static addResourceSuppressions()

in src/nag-suppressions.ts [80:119]

• 38 lines of code
• 9 McCabe index (conditional complexity)

  static addResourceSuppressions(
    construct: IConstruct,
    suppressions: NagPackSuppression[],
    applyToChildren: boolean = false
  ): void {
    const newSuppressions = [];
    for (const suppression of suppressions) {
      if (suppression.reason.length >= 10) {
        newSuppressions.push(suppression);
      } else {
        throw Error(
          `${construct.node.id}: The cdk_nag suppression for ${suppression.id} must have a reason of 10 characters or more. See https://github.com/cdklabs/cdk-nag#suppressing-a-rule for information on suppressing a rule.`
        );
      }
    }
    const constructs = applyToChildren ? construct.node.findAll() : [construct];
    for (const child of constructs) {
      const possibleL1 = child.node.defaultChild
        ? child.node.defaultChild
        : child;
      if (possibleL1 instanceof CfnResource) {
        const resource = possibleL1 as CfnResource;
        let currentSuppressions =
          resource.getMetadata('cdk_nag')?.rules_to_suppress;
        currentSuppressions = Array.isArray(currentSuppressions)
          ? currentSuppressions
          : [];
        currentSuppressions.push(...newSuppressions);
        const dedupSuppressions = new Set();
        const result = currentSuppressions.filter((s: any) =>
          !dedupSuppressions.has(JSON.stringify(s))
            ? dedupSuppressions.add(JSON.stringify(s))
            : false
        );
        resource.addMetadata('cdk_nag', {
          rules_to_suppress: result,
        });
      }
    }
  }