cfn-lint icon indicating copy to clipboard operation
cfn-lint copied to clipboard

Published 20 hours ago verified publisher icon aws-cloudformation

Add various resource constraints for StringMax/StringMin

Open ashemedai opened this issue 1 year ago • 4 comments

Description of changes:

Based on the exchange in #2797 with @kddejong I whipped up a small script to scan the various resources for Name and Description and see if they were missing their constraints. This is the result of that.

For Description if an explicit maximum was given, but no minimum I reasoned that 0 is valid since it's only descriptive and an empty string is okay. For Name, as it is typically (always) an identifier it should always have a minimum of 1. Is this a fair assumption?

I initially wanted to add the AllowedPatternRegexp information, but the syntax at first seems all over the place in the CloudFormation documentation.

There are still some mistakes in this that I need to rectify, but they also depend on my question above.

I also have not done any checking against botocore to reference their specified constraints for this. What do we prefer, reference their data to avoid repeating and potential discrepencies?

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

ashemedai avatar Jul 27 '23 14:07 ashemedai

@ashemedai Interesting script any chance you would be willing to share it. There are min/max numbers, regex patterns, string min/max, allowed values would be interesting to see what more I could pull.

We do test regex patterns to validate they are valid with python regex package. We now use regex package instead of re as it provides more support for some of the regex patterns that we are using.

kddejong avatar Jul 27 '23 17:07 kddejong

@kddejong That was the intention at least. :)

Let me toss it up as a gist tomorrow.

ashemedai avatar Jul 27 '23 21:07 ashemedai

I made a fix do you want to look at this pr #2824

kddejong avatar Jul 27 '23 23:07 kddejong

@kddejong I put the current version at https://gist.github.com/ashemedai/962d3449c3712e40bb54d2fa3fba4e00 - only parameter it expects at the moment is the path to the CloudSpecs file of us-east-1.json. It will create a directory in the current working directory with JSON files.

Things I would like to do:

  • Properly update the project json files, I think my current code should allow it to run within the cfn-lint project, but I need to adjust the output path properly, maybe a parameter?
  • Depending on how many parameters need to be added, use argparse.
  • Tighten up existing regular expressions.
  • Add regex matches for some other common cases.
  • Maybe parse out/check for the {x,y} bits at the end of some regexp so we know to skip StringMax/StringMin since the regexp already takes care of it.

ashemedai avatar Jul 28 '23 07:07 ashemedai

Lots of conflicts now as we have converted to v1. Lets see how and where we can add these changes as needed.

kddejong avatar May 03 '24 16:05 kddejong