Add back in logic for rule W2031

aws-cloudformation · Apr 7, 2023 · 5ec2c9d · 5ec2c9d
1 parent 4ef4042
commit 5ec2c9d
Show file tree

Hide file tree

Showing 4 changed files with 83 additions and 34 deletions.
diff --git a/src/cfnlint/rules/parameters/AllowedPattern.py b/src/cfnlint/rules/parameters/AllowedPattern.py
@@ -2,8 +2,13 @@
 Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 SPDX-License-Identifier: MIT-0
 """
+from typing import Generator, Iterable
 
+import regex as re
+
+from cfnlint.jsonschema import ValidationError
 from cfnlint.rules import CloudFormationLintRule
+from cfnlint.template import Template
 
 
 class AllowedPattern(CloudFormationLintRule):
@@ -14,3 +19,37 @@ class AllowedPattern(CloudFormationLintRule):
     description = "Check if parameters have a valid value in a pattern. The Parameter's allowed pattern is based on the usages in property (Ref)"
     source_url = "https://github.com/aws-cloudformation/cfn-python-lint/blob/main/docs/cfn-resource-specification.md#allowedpattern"
     tags = ["parameters", "resources", "property", "allowed pattern"]
+
+    def __init__(self):
+        super().__init__()
+        self.parameters = {}
+
+    def initialize(self, cfn: Template):
+        """Initialize the rule"""
+        self.parameters = cfn.get_parameters()
+
+    def _pattern(
+        self, instance: str, patrn: str, path: Iterable[str]
+    ) -> Generator[ValidationError]:
+        if not re.search(patrn, instance):
+            yield ValidationError(
+                f"{instance!r} does not match {patrn!r}",
+                rule=self,
+                path_override=path,
+            )
+
+    def validate(self, ref: str, patrn: str):
+        p = self.parameters.get(ref, {})
+        if isinstance(p, dict):
+            p_default = p.get("Default", None)
+            if isinstance(p_default, (str)):
+                yield from self._pattern(
+                    p_default, patrn, ["Parameters", ref, "Default"]
+                )
+
+            p_avs = p.get("AllowedValues", [])
+            if isinstance(p_avs, list):
+                for p_av_index, p_av in enumerate(p_avs):
+                    yield from self._pattern(
+                        p_av, patrn, ["Parameters", ref, "AllowedValues", p_av_index]
+                    )
diff --git a/src/cfnlint/rules/resources/properties/AllowedPattern.py b/src/cfnlint/rules/resources/properties/AllowedPattern.py
@@ -17,9 +17,19 @@ class AllowedPattern(CloudFormationLintRule):
     description = "Check if properties have a valid value in case of a pattern (Regular Expression)"
     source_url = "https://github.com/awslabs/cfn-python-lint/blob/main/docs/cfn-resource-specification.md#allowedpattern"
     tags = ["resources", "property", "allowed pattern", "regex"]
+    child_rules = {
+        "W2031": None,
+    }
 
     # pylint: disable=unused-argument
     def pattern(self, validator, patrn, instance, schema):
+        if isinstance(instance, dict):
+            if len(instance) == 1:
+                for k, v in instance.items():
+                    if k == "Ref":
+                        if self.child_rules.get("W2031"):
+                            yield from self.child_rules["W2031"].validate(v, patrn)
+                        return
         if validator.is_type(instance, "string"):
             # skip any dynamic reference strings
             if REGEX_DYN_REF.findall(instance):

diff --git a/src/cfnlint/schema/_constants.py b/src/cfnlint/schema/_constants.py
diff --git a/src/cfnlint/schema/getatts.py b/src/cfnlint/schema/getatts.py
@@ -5,9 +5,42 @@
 import enum
 from typing import Any, Dict, Optional
 
-from cfnlint.schema._constants import _all_property_types
 from cfnlint.schema._pointer import resolve_pointer
 
+_all_property_types = [
+    "AWS::Amplify::Branch",
+    "AWS::Amplify::Domain",
+    "AWS::AppSync::DomainName",
+    "AWS::Backup::BackupSelection",
+    "AWS::Backup::BackupVault",
+    "AWS::CodeArtifact::Domain",
+    "AWS::CodeArtifact::Repository",
+    "AWS::EC2::CapacityReservation",
+    "AWS::EC2::Subnet",
+    "AWS::EC2::VPC",
+    "AWS::EFS::MountTarget",
+    "AWS::EKS::Nodegroup",
+    "AWS::ImageBuilder::Component",
+    "AWS::ImageBuilder::ContainerRecipe",
+    "AWS::ImageBuilder::DistributionConfiguration",
+    "AWS::ImageBuilder::ImagePipeline",
+    "AWS::ImageBuilder::ImageRecipe",
+    "AWS::ImageBuilder::InfrastructureConfiguration",
+    "AWS::RDS::DBParameterGroup",
+    "AWS::RoboMaker::RobotApplication",
+    "AWS::RoboMaker::SimulationApplication",
+    "AWS::Route53Resolver::ResolverRule",
+    "AWS::Route53Resolver::ResolverRuleAssociation",
+    "AWS::SNS::Topic",
+    "AWS::SQS::Queue",
+    "AWS::SageMaker::DataQualityJobDefinition",
+    "AWS::SageMaker::ModelBiasJobDefinition",
+    "AWS::SageMaker::ModelExplainabilityJobDefinition",
+    "AWS::SageMaker::ModelQualityJobDefinition",
+    "AWS::SageMaker::MonitoringSchedule",
+    "AWS::StepFunctions::Activity",
+]
+
 
 class GetAttType(enum.Enum):
     ReadOnly = 1