Sanitize quotes/double quotes in manifest resource_file field

[riccardo94p]

Problem

If specifying the resource_file in the resource section of the manifest.yaml file with double quotes, the Build stage in the CodePipeline breaks. As per the AWS Documentation on the matter, this field is of type String therefore they should be allowed. Moreover, quotes are not explicitly prohibited.

More specifically, given a manifest.yaml as follows:

---
region: "eu-west-1"
version: 2021-03-15
resources:
  - name: "cfct-cloudformation-infra-customization"
    resource_file: "templates/infrastructure.template"
    deploy_method: stack_set
    deployment_targets:
      accounts:
        - 123456789101

The CodeBuild action fails with the following message:

ERROR: File "templates/infrastructure.template" does not exist
^^^ Caught an error: Setting exit status flag to 1 ^^^

Upon closer inspection, this happens in the run-validation.sh script when it checks each file in the manifest to make sure it exists (in version 2.6.0 it begins in line 90). Here, the double quotes are propagated into the file name resulting into a path such as: /current/path/custom-control-tower-configuration/"templates/infrastructure.template".

Suggested improvement

Add double quotes sanitization, such as: file_name="${file_name//\"/}" or add some error message explaining that double quotes are not allowed in the resource_file property in the manifest.

[snebhu3]

@riccardo94p Thanks for reaching out. I have created an internal backlog to address this. As a workaround we recommend not using quotes for specifying file name.