Add rule E3636 to validate codebuild s3 locations (#3991)

Author: kddejong

src/cfnlint/data/schemas/extensions/aws_codebuild_project/__init__.py

@@ -0,0 +1,19 @@
+{
+ "if": {
+  "properties": {
+   "Type": {
+    "const": "S3",
+    "type": "string"
+   }
+  },
+  "required": [
+   "Type"
+  ],
+  "type": "object"
+ },
+ "then": {
+  "required": [
+   "Location"
+  ]
+ }
+}

src/cfnlint/data/schemas/extensions/aws_codebuild_project/s3_locations.json

@@ -0,0 +1,34 @@
+"""
+Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+SPDX-License-Identifier: MIT-0
+"""
+
+from __future__ import annotations
+
+from typing import Any
+
+import cfnlint.data.schemas.extensions.aws_codebuild_project
+from cfnlint.jsonschema import ValidationError
+from cfnlint.rules.jsonschema.CfnLintJsonSchema import CfnLintJsonSchema, SchemaDetails
+
+
+class ProjectS3Location(CfnLintJsonSchema):
+    id = "E3636"
+    shortdesc = "Validate CodeBuild projects using S3 also have Location"
+    description = "When using 'S3' for 'Type' then you must also specify " "'Location'"
+    tags = ["resources", "codebuild"]
+
+    def __init__(self) -> None:
+        super().__init__(
+            keywords=[
+                "Resources/AWS::CodeBuild::Project/Properties/Artifacts",
+                "Resources/AWS::CodeBuild::Project/Properties/Source",
+            ],
+            schema_details=SchemaDetails(
+                module=cfnlint.data.schemas.extensions.aws_codebuild_project,
+                filename="s3_locations.json",
+            ),
+        )
+
+    def message(self, instance: Any, err: ValidationError) -> str:
+        return f"{err.message} when using 'Type' of 'S3'"

src/cfnlint/rules/resources/codebuild/ProjectS3Location.py

@@ -0,0 +1,59 @@
+"""
+Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+SPDX-License-Identifier: MIT-0
+"""
+
+from collections import deque
+
+import pytest
+
+from cfnlint.jsonschema import ValidationError
+from cfnlint.rules.resources.codebuild.ProjectS3Location import ProjectS3Location
+
+
+@pytest.fixture(scope="module")
+def rule():
+    rule = ProjectS3Location()
+    yield rule
+
+
+@pytest.mark.parametrize(
+    "instance,expected",
+    [
+        (
+            {
+                "Type": "S3",
+                "Location": "path",
+            },
+            [],
+        ),
+        (
+            [],  # wrong type
+            [],
+        ),
+        (
+            {
+                "Type": {"Ref": "AWS::StackName"},  # not a string
+                "Location": "path",
+            },
+            [],
+        ),
+        (
+            {
+                "Type": "S3",
+            },
+            [
+                ValidationError(
+                    "'Location' is a required property when using 'Type' of 'S3'",
+                    rule=ProjectS3Location(),
+                    path=deque([]),
+                    validator="required",
+                    schema_path=deque(["then", "required"]),
+                )
+            ],
+        ),
+    ],
+)
+def test_validate(instance, expected, rule, validator):
+    errs = list(rule.validate(validator, "", instance, {}))
+    assert errs == expected, f"Expected {expected} got {errs}"