UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

8 lines (7 loc) 7.56 kB
1
2
3
4
5
6
7
8
"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__setModuleDefault=exports&&exports.__setModuleDefault||(Object.create?(function(o,v){Object.defineProperty(o,"default",{enumerable:!0,value:v})}):function(o,v){o.default=v}),__importStar=exports&&exports.__importStar||(function(){var ownKeys=function(o){return ownKeys=Object.getOwnPropertyNames||function(o2){var ar=[];for(var k in o2)Object.prototype.hasOwnProperty.call(o2,k)&&(ar[ar.length]=k);return ar},ownKeys(o)};return function(mod){if(mod&&mod.__esModule)return mod;var result={};if(mod!=null)for(var k=ownKeys(mod),i=0;i<k.length;i++)k[i]!=="default"&&__createBinding(result,mod,k[i]);return __setModuleDefault(result,mod),result}})();Object.defineProperty(exports,"__esModule",{value:!0}),exports.PolicyValidationReportFormatter=void 0;var os=()=>{var tmp=__importStar(require("os"));return os=()=>tmp,tmp},path=()=>{var tmp=__importStar(require("path"));return path=()=>tmp,tmp},table_1=()=>{var tmp=require("table");return table_1=()=>tmp,tmp},trace_1=()=>{var tmp=require("./trace");return trace_1=()=>tmp,tmp},report=()=>{var tmp=__importStar(require("../report"));return report=()=>tmp,tmp};class PolicyValidationReportFormatter{tree;reportTrace;constructor(tree){this.tree=tree,this.reportTrace=new(trace_1()).ReportTrace(tree)}formatPrettyPrinted(reps){const json=this.formatLegacyJson(reps),output=[json.title];return output.push("-".repeat(json.title.length)),json.pluginReports.forEach(plugin=>{output.push(""),output.push((0,table_1().table)([[`Source: ${plugin.summary.pluginName}`],[`Version: ${plugin.version??"N/A"}`],[`Status: ${plugin.summary.status}`]],{header:{content:"Validation Report"},singleLine:!0,columns:[{paddingLeft:3,paddingRight:3}]})),plugin.summary.metadata&&(output.push(""),output.push(`Metadata: ${Object.entries(plugin.summary.metadata).flatMap(([key,value])=>`${key}: ${value}`).join(` `)}`)),plugin.violations.length>0&&(output.push(""),output.push("(Violations)")),plugin.violations.forEach(violation=>{const constructs=violation.violatingConstructs,occurrences=constructs.length,title=reset(red(bright(`${violation.ruleName} (${occurrences} occurrences)`)));output.push(""),output.push(title),violation.severity&&output.push(`Severity: ${violation.severity}`),output.push(""),output.push(" Occurrences:");for(const construct of constructs)if(output.push(""),output.push(` - Construct Path: ${construct.constructPath??"N/A"}`),output.push(` - Template Path: ${construct.templatePath??"N/A"}`),output.push(` - Creation Stack: ${this.reportTrace.formatPrettyPrinted(construct.constructPath)}`),output.push(` - Resource ID: ${construct.resourceLogicalId??"N/A"}`),construct.locations){output.push(" - Template Locations:");for(const location of construct.locations)output.push(` > ${location}`)}output.push(""),output.push(` Description: ${violation.description}`),violation.fix&&output.push(` How to fix: ${violation.fix}`),violation.ruleMetadata&&output.push(` Rule Metadata: ${Object.entries(violation.ruleMetadata).flatMap(([key,value])=>`${key}: ${value}`).join(` `)}`)})}),output.push(""),output.push("Policy Validation Report Summary"),output.push(""),output.push((0,table_1().table)([["Source","Status"],...reps.map(rep=>[rep.pluginName,rep.success?"success":"failure"])],{})),output.join(os().EOL)}formatLegacyJson(reps){return{title:"Validation Report",pluginReports:reps.filter(rep=>!rep.success||rep.violations.length>0).map(rep=>({version:rep.pluginVersion,summary:{pluginName:rep.pluginName,status:rep.success?report().PolicyValidationReportStatus.SUCCESS:report().PolicyValidationReportStatus.FAILURE,metadata:rep.metadata},violations:rep.violations.map(violation=>({ruleName:violation.ruleName,description:violation.description,fix:violation.fix,ruleMetadata:violation.ruleMetadata,severity:violation.severity,violatingResources:violation.violatingResources,violatingConstructs:violation.violatingResources.map(resource=>{const constructPath=resource.constructPath??(resource.templatePath&&resource.resourceLogicalId?this.tree.getConstructByLogicalId(path().basename(resource.templatePath),resource.resourceLogicalId)?.node.path:void 0);return{constructStack:constructPath?this.reportTrace.formatJson(constructPath):void 0,constructPath,locations:resource.locations,resourceLogicalId:resource.resourceLogicalId??"N/A",templatePath:resource.templatePath??"N/A"}})}))}))}}formatJson(reps,schemaVersion,suppressedByReport){return{version:schemaVersion,title:"Validation Report",pluginReports:this.buildPluginReports(reps,suppressedByReport)}}formatViolationJson(violation){const severity=normalizeSeverity(violation.severity);return{ruleName:violation.ruleName,description:violation.description,suggestedFix:violation.fix,severity:severity.severity,customSeverity:severity.customSeverity,ruleMetadata:violation.ruleMetadata,violatingConstructs:violation.violatingResources.map(resource=>{const constructPath=resource.constructPath??(resource.templatePath&&resource.resourceLogicalId?this.tree.getConstructByLogicalId(path().basename(resource.templatePath),resource.resourceLogicalId)?.node.path:void 0),construct=constructPath?this.tree.getConstructByPath(constructPath):void 0,constructInfo=construct?this.tree.constructTraceLevelFromTreeNode(construct):void 0;return{constructPath:constructPath??"N/A",constructFqn:constructInfo?.construct,libraryVersion:constructInfo?.libraryVersion,cloudFormationResource:resource.resourceLogicalId&&resource.templatePath?{templatePath:resource.templatePath,logicalId:resource.resourceLogicalId,propertyPaths:resource.locations.length>0?resource.locations:void 0}:void 0,stackTraces:constructPath?this.formatStackTraces(constructPath):void 0}})}}formatSuppressedViolationJson(sv){return{...this.formatViolationJson(sv),acknowledgedId:sv.acknowledgedId,reason:sv.reason||void 0,acknowledgedAt:sv.acknowledgedAt||void 0,acknowledgedStackTrace:sv.acknowledgedStackTrace||void 0}}buildPluginReports(reps,suppressedByReport){const results=[];for(let idx=0;idx<reps.length;idx++){const rep=reps[idx],suppressed=suppressedByReport?.get(idx);rep.success&&rep.violations.length===0&&!suppressed||results.push({pluginName:rep.pluginName,pluginVersion:rep.pluginVersion,conclusion:rep.success?"success":"failure",metadata:rep.metadata,violations:rep.violations.map(violation=>this.formatViolationJson(violation)),suppressedViolations:suppressed?suppressed.map(sv=>this.formatSuppressedViolationJson(sv)):void 0})}return results}formatStackTraces(constructPath){const trace=this.reportTrace.formatJson(constructPath);if(!trace)return;const lines=[];let current=trace;for(;current;)current.location&&lines.push(current.location),current=current.child;return lines.length>0?[lines.join(` `)]:void 0}}exports.PolicyValidationReportFormatter=PolicyValidationReportFormatter;const KNOWN_SEVERITIES=new Set(["fatal","error","warning","info"]);function normalizeSeverity(severity){if(!severity)return{severity:"error"};const lower=severity.toLowerCase();return KNOWN_SEVERITIES.has(lower)?{severity:lower}:{severity:"custom",customSeverity:severity}}function reset(s){return`${s}\x1B[0m`}function red(s){return`\x1B[31m${s}`}function bright(s){return`\x1B[1m${s}`}