def validate_template_cfn_lint(template):
# Importing cfnlint adds a significant overhead, so we keep it local
from cfnlint import decode, core
# Save the template to a temporary file -- cfn-lint requires a file
filename = "file.tmp"
with open(filename, "w") as file:
file.write(template)
abs_filename = os.path.abspath(filename)
# decode handles both yaml and json
try:
template, matches = decode.decode(abs_filename, False)
except TypeError:
# As of cfn-lint 0.39.0, the second argument (ignore_bad_template) was dropped
# https://github.com/aws-cloudformation/cfn-python-lint/pull/1580
template, matches = decode.decode(abs_filename)
# Set cfn-lint to info
core.configure_logging(None)
# Initialize the ruleset to be applied (no overrules, no excludes)
rules = core.get_rules([], [], [])
# Use us-east-1 region (spec file) for validation
regions = ["us-east-1"]
# Process all the rules and gather the errors
matches = core.run_checks(abs_filename, template, rules, regions)
return matches
def validate_template_cfn_lint(template):
# Save the template to a temporary file -- cfn-lint requires a file
filename = "file.tmp"
with open(filename, "w") as file:
file.write(template)
abs_filename = os.path.abspath(filename)
# decode handles both yaml and json
template, matches = decode.decode(abs_filename, False)
# Set cfn-lint to info
core.configure_logging(None)
# Initialize the ruleset to be applied (no overrules, no excludes)
rules = core.get_rules([], [], [])
# Use us-east-1 region (spec file) for validation
regions = ['us-east-1']
# Process all the rules and gather the errors
matches = core.run_checks(
abs_filename,
template,
rules,
regions)
return matches
def run_lint(cfnfile, gitpath, gitrepo, filename, gitfile, scan_uuid,
githubres):
# load the cfnfile
template, matches = decode.decode(cfnfile, False)
# set counter to 0
check_count = 0
# process all the rules
try:
matches = core.run_checks(cfnfile, template, rules, [region])
check_type = 'cfn_lint'
for check_full in matches:
check_id = str(check_full)[1:6]
check_line_id = str(check_full).split(":")[-1]
check_count += 1
put_ddb_result(gitrepo, gitpath, check_id, str(check_full),
check_line_id, check_type, filename, gitfile,
scan_uuid, githubres)
except Exception as e:
print('!!! error reading ' + gitpath + " " + filename + " " + str(e))
return check_count
def validate_template_cfn_lint(template):
# Importing cfnlint adds a significant overhead, so we keep it local
from cfnlint import decode, core
# Save the template to a temporary file -- cfn-lint requires a file
filename = "file.tmp"
with open(filename, "w") as file:
file.write(template)
abs_filename = os.path.abspath(filename)
# decode handles both yaml and json
template, matches = decode.decode(abs_filename, False)
# Set cfn-lint to info
core.configure_logging(None)
# Initialize the ruleset to be applied (no overrules, no excludes)
rules = core.get_rules([], [], [])
# Use us-east-1 region (spec file) for validation
regions = ["us-east-1"]
# Process all the rules and gather the errors
matches = core.run_checks(abs_filename, template, rules, regions)
return matches
def __get_template_parameters(self, filename):
try:
(tmp, matches) = decode(filename)
except: #pylint: disable=bare-except
return None
if matches:
return None
return tmp.get('Parameters', {})