Closed ewbankkit closed 2 years ago
will likely run into https://github.com/golang/go/issues/7252 too
grep -E '\d{4}}' *
aws-appintegrations-eventintegration.json: "pattern" : "^arn:aws:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$",
aws-appintegrations-eventintegration.json: "pattern" : "^arn:aws:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$",
aws-apprunner-service.json: "pattern" : "arn:aws(-[\\w]+)*:[a-z0-9-\\\\.]{0,63}:[a-z0-9-\\\\.]{0,63}:[0-9]{12}:(\\w|\\/|-){1,1011}"
aws-apprunner-service.json: "pattern" : "arn:aws(-[\\w]+)*:[a-z0-9-\\\\.]{0,63}:[a-z0-9-\\\\.]{0,63}:[0-9]{12}:(\\w|\\/|-){1,1011}"
aws-apprunner-service.json: "pattern" : "arn:aws(-[\\w]+)*:[a-z0-9-\\\\.]{0,63}:[a-z0-9-\\\\.]{0,63}:[0-9]{12}:(\\w|\\/|-){1,1011}"
aws-chatbot-slackchannelconfiguration.json: "pattern" : "^arn:(aws[a-zA-Z-]*)?:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$"
aws-chatbot-slackchannelconfiguration.json: "pattern" : "^arn:(aws[a-zA-Z-]*)?:[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$"
aws-chatbot-slackchannelconfiguration.json: "pattern" : "^arn:(aws[a-zA-Z-]*)?:chatbot:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9_/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$"
aws-chatbot-slackchannelconfiguration.json: "pattern" : "^(^$|arn:aws:iam:[A-Za-z0-9_\\/.-]{0,63}:[A-Za-z0-9_\\/.-]{0,63}:[A-Za-z0-9][A-Za-z0-9:_\\/+=,@.-]{0,1023})$"
aws-finspace-environment.json: "pattern" : "^https?://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]{1,1000}"
aws-finspace-environment.json: "pattern" : "^https?://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]{1,1000}"
aws-finspace-environment.json: "pattern" : "^[a-zA-Z0-9. ]{1,1000}$"
aws-finspace-environment.json: "pattern" : "^[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]{1,1000}"
aws-finspace-environment.json: "pattern" : "^[a-zA-Z-0-9-:\\/.]*{1,1000}$"
aws-finspace-environment.json: "pattern" : "^[a-zA-Z-0-9-:\\/]*{1,1000}$"
aws-groundstation-config.json: "pattern" : "^[{}\\[\\]:.,\"0-9A-z\\-_\\s]{1,8192}$"
aws-kendra-datasource.json: "pattern" : "arn:[a-z0-9-\\.]{1,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[^/].{0,1023}"
aws-kendra-datasource.json: "pattern" : "arn:[a-z0-9-\\.]{1,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[^/].{0,1023}"
aws-kendra-faq.json: "pattern" : "arn:[a-z0-9-\\.]{1,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[^/].{0,1023}"
aws-kendra-index.json: "pattern" : "arn:[a-z0-9-\\.]{1,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[^/].{0,1023}"
aws-lookoutequipment-inferencescheduler.json: "pattern" : "^[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,2048}$",
aws-lookoutequipment-inferencescheduler.json: "pattern" : "^[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,2048}$",
aws-resiliencehub-app.json: "pattern" : "^arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:([a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]):[0-9]{12}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$"
aws-resiliencehub-app.json: "pattern" : "^arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:([a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]):[0-9]{12}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$"
aws-resiliencehub-resiliencypolicy.json: "pattern" : "^arn:(aws|aws-cn|aws-iso|aws-iso-[a-z]{1}|aws-us-gov):[A-Za-z0-9][A-Za-z0-9_/.-]{0,62}:([a-z]{2}-((iso[a-z]{0,1}-)|(gov-)){0,1}[a-z]+-[0-9]):[0-9]{12}:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}$"
aws-wafv2-rulegroup.json: "pattern" : "^[0-9A-Za-z_:-]{1,1024}$"
aws-wafv2-rulegroup.json: "pattern" : "^[0-9A-Za-z_:-]{1,1024}$"
aws-wafv2-webacl.json: "pattern" : "^[0-9A-Za-z_:-]{1,1024}$"
aws-wafv2-webacl.json: "pattern" : "^[0-9A-Za-z_:-]{1,1024}$"
Until either
we could make some progress by checking during schema download whether a pattern is a valid Go regexp pattern. This would involve changes to https://github.com/hashicorp/aws-cloudformation-resource-schema-sdk-go/blob/main/sanitize.go.
Relates #45. Relates https://github.com/hashicorp/aws-cloudformation-resource-schema-sdk-go/issues/7.
Due to regex syntax mismatches (e.g. negative lookahead) between the JSON Schema/ECMA-262 specification and the
gojsonschema
implementation which uses Go's re2, when downloading CloudFormation resource schemas we are currently rewriting allpattern
(andpropertyPattern
) values to the empty string, which in effect means no validation takes place.Longer term we should investigate less brute force workarounds.