class CfnGuardian::Validate

Public Class Methods

new(bucket) click to toggle source
# File lib/cfnguardian/validate.rb, line 11
def initialize(bucket)
  @bucket = bucket
  @prefix = "validation"
  @client = Aws::CloudFormation::Client.new()
end

Public Instance Methods

validate() click to toggle source
# File lib/cfnguardian/validate.rb, line 17
def validate()
  success = []
  Dir["out/*.yaml"].each do |template|
    file_size_bytes = File.size(template)

    if file_size_bytes > 51200
      success << validate_s3(template)
    else
      success << validate_local(template)
    end
  end
  return success.include?(false)
end
validate_local(path) click to toggle source
# File lib/cfnguardian/validate.rb, line 31
def validate_local(path)
  logger.info "Validating template #{path} locally"
  template = File.read path
  begin
    response = @client.validate_template({
      template_body: template
    })
  rescue Aws::CloudFormation::Errors::ValidationError => e
    logger.warn("template #{path} failed validation with error:\n====> #{e.message}")
    return false
  end
  return true
end
validate_s3(path) click to toggle source
# File lib/cfnguardian/validate.rb, line 45
def validate_s3(path)
  success = true
  logger.info "Validating template #{path} from s3 bucket #{@bucket}"
  
  template = File.read path
  md5 = Digest::MD5.hexdigest template
  prefix = "#{@prefix}/#{md5}"

  client = Aws::S3::Client.new()
  client.put_object({
    body: template,
    bucket: @bucket,
    key: prefix
  })
  logger.info("uploaded #{path} to s3://#{@bucket}/#{prefix}")
  
  begin
    response = @client.validate_template({
      template_url: "https://#{@bucket}.s3.amazonaws.com/#{prefix}"
    })
  rescue Aws::CloudFormation::Errors::ValidationError => e
    logger.warn("template #{path} failed validation with error:\n====> #{e.message}")
    success = false
  end

  client.put_object({
    bucket: @bucket,
    key: prefix
  })
  logger.debug("removed validated template s3://#{@bucket}/#{prefix}")
  
  return success
end