def _validate_rule_type(self): for rule in self._rules: if not isinstance(rule, dict): raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, f'instance type ({type(rule)}) does not match any allowed primitive type (allowed: ["object"])\'', ]))
def _parse_resource_arn(resource_arn) -> EcrRepositoryArn: match = re.match(ECR_REPOSITORY_ARN_PATTERN, resource_arn) if not match: raise InvalidParameterException( "Invalid parameter at 'resourceArn' failed to satisfy constraint: " "'Invalid ARN'") return EcrRepositoryArn(**match.groupdict())
def _validate_selection_count_number(self, count_number): if count_number < 1: raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, "numeric instance is lower than the required minimum " f"(minimum: 1, found: {count_number})", ]))
def _validate_selection_tag_status(self, tag_status): if tag_status not in VALID_SELECTION_TAG_STATUS_VALUES: raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, f"instance value ({tag_status}) not found in enum " f":(possible values: {json.dumps(sorted(VALID_SELECTION_TAG_STATUS_VALUES))})'", ]))
def _validate_action_type(self, action_type): if action_type not in VALID_ACTION_TYPE_VALUES: raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, f"instance value ({action_type}) not found in enum " f":(possible values: {json.dumps(sorted(VALID_ACTION_TYPE_VALUES))})'", ]))
def _validate_action(self, action): given_properties = set(action.keys()) missing_properties = REQUIRED_ACTION_PROPERTIES - given_properties if missing_properties: raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, f"object has missing required properties ({json.dumps(sorted(missing_properties))})'", ])) for given_property in given_properties: if given_property not in VALID_ACTION_PROPERTIES: raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, "object instance has properties " f'which are not allowed by the schema: (["{given_property}"])\'', ])) self._validate_action_type(action["type"])
def _validate_rule_top_properties(self): for rule in self._rules: rule_properties = set(rule.keys()) missing_properties = REQUIRED_RULE_PROPERTIES - rule_properties if missing_properties: raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, f"object has missing required properties ({json.dumps(sorted(missing_properties))})'", ])) for rule_property in rule_properties: if rule_property not in VALID_RULE_PROPERTIES: raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, f'object instance has properties which are not allowed by the schema: (["{rule_property}"])\'', ])) self._validate_action(rule["action"]) self._validate_selection(rule["selection"])
def validate(self): try: self._parse_policy() except Exception: raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, "Could not map policyString into LifecyclePolicy.'", ])) try: self._extract_rules() except Exception: raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, 'object has missing required properties (["rules"])\'', ])) self._validate_rule_type() self._validate_rule_top_properties()
def _validate_selection_count_unit(self, count_unit): if not count_unit: return None if count_unit not in VALID_SELECTION_COUNT_UNIT_VALUES: raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, f"instance value ({count_unit}) not found in enum " f":(possible values: {json.dumps(sorted(VALID_SELECTION_COUNT_UNIT_VALUES))})'", ]))
def _validate_selection(self, selection): given_properties = set(selection.keys()) missing_properties = REQUIRED_SELECTION_PROPERTIES - given_properties if missing_properties: raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, f"object has missing required properties ({json.dumps(sorted(missing_properties))})'", ])) for given_property in given_properties: if given_property not in VALID_SELECTION_PROPERTIES: raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, "object instance has properties " f'which are not allowed by the schema: (["{given_property}"])\'', ])) self._validate_selection_tag_status(selection["tagStatus"]) self._validate_selection_count_type(selection["countType"]) self._validate_selection_count_unit(selection.get("countUnit")) self._validate_selection_count_number(selection["countNumber"])
def put_image_tag_mutability(self, registry_id, repository_name, image_tag_mutability): if image_tag_mutability not in ["IMMUTABLE", "MUTABLE"]: raise InvalidParameterException( "Invalid parameter at 'imageTagMutability' failed to satisfy constraint: " "'Member must satisfy enum value set: [IMMUTABLE, MUTABLE]'") repo = self._get_repository(repository_name, registry_id) repo.update(image_tag_mutability=image_tag_mutability) return { "registryId": repo.registry_id, "repositoryName": repository_name, "imageTagMutability": repo.image_tag_mutability, }
def put_replication_configuration(self, replication_config): rules = replication_config["rules"] if len(rules) > 1: raise ValidationException("This feature is disabled") if len(rules) == 1: for dest in rules[0]["destinations"]: if (dest["region"] == self.region_name and dest["registryId"] == DEFAULT_REGISTRY_ID): raise InvalidParameterException( "Invalid parameter at 'replicationConfiguration' failed to satisfy constraint: " "'Replication destination cannot be the same as the source registry'" ) self.replication_config = replication_config return {"replicationConfiguration": replication_config}
def put_registry_policy(self, policy_text): try: iam_policy_document_validator = IAMPolicyDocumentValidator( policy_text) iam_policy_document_validator.validate() self._validate_registry_policy_action(policy_text) except MalformedPolicyDocument: raise InvalidParameterException( "Invalid parameter at 'PolicyText' failed to satisfy constraint: " "'Invalid registry policy provided'") self.registry_policy = policy_text return { "registryId": get_account_id(), "policyText": policy_text, }
def set_repository_policy(self, registry_id, repository_name, policy_text): repo = self._get_repository(repository_name, registry_id) try: iam_policy_document_validator = IAMPolicyDocumentValidator( policy_text) # the repository policy can be defined without a resource field iam_policy_document_validator._validate_resource_exist = lambda: None # the repository policy can have the old version 2008-10-17 iam_policy_document_validator._validate_version = lambda: None iam_policy_document_validator.validate() except MalformedPolicyDocument: raise InvalidParameterException( "Invalid parameter at 'PolicyText' failed to satisfy constraint: " "'Invalid repository policy provided'") repo.policy = policy_text return { "registryId": repo.registry_id, "repositoryName": repository_name, "policyText": repo.policy, }
def _validate_selection_count_type(self, count_type): if count_type not in VALID_SELECTION_COUNT_TYPE_VALUES: raise InvalidParameterException("".join([ self.INVALID_PARAMETER_ERROR_MESSAGE, "instance failed to match exactly one schema (matched 0 out of 2)", ]))