33SPDX-License-Identifier: MIT-0
44"""
55import six
6+ from cfnlint .helpers import VALID_PARAMETER_TYPES_LIST
67from cfnlint .rules import CloudFormationLintRule
78from cfnlint .rules import RuleMatch
89
@@ -15,53 +16,70 @@ class Equals(CloudFormationLintRule):
1516 source_url = 'https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-conditions.html#intrinsic-function-reference-conditions-equals'
1617 tags = ['functions' , 'equals' ]
1718
19+ allowed_functions = ['Ref' , 'Fn::FindInMap' ,
20+ 'Fn::Sub' , 'Fn::Join' , 'Fn::Select' , 'Fn::Split' ]
21+ function = 'Fn::Equals'
22+
23+ def _check_equal_values (self , cfn , element , path ):
24+ matches = []
25+
26+ if len (element ) == 1 :
27+ for element_key , element_value in element .items ():
28+ if element_key not in self .allowed_functions :
29+ message = self .function + \
30+ ' element must be a supported function ({0})'
31+ matches .append (RuleMatch (
32+ path [:] + [element_key ],
33+ message .format (', ' .join (self .allowed_functions ))
34+ ))
35+ elif element_key == 'Ref' :
36+ valid_refs = cfn .get_valid_refs ()
37+ if element_value in valid_refs :
38+ if valid_refs [element_value ].get ('From' ) == 'Parameters' :
39+ if valid_refs [element_value ].get ('Type' ) in VALID_PARAMETER_TYPES_LIST :
40+ message = 'Every Fn::Equals object requires a list of 2 string parameters'
41+ matches .append (RuleMatch (
42+ path , message ))
43+ else :
44+ message = self .function + ' element must be a supported function ({0})'
45+ matches .append (RuleMatch (
46+ path ,
47+ message .format (', ' .join (self .allowed_functions ))
48+ ))
49+ return matches
50+
1851 def match (self , cfn ):
19- function = 'Fn::Equals'
2052 matches = []
2153 # Build the list of functions
22- trees = cfn .search_deep_keys (function )
23-
24- allowed_functions = ['Ref' , 'Fn::FindInMap' ,
25- 'Fn::Sub' , 'Fn::Join' , 'Fn::Select' , 'Fn::Split' ]
54+ trees = cfn .search_deep_keys (self .function )
2655
2756 for tree in trees :
2857 # Test when in Conditions
2958 if tree [0 ] == 'Conditions' :
3059 value = tree [- 1 ]
3160 if not isinstance (value , list ):
32- message = function + ' must be a list of two elements'
61+ message = self . function + ' must be a list of two elements'
3362 matches .append (RuleMatch (
3463 tree [:- 1 ],
3564 message .format ()
3665 ))
3766 elif len (value ) != 2 :
38- message = function + ' must be a list of two elements'
67+ message = self . function + ' must be a list of two elements'
3968 matches .append (RuleMatch (
4069 tree [:- 1 ],
4170 message .format ()
4271 ))
4372 else :
4473 for index , element in enumerate (value ):
4574 if isinstance (element , dict ):
46- if len (element ) == 1 :
47- for element_key in element .keys ():
48- if element_key not in allowed_functions :
49- message = function + ' element must be a supported function ({0})'
50- matches .append (RuleMatch (
51- tree [:- 1 ] + [index , element_key ],
52- message .format (', ' .join (allowed_functions ))
53- ))
54- else :
55- message = function + ' element must be a supported function ({0})'
56- matches .append (RuleMatch (
57- tree [:- 1 ] + [index ],
58- message .format (', ' .join (allowed_functions ))
59- ))
75+ matches .extend (self ._check_equal_values (
76+ cfn , element , tree [:- 1 ] + [index ]))
6077 elif not isinstance (element , (six .string_types , bool , six .integer_types , float )):
61- message = function + ' element must be a String, Boolean, Number, or supported function ({0})'
78+ message = self .function + \
79+ ' element must be a String, Boolean, Number, or supported function ({0})'
6280 matches .append (RuleMatch (
6381 tree [:- 1 ] + [index ],
64- message .format (', ' .join (allowed_functions ))
82+ message .format (', ' .join (self . allowed_functions ))
6583 ))
6684
6785 return matches
0 commit comments