From 56f291385f10a3ea298eb19bd1370d68060619e1 Mon Sep 17 00:00:00 2001
From: George Rolston <grolston@users.noreply.github.com>
Date: Mon, 1 Aug 2022 10:08:21 -0600
Subject: [PATCH] fix: ci build (#212)

* init cicd fix

* bump version
---
 .github/workflows/publish.yml                       |  2 +-
 docker/Dockerfile                                   | 13 ++++++++-----
 mappings/build.py                                   |  1 +
 .../amazon_s3/s3_bucket_policy_grantee_check.guard  |  2 +-
 4 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index bffbf93..fe5ba62 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -12,7 +12,7 @@ env:
   ECR_REGISTRY: ${{ secrets.ECR_REGISTRY }}
   ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
   ## publish version for docker image
-  VERSION: "1.0.0"
+  VERSION: "1.0.1"
 
 jobs:
   testRules:
diff --git a/docker/Dockerfile b/docker/Dockerfile
index 889f932..b9c10b9 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,8 +1,11 @@
 
-FROM rust:alpine
-
-RUN apk add --no-cache cargo tree
-RUN cargo install cfn-guard
-ENV PATH "/root/.cargo/bin:${PATH}"
+FROM ubuntu:22.10
+RUN apt-get update && \
+  apt-get install -y \
+  curl && \
+  apt-get clean && \
+  rm -rf /var/lib/apt/lists/*
+RUN curl --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/aws-cloudformation/cloudformation-guard/main/install-guard.sh | sh
+ENV PATH "${PATH}:~/.guard/bin"
 
 COPY ./output/ /
diff --git a/mappings/build.py b/mappings/build.py
index b6716bb..4489a5e 100644
--- a/mappings/build.py
+++ b/mappings/build.py
@@ -55,6 +55,7 @@ def main(directory):
         output_file_name = "./docker/output/" + rule_set + ".guard"
         outputfile = open(output_file_name, "a")
         outputfile.write(re.sub('<<', custom_message, inputfile, flags=re.M))
+        outputfile.write("\n")
         outputfile.close()
     # Closing file
     build_file_contents.close()
diff --git a/rules/aws/amazon_s3/s3_bucket_policy_grantee_check.guard b/rules/aws/amazon_s3/s3_bucket_policy_grantee_check.guard
index 7efd88d..829928e 100644
--- a/rules/aws/amazon_s3/s3_bucket_policy_grantee_check.guard
+++ b/rules/aws/amazon_s3/s3_bucket_policy_grantee_check.guard
@@ -1,4 +1,4 @@
 ## Config Rule Name : s3-bucket-policy-grantee-check
 ## Config Rule URL: https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-policy-grantee-check.html
 
-# Rule Intent: Checks that the access granted by the Amazon S3 bucket is restricted by any of the AWS principals, federated users, service principals, IP addresses, or VPCs that you provide.
\ No newline at end of file
+# Rule Intent: Checks that the access granted by the Amazon S3 bucket is restricted by any of the AWS principals, federated users, service principals, IP addresses, or VPCs that you provide.