-
Notifications
You must be signed in to change notification settings - Fork 598
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature] Stack deployment file validation #3721
Comments
I like the idea of being able to use parameter files. The git-sync format is probably the best format as it associates the parameters and the template file to be able to do this work. I think second would be able to support the AWS CLI parameter key/value file. It would really cut down on alternative if/then/else processing we do. I would love to efficiently do this so we aren't doing duplicate processing of things that aren't changing. |
I think it would also be beneficial to support the configuration json file used by codepipeline. It would involve some kind of mapping file as the codepipeline stage declarations tells cloud formation which template and parameter file to use for each stack. In my environment I'll use the same cf template with many jsons in the same pipeline. |
Allow cfn-lint to use deployment files to lint and fill in parameters
SummaryAllow ExampleGiven the template: Parameters:
Environment:
Type: String
AllowedValues:
- production
- stage
- development
BucketName:
Type: String
Resources:
Bucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Ref BucketName
Tags:
- Key: Environment
Value: !Ref Environment and a deployment file production.yaml template-file-path: template.yaml
parameters:
Environment: production
BucketName: foo*bar and a deployment file development.yaml template-file-path: template.yaml
parameters:
Environment: dev
WrongParameter: my-bucket We would get errors like: EXXXX 'foo*bar' does not match '^[a-z0-9][a-z0-9.-]*[a-z0-9]$' when resolved by deployment file 'production.yaml'
template.yaml:14:7
EXXXX 'dev' is not one of ['production', 'stage', 'development']
development.yaml:3:2
EXXXX 'WrongParameter' is not one of ['Environment', 'BucketName']
development.yaml:4:2
EXXXX 'BucketName' is a required property
development.yaml:2:1 MotivationCurrently, cfn-lint validates
Details
Limitation
Outstanding questions
References |
Is this feature request related to a new rule or cfn-lint capabilities?
Both
Describe the feature you'd like to request
Validation of stack deployment file contents:
pre-commit
.deployment file.
specified template file.
Describe the solution you'd like
For
pre-commit
, I currently have this block forcfn-lint
:Ideally there would be a way to flag deploy files, for example:
From there,
cfn-lint
could associate the template file from the deploy file,which would look something like this:
For this example, the folder
src/cloud-formation/
has the above deploy fileat
prod.deploy.yaml
, which associates withtemplate.cfn.yaml
:Given knowledge of the template, the deploy file parameters can then be
validated. The above example deploy file would pass, however the following
cases should fail:
Missing a parameter:
Contains erroneous parameter:
Parameters violate rules:
Additional context
This is closely tied to fixes made by @kddejong to close recent issues:
Condition
, which is not a rule-specific intrinsic function #3710Is this something that you'd be interested in working on?
I can provide input and extra supporting content, but I'm not familiar with the
cfn-lint
codebase.Would this feature include a breaking change?
This feature should not incur a breaking change
The text was updated successfully, but these errors were encountered: