UNPKG

serverless-tag-resources

Version:

Datamart: Tag all AWS resources with dual legacy + datamart:* tag support

bitbucket.org/datamartcl/dm-serverless-tag-resources-plugin

77 lines (67 loc) 2.12 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
"use strict"; /** * Tag validation module. * * When enabled (custom.datamart.validation: true), validates that * required datamart:* tags are present in stackTags and values * match the allowed domains. */ const REQUIRED_TAGS = [ "datamart:cost-center", "datamart:finops-scope", "datamart:environment", "datamart:data-classification", "datamart:criticality", "datamart:team", ]; const ALLOWED_VALUES = { "datamart:finops-scope": [ "runtime", "compliance", "security", "scraping", "ai", "devtools", "infrastructure", ], "datamart:environment": [ "prod", "homo", "qa", "dev", "sandbox", "dr", ], "datamart:data-classification": [ "public", "internal", "confidential", "restricted", ], "datamart:criticality": [ "critical", "high", "medium", "low", ], "datamart:cost-center": [ "datamart", "getdata", "connect", "vizdata", "legalbase", "facesign", "keyshield", "lendbot", "jscipher", "atlas", "openfinance", "payments", "operations", ], }; /** * Validate stackTags against the datamart tag strategy. * * @param {object} stackTags - from provider.stackTags * @param {string} stage - deployment stage (used to auto-set datamart:environment) * @returns {{ valid: boolean, errors: string[] }} */ function validateTags(stackTags, stage) { const errors = []; const tags = stackTags || {}; // Build effective tags (including auto-generated ones) const effective = { ...tags }; if (!effective["datamart:environment"]) { effective["datamart:environment"] = stage; } // Check required tags for (const required of REQUIRED_TAGS) { if (!effective[required]) { errors.push(`Missing required tag: ${required}`); } } // Check allowed values for (const [tag, allowed] of Object.entries(ALLOWED_VALUES)) { const value = effective[tag]; if (value && !allowed.includes(value)) { errors.push( `Invalid value for ${tag}: "${value}". Allowed: ${allowed.join(", ")}` ); } } return { valid: errors.length === 0, errors }; } module.exports = { validateTags, REQUIRED_TAGS, ALLOWED_VALUES };