Class: S3BucketBasedRuleRepo

Inherits:
Object
  • Object
show all
Defined in:
lib/cfn-nag/rule_repos/s3_based_rule_repo.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(s3_bucket_name:, prefix:, index_lifetime: '1h', aws_profile: nil) ⇒ S3BucketBasedRuleRepo

Returns a new instance of S3BucketBasedRuleRepo.



28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
# File 'lib/cfn-nag/rule_repos/s3_based_rule_repo.rb', line 28

def initialize(s3_bucket_name:, prefix:, index_lifetime: '1h', aws_profile: nil)
  @s3_bucket_name = s3_bucket_name
  @prefix = remove_leading_slash(prefix)
  @index_cache = Lightly.new(
    dir: cache_path('cfn_nag_s3_index_cache', s3_bucket_name),
    life: index_lifetime,
    hash: true
  )

  # except in dev mode, rules are immutable so once we have it don't worry about it changing
  @rule_cache = Lightly.new(
    dir: cache_path('cfn_nag_s3_rule_cache', s3_bucket_name),
    life: '1000d',
    hash: true
  )
  @aws_profile = aws_profile
  @s3_resource = nil
end

Instance Attribute Details

#aws_profileObject (readonly)

Returns the value of attribute aws_profile.



26
27
28
# File 'lib/cfn-nag/rule_repos/s3_based_rule_repo.rb', line 26

def aws_profile
  @aws_profile
end

#index_life_timeObject (readonly)

Returns the value of attribute index_life_time.



26
27
28
# File 'lib/cfn-nag/rule_repos/s3_based_rule_repo.rb', line 26

def index_life_time
  @index_life_time
end

#prefixObject (readonly)

Returns the value of attribute prefix.



26
27
28
# File 'lib/cfn-nag/rule_repos/s3_based_rule_repo.rb', line 26

def prefix
  @prefix
end

#s3_bucket_nameObject (readonly)

Returns the value of attribute s3_bucket_name.



26
27
28
# File 'lib/cfn-nag/rule_repos/s3_based_rule_repo.rb', line 26

def s3_bucket_name
  @s3_bucket_name
end

Instance Method Details

#discover_rulesObject



47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
# File 'lib/cfn-nag/rule_repos/s3_based_rule_repo.rb', line 47

def discover_rules
  Logging.logger['log'].debug "S3BucketBasedRuleRepo.discover_rules in #{@s3_bucket_name}, #{@prefix}"

  rule_registry = RuleRegistry.new

  index = index(@s3_bucket_name, @prefix)
  Logging.logger['log'].debug "index: #{index}"

  index.each do |rule_object_key|
    rule_code = @rule_cache.get(rule_object_key) do
      cache_miss(rule_object_key)
    end

    rule_class_name = select_class_name_from_object_key(rule_object_key)

    eval_code_in_object_scope rule_code

    rule_registry.definition(Object.const_get(rule_class_name))
  end

  rule_registry
end

#nuke_cacheObject



70
71
72
73
74
75
76
# File 'lib/cfn-nag/rule_repos/s3_based_rule_repo.rb', line 70

def nuke_cache
  cached_dirs = [
    cache_path('cfn_nag_s3_index_cache', @s3_bucket_name),
    cache_path('cfn_nag_s3_rule_cache', @s3_bucket_name)
  ]
  FileUtils.rm_rf(cached_dirs)
end