Skip to content

Commit

Permalink
Allow nested statements by overwriting their types with string (#15)
Browse files Browse the repository at this point in the history 
Issue #, if available:

Description of changes:
- on top of, and to be reviewed after #7
- nested statements are allowed in yaml files via strings e.g.
```
      statement:
        andStatement: |
          statements:
            - labelMatchStatement:
                scope: "RULE_SET"
                key: "aws:UserAgent"
                value: "Mozilla"
            - ipSetReferenceStatement:
                arn: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
```

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
  • Loading branch information
@TiberiuGC
TiberiuGC authored Sep 10, 2024
1 parent 8adfc01 commit 8eecb5e
Show file tree
Hide file tree
Showing 26 changed files with 7,754 additions and 7,001 deletions.
6 changes: 3 additions & 3 deletions apis/v1alpha1/ack-generate-metadata.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
ack_generate_info:
build_date: "2024-09-05T13:40:53Z"
build_date: "2024-09-09T18:11:17Z"
build_hash: f8f98563404066ac3340db0a049d2e530e5c51cc
go_version: go1.22.4
version: v0.38.1
api_directory_checksum: 0e04694172ad12b45ec0af07976e4bbf6b0de0fa
api_directory_checksum: f4b7bd99b718106f3d254342eecf898261033ab4
api_version: v1alpha1
aws_sdk_go_version: v1.51.21
generator_config_info:
file_checksum: ccd0894ca129269fc6e1521d1c8f770ed45d78f2
file_checksum: 6e1c5e9e2ed67b741bf090875a02d722e9fe192f
original_file_name: generator.yaml
last_modification:
reason: API generation
52 changes: 52 additions & 0 deletions apis/v1alpha1/generator.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,20 +55,72 @@ resources:
is_immutable: true
Capacity:
is_immutable: true
Rules.Statement.AndStatement:
type: string
set:
- ignore: "all"
Rules.Statement.OrStatement:
type: string
set:
- ignore: "all"
Rules.Statement.NotStatement:
type: string
set:
- ignore: "all"
Rules.Statement.ManagedRuleGroupStatement.ScopeDownStatement:
type: string
set:
- ignore: "all"
Rules.Statement.RateBasedStatement.ScopeDownStatement:
type: string
set:
- ignore: "all"
Rules.Statement.ByteMatchStatement.TextTransformations.Type:
go_tag: json:"type,omitempty"
hooks:
sdk_read_one_pre_build_request:
template_path: hooks/rulegroup/sdk_read_one_pre_build_request.go.tpl
sdk_read_one_post_set_output:
template_path: hooks/rulegroup/sdk_read_one_post_set_output.go.tpl
sdk_create_post_build_request:
template_path: hooks/rulegroup/sdk_create_post_build_request.go.tpl
sdk_update_post_build_request:
template_path: hooks/rulegroup/sdk_update_post_build_request.go.tpl
sdk_file_end:
template_path: hooks/common/sdk_file_end.go.tpl
WebACL:
fields:
Name:
is_primary_key: true
is_immutable: true
Rules.Statement.AndStatement:
type: string
set:
- ignore: "all"
Rules.Statement.OrStatement:
type: string
set:
- ignore: "all"
Rules.Statement.NotStatement:
type: string
set:
- ignore: "all"
Rules.Statement.ManagedRuleGroupStatement.ScopeDownStatement:
type: string
set:
- ignore: "all"
Rules.Statement.RateBasedStatement.ScopeDownStatement:
type: string
set:
- ignore: "all"
hooks:
sdk_read_one_pre_build_request:
template_path: hooks/webacl/sdk_read_one_pre_build_request.go.tpl
sdk_read_one_post_set_output:
template_path: hooks/webacl/sdk_read_one_post_set_output.go.tpl
sdk_create_post_build_request:
template_path: hooks/webacl/sdk_create_post_build_request.go.tpl
sdk_update_post_build_request:
template_path: hooks/webacl/sdk_update_post_build_request.go.tpl
sdk_file_end:
template_path: hooks/common/sdk_file_end.go.tpl
9 changes: 7 additions & 2 deletions apis/v1alpha1/types.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

25 changes: 25 additions & 0 deletions apis/v1alpha1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 10 additions & 0 deletions config/crd/bases/wafv2.services.k8s.aws_rulegroups.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -468,6 +468,8 @@ spec:
For example specifications, see the examples section of CreateWebACL.
properties:
andStatement:
type: string
byteMatchStatement:
description: |-
A rule statement that defines a string match search for WAF to apply to web
Expand Down Expand Up @@ -1652,11 +1654,17 @@ spec:
type: string
type: object
type: array
scopeDownStatement:
type: string
vendorName:
type: string
version:
type: string
type: object
notStatement:
type: string
orStatement:
type: string
rateBasedStatement:
description: |-
A rate-based rule counts incoming requests and rate limits requests when
Expand Down Expand Up @@ -1989,6 +1997,8 @@ spec:
limit:
format: int64
type: integer
scopeDownStatement:
type: string
type: object
regexMatchStatement:
description: |-
Expand Down
10 changes: 10 additions & 0 deletions config/crd/bases/wafv2.services.k8s.aws_webacls.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -613,6 +613,8 @@ spec:
For example specifications, see the examples section of CreateWebACL.
properties:
andStatement:
type: string
byteMatchStatement:
description: |-
A rule statement that defines a string match search for WAF to apply to web
Expand Down Expand Up @@ -1797,11 +1799,17 @@ spec:
type: string
type: object
type: array
scopeDownStatement:
type: string
vendorName:
type: string
version:
type: string
type: object
notStatement:
type: string
orStatement:
type: string
rateBasedStatement:
description: |-
A rate-based rule counts incoming requests and rate limits requests when
Expand Down Expand Up @@ -2134,6 +2142,8 @@ spec:
limit:
format: int64
type: integer
scopeDownStatement:
type: string
type: object
regexMatchStatement:
description: |-
Expand Down
52 changes: 52 additions & 0 deletions generator.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,20 +55,72 @@ resources:
is_immutable: true
Capacity:
is_immutable: true
Rules.Statement.AndStatement:
type: string
set:
- ignore: "all"
Rules.Statement.OrStatement:
type: string
set:
- ignore: "all"
Rules.Statement.NotStatement:
type: string
set:
- ignore: "all"
Rules.Statement.ManagedRuleGroupStatement.ScopeDownStatement:
type: string
set:
- ignore: "all"
Rules.Statement.RateBasedStatement.ScopeDownStatement:
type: string
set:
- ignore: "all"
Rules.Statement.ByteMatchStatement.TextTransformations.Type:
go_tag: json:"type,omitempty"
hooks:
sdk_read_one_pre_build_request:
template_path: hooks/rulegroup/sdk_read_one_pre_build_request.go.tpl
sdk_read_one_post_set_output:
template_path: hooks/rulegroup/sdk_read_one_post_set_output.go.tpl
sdk_create_post_build_request:
template_path: hooks/rulegroup/sdk_create_post_build_request.go.tpl
sdk_update_post_build_request:
template_path: hooks/rulegroup/sdk_update_post_build_request.go.tpl
sdk_file_end:
template_path: hooks/common/sdk_file_end.go.tpl
WebACL:
fields:
Name:
is_primary_key: true
is_immutable: true
Rules.Statement.AndStatement:
type: string
set:
- ignore: "all"
Rules.Statement.OrStatement:
type: string
set:
- ignore: "all"
Rules.Statement.NotStatement:
type: string
set:
- ignore: "all"
Rules.Statement.ManagedRuleGroupStatement.ScopeDownStatement:
type: string
set:
- ignore: "all"
Rules.Statement.RateBasedStatement.ScopeDownStatement:
type: string
set:
- ignore: "all"
hooks:
sdk_read_one_pre_build_request:
template_path: hooks/webacl/sdk_read_one_pre_build_request.go.tpl
sdk_read_one_post_set_output:
template_path: hooks/webacl/sdk_read_one_post_set_output.go.tpl
sdk_create_post_build_request:
template_path: hooks/webacl/sdk_create_post_build_request.go.tpl
sdk_update_post_build_request:
template_path: hooks/webacl/sdk_update_post_build_request.go.tpl
sdk_file_end:
template_path: hooks/common/sdk_file_end.go.tpl
1 change: 1 addition & 0 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ require (
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
github.com/evanphx/json-patch/v5 v5.9.0 // indirect
github.com/fsnotify/fsnotify v1.7.0 // indirect
github.com/ghodss/yaml v1.0.0 // indirect
github.com/go-logr/zapr v1.3.0 // indirect
github.com/go-openapi/jsonpointer v0.19.6 // indirect
github.com/go-openapi/jsonreference v0.20.2 // indirect
Expand Down
2 changes: 2 additions & 0 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@ github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0
github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ=
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ=
Expand Down
10 changes: 10 additions & 0 deletions helm/crds/wafv2.services.k8s.aws_rulegroups.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -468,6 +468,8 @@ spec:
For example specifications, see the examples section of CreateWebACL.
properties:
andStatement:
type: string
byteMatchStatement:
description: |-
A rule statement that defines a string match search for WAF to apply to web
Expand Down Expand Up @@ -1652,11 +1654,17 @@ spec:
type: string
type: object
type: array
scopeDownStatement:
type: string
vendorName:
type: string
version:
type: string
type: object
notStatement:
type: string
orStatement:
type: string
rateBasedStatement:
description: |-
A rate-based rule counts incoming requests and rate limits requests when
Expand Down Expand Up @@ -1989,6 +1997,8 @@ spec:
limit:
format: int64
type: integer
scopeDownStatement:
type: string
type: object
regexMatchStatement:
description: |-
Expand Down
Loading

0 comments on commit 8eecb5e

Please sign in to comment.