From 3effd8cee0c9ab2006a99bfab005acbc6b90723f Mon Sep 17 00:00:00 2001
From: Andres Jardon <amjardon@amazon.com>
Date: Thu, 18 Jan 2024 17:26:33 -0800
Subject: [PATCH 1/2] fix: update output variable validation regex and limit

---
 .../adk-core/lib/toolkit/sdk/core/core.ts     |  2 +-
 packages/adk-core/test/core.test.ts           | 20 +++++++++----------
 packages/adk-utils/lib/util/util.ts           |  5 ++++-
 packages/adk-utils/test/util.test.ts          | 14 ++++++-------
 .../templates/codecatalyst_model_schema.json  |  2 +-
 5 files changed, 23 insertions(+), 20 deletions(-)

diff --git a/packages/adk-core/lib/toolkit/sdk/core/core.ts b/packages/adk-core/lib/toolkit/sdk/core/core.ts
index 6b032f8e7..6cd1180f9 100644
--- a/packages/adk-core/lib/toolkit/sdk/core/core.ts
+++ b/packages/adk-core/lib/toolkit/sdk/core/core.ts
@@ -38,7 +38,7 @@ export function getEnvironmentVariable(inputVar: string) {
 /**
 * Sets the output value for the action output parameter.
 *
-* @param varName The name of the environment variable. The variable must match the ^[A-Za-z0-9][A-Za-z0-9\-_]{1,30}[A-Za-z0-9]$ pattern.
+* @param varName The name of the environment variable. The variable must match the ^[A-Za-z0-9@\-_]+$ pattern.
 * @param varValue The fully resolved value of the output variable.
 *
 * @return The result of running `echo ${varName}`.
diff --git a/packages/adk-core/test/core.test.ts b/packages/adk-core/test/core.test.ts
index 550a1dd1a..20264bb20 100644
--- a/packages/adk-core/test/core.test.ts
+++ b/packages/adk-core/test/core.test.ts
@@ -77,15 +77,18 @@ describe('@aws/codecatalyst-adk-core', () => {
     it('test setOutput validation', () => {
         const errorMessage = `Invalid output parameter name, it must match the following pattern ${outputVariableNamePattern}`;
         const outputParamValue = 'outputParamValue';
-        const validInput30Chars = 'Stack_ID_12345678910111213145';
+        const validInput40Chars = 'Stack_ID-1234567891011121314512345678911';
 
+        const validInput = 'Stack_ID';
         const emptyInput = '';
         const invalidInput = 'Stack ID';
-        const tooLongInput = 'longer_than_30_chars_123456789101112131415161718';
-        const startsWithInvalidChar = '-Stack_ID';
-        const endsWithInvalidChar = 'Stack_ID-';
+        const tooLongInput = 'longer_than_255_chars_123456789101112131415161718487612357845768929562892576458234765287495628495682412345678910111213141516171848761235784576892956289257645823476528749562849568241234567891011121314151617184876123578457689295628925764582347652874956284959';
+        const validInputSpecialChar = '-StackA_a-@_ID';
+        const invalidInputWithInvalidSpecialChar = 'Stack$#:ID';
 
-        expect(adkCore.setOutput(validInput30Chars, outputParamValue).code === undefined).toBeTruthy();
+        expect(adkCore.setOutput(validInput40Chars, outputParamValue).code === undefined).toBeTruthy();
+        expect(adkCore.setOutput(validInput, outputParamValue).code === undefined).toBeTruthy();
+        expect(adkCore.setOutput(validInputSpecialChar, outputParamValue).code === undefined).toBeTruthy();
 
         expect(adkCore.setOutput(emptyInput, outputParamValue).code === 1).toBeTruthy();
         expect(adkCore.setOutput(emptyInput, outputParamValue).stdout === errorMessage).toBeTruthy();
@@ -96,11 +99,8 @@ describe('@aws/codecatalyst-adk-core', () => {
         expect(adkCore.setOutput(tooLongInput, outputParamValue).code === 1).toBeTruthy();
         expect(adkCore.setOutput(tooLongInput, outputParamValue).stdout === errorMessage).toBeTruthy();
 
-        expect(adkCore.setOutput(startsWithInvalidChar, outputParamValue).code === 1).toBeTruthy();
-        expect(adkCore.setOutput(startsWithInvalidChar, outputParamValue).stdout === errorMessage).toBeTruthy();
-
-        expect(adkCore.setOutput(endsWithInvalidChar, outputParamValue).code === 1).toBeTruthy();
-        expect(adkCore.setOutput(endsWithInvalidChar, outputParamValue).stdout === errorMessage).toBeTruthy();
+        expect(adkCore.setOutput(invalidInputWithInvalidSpecialChar, outputParamValue).code === 1).toBeTruthy();
+        expect(adkCore.setOutput(invalidInputWithInvalidSpecialChar, outputParamValue).stdout === errorMessage).toBeTruthy();
     });
 
 });
diff --git a/packages/adk-utils/lib/util/util.ts b/packages/adk-utils/lib/util/util.ts
index 337855b78..55f84b33a 100644
--- a/packages/adk-utils/lib/util/util.ts
+++ b/packages/adk-utils/lib/util/util.ts
@@ -1,6 +1,6 @@
 import fs from 'fs';
 
-export const outputVariableNamePattern = new RegExp(/^[A-Za-z0-9][A-Za-z0-9\-_]{1,30}[A-Za-z0-9]$/);
+export const outputVariableNamePattern = new RegExp(/^[A-Za-z0-9@\-_]+$/);
 
 /**
  * Sanitizes (escapes) special characters in the command and its arguments.
@@ -91,5 +91,8 @@ export function writeContentToFileSync(dest: string, content: string, overrideDe
  * @param varName The destination file.
  */
 export function isValidOutputVariableName(varName: string): boolean {
+    if (!varName || varName.length < 1 || varName.length > 255) {
+        return false;
+    }
     return outputVariableNamePattern.test(varName);
 }
diff --git a/packages/adk-utils/test/util.test.ts b/packages/adk-utils/test/util.test.ts
index b4e89fcd7..ccb3cdb4f 100644
--- a/packages/adk-utils/test/util.test.ts
+++ b/packages/adk-utils/test/util.test.ts
@@ -129,19 +129,19 @@ describe('ADK-Util test', () => {
 
     it('test validateOutputVariableName', async () => {
         const validInput = 'Stack_ID';
-        const validInput30Chars = 'Stack_ID_12345678910111213145';
+        const validInput40Chars = 'Stack_ID-1234567891011121314512345678911';
         const emptyInput = '';
         const invalidInput = 'Stack ID';
-        const tooLongInput = 'longer_than_30_chars_123456789101112131415161718';
-        const startsWithInvalidChar = '-Stack_ID';
-        const endsWithInvalidChar = 'Stack_ID-';
+        const tooLongInput = 'longer_than_255_chars_123456789101112131415161718487612357845768929562892576458234765287495628495682412345678910111213141516171848761235784576892956289257645823476528749562849568241234567891011121314151617184876123578457689295628925764582347652874956284959';
+        const validInputSpecialChar = '-StackA_a-@_ID';
+        const invalidInputWithInvalidSpecialChar = 'Stack/$#:ID';
 
         expect(isValidOutputVariableName(validInput)).toBeTruthy();
-        expect(isValidOutputVariableName(validInput30Chars)).toBeTruthy();
+        expect(isValidOutputVariableName(validInput40Chars)).toBeTruthy();
         expect(isValidOutputVariableName(emptyInput)).toBeFalsy();
         expect(isValidOutputVariableName(invalidInput)).toBeFalsy();
         expect(isValidOutputVariableName(tooLongInput)).toBeFalsy();
-        expect(isValidOutputVariableName(startsWithInvalidChar)).toBeFalsy();
-        expect(isValidOutputVariableName(endsWithInvalidChar)).toBeFalsy();
+        expect(isValidOutputVariableName(validInputSpecialChar)).toBeTruthy();
+        expect(isValidOutputVariableName(invalidInputWithInvalidSpecialChar)).toBeFalsy();
     });
 });
diff --git a/packages/adk/templates/codecatalyst_model_schema.json b/packages/adk/templates/codecatalyst_model_schema.json
index 806954bd3..b0a2cccec 100644
--- a/packages/adk/templates/codecatalyst_model_schema.json
+++ b/packages/adk/templates/codecatalyst_model_schema.json
@@ -91,7 +91,7 @@
           "description": "Action output variables",
           "type": "object",
           "propertyNames": {
-            "pattern": "^[A-Za-z0-9][A-Za-z0-9\\-_]{1,30}[A-Za-z0-9]$"
+            "pattern": "^[A-Za-z0-9@\\-_]+$"
           },
           "minProperties": 1,
           "maxProperties": 10,

From 0bd43fcb482a33ac6f0af8f276b3a4c1b03056a3 Mon Sep 17 00:00:00 2001
From: Andres Jardon <amjardon@amazon.com>
Date: Thu, 18 Jan 2024 17:41:08 -0800
Subject: [PATCH 2/2] fix: update output variable validation regex and limit

---
 packages/adk-core/test/core.test.ts  | 2 ++
 packages/adk-utils/test/util.test.ts | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/packages/adk-core/test/core.test.ts b/packages/adk-core/test/core.test.ts
index 20264bb20..554915cb7 100644
--- a/packages/adk-core/test/core.test.ts
+++ b/packages/adk-core/test/core.test.ts
@@ -82,6 +82,7 @@ describe('@aws/codecatalyst-adk-core', () => {
         const validInput = 'Stack_ID';
         const emptyInput = '';
         const invalidInput = 'Stack ID';
+        const maxInput = 'max_input_255_chars_1234567891011121314151617184876123578457689295628925764582347652874956284956824123456789101112131415161718487612357845768929562892576458234765287495628495682412345678910111213141516171848761235784576892956289257645823476528749562849591';
         const tooLongInput = 'longer_than_255_chars_123456789101112131415161718487612357845768929562892576458234765287495628495682412345678910111213141516171848761235784576892956289257645823476528749562849568241234567891011121314151617184876123578457689295628925764582347652874956284959';
         const validInputSpecialChar = '-StackA_a-@_ID';
         const invalidInputWithInvalidSpecialChar = 'Stack$#:ID';
@@ -89,6 +90,7 @@ describe('@aws/codecatalyst-adk-core', () => {
         expect(adkCore.setOutput(validInput40Chars, outputParamValue).code === undefined).toBeTruthy();
         expect(adkCore.setOutput(validInput, outputParamValue).code === undefined).toBeTruthy();
         expect(adkCore.setOutput(validInputSpecialChar, outputParamValue).code === undefined).toBeTruthy();
+        expect(adkCore.setOutput(maxInput, outputParamValue).code === undefined).toBeTruthy();
 
         expect(adkCore.setOutput(emptyInput, outputParamValue).code === 1).toBeTruthy();
         expect(adkCore.setOutput(emptyInput, outputParamValue).stdout === errorMessage).toBeTruthy();
diff --git a/packages/adk-utils/test/util.test.ts b/packages/adk-utils/test/util.test.ts
index ccb3cdb4f..8a7974f2e 100644
--- a/packages/adk-utils/test/util.test.ts
+++ b/packages/adk-utils/test/util.test.ts
@@ -132,6 +132,7 @@ describe('ADK-Util test', () => {
         const validInput40Chars = 'Stack_ID-1234567891011121314512345678911';
         const emptyInput = '';
         const invalidInput = 'Stack ID';
+        const maxInput = 'max_input_255_chars_1234567891011121314151617184876123578457689295628925764582347652874956284956824123456789101112131415161718487612357845768929562892576458234765287495628495682412345678910111213141516171848761235784576892956289257645823476528749562849591';
         const tooLongInput = 'longer_than_255_chars_123456789101112131415161718487612357845768929562892576458234765287495628495682412345678910111213141516171848761235784576892956289257645823476528749562849568241234567891011121314151617184876123578457689295628925764582347652874956284959';
         const validInputSpecialChar = '-StackA_a-@_ID';
         const invalidInputWithInvalidSpecialChar = 'Stack/$#:ID';
@@ -140,6 +141,7 @@ describe('ADK-Util test', () => {
         expect(isValidOutputVariableName(validInput40Chars)).toBeTruthy();
         expect(isValidOutputVariableName(emptyInput)).toBeFalsy();
         expect(isValidOutputVariableName(invalidInput)).toBeFalsy();
+        expect(isValidOutputVariableName(maxInput)).toBeTruthy();
         expect(isValidOutputVariableName(tooLongInput)).toBeFalsy();
         expect(isValidOutputVariableName(validInputSpecialChar)).toBeTruthy();
         expect(isValidOutputVariableName(invalidInputWithInvalidSpecialChar)).toBeFalsy();