.]+/aws-sam-translator>=$latest/" pyproject.toml
pip install -e .
rm -rf src/cfnlint/data/DownloadsMetadata/*
cfn-lint --update-iam-policies
cfn-lint --update-documentation
scripts/update_specs_from_pricing.py
scripts/update_serverless_aws_policies.py
scripts/update_schemas_from_aws_api.py
cfn-lint --update-specs
echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- uses: peter-evans/create-pull-request@v6
with:
branch: create-pull-request/maintenance-v1
commit-message: |
Update CloudFormation schemas to ${{ steps.maintenance.outputs.date }}
body: |
- Update CloudFormation schemas to ${{ steps.maintenance.outputs.date }}
- Update Specs from pricing data as of ${{ steps.maintenance.outputs.date }}
Automated changes by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action
delete-branch: true
title: chore(schemas) - Update CloudFormation schemas to ${{ steps.maintenance.outputs.date }}
88 changes: 88 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,91 @@
### v0.87.0
###### CloudFormation Specifications
- Update CloudFormation specs to `171.0.0` (pull #[3160](https://github.com/aws-cloudformation/cfn-lint/pull/3160))
###### Fixes
- When using a list param in foreach pass back select statements when no allowed value (pull #[3176](https://github.com/aws-cloudformation/cfn-lint/pull/3176))
- Fix an issue with graphs and pydot and not quoting attrs (pull #[3177](https://github.com/aws-cloudformation/cfn-lint/pull/3177))
- Update [I3013](https://github.com/aws-cloudformation/cfn-python-lint/blob/main/docs/rules.md#I3013) as read replicas don't need backup period (pull #[3171](https://github.com/aws-cloudformation/cfn-lint/pull/3171))
- Change filenames to be OS specific paths (pull #[3170](https://github.com/aws-cloudformation/cfn-lint/pull/3170))
- Update [E8001](https://github.com/aws-cloudformation/cfn-python-lint/blob/main/docs/rules.md#E8001) to validate null Condition section (pull #[3169](https://github.com/aws-cloudformation/cfn-lint/pull/3169))

### v0.86.4
###### CloudFormation Specifications
- Update CloudFormation specs to `170.0.0` (pull #[3149](https://github.com/aws-cloudformation/cfn-lint/pull/3149))
###### Fixes
- Only pick up `.json` files when using registry shcemas (pull #[3150](https://github.com/aws-cloudformation/cfn-lint/pull/3150))
- Update IAM policy validation to not allow `Action` and `NotAction` (pull #[3145](https://github.com/aws-cloudformation/cfn-lint/pull/3145))
- Update IAM policy validation to not allow `Principal` and `NotPrincipal` (pull #[3145](https://github.com/aws-cloudformation/cfn-lint/pull/3145))
- Update IAM policy validation to not allow `Resource` and `NotResource` (pull #[3145](https://github.com/aws-cloudformation/cfn-lint/pull/3145))

### v0.86.3
###### CloudFormation Specifications
- Update CloudFormation specs to `169.0.0` (pull #[3135](https://github.com/aws-cloudformation/cfn-lint/pull/3135))
- Support `db2-ae` and `db2-se` RDS engines for `AWS::RDS::DBInstance.Engine` (pull #[3139](https://github.com/aws-cloudformation/cfn-lint/pull/3139))
###### Fixes
- Safely get `readOnlyProperties` (pull #[3141](https://github.com/aws-cloudformation/cfn-lint/pull/3141))

### v0.86.2
###### CloudFormation Specifications
- Update CloudFormation specs to `168.0.0` (pull #[3127](https://github.com/aws-cloudformation/cfn-lint/pull/3127))
- Remove `AWS::RDS::DBCluster` from exclusive checks (pull #[3119](https://github.com/aws-cloudformation/cfn-lint/pull/3119))
###### Fixes
- When doing a transform pass back FindInMap when resolution failure (pull #[3131](https://github.com/aws-cloudformation/cfn-lint/pull/3131))
- Update deprecated Lambda runtimes (pull #[3113](https://github.com/aws-cloudformation/cfn-lint/pull/3113))

### v0.86.1
###### CloudFormation Specifications
- Update CloudFormation specs to `165.0.0` (pull #[3092](https://github.com/aws-cloudformation/cfn-lint/pull/3092))
###### Fixes
- RDS DB Cluster remove MasterUserPassword from exclusion with MasterUsername (pull #[3106](https://github.com/aws-cloudformation/cfn-lint/pull/3106))
- fix an issue when searching for Ref in tojsonstring (pull #[3107](https://github.com/aws-cloudformation/cfn-lint/pull/3107))

### v0.86.0
###### Feature
- Disable and configure certain rules when template is from CDK (pull #[2971](https://github.com/aws-cloudformation/cfn-lint/pull/2971))
###### CloudFormation Specifications
- Update CloudFormation specs to `163.0.0` (pull #[3076](https://github.com/aws-cloudformation/cfn-lint/pull/3076))

### v0.85.3
###### CloudFormation Specifications
- Update CloudFormation specs to `162.0.0` (pull #[3069](https://github.com/aws-cloudformation/cfn-lint/pull/3069))
###### Fixes
- Raise error if any key in a mapping is null (pull #[3073](https://github.com/aws-cloudformation/cfn-lint/pull/3073))
- Add getatt support for registry schemas (pull #[3061](https://github.com/aws-cloudformation/cfn-lint/pull/3061))
- Set Application location when its a string in SAM transform (pull #[3060](https://github.com/aws-cloudformation/cfn-lint/pull/3060))

### v0.85.2
###### CloudFormation Specifications
- Update CloudFormation specs to `160.0.0` (pull #[3054](https://github.com/aws-cloudformation/cfn-lint/pull/3054))

### v0.85.1
###### CloudFormation Specifications
- Update CloudFormation specs to `158.0.0` (pull #[3039](https://github.com/aws-cloudformation/cfn-lint/pull/3039))
###### Fixes
- Fix an issue with using SAM and a GetAtt (pull #[3042](https://github.com/aws-cloudformation/cfn-lint/pull/3042))

### v0.85.0
###### Feature
- Update rule [E3027](https://github.com/aws-cloudformation/cfn-python-lint/blob/main/docs/rules.md#E3027) to validate rate periods (pull #[3017](https://github.com/aws-cloudformation/cfn-lint/pull/3017))
- Add support new language extension foreach capabilities `&{parameter}` (pull #[3033](https://github.com/aws-cloudformation/cfn-lint/pull/3033))
- Passthrough metadata into SAM translator (pull #[3030](https://github.com/aws-cloudformation/cfn-lint/pull/3030))
- Switch to using path and resource names for directives (pull #[3035](https://github.com/aws-cloudformation/cfn-lint/pull/3035))
###### CloudFormation Specifications
- Update CloudFormation specs to `156.0.0` (pull #[3029](https://github.com/aws-cloudformation/cfn-lint/pull/3029))

### v0.84.0
###### CloudFormation Specifications
- Update CloudFormation specs to `154.0.0` (pull #[3005](https://github.com/aws-cloudformation/cfn-lint/pull/3005))
- Add db.serverless to neptune instance classes (pull #[3009](https://github.com/aws-cloudformation/cfn-lint/pull/3009))
###### Fixes
- Drop python 3.7 support (pull #[3005](https://github.com/aws-cloudformation/cfn-lint/pull/3005))

### v0.83.8
###### CloudFormation Specifications
- Update CloudFormation specs to `153.0.0` (pull #[2986](https://github.com/aws-cloudformation/cfn-lint/pull/2986))
###### Fixes
- Remove rule [E2506](https://github.com/aws-cloudformation/cfn-python-lint/blob/main/docs/rules.md#E2506) which results in false positive (pull #[3001](https://github.com/aws-cloudformation/cfn-lint/pull/3001))
- Return dict str_node when doing transform (pull #[2996](https://github.com/aws-cloudformation/cfn-lint/pull/2996))

### v0.83.7
###### CloudFormation Specifications
- Update CloudFormation specs to `152.0.0` (pull #[2984](https://github.com/aws-cloudformation/cfn-lint/pull/2984))
Expand Down
6 changes: 3 additions & 3 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ _To get information about the [SAM Transformation](https://docs.aws.amazon.com/A

## Install

Python 3.7+ is supported.
Python 3.8+ is supported.

### Pip

Expand Down Expand Up @@ -325,7 +325,7 @@ If you'd like cfn-lint to be run automatically when making changes to files in y
```yaml
repos:
- repo: https://github.com/aws-cloudformation/cfn-lint
rev: v0.83.7 # The version of cfn-lint to use
rev: v0.87.0 # The version of cfn-lint to use
hooks:
- id: cfn-lint
files: path/to/cfn/dir/.*\.(json|yml|yaml)$
Expand All @@ -335,7 +335,7 @@ If you are using a `.cfnlintrc` and specifying the `templates` or `ignore_templa
```yaml
repos:
- repo: https://github.com/aws-cloudformation/cfn-lint
rev: v0.83.7 # The version of cfn-lint to use
rev: v0.87.0 # The version of cfn-lint to use
hooks:
- id: cfn-lint-rc
```
Expand Down
3 changes: 1 addition & 2 deletions docs/rules.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ To include these rules, use the `-e/include-experimental` argument when running
## Rules
(_This documentation is generated by running `cfn-lint --update-documentation`, do not alter this manually_)

The following **159** rules are applied by this linter:
The following **158** rules are applied by this linter:

| Rule ID | Title | Description | Config<br />(Name:Type:Default) | Source | Tags |
| -------- | ----- | ----------- | ---------- | ------ | ---- |
Expand Down Expand Up @@ -87,7 +87,6 @@ The following **159** rules are applied by this linter:
| [E2015<a name="E2015"></a>](../src/cfnlint/rules/parameters/Default.py) | Default value is within parameter constraints | Making sure the parameters have a default value inside AllowedValues, MinValue, MaxValue, AllowedPattern | | [Source](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html) | `parameters` |
| [E2503<a name="E2503"></a>](../src/cfnlint/rules/resources/elb/Elb.py) | Resource ELB Properties | See if Elb Resource Properties are set correctly HTTPS has certificate HTTP has no certificate | | [Source](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-listener.html) | `properties`,`elb` |
| [E2504<a name="E2504"></a>](../src/cfnlint/rules/resources/ectwo/Ebs.py) | Check Ec2 Ebs Properties | See if Ec2 Ebs Properties are valid | | [Source](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-blockdev-template.html) | `properties`,`ec2`,`ebs` |
| [E2506<a name="E2506"></a>](../src/cfnlint/rules/resources/ectwo/SecurityGroupIngress.py) | Resource EC2 Security Group Ingress Properties | See if EC2 Security Group Ingress Properties are set correctly. Check that "SourceSecurityGroupId" or "SourceSecurityGroupName" are are exclusive and using the type of Ref or GetAtt | | [Source](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html) | `resources`,`ec2`,`securitygroup` |
| [E2507<a name="E2507"></a>](../src/cfnlint/rules/resources/iam/Policy.py) | Check if IAM Policies are properly configured | See if there elements inside an IAM policy are correct | | [Source](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html) | `properties`,`iam` |
| [E2520<a name="E2520"></a>](../src/cfnlint/rules/resources/properties/Exclusive.py) | Check Properties that are mutually exclusive | Making sure CloudFormation properties that are exclusive are not defined | | [Source](https://github.com/aws-cloudformation/cfn-python-lint) | `resources` |
| [E2521<a name="E2521"></a>](../src/cfnlint/rules/resources/properties/Inclusive.py) | Check Properties that are required together | Make sure CloudFormation resource properties are included together when required | | [Source](https://github.com/aws-cloudformation/cfn-python-lint) | `resources` |
Expand Down
4 changes: 2 additions & 2 deletions pylintrc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -407,8 +407,8 @@ timeout-methods=requests.api.delete,requests.api.get,requests.api.head,requests.
[EXCEPTIONS]

# Exceptions that will emit a warning when caught.
overgeneral-exceptions=BaseException,
Exception
overgeneral-exceptions=builtins.BaseException,
builtins.Exception


[REFACTORING]
Expand Down
8 changes: 5 additions & 3 deletions scripts/update_specs_from_pricing.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -241,7 +241,9 @@ def get_rds_pricing():
return results


def get_results(service, product_families):
def get_results(service, product_families, default=None):
if default is None:
default = set()
results = {}
for page in get_paginator(service):
for price_item in page.get("PriceList", []):
Expand All @@ -263,7 +265,7 @@ def get_results(service, product_families):
):
results[
region_map[product.get("attributes").get("location")]
] = set()
] = default
results[region_map[product.get("attributes").get("location")]].add(
product.get("attributes").get("instanceType")
)
Expand Down Expand Up @@ -302,7 +304,7 @@ def main():
)
outputs = update_outputs(
"NeptuneInstanceClass",
get_results("AmazonNeptune", ["Database Instance"]),
get_results("AmazonNeptune", ["Database Instance"], default=set(["db.serverless"])),
outputs,
)
outputs = update_outputs(
Expand Down
Loading

0 comments on commit fd948a5

Please sign in to comment.