Skip to content

feat(actions): extend action validation inside configs package #37355

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat(actions): extend action validation inside configs package #37355

wants to merge 2 commits into from

Conversation

mildwonkey
Copy link
Contributor

@mildwonkey mildwonkey commented Jul 21, 2025
edited
Loading

Action Validation
This PR adds some additional validation during the configload process:

  • ensure that references to resources inside LinkedResources are, indeed, managed resources
  • ensure that references to actions inside action_triggers are, indeed, actions
  • really not as much else as I expected; see below

I was trying to fit some more validation into this package, but at this point the remaining validations (that we've identified so far) will happen during validate, and should be my next PR.

The remaining post-configload validation (next PR):

  • Verify actions and resources are specific instances
  • verify that referenced action exists in config
  • verify that referenced linked_resource(s) exist in config

Target Release

1.14.x

Rollback Plan

  • If a change needs to be reverted, we will roll out an update to the code within 7 days.

Changes to Security Controls

Are there any changes to security controls (access controls, encryption, logging) in this pull request? If so, explain.

CHANGELOG entry

  • This change is user-facing and I added a changelog entry.
  • This change is not user-facing.

@mildwonkey mildwonkey added the no-changelog-needed Add this to your PR if the change does not require a changelog entry label Jul 21, 2025
@mildwonkey
Add extended action validation during config parsing
1aef3b7 
- Verify that actions and linked_resources are in the current module
- Verify that given traversals reference the right types (action, resource)
- Add some validation tests

Things not captured in config validation:
- is this action referencing a resource defined in this configuration
- is this resource referencing an action defined in this configuration

Todo:
- Verify actions and resources are specific instances - no containers/expansion allowed in referenfces for now
@mildwonkey mildwonkey force-pushed the mildwonkey/action-validation-tf branch from f119aba to 1aef3b7 Compare July 22, 2025 17:06
@mildwonkey mildwonkey changed the title Mildwonkey/action validation tf feat(actions): extend action validation inside configs package Jul 22, 2025
@mildwonkey mildwonkey marked this pull request as ready for review July 22, 2025 17:39
@mildwonkey mildwonkey requested a review from a team as a code owner July 22, 2025 17:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DanielMSchmidt DanielMSchmidt DanielMSchmidt approved these changes

Assignees
No one assigned
Labels
no-changelog-needed Add this to your PR if the change does not require a changelog entry
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mildwonkey @DanielMSchmidt