Skip to content

Valid YML flagged as non-valid and linting error that makes it throughΒ #744

New issue
New issue
Open
Open
Valid YML flagged as non-valid and linting error that makes it through#744
@DarwinJS

Description

@DarwinJS
DarwinJS
opened on Jul 8, 2022

Describe the bug

With the latest qs-cfn-lint-rules (commit: e76e881bde4ed692ac284d0573ea8621d51c1d8a)

This fails:

            105_gitlab_distro_mapping:
              command: !Sub |
                IFS='.' read -r major minor patch <<< '${GitLabVersion}'; if [ ${major} -ge 15 ]; then sed -i 's/\/el\/7/\/amazon\/2/g' /etc/yum.repos.d/gitlab_gitlab*.repo; else sed -i 's/\/amazon\/2/\/el\/7/g' /etc/yum.repos.d/gitlab_gitlab*.repo; fi

With the linting error:

[ERROR  ] : ---
[ERROR  ] : Linting detected issues in: /mnt/templates/workload/gitlab-gitaly-template.yaml
[ERROR  ] :     line 246 [1019] [Sub validation of parameters] Parameter major for Fn::Sub not found at Resources/GitalyAutoScalingGroup/Me
                                                     tadata/AWS::CloudFormation::Init/02_prereqs/commands/104_gitlab_distro_mappi
                                                     ng/command/Fn::Sub

The syntax is valid and documented in many places.

This "Join" version makes it through the linting - but then in CloudFormation the lack of double back slash generates a yaml error when the stack runs:

            105_gitlab_distro_mapping:
              command:
                Fn::Join:
                  - ""
                  - - "IFS='.' read -r major minor patch <<< '"
                    - Ref: "GitLabVersion"
                    - "'; if [ ${major} -ge 15 ]; then sed -i 's/\/el\/7/\/amazon\/2/g' /etc/yum.repos.d/gitlab_gitlab*.repo; else sed -i 's/\/amazon\/2/\/el\/7/g' /etc/yum.repos.d/gitlab_gitlab*.repo; fi"

To Reproduce
Steps to reproduce the behavior:

  1. Use the Join version of the code exactly
  2. Notice that linting let's it pass
  3. Notice that the cloudformation template gets a malformed yaml error.

Expected behavior
The Sub form should pass cfn-lint / taskcat linting.
Perhaps the lack of escaping \ should be caught as a yaml syntax error.

Screenshots
If applicable, add screenshots to help explain your problem.

**Version (Please make sure you are running the latest version of taskcat)

  • Taskcat Version (ex: [2018.817.210357])

Note: Python Version (python3 required)

To find versions:
Via taskcat: taskcat -V
Via pip3: pip3 show taskcat

Note: both version should match

To update taskcat run:
for docker : docker pull taskcat/taskcat
for pip3: pip3 install --upgrade taskcat

Additional context
Add any other context about the problem here.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions