def test_validate_template_success(testcase):
# These templates are failing validation, will fix schema one at a time
excluded = [
'api_endpoint_configuration', 'api_with_binary_media_types',
'api_with_cors', 'cloudwatch_logs_with_ref', 'sns',
'sns_existing_other_subscription', 'sns_topic_outside_template',
'alexa_skill', 'iot_rule', 'function_managed_inline_policy',
'unsupported_resources', 'intrinsic_functions',
'basic_function_with_tags', 'function_with_kmskeyarn',
'function_with_alias', 'function_with_alias_intrinsics',
'function_with_disabled_deployment_preference',
'function_with_deployment_preference',
'function_with_deployment_preference_all_parameters',
'function_with_deployment_preference_multiple_combinations',
'function_with_alias_and_event_sources', 'function_with_resource_refs',
'function_with_policy_templates', 'globals_for_function',
'all_policy_templates', 'simple_table_ref_parameter_intrinsic',
'simple_table_with_table_name', 'function_concurrency',
'simple_table_with_extra_tags'
]
if testcase in excluded:
return
manifest = yaml_parse(
open(os.path.join(INPUT_FOLDER, testcase + '.yaml'), 'r'))
validation_errors = SamTemplateValidator.validate(manifest)
has_errors = len(validation_errors)
if has_errors:
print("\nFailing template: {0}\n".format(testcase))
print(validation_errors)
assert len(validation_errors) == 0
def test_transform_success_resource_policy(self, testcase, partition_with_region):
partition = partition_with_region[0]
region = partition_with_region[1]
manifest = yaml_parse(open(os.path.join(INPUT_FOLDER, testcase + ".yaml"), "r"))
# To uncover unicode-related bugs, convert dict to JSON string and parse JSON back to dict
manifest = json.loads(json.dumps(manifest))
partition_folder = partition if partition != "aws" else ""
expected_filepath = os.path.join(OUTPUT_FOLDER, partition_folder, testcase + ".json")
expected = json.load(open(expected_filepath, "r"))
with patch("boto3.session.Session.region_name", region):
parameter_values = get_template_parameter_values()
mock_policy_loader = MagicMock()
mock_policy_loader.load.return_value = {
"AWSLambdaBasicExecutionRole": "arn:{}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole".format(
partition
),
"AmazonDynamoDBFullAccess": "arn:{}:iam::aws:policy/AmazonDynamoDBFullAccess".format(partition),
"AmazonDynamoDBReadOnlyAccess": "arn:{}:iam::aws:policy/AmazonDynamoDBReadOnlyAccess".format(partition),
"AWSLambdaRole": "arn:{}:iam::aws:policy/service-role/AWSLambdaRole".format(partition),
}
output_fragment = transform(manifest, parameter_values, mock_policy_loader)
print(json.dumps(output_fragment, indent=2))
# Only update the deployment Logical Id hash in Py3.
if sys.version_info.major >= 3:
self._update_logical_id_hash(expected)
self._update_logical_id_hash(output_fragment)
assert deep_sort_lists(output_fragment) == deep_sort_lists(expected)
def transform_template(sam_template_path, cfn_output_path):
"""
Locally transforms a SAM template to a Cloud Formation template
Parameters
----------
sam_template_path : Path
SAM template input path
cfn_output_path : Path
Cloud formation template output path
"""
LOG = logging.getLogger(__name__)
iam_client = boto3.client("iam")
with open(sam_template_path) as f:
sam_template = yaml_parse(f)
try:
cloud_formation_template = transform(sam_template, {},
ManagedPolicyLoader(iam_client))
cloud_formation_template_prettified = json.dumps(
cloud_formation_template, indent=2)
with open(cfn_output_path, "w") as f:
f.write(cloud_formation_template_prettified)
print("Wrote transformed CloudFormation template to: " +
cfn_output_path)
except InvalidDocumentException as e:
error_message = reduce(
lambda message, error: message + " " + error.message, e.causes,
e.message)
LOG.error(error_message)
errors = map(lambda cause: cause.message, e.causes)
LOG.error(errors)
def test_transform_success(self, testcase, partition_with_region):
partition = partition_with_region[0]
region = partition_with_region[1]
manifest = yaml_parse(open(os.path.join(INPUT_FOLDER, testcase + '.yaml'), 'r'))
# To uncover unicode-related bugs, convert dict to JSON string and parse JSON back to dict
manifest = json.loads(json.dumps(manifest))
partition_folder = partition if partition != "aws" else ""
expected = json.load(open(os.path.join(OUTPUT_FOLDER, partition_folder, testcase + '.json'), 'r'))
with patch('boto3.session.Session.region_name', region):
parameter_values = get_template_parameter_values()
mock_policy_loader = MagicMock()
mock_policy_loader.load.return_value = {
'AWSLambdaBasicExecutionRole': 'arn:{}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'.format(partition),
'AmazonDynamoDBFullAccess': 'arn:{}:iam::aws:policy/AmazonDynamoDBFullAccess'.format(partition),
'AmazonDynamoDBReadOnlyAccess': 'arn:{}:iam::aws:policy/AmazonDynamoDBReadOnlyAccess'.format(partition),
'AWSLambdaRole': 'arn:{}:iam::aws:policy/service-role/AWSLambdaRole'.format(partition),
}
output_fragment = transform(
manifest, parameter_values, mock_policy_loader)
print(json.dumps(output_fragment, indent=2))
# Only update the deployment Logical Id hash in Py3.
if sys.version_info.major >= 3:
self._update_logical_id_hash(expected)
self._update_logical_id_hash(output_fragment)
assert deep_sort_lists(output_fragment) == deep_sort_lists(expected)
def _fill_template(self, folder, file_name):
"""
Replaces the template variables with their value
Parameters
----------
folder : string
The combination/single folder which contains the template
file_name : string
Template file name
"""
input_file_path = str(
Path(self.template_dir, folder, file_name + ".yaml"))
# add a folder name before file name to avoid possible collisions between
# files in the single and combination folder
updated_template_path = str(
Path(self.output_dir, "sub_" + folder + "_" + file_name + ".yaml"))
with open(input_file_path) as f:
data = f.read()
for key, _ in self.code_key_to_file.items():
# We must double the {} to escape them so they will survive a round of unescape
data = data.replace("${{{}}}".format(key),
self.get_code_key_s3_uri(key))
yaml_doc = yaml_parse(data)
dump_yaml(updated_template_path, yaml_doc)
self.sub_input_file_path = updated_template_path
def transform_template(input_file_path, output_file_path):
with open(input_file_path, "r") as f:
sam_template = yaml_parse(f)
try:
feature_toggle = FeatureToggle(
FeatureToggleLocalConfigProvider(
os.path.join(my_path, "..", "tests", "feature_toggle", "input",
"feature_toggle_config.json")))
cloud_formation_template = transform(sam_template, {},
ManagedPolicyLoader(iam_client),
feature_toggle)
cloud_formation_template_prettified = json.dumps(
cloud_formation_template, indent=2)
with open(output_file_path, "w") as f:
f.write(cloud_formation_template_prettified)
print("Wrote transformed CloudFormation template to: " +
output_file_path)
except InvalidDocumentException as e:
errorMessage = reduce(
lambda message, error: message + " " + error.message, e.causes,
e.message)
LOG.error(errorMessage)
errors = map(lambda cause: cause.message, e.causes)
LOG.error(errors)
def main():
print(cwd)
input_file_path = cwd + '/ruleapi.yaml'
output_file_path = cwd + '/ruleapi_cfn.yaml'
print(input_file_path)
with open(input_file_path, 'r') as f:
sam_template = yaml_parse(f)
try:
cloud_formation_template = transform(sam_template, {},
ManagedPolicyLoader(iam_client))
cloud_formation_template_prettified = json.dumps(
cloud_formation_template, indent=2)
with open(output_file_path, 'w') as f:
f.write(cloud_formation_template_prettified)
print('Wrote transformed CloudFormation template to: ' +
output_file_path)
except InvalidDocumentException as e:
errorMessage = reduce(
lambda message, error: message + ' ' + error.message, e.causes,
e.message)
print(errorMessage)
errors = map(lambda cause: cause.message, e.causes)
print(errors)
def test_transform_invalid_document(testcase):
manifest = yaml_parse(open(os.path.join(INPUT_FOLDER, testcase + ".yaml"), "r"))
expected = json.load(open(os.path.join(OUTPUT_FOLDER, testcase + ".json"), "r"))
mock_policy_loader = MagicMock()
parameter_values = get_template_parameter_values()
with pytest.raises(InvalidDocumentException) as e:
transform(manifest, parameter_values, mock_policy_loader)
error_message = get_exception_error_message(e)
assert error_message == expected.get("errorMessage")
def test_transform_invalid_document(testcase):
manifest = yaml_parse(open(os.path.join(INPUT_FOLDER, testcase + '.yaml'), 'r'))
expected = json.load(open(os.path.join(OUTPUT_FOLDER, testcase + '.json'), 'r'))
mock_policy_loader = MagicMock()
parameter_values = get_template_parameter_values()
with pytest.raises(InvalidDocumentException) as e:
transform(manifest, parameter_values, mock_policy_loader)
error_message = get_exception_error_message(e)
assert error_message == expected.get('errorMessage')
def test_transform_success_openapi3(self, testcase, partition_with_region):
partition = partition_with_region[0]
region = partition_with_region[1]
manifest = yaml_parse(open(os.path.join(INPUT_FOLDER, testcase + '.yaml'), 'r'))
# To uncover unicode-related bugs, convert dict to JSON string and parse JSON back to dict
manifest = json.loads(json.dumps(manifest))
partition_folder = partition if partition != "aws" else ""
expected_filepath = os.path.join(OUTPUT_FOLDER, partition_folder, testcase + '.json')
expected = json.load(open(expected_filepath, 'r'))
with patch('boto3.session.Session.region_name', region):
parameter_values = get_template_parameter_values()
mock_policy_loader = MagicMock()
mock_policy_loader.load.return_value = {
'AWSLambdaBasicExecutionRole': 'arn:{}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'.format(partition),
'AmazonDynamoDBFullAccess': 'arn:{}:iam::aws:policy/AmazonDynamoDBFullAccess'.format(partition),
'AmazonDynamoDBReadOnlyAccess': 'arn:{}:iam::aws:policy/AmazonDynamoDBReadOnlyAccess'.format(partition),
'AWSLambdaRole': 'arn:{}:iam::aws:policy/service-role/AWSLambdaRole'.format(partition),
}
output_fragment = transform(
manifest, parameter_values, mock_policy_loader)
print(json.dumps(output_fragment, indent=2))
# Run cfn-lint on translator test output files.
rules = cfnlint.core.get_rules([], LINT_IGNORE_WARNINGS, [])
# Only update the deployment Logical Id hash in Py3.
if sys.version_info.major >= 3:
self._update_logical_id_hash(expected)
self._update_logical_id_hash(output_fragment)
output_template = cfnlint.decode.cfn_json.load(expected_filepath)
else: # deprecation warning catching in py2
import warnings
with warnings.catch_warnings():
warnings.filterwarnings("ignore",category=DeprecationWarning)
output_template = cfnlint.decode.cfn_json.load(expected_filepath)
runner = cfnlint.Runner(rules, expected_filepath, output_template, [region])
matches = []
# Only run linter on normal/gov partitions. It errors on china regions
if testcase not in LINT_IGNORE_TESTS and partition != 'aws-cn':
matches = runner.run()
print('cfn-lint ({}): {}'.format(expected_filepath, matches))
assert deep_sort_lists(output_fragment) == deep_sort_lists(expected)
assert len(matches) == 0
def main():
input_file_path, output_file_path = parse_arguments()
with open(input_file_path) as f:
sam_template = yaml_parse(f)
iam = boto3.client('iam')
cloudformation_template = transform(sam_template,
{},
ManagedPolicyLoader(iam))
with open(output_file_path, 'w') as f:
f.write(json.dumps(cloudformation_template, indent=2))
print(f'Wrote transformed Cloudformation template to {output_file_path}')
def main():
input_file_path, output_file_path = get_input_output_file_paths()
with open(input_file_path, 'r') as f:
sam_template = yaml_parse(f)
cloud_formation_template = transform(sam_template, {},
ManagedPolicyLoader(iam_client))
cloud_formation_template_prettified = json.dumps(cloud_formation_template,
indent=2)
with open(output_file_path, 'w') as f:
f.write(cloud_formation_template_prettified)
print('Wrote transformed CloudFormation template to: ' + output_file_path)
def test_transform_success(self, testcase, partition_with_region):
partition = partition_with_region[0]
region = partition_with_region[1]
manifest = yaml_parse(
open(os.path.join(input_folder, testcase + '.yaml'), 'r'))
# To uncover unicode-related bugs, convert dict to JSON string and parse JSON back to dict
manifest = json.loads(json.dumps(manifest))
partition_folder = partition if partition != "aws" else ""
expected = json.load(
open(
os.path.join(output_folder, partition_folder,
testcase + '.json'), 'r'))
old_region = os.environ.get("AWS_DEFAULT_REGION", "")
os.environ["AWS_DEFAULT_REGION"] = region
try:
parameter_values = get_template_parameter_values()
mock_policy_loader = MagicMock()
mock_policy_loader.load.return_value = {
'AWSLambdaBasicExecutionRole':
'arn:{}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
.format(partition),
'AmazonDynamoDBFullAccess':
'arn:{}:iam::aws:policy/AmazonDynamoDBFullAccess'.format(
partition),
'AmazonDynamoDBReadOnlyAccess':
'arn:{}:iam::aws:policy/AmazonDynamoDBReadOnlyAccess'.format(
partition),
'AWSLambdaRole':
'arn:{}:iam::aws:policy/service-role/AWSLambdaRole'.format(
partition),
}
output_fragment = transform(manifest, parameter_values,
mock_policy_loader)
finally:
os.environ["AWS_DEFAULT_REGION"] = old_region
print(json.dumps(output_fragment, indent=2))
# Only update the deployment Logical Id hash in Py3.
if sys.version_info.major >= 3:
self._update_logical_id_hash(expected)
self._update_logical_id_hash(output_fragment)
assert deep_sort_lists(output_fragment) == deep_sort_lists(expected)
def transform_template(input_file_path, output_file_path):
with open(input_file_path, "r") as f:
sam_template = yaml_parse(f)
try:
cloud_formation_template = transform(sam_template, {}, ManagedPolicyLoader(iam_client))
cloud_formation_template_prettified = json.dumps(cloud_formation_template, indent=2)
with open(output_file_path, "w") as f:
f.write(cloud_formation_template_prettified)
print ("Wrote transformed CloudFormation template to: " + output_file_path)
except InvalidDocumentException as e:
errorMessage = reduce(lambda message, error: message + " " + error.message, e.causes, e.message)
LOG.error(errorMessage)
errors = map(lambda cause: cause.message, e.causes)
LOG.error(errors)
def load_yaml(file_path):
"""
Loads a yaml file
Parameters
----------
file_path : Path
File path
Returns
-------
Object
Yaml object
"""
with open(file_path) as f:
data = f.read()
return yaml_parse(data)
def test_validate_template_success(testcase):
# These templates are failing validation, will fix schema one at a time
excluded = [
"api_endpoint_configuration",
"api_endpoint_configuration_with_vpcendpoint",
"api_with_binary_media_types",
"api_with_minimum_compression_size",
"api_with_cors",
"cloudwatch_logs_with_ref",
"sns",
"sns_existing_other_subscription",
"sns_topic_outside_template",
"alexa_skill",
"iot_rule",
"function_managed_inline_policy",
"unsupported_resources",
"intrinsic_functions",
"basic_function_with_tags",
"function_with_kmskeyarn",
"function_with_alias",
"function_with_alias_intrinsics",
"function_with_disabled_deployment_preference",
"function_with_deployment_preference",
"function_with_deployment_preference_all_parameters",
"function_with_deployment_preference_from_parameters",
"function_with_deployment_preference_multiple_combinations",
"function_with_alias_and_event_sources",
"function_with_resource_refs",
"function_with_policy_templates",
"globals_for_function",
"all_policy_templates",
"simple_table_ref_parameter_intrinsic",
"simple_table_with_table_name",
"function_concurrency",
"simple_table_with_extra_tags",
]
if testcase in excluded:
return
manifest = yaml_parse(open(os.path.join(INPUT_FOLDER, testcase + ".yaml"), "r"))
validation_errors = SamTemplateValidator.validate(manifest)
has_errors = len(validation_errors)
if has_errors:
print("\nFailing template: {0}\n".format(testcase))
print(validation_errors)
assert len(validation_errors) == 0
def test_validate_template_success(testcase):
# These templates are failing validation, will fix schema one at a time
excluded = [
'api_endpoint_configuration',
'api_with_binary_media_types',
'api_with_minimum_compression_size',
'api_with_cors',
'cloudwatch_logs_with_ref',
'sns',
'sns_existing_other_subscription',
'sns_topic_outside_template',
'alexa_skill',
'iot_rule',
'function_managed_inline_policy',
'unsupported_resources',
'intrinsic_functions',
'basic_function_with_tags',
'function_with_kmskeyarn',
'function_with_alias',
'function_with_alias_intrinsics',
'function_with_disabled_deployment_preference',
'function_with_deployment_preference',
'function_with_deployment_preference_all_parameters',
'function_with_deployment_preference_multiple_combinations',
'function_with_alias_and_event_sources',
'function_with_resource_refs',
'function_with_policy_templates',
'globals_for_function',
'all_policy_templates',
'simple_table_ref_parameter_intrinsic',
'simple_table_with_table_name',
'function_concurrency',
'simple_table_with_extra_tags'
]
if testcase in excluded:
return
manifest = yaml_parse(open(os.path.join(INPUT_FOLDER, testcase + '.yaml'), 'r'))
validation_errors = SamTemplateValidator.validate(manifest)
has_errors = len(validation_errors)
if has_errors:
print("\nFailing template: {0}\n".format(testcase))
print(validation_errors)
assert len(validation_errors) == 0
def transform_template(input_file_path, output_file_path):
with open(input_file_path, 'r') as f:
sam_template = yaml_parse(f)
try:
cloud_formation_template = transform(
sam_template, {}, ManagedPolicyLoader(iam_client))
cloud_formation_template_prettified = json.dumps(
cloud_formation_template, indent=2)
with open(output_file_path, 'w') as f:
f.write(cloud_formation_template_prettified)
print('Wrote transformed CloudFormation template to: ' + output_file_path)
except InvalidDocumentException as e:
errorMessage = reduce(lambda message, error: message + ' ' + error.message, e.causes, e.message)
LOG.error(errorMessage)
errors = map(lambda cause: cause.message, e.causes)
LOG.error(errors)
def _fill_template(self, file_name):
"""
Replaces the template variables with their value
Parameters
----------
file_name : string
Template file name
"""
input_file_path = str(Path(self.template_dir, file_name + ".yaml"))
updated_template_path = str(
Path(self.output_dir, "sub_" + file_name + ".yaml"))
with open(input_file_path) as f:
data = f.read()
for key, _ in self.code_key_to_file.items():
# We must double the {} to escape them so they will survive a round of unescape
data = data.replace("${{{}}}".format(key),
self.get_code_key_s3_uri(key))
yaml_doc = yaml_parse(data)
dump_yaml(updated_template_path, yaml_doc)
self.sub_input_file_path = updated_template_path
