Add lint and compile commands

[viraptor]

Make it easy to use cfn-lint on the templated stacks. The templated
stack is written to a temporary file which cfn-lint is run on. Since
the error messages contain the path to the json node, it's not that
important to preserve the rendered json with matching lines.

Unfortunately there's no special error code for success/failure. We can
just forward the original output.

Having cfn-lint is not a requirement for stack_master and the missing
binary is handled without exploding.

Also add a compile command which outputs the processed stack
template for use in other tools.

[viraptor]

Failure:

Executing lint on market-splunk-indexer in us-east-1
Failed to run cfn-lint, do you have it installed and available in $PATH?

Success:

Executing lint on market-splunk-indexer in us-east-1
cfn-lint 0.3.3
E2002 Parameter MarketAppVpcNatGatewayIps has invalid type List<String>
/var/folders/kq/pm2zcyfs5sggbt9sc5jcmrnm0000gn/T/stack20180711-72036-heg8pd.json:9:7

...

[patrobinson]

Are we able to test this? Even if we stub out system call, just to make sure future changes to Stack class are caught :)

[patrobinson]

What if it's a YAML template?

[viraptor]

I was under the impression that proposed_stack.template_body will always be json. Is that incorrect?

If it can be yaml, that's supported too, just need to change the suffix.

[stevehodgkiss]

Yeah the template sent to CF is always JSON from StackMaster (even if the original template is YAML). Turns out YAML is sent through as is https://github.com/envato/stack_master/blob/master/lib/stack_master/template_compilers/yaml.rb

[patrobinson]

AFAIK we support native YAML templates and we submit them as YAML to CloudFormation. I do not know though if template_body will always be json.

[stevehodgkiss]

I'm not sure if this belongs in StackMaster. I imagine it'd be pretty easy to wire up using a compile command, which I realise now we don't have but I think it'd be a useful addition - stack_master compile region stack | cfn-lint.

[stevehodgkiss]

Yeah the template sent to CF is always JSON from StackMaster (even if the original template is YAML). Turns out YAML is sent through as is https://github.com/envato/stack_master/blob/master/lib/stack_master/template_compilers/yaml.rb

[stevehodgkiss]

An alternative to using files could be to send the template as STDIN to cfn-lint (assuming it supports that).

[viraptor]

I'd be happy with the compile command instead. cfn-lint doesn't do stdin, but you can always use /dev/stdin instead.

I'd prefer the lint one instead for community reasons: It's not a well known project, but has a lot of potential. If it was explicitly raised as a possibility from the help screen, I think that would improve life for a lot of people. (if I didn't have to wait for AWS to break after submitting the stack, I'd save so much time...)

But I can go with consensus. Are the strong feelings about the approach either way?

[stevehodgkiss]

I'm not strongly opposed to including a lint command. Happy for it to be included if it would be useful. I think a compile command would be a good addition regardless of this choice though.

[simpsora]

👍 to compile.
👍 to linting. Given that a good portion of SM's functionality is transforming templates from one format to the other (and hence you're often not working in the native format), it'd be great to have an offline way to ensure the generated template is valid.

[patrobinson]

This should exit with a non-zero exit code.

[patrobinson]

Can we pass the exit code from cfn-lint back?

[viraptor]

cf-lint doesn't care :( it's always 0, whether it fails or not.

[patrobinson]

Boo

[patrobinson]

What's the point of the nil check here?

[viraptor]

copy-pasta