CFn: add schema validation for resource providers

[simonrw]

Motivation

We use the CloudFormation resource provider schema to generate our scaffolded resources, but we don't make any assertions that what is returned by a resource provider conforms to the schema. Now that we have migrated all resources to the new resource provider API we should be stricter about the responses coming back from the resource providers. This will help us ensure parity with AWS CFn.

Changes

• Implement a schema validation method in the ResourceProviderExecutor
  • at the moment, this only validates that all required fields are present, but will provide a place to put further validations in the future
  • the PhysicalResourceId is validated implicitly with the call to extract_physical_resource_id_from_model_with_schema, which raises an exception (in resolve_json_pointer) if the value is not present

Testing

The green CI pipeline run shows that all community resource providers already conform to the schema (:tada:). To check that the validation works, pick a resource provider and comment out setting one of the required fields.

[github-actions]

LocalStack Community integration with Pro

    2 files  ±0      2 suites  ±0   1h 38m 7s ⏱️ - 1m 19s
2 992 tests ±0  2 681 ✅ ±0  311 💤 ±0  0 ❌ ±0 
2 994 runs  ±0  2 681 ✅ ±0  313 💤 ±0  0 ❌ ±0 

Results for commit 557ec1b. ± Comparison against base commit b8290ff.

♻️ This comment has been updated with latest results.

[pinzon]

Awesome!

[simonrw]

Notes from review pairing with @dominikschubert and @Morijarti :

• validation of required fields should be done before resource provider execution as this represents input values supplied by the user
• we could validate no extra properties are assigned by the resource provider on SUCCESS
• notes for the future:
  • we could typecheck the fields, possibly depending on how we want to handle implicit typecasting