Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cfn-lint silently ignores unrecognized arguments #2796

Open
iainelder opened this issue Jul 13, 2023 · 4 comments
Open

cfn-lint silently ignores unrecognized arguments #2796

iainelder opened this issue Jul 13, 2023 · 4 comments
Labels
enhancement New feature or request good first issue Good for newcomers v1 v1.X

Comments

@iainelder
Copy link

iainelder commented Jul 13, 2023
edited

CloudFormation Lint Version

cfn-lint 0.78.1

What operating system are you using?

Ubuntu 20.04

Describe the bug

Today I got really confused about why cfn-lint was ignoring aws-sso-util's own validation spec.

Why are the outputs different?

  • $ cfn-lint --template Macro-Test.yaml --region eu-central-1 --spec-override cfn-lint-spec.json 
E3001 Invalid or unsupported Type SSOUtil::SSO::AssignmentGroup for resource AssignmentGroup in eu-central-1
Macro-Test.yaml:25:5
  • $ cfn-lint --template Macro-Test.yaml --region eu-central-1 --override-spec cfn-lint-spec.json

It should have been the second one. I had mixed up the name of the parameter!

The CLI just seems to accept and silently ignore whatever it doesn't understand.

$ cfn-lint --template Macro-Test.yaml --region eu-central-1 --fdsfdsafdsafdsafdsafsa
E3001 Invalid or unsupported Type SSOUtil::SSO::AssignmentGroup for resource AssignmentGroup in eu-central-1
Macro-Test.yaml:25:5

Expected behavior

Fail on the unknown argument like this:

$ cfn-lint --template Macro-Test.yaml --region eu-central-1 --spec-override cfn-lint-spec.json 
fatal: unrecognized argument: --spec-override

(Inspired by git version 2.41.0's handling of unknown arguments. Try git log --names-only.)

or even better:

cfn-lint: '--spec-override' is not an argument. See 'cfn-lint --help'.

The most similar arguments are:
        --override-spec

(Inspired by git version 2.41.0's handling of unknown subcommands. Try git lag.)

Reproduction template

Template:

AWSTemplateFormatVersion: "2010-09-09"
Transform: AWS-SSO-Util-2020-11-08

Resources:
  AssignmentGroup:
    Type: SSOUtil::SSO::AssignmentGroup
    Properties:
      Name: ReadOnly
      InstanceArn: arn:aws:sso:::instance/ssoins-ffffffffffffffff
      Principal:
        - Type: USER
          Id: ffffffff-ffff-ffff-ffff-ffffffffffffffff
      PermissionSet:
        - arn:aws:sso:::permissionSet/ssoins-ffffffffffffffff/ps-ffffffffffffffff
      Target:
        - Type: AWS_OU
          Id: ou-zzzz-zzzzzzzz

Spec:

{
    "ResourceTypes": {
        "AWS::SSO::PermissionSet": {
            "Properties": {
                "InstanceArn": {
                    "Required": false
                },
                "InlinePolicy": {
                    "PrimitiveType": "Json"
                }
            }
        },
        "SSOUtil::SSO::AssignmentGroup": {
            "Properties": {
                "InstanceArn": {
                    "PrimitiveType": "String",
                    "Required": false,
                    "UpdateType": "Immutable"
                },
                "Name": {
                    "PrimitiveType": "String",
                    "Required": false,
                    "UpdateType": "Immutable"
                },
                "Principal": {
                    "Required": true,
                    "UpdateType": "Mutable"
                },
                "PermissionSet": {
                    "Required": true,
                    "UpdateType": "Mutable"
                },
                "Target": {
                    "Required": true,
                    "UpdateType": "Mutable"
                }
            }
        }
    }
}
@kddejong kddejong added enhancement New feature or request good first issue Good for newcomers labels Jul 14, 2023
@benkehoe
Copy link

This is tagged good first issue and indeed it's potentially a one-line change, but is there a reason it uses ArgumentParser.parse_known_args() instead of parse_args()?

cfn-lint/src/cfnlint/config.py

Line 315 in 86f0370

self.cli_args, _ = self.parser.parse_known_args(cli_args)

@kddejong
Copy link
Contributor

I've been thinking about this one for a while. I don't think so... except maybe just a miss. But good point I would want to see this through the ringer a few times to make sure I'm not missing something.

@ArjunMenon-bit ArjunMenon-bit mentioned this issue Nov 18, 2023
Closed
@ArjunMenon-bit
Copy link

Hi,
I am new to the open source community and would love to contribute to this project. Have raised a PR for the same.
Thanks.

@kddejong kddejong added the v1 v1.X label Dec 22, 2023
@kddejong
Copy link
Contributor

kddejong commented Jan 3, 2024

This is tagged good first issue and indeed it's potentially a one-line change, but is there a reason it uses ArgumentParser.parse_known_args() instead of parse_args()?

cfn-lint/src/cfnlint/config.py

Line 315 in 86f0370

self.cli_args, _ = self.parser.parse_known_args(cli_args)

I don't believe so. I was debating rolling this change into v1 just in case we are to break something as a result of this change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers v1 v1.X
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@benkehoe @iainelder @kddejong @ArjunMenon-bit