FEATURE: EKS Protection #61
Merged
aws-ia-automator-prod / Static Analysis
succeeded
Sep 23, 2024 in 0s
Static Analysis
Using config file: /task/2895b1d7-79b6-11ef-8681-be309813ec27/project/.project_config.yml
Step 1/2 : FROM public.ecr.aws/codebuild/amazonlinux2-x86_64-standard:4.0
---> f33873030006
Step 2/2 : RUN pip3 install taskcat
---> Running in bdf44cf6b209
Collecting taskcat
Downloading taskcat-0.9.54-py3-none-any.whl (122 kB)
Requirement already satisfied: botocore<2.0,>=1.12.21 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from taskcat) (1.35.3)
Collecting jsonschema<4.0,>=3.0
Downloading jsonschema-3.2.0-py2.py3-none-any.whl (56 kB)
Requirement already satisfied: PyYAML<7.0,>=6.0 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from taskcat) (6.0.2)
Collecting tabulate<1.0,>=0.8.2
Downloading tabulate-0.9.0-py3-none-any.whl (35 kB)
Collecting pathspec==0.10.3
Downloading pathspec-0.10.3-py3-none-any.whl (29 kB)
Requirement already satisfied: pip in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from taskcat) (21.3.1)
Collecting dataclasses-jsonschema<2.15.2,>=2.9.0
Downloading dataclasses_jsonschema-2.15.1-py3-none-any.whl (17 kB)
Requirement already satisfied: requests>=2.31.0 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from taskcat) (2.32.3)
Collecting cfn_lint<1.0,>=0.72.0
Downloading cfn_lint-0.87.10-py3-none-any.whl (4.0 MB)
Collecting dulwich<1.0,>=0.19
Downloading dulwich-0.22.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (981 kB)
Collecting markupsafe==2.0.1
Downloading MarkupSafe-2.0.1-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (30 kB)
Requirement already satisfied: setuptools>=40.4.3 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from taskcat) (57.5.0)
Collecting yattag<2.0,>=1.10.0
Downloading yattag-1.16.0.tar.gz (29 kB)
Preparing metadata (setup.py): started
Preparing metadata (setup.py): finished with status 'done'
Collecting GitPython>=3.1.43
Downloading GitPython-3.1.43-py3-none-any.whl (207 kB)
Collecting reprint
Downloading reprint-0.6.0-py2.py3-none-any.whl (6.0 kB)
Requirement already satisfied: urllib3<2 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from taskcat) (1.26.19)
Requirement already satisfied: jinja2<4.0,>=3.1.1 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from taskcat) (3.1.4)
Requirement already satisfied: boto3<2.0,>=1.9.21 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from taskcat) (1.35.3)
Requirement already satisfied: docker<8.0,>=7.0 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from taskcat) (7.1.0)
Requirement already satisfied: jmespath<2.0.0,>=0.7.1 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from boto3<2.0,>=1.9.21->taskcat) (1.0.1)
Requirement already satisfied: s3transfer<0.11.0,>=0.10.0 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from boto3<2.0,>=1.9.21->taskcat) (0.10.2)
Requirement already satisfied: python-dateutil<3.0.0,>=2.1 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from botocore<2.0,>=1.12.21->taskcat) (2.9.0.post0)
Requirement already satisfied: networkx<4,>=2.4 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from cfn_lint<1.0,>=0.72.0->taskcat) (3.2.1)
Requirement already satisfied: sympy>=1.0.0 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from cfn_lint<1.0,>=0.72.0->taskcat) (1.13.2)
Requirement already satisfied: aws-sam-translator>=1.89.0 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from cfn_lint<1.0,>=0.72.0->taskcat) (1.91.0)
Requirement already satisfied: jsonpatch in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from cfn_lint<1.0,>=0.72.0->taskcat) (1.33)
Requirement already satisfied: regex>=2021.7.1 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from cfn_lint<1.0,>=0.72.0->taskcat) (2024.7.24)
Collecting jschema-to-python~=1.2.3
Downloading jschema_to_python-1.2.3-py3-none-any.whl (10 kB)
Collecting sarif-om~=1.0.4
Downloading sarif_om-1.0.4-py3-none-any.whl (30 kB)
Collecting junit-xml~=1.9
Downloading junit_xml-1.9-py2.py3-none-any.whl (7.1 kB)
Collecting gitdb<5,>=4.0.1
Downloading gitdb-4.0.11-py3-none-any.whl (62 kB)
Requirement already satisfied: attrs>=17.4.0 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from jsonschema<4.0,>=3.0->taskcat) (24.2.0)
Requirement already satisfied: six>=1.11.0 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from jsonschema<4.0,>=3.0->taskcat) (1.16.0)
Collecting pyrsistent>=0.14.0
Downloading pyrsistent-0.20.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (117 kB)
Requirement already satisfied: charset-normalizer<4,>=2 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from requests>=2.31.0->taskcat) (3.3.2)
Requirement already satisfied: idna<4,>=2.5 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from requests>=2.31.0->taskcat) (3.7)
Requirement already satisfied: certifi>=2017.4.17 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from requests>=2.31.0->taskcat) (2024.7.4)
Collecting backports.shutil-get-terminal-size
Downloading backports.shutil_get_terminal_size-1.0.0-py2.py3-none-any.whl (6.5 kB)
Requirement already satisfied: colorama in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from reprint->taskcat) (0.4.6)
Requirement already satisfied: pydantic!=1.10.15,!=1.10.17,<3,>=1.8 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from aws-sam-translator>=1.89.0->cfn_lint<1.0,>=0.72.0->taskcat) (2.8.2)
Requirement already satisfied: typing-extensions>=4.4 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from aws-sam-translator>=1.89.0->cfn_lint<1.0,>=0.72.0->taskcat) (4.12.2)
Collecting smmap<6,>=3.0.1
Downloading smmap-5.0.1-py3-none-any.whl (24 kB)
Collecting jsonpickle
Downloading jsonpickle-3.3.0-py3-none-any.whl (42 kB)
Collecting pbr
Downloading pbr-6.1.0-py2.py3-none-any.whl (108 kB)
Requirement already satisfied: mpmath<1.4,>=1.1.0 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from sympy>=1.0.0->cfn_lint<1.0,>=0.72.0->taskcat) (1.3.0)
Requirement already satisfied: jsonpointer>=1.9 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from jsonpatch->cfn_lint<1.0,>=0.72.0->taskcat) (3.0.0)
Requirement already satisfied: annotated-types>=0.4.0 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from pydantic!=1.10.15,!=1.10.17,<3,>=1.8->aws-sam-translator>=1.89.0->cfn_lint<1.0,>=0.72.0->taskcat) (0.7.0)
Requirement already satisfied: pydantic-core==2.20.1 in /root/.pyenv/versions/3.9.17/lib/python3.9/site-packages (from pydantic!=1.10.15,!=1.10.17,<3,>=1.8->aws-sam-translator>=1.89.0->cfn_lint<1.0,>=0.72.0->taskcat) (2.20.1)
Building wheels for collected packages: yattag
Building wheel for yattag (setup.py): started
Building wheel for yattag (setup.py): finished with status 'done'
Created wheel for yattag: filename=yattag-1.16.0-py3-none-any.whl size=15894 sha256=835b331d3889ed4425a53ba67f1656fdcc276a931299d22ea13d4b28b2f3de38
Stored in directory: /root/.cache/pip/wheels/81/b4/2e/55bf9d416cb17e84de12b7d5e7967c4af5d77891425c0e8528
Successfully built yattag
Installing collected packages: pyrsistent, smmap, pbr, jsonschema, jsonpickle, sarif-om, markupsafe, junit-xml, jschema-to-python, gitdb, backports.shutil-get-terminal-size, yattag, tabulate, reprint, pathspec, GitPython, dulwich, dataclasses-jsonschema, cfn-lint, taskcat
Attempting uninstall: jsonschema
Found existing installation: jsonschema 4.23.0
Uninstalling jsonschema-4.23.0:
Successfully uninstalled jsonschema-4.23.0
Attempting uninstall: markupsafe
Found existing installation: MarkupSafe 2.1.5
Uninstalling MarkupSafe-2.1.5:
Successfully uninstalled MarkupSafe-2.1.5
Attempting uninstall: cfn-lint
Found existing installation: cfn-lint 1.10.3
Uninstalling cfn-lint-1.10.3:
Successfully uninstalled cfn-lint-1.10.3
�[91mERROR: pip's dependency resolver does not currently take into account all the packages that are installed. This behaviour is the source of the following dependency conflicts.
werkzeug 3.0.4 requires MarkupSafe>=2.1.1, but you have markupsafe 2.0.1 which is incompatible.
aws-sam-cli 1.123.0 requires cfn-lint~=1.10.0, but you have cfn-lint 0.87.10 which is incompatible.
�[0mSuccessfully installed GitPython-3.1.43 backports.shutil-get-terminal-size-1.0.0 cfn-lint-0.87.10 dataclasses-jsonschema-2.15.1 dulwich-0.22.1 gitdb-4.0.11 jschema-to-python-1.2.3 jsonpickle-3.3.0 jsonschema-3.2.0 junit-xml-1.9 markupsafe-2.0.1 pathspec-0.10.3 pbr-6.1.0 pyrsistent-0.20.0 reprint-0.6.0 sarif-om-1.0.4 smmap-5.0.1 tabulate-0.9.0 taskcat-0.9.54 yattag-1.16.0
�[91mWARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
�[0m�[91mWARNING: You are using pip version 21.3.1; however, version 24.2 is available.
You should consider upgrading via the '/root/.pyenv/versions/3.9.17/bin/python3.9 -m pip install --upgrade pip' command.
�[0m ---> d6ab76c09ef5
sha256:d6ab76c09ef5c3a5ba8d48f65800879cbd49392ce482d8cac850edffeccbb019
Successfully built d6ab76c09ef5
Successfully tagged custom-image:latest
Container created with ID: f3d2e1bf7fa82fd6c79394445ca083d00b7923e9a2ca630a3ae24d58f99829b7
===========================================================================
TASK LOGS START
===========================================================================
+ PROJECT_PATH=/task/2895b1d7-79b6-11ef-8681-be309813ec27/project
+ PROJECT_TYPE_PATH=/task/2895b1d7-79b6-11ef-8681-be309813ec27/projecttype
+ cd /task/2895b1d7-79b6-11ef-8681-be309813ec27/project
+ find templates -name '*.yaml' -o -name '*.yml' -o -name '*.json'
+ xargs cfn-lint
+ taskcat lint
_ _ _
| |_ __ _ ___| | _____ __ _| |_
| __/ _` / __| |/ / __/ _` | __|
| || (_| \__ \ < (_| (_| | |_
\__\__,_|___/_|\_\___\__,_|\__|
version 0.9.54
[INFO ] : Linting passed for file: /task/2895b1d7-79b6-11ef-8681-be309813ec27/project/templates/crowdstrike_init_stack.yaml
[INFO ] : Linting passed for file: /task/2895b1d7-79b6-11ef-8681-be309813ec27/project/templates/aws_cspm_cloudformation_ioa_comm_gov.json
[INFO ] : Linting passed for file: /task/2895b1d7-79b6-11ef-8681-be309813ec27/project/templates/aws_cspm_cloudformation_v2.json
===========================================================================
TASK LOGS END
===========================================================================
Loading