cfn-lint
cfn-lint copied to clipboard
aws-cloudformation
ignore_templates is not working from .cfnlintrc file
*cfn-lint version: 0.21.0
Description of issue.
- ignore_templates is not working from .cfnlintrc file. Used .cfnlintrc file to ignore templates , but it is not working . It throws below error
AWS CloudFormation Linter................................................Failed
hookid: cfn-python-lint
usage: cfn-lint [-h] [-t TEMPLATE [TEMPLATE ...]] [-b]
[--ignore-templates IGNORE_TEMPLATES [IGNORE_TEMPLATES ...]]
[-d] [-f {quiet,parseable,json}] [-l]
[-r REGIONS [REGIONS ...]]
[-a APPEND_RULES [APPEND_RULES ...]]
[-i IGNORE_CHECKS [IGNORE_CHECKS ...]]
[-c INCLUDE_CHECKS [INCLUDE_CHECKS ...]] [-e]
[-x CONFIGURE_RULES [CONFIGURE_RULES ...]] [-o OVERRIDE_SPEC]
[-v] [-u]
[TEMPLATE [TEMPLATE ...]]
CloudFormation Linter
optional arguments:
-h, --help show this help message and exit
Standard:
TEMPLATE The CloudFormation template to be linted
-t TEMPLATE [TEMPLATE ...], --template TEMPLATE [TEMPLATE ...]
The CloudFormation template to be linted
-b, --ignore-bad-template
Ignore failures with Bad template
--ignore-templates IGNORE_TEMPLATES [IGNORE_TEMPLATES ...]
Ignore templates
-f {quiet,parseable,json}, --format {quiet,parseable,json}
Output Format
-l, --list-rules list all the rules
-r REGIONS [REGIONS ...], --regions REGIONS [REGIONS ...]
list the regions to validate against.
-i IGNORE_CHECKS [IGNORE_CHECKS ...], --ignore-checks IGNORE_CHECKS [IGNORE_CHECKS ...]
only check rules whose id do not match these values
-c INCLUDE_CHECKS [INCLUDE_CHECKS ...], --include-checks INCLUDE_CHECKS [INCLUDE_CHECKS ...]
include rules whose id match these values
-e, --include-experimental
Include experimental rules
-x CONFIGURE_RULES [CONFIGURE_RULES ...], --configure-rule CONFIGURE_RULES [CONFIGURE_RULES ...]
Provide configuration for a rule. Format
RuleId:key=value. Example: E3012:strict=false
-v, --version Version of cfn-lint
Advanced / Debugging:
-d, --debug Enable debug logging
-a APPEND_RULES [APPEND_RULES ...], --append-rules APPEND_RULES [APPEND_RULES ...]
specify one or more rules directories using one or
more --append-rules arguments.
-o OVERRIDE_SPEC, --override-spec OVERRIDE_SPEC
A CloudFormation Spec override file that allows
customization
-u, --update-specs Update the CloudFormation Specs
Can you share your .cfnlintrc? Here is ours, which works:
templates:
- templates/**/*.yaml
- templates/*.yaml
append_rules:
- append_rules
ignore_templates:
- templates/app/env/*/app_env.yaml
- templates/app/env/*/rpc_env.yaml
Below is the .cfnlintrc file from my repo
templates:
- Solutions/SNSFlow/*Flow.yaml
append_rules:
- append_rules
ignore_templates:
- Solutions/SNSFlow/buildspec.yaml
- Solutions/SNSFlow/test.yaml
- Solutions/SNSFlow/parameters-test.json
- Solutions/SNSFlow/pipeline/test-parameters.json
Below is the .pre-commit-config.yaml file from my repo
# .pre-commit-config.yaml
repos:
- repo: https://github.com/awslabs/cfn-python-lint
rev: v0.16.0 # The version of cfn-lint to use
hooks:
- id: cfn-python-lint
files: Solutions/.*\.(json|yml|yaml)$
args: [--append-rules=./cfnrules/, --override-spec=./spec.json]
Below is the link of my repo for your reference https://github.com/karthickcse05/cfnlint-testing.git
Note:
- I added Solutions/SNSFlow/buildspec.yaml in ignore_templates section , it is working as expected . But when i add the below lines
- Solutions/SNSFlow/parameters-test.json
- Solutions/SNSFlow/pipeline/test-parameters.json , it is not working and throwing the above error with no details.
- If i remove the above two lines , lint is executing(considering) the json file also.
@chuckmeyer thoughts on this?
I think the issue here is that pre-commit must exist cfn-lint with each filename that has changed that meets the pattern. However, if .cfnlintrc says to ignore Solutions/SNSFlow/parameters-test.json it gets filtered out from the and basically makes the file list empty. I believe that is why we throw a usage error. I'm not sure what the correct type of failure (or success) is here.
@KarthickEmis I wonder if in the short term you should add the exclude patterns to the pre commit hook so that it gets filtered out before .cfnlintrc is even used.
I have a thought here. I think we should change. .pre-commit-hooks.yaml to have pass_filenames: false
Then we update the .pre-commit-config.yaml to be
repos:
- repo: https://github.com/aws-cloudformation/cfn-python-lint
rev: v0.42.0
hooks:
- id: cfn-python-lint
args:
- --config-file
- .cfnlintrc
or
repos:
- repo: https://github.com/aws-cloudformation/cfn-python-lint
rev: v0.42.0
hooks:
- id: cfn-python-lint
args:
- --templates
- **.*yaml
@PatMyron
We are updating our guidance here based on the PR above. pass_filenames: false will prevent pre-commit from passing all the filenames into cfn-lint. Since you are specifying the templates section in your .cfnlintrc file the result should be the equivalent of running cfn-lint from the root project folder.
repos:
- repo: https://github.com/aws-cloudformation/cfn-lint
rev: v0.69.1 # The version of cfn-lint to use
hooks:
- id: cfn-python-lint
pass_filenames: false
args: [--append-rules=./cfnrules/, --override-spec=./spec.json]