feat(cloudformation): SAM Globals support with CloudFormation #6657
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
changed the title
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
checkov/cloudformation/cfn_utils.py
Outdated
| @@ -1,5 +1,6 @@ | |||
| from __future__ import annotations | |||
|
|
|||
| from copy import deepcopy | |||
There was a problem hiding this comment.
we have the pickle_deepcopy func for performance wise :)
There was a problem hiding this comment.
Great I'll use it, Thanks!
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
SteveVaknin
approved these changes
Aug 18, 2024
omriyoffe-panw
temporarily deployed
to
scan-security
GitHub Actions
Inactive
bo156
reviewed
Aug 19, 2024
checkov/cloudformation/cfn_utils.py
Outdated
| return new_template # Return the new template even if there were no globals to apply | ||
|
|
||
|
|
||
| def deep_merge(dict1: DictNode, dict2: DictNode) -> DictNode: |
There was a problem hiding this comment.
maybe this function can be moved under DictNode class?
| @@ -154,10 +154,16 @@ def _add_sam_globals(self) -> None: | |||
| transform_step=True, | |||
| ) | |||
| elif isinstance(value, list): | |||
| # Remove duplicates | |||
| new_value = [*vertex.attributes[property], *value] | |||
| new_value_unique = [] | |||
There was a problem hiding this comment.
why not use list(set(new_value)).
also new_value is a bad name, I would call it list_updated_value or something like that
There was a problem hiding this comment.
Some of the lists there have multiple types in them so list(set(new_value)) didn't work. And I'll change the name
| enriched_template = enrich_resources_with_globals(original_template) | ||
| self.assertEqual(enriched_template, expected_template) | ||
|
|
||
| def test_deep_merge_non_conflicting(self): |
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
had a problem deploying
to
scan-security
GitHub Actions
Failure
omriyoffe-panw
temporarily deployed
to
scan-security
GitHub Actions
Inactive
bo156
approved these changes
Aug 20, 2024
boring-repos bot
pushed a commit
to harryzcy/checkov
that referenced
this pull request
Aug 22, 2024
…crewio#6657) * Enrich resources with globals
epartington
pushed a commit
to epartington/checkov
that referenced
this pull request
Aug 26, 2024
…crewio#6657) * Enrich resources with globals
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Description
Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change.
Added partial support for configuring Globals section according to SAM syntax
Fixes #2758
Fix
SAM properties that are represented in the same data structure as in CloudFormation syntax are merged. Other properties (such as Tags) are not merged as part of this feature.
Checklist: