Skip to content

Commit

Permalink
exempting resource types where the AWS::Serverless transform sets Del…
Browse files Browse the repository at this point in the history 
…etionPolicy but not UpdateReplacePolicy from W3011 (#1529)

#1265
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html
  • Loading branch information
@PatMyron
PatMyron authored May 13, 2020
1 parent fe0af92 commit d7e8653
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 143 deletions.
11 changes: 6 additions & 5 deletions src/cfnlint/rules/resources/BothUpdateReplacePolicyDeletionPolicyNeeded.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,11 @@ def match(self, cfn):
matches = []

for r_name, r_values in cfn.get_resources().items():
# pylint: disable=too-many-boolean-expressions
if r_values.get('DeletionPolicy') and r_values.get('DeletionPolicy') != 'Delete' and not r_values.get('UpdateReplacePolicy') or not r_values.get('DeletionPolicy') and r_values.get('UpdateReplacePolicy') and r_values.get('UpdateReplacePolicy') != 'Delete':
path = ['Resources', r_name]
message = 'Both UpdateReplacePolicy and DeletionPolicy are needed to protect %s from deletion' % '/'.join(path)
matches.append(RuleMatch(path, message))
if r_values.get('Type') not in ['AWS::Lambda::Version', 'AWS::Lambda::LayerVersion']:
# pylint: disable=too-many-boolean-expressions
if r_values.get('DeletionPolicy') and r_values.get('DeletionPolicy') != 'Delete' and not r_values.get('UpdateReplacePolicy') or not r_values.get('DeletionPolicy') and r_values.get('UpdateReplacePolicy') and r_values.get('UpdateReplacePolicy') != 'Delete':
path = ['Resources', r_name]
message = 'Both UpdateReplacePolicy and DeletionPolicy are needed to protect %s from deletion' % '/'.join(path)
matches.append(RuleMatch(path, message))

return matches
147 changes: 9 additions & 138 deletions test/integration/test_good_templates.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,34 +22,8 @@ class TestQuickStartTemplates(BaseCliTestCase):
},
{
'filename': 'test/fixtures/templates/good/transform.yaml',
'results': [
{
"Filename": "test/fixtures/templates/good/transform.yaml",
"Level": "Warning",
"Location": {
"End": {
"ColumnNumber": 10,
"LineNumber": 4
},
"Path": [
"Resources",
"ExampleLayer29b0582575"
],
"Start": {
"ColumnNumber": 1,
"LineNumber": 4
}
},
"Message": "Both UpdateReplacePolicy and DeletionPolicy are needed to protect Resources/ExampleLayer29b0582575 from deletion",
"Rule": {
"Description": "Both UpdateReplacePolicy and DeletionPolicy are needed to protect resources from deletion",
"Id": "W3011",
"ShortDescription": "Check resources with UpdateReplacePolicy/DeletionPolicy have both",
"Source": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html"
}
}
],
'exit_code': 4,
'results': [],
'exit_code': 0,
},
{
'filename': 'test/fixtures/templates/bad/transform_serverless_template.yaml',
Expand Down Expand Up @@ -135,94 +109,17 @@ class TestQuickStartTemplates(BaseCliTestCase):
},
{
'filename': 'test/fixtures/templates/good/transform_serverless_api.yaml',
'results': [
{
"Filename": "test/fixtures/templates/good/transform_serverless_api.yaml",
"Level": "Warning",
"Location": {
"End": {
"ColumnNumber": 10,
"LineNumber": 4
},
"Path": [
"Resources",
"myFunctionVersionee13cf2679"
],
"Start": {
"ColumnNumber": 1,
"LineNumber": 4
}
},
"Message": "Both UpdateReplacePolicy and DeletionPolicy are needed to protect Resources/myFunctionVersionee13cf2679 from deletion",
"Rule": {
"Description": "Both UpdateReplacePolicy and DeletionPolicy are needed to protect resources from deletion",
"Id": "W3011",
"ShortDescription": "Check resources with UpdateReplacePolicy/DeletionPolicy have both",
"Source": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html"
}
}
],
'exit_code': 4,
'results': [],
'exit_code': 0,
},
{
'filename': 'test/fixtures/templates/good/transform_serverless_function.yaml',
'results': [
{
"Filename": "test/fixtures/templates/good/transform_serverless_function.yaml",
"Level": "Warning",
"Location": {
"End": {
"ColumnNumber": 10,
"LineNumber": 4
},
"Path": [
"Resources",
"myFunctionVersionee13cf2679"
],
"Start": {
"ColumnNumber": 1,
"LineNumber": 4
}
},
"Message": "Both UpdateReplacePolicy and DeletionPolicy are needed to protect Resources/myFunctionVersionee13cf2679 from deletion",
"Rule": {
"Description": "Both UpdateReplacePolicy and DeletionPolicy are needed to protect resources from deletion",
"Id": "W3011",
"ShortDescription": "Check resources with UpdateReplacePolicy/DeletionPolicy have both",
"Source": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html"
}
}
],
'exit_code': 4,
'results': [],
'exit_code': 0,
},
{
'filename': 'test/fixtures/templates/good/transform_serverless_globals.yaml',
'results': [
{
"Filename": "test/fixtures/templates/good/transform_serverless_globals.yaml",
"Level": "Warning",
"Location": {
"End": {
"ColumnNumber": 10,
"LineNumber": 9
},
"Path": [
"Resources",
"myFunctionVersionee13cf2679"
],
"Start": {
"ColumnNumber": 1,
"LineNumber": 9
}
},
"Message": "Both UpdateReplacePolicy and DeletionPolicy are needed to protect Resources/myFunctionVersionee13cf2679 from deletion",
"Rule": {
"Description": "Both UpdateReplacePolicy and DeletionPolicy are needed to protect resources from deletion",
"Id": "W3011",
"ShortDescription": "Check resources with UpdateReplacePolicy/DeletionPolicy have both",
"Source": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html"
}
},
{
"Filename": "test/fixtures/templates/good/transform_serverless_globals.yaml",
"Level": "Error",
Expand Down Expand Up @@ -251,38 +148,12 @@ class TestQuickStartTemplates(BaseCliTestCase):
}
}
],
'exit_code': 6,
'exit_code': 2,
},
{
'filename': 'test/fixtures/templates/good/transform/list_transform.yaml',
'results': [
{
"Filename": "test/fixtures/templates/good/transform/list_transform.yaml",
"Level": "Warning",
"Location": {
"End": {
"ColumnNumber": 10,
"LineNumber": 14
},
"Path": [
"Resources",
"SkillFunctionVersion55ff35af87"
],
"Start": {
"ColumnNumber": 1,
"LineNumber": 14
}
},
"Message": "Both UpdateReplacePolicy and DeletionPolicy are needed to protect Resources/SkillFunctionVersion55ff35af87 from deletion",
"Rule": {
"Description": "Both UpdateReplacePolicy and DeletionPolicy are needed to protect resources from deletion",
"Id": "W3011",
"ShortDescription": "Check resources with UpdateReplacePolicy/DeletionPolicy have both",
"Source": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html"
}
}
],
'exit_code': 4,
'results': [],
'exit_code': 0,
},
{
'filename': 'test/fixtures/templates/good/transform/list_transform_many.yaml',
Expand Down

0 comments on commit d7e8653

Please sign in to comment.