Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS::Serverless::Api DefinitionBody not linted #3631

Open
paul-uz opened this issue Aug 28, 2024 · 3 comments
Open

AWS::Serverless::Api DefinitionBody not linted #3631

paul-uz opened this issue Aug 28, 2024 · 3 comments
Labels
enhancement New feature or request

Comments

@paul-uz
Copy link

paul-uz commented Aug 28, 2024
edited
Loading

CloudFormation Lint Version

1.10.3

What operating system are you using?

Mac OS

Describe the bug

When I run cfn-lint, it does not check the validity of the paths in DefinitionBody under the AWS::Serverless::Api resource.

Cloudformation errors when there are issues, but running cfn-lint, these issues are not caught.

EG

1 validation error detected: Value 'Errors found during import: Unable to create resource at path '/clients/membership/{$clientId}': Resource's path part only allow a-zA-Z0-9._-: or a valid greedy path variable and curly braces at the beginning and the end.

This was caused by having a $ symbol in the path parameter, {$clientId} but cfn-lint did not pick this up.

Expected behavior

cfn-lint should check the DefinitionBody in AWS::Serverless::Api resources.

Reproduction template

  MiddlewareRestAPI:
    Type: 'AWS::Serverless::Api'
    Properties:
      Auth:
        ApiKeyRequired: true
      StageName: api-middleware
      DefinitionBody:
        openapi: 3.0.1
        info:
          title: 'API Middleware'
          version: 1.0.0
        paths:
          /clients/membership/{$clientId}:
            get:
              parameters:
                - name: clientId
                  in: path
                  required: true
                  description: CRM Client ID
                  schema:
                    type: string
                - name: membershipDefinitionId
                  in: query
                  required: true
                  description: Membership Definition ID
                  schema:
                    type: string
                - name: contextId
                  in: query
                  required: true
                  description: SRO Context ID
                  schema:
                    type: string
              responses:
                "200":
                  description: "200 response"
                  headers:
                    Access-Control-Allow-Origin:
                      schema:
                        type: "string"
                  content:
                    application/json:
                      schema:
                        $ref: "#/components/schemas/Client"
              security:
              - api_key: []
              x-amazon-apigateway-integration:
                credentials:
                  'Fn::GetAtt':
                    - MiddlewareAPIRole
                    - Arn
                httpMethod: POST
                uri:
                  'Fn::Sub': 'arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${ClientsGetMembership.Arn}/invocations'
                responses:
                  default:
                    statusCode: '200'
                    responseParameters:
                      method.response.header.Access-Control-Allow-Origin: '''*'''
                passthroughBehavior: when_no_templates
                contentHandling: CONVERT_TO_TEXT
                type: aws_proxy
            options:
              parameters:
                - name: clientId
                  in: path
                  required: true
                  description: CRM Client ID
                  schema:
                    type: string
                - name: membershipDefinitionId
                  in: query
                  required: true
                  description: Membership Definition ID
                  schema:
                    type: string
                - name: contextId
                  in: query
                  required: true
                  description: SRO Context ID
                  schema:
                    type: string
              responses:
                "200":
                  description: "200 response"
                  headers:
                    Access-Control-Allow-Origin:
                      schema:
                        type: string
                    Access-Control-Allow-Methods:
                      schema:
                        type: string
                    Access-Control-Allow-Headers:
                      schema:
                        type: string
                  content:
                    application/json:
                      schema:
                        $ref: "#/components/schemas/Empty"
              x-amazon-apigateway-integration:
                responses:
                  default:
                    statusCode: '200'
                    responseParameters:
                      method.response.header.Access-Control-Allow-Methods: '''GET,OPTIONS'''
                      method.response.header.Access-Control-Allow-Headers: '''Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token'''
                      method.response.header.Access-Control-Allow-Origin: '''*'''
                requestTemplates:
                  application/json: '{"statusCode": 200}'
                passthroughBehavior: when_no_match
                type: mock
@kddejong kddejong added the enhancement New feature or request label Aug 28, 2024
@kddejong
Copy link
Contributor

Since this dumps into a generic json object we will need to figure out how to define a JSON schema for this. We do this for IAM policies, step functions, etc.

@paul-uz
Copy link
Author

paul-uz commented Aug 28, 2024

So in this case, I'm using OpenAPI for my path definitions. Hopefully that is of some help to you.

@JamesAlisonUZ
Copy link

+1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kddejong @paul-uz @JamesAlisonUZ