Class: CustomRuleLoader

Inherits:

Object

Object
CustomRuleLoader

show all

Defined in:: lib/cfn-nag/custom_rule_loader.rb

Overview

This object can discover the internal and custom user-provided rules and apply these rules to a CfnModel object

Instance Method Summary collapse

#execute_custom_rules(cfn_model, rules_registry) ⇒ Object
#initialize(rule_directory: nil, allow_suppression: true, print_suppression: false, isolate_custom_rule_exceptions: false, rule_repository_definitions: []) ⇒ CustomRuleLoader constructor

A new instance of CustomRuleLoader.
#rule_definitions(force_refresh: false) ⇒ Object

the first time this runs, it’s “expensive”.

Constructor Details

#initialize(rule_directory: nil, allow_suppression: true, print_suppression: false, isolate_custom_rule_exceptions: false, rule_repository_definitions: []) ⇒ `CustomRuleLoader`

Returns a new instance of CustomRuleLoader.

# File 'lib/cfn-nag/custom_rule_loader.rb', line 16

def initialize(rule_directory: nil,
               allow_suppression: true,
               print_suppression: false,
               isolate_custom_rule_exceptions: false,
               rule_repository_definitions: [])
  @rule_directory = rule_directory
  @allow_suppression = allow_suppression
  @print_suppression = print_suppression
  @isolate_custom_rule_exceptions = isolate_custom_rule_exceptions
  @rule_repository_definitions = rule_repository_definitions
  @registry = nil
end

Instance Method Details

#execute_custom_rules(cfn_model, rules_registry) ⇒ `Object`

# File 'lib/cfn-nag/custom_rule_loader.rb', line 45

def execute_custom_rules(cfn_model, rules_registry)
  if Logging.logger['log'].debug?
    Logging.logger['log'].debug "cfn_model: #{cfn_model}"
  end

  violations = []

  validate_cfn_nag_metadata(cfn_model)

  filter_rule_classes cfn_model, violations, rules_registry

  violations
end

#rule_definitions(force_refresh: false) ⇒ `Object`

the first time this runs, it’s “expensive”. the core rules, the gem-based rules will load, and any other repos like “s3” will go the expensive route. after that, it’s cached so you can call it as many times as you like unless you force_refresh

# File 'lib/cfn-nag/custom_rule_loader.rb', line 34

def rule_definitions(force_refresh: false)
  if @registry.nil? || force_refresh
    @registry = FileBasedRuleRepo.new(@rule_directory).discover_rules
    @registry.merge! GemBasedRuleRepo.new.discover_rules

    @registry = RuleRepositoryLoader.new.merge(@registry, @rule_repository_definitions)
    @registry
  end
  @registry
end