feat(core): failSynthOnValidationErrors context key to suppress console output and exit code#37909
Conversation
|
👋 It looks like your PR description references an issue, but not in the expected location. The issue number must appear in the first section of the description (the first two lines), following the template format: Please move your issue reference to the top of the description. |
|
|
||
| const POLICY_VALIDATION_FILE_PATH = 'policy-validation-report.json'; | ||
| const VALIDATION_REPORT_PRETTY_CONTEXT = '@aws-cdk/core:validationReportPrettyPrint'; | ||
| const VALIDATION_REPORT_ONLY_CONTEXT = '@aws-cdk/core:validationReportOnly'; |
There was a problem hiding this comment.
| const VALIDATION_REPORT_ONLY_CONTEXT = '@aws-cdk/core:validationReportOnly'; | |
| const FAIL_SYNTH_ON_VALIDATION_ERRORS_CONTEXT = '@aws-cdk/core:failSynthOnValidationErrors'; |
?
There was a problem hiding this comment.
Put this in cx-api so that the CLI can officially depend on it.
| process.exitCode = 1; | ||
| } else { | ||
| // eslint-disable-next-line no-console | ||
| console.error('Policy Validation Successful!'); |
There was a problem hiding this comment.
Not necessary. No news is good news.
Btw, why stderr?
There was a problem hiding this comment.
This is another instance of me trying to preserve what existed before. It's also the second time you've flagged it, so I'll just remove it :)
| const failed = reports.some(r => !r.success); | ||
| if (failed) { | ||
| // eslint-disable-next-line no-console | ||
| console.error(`Validation failed. See the validation report in '${reportFile}' and above for details`); |
There was a problem hiding this comment.
| console.error(`Validation failed. See the validation report in '${reportFile}' and above for details`); | |
| console.error(`Validation failed. A copy of this report can be found in '${reportFile}'`); |
kaizencc
added
pr-linter/exempt-readme
aws-cdk-automation
dismissed
their stale review
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
kaizencc
left a comment
kaizencc
left a comment
There was a problem hiding this comment.
is there a test to show with the flag unset and validation errors the resulting error code i 1?
| }); | ||
|
|
||
| test('JSON format only', () => { | ||
| test('reportOnly writes JSON but does not print or fail', () => { |
There was a problem hiding this comment.
not called reportOnly anymore
| }); | ||
|
|
||
| test('JSON report is always written regardless of context', () => { | ||
| test('reportOnly succeeds even with validation failures', () => { |
There was a problem hiding this comment.
not called reportOnly anymore
…onsole output and exit code
Move the validation report context key to cx-api as
FAIL_SYNTH_ON_VALIDATION_ERRORS_CONTEXT so the CLI can depend on it.
When set to false, validation failures only write the JSON report
without printing to stderr or setting a non-zero exit code.
Always write the JSON report to the cloud assembly regardless of the
context key value. Remove the success message ("Policy Validation
Successful!") — no news is good news.
kaizencc
force-pushed
the
conroy/suppress-validation-exit
branch
from
0c53ea7 to
9deb460
Compare
kaizencc
changed the title
aws-cdk-automation
added
the
pr/needs-maintainer-review
aws-cdk-automation
temporarily deployed
to
automation
GitHub Actions
Inactive
aws-cdk-automation
temporarily deployed
to
automation
GitHub Actions
Inactive
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
Merge Queue Status
This pull request spent 47 minutes 45 seconds in the queue, including 47 minutes 22 seconds running CI. Required conditions to merge
|
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Comments on closed issues and PRs are hard for our team to see. |
aws-cdk-automation
removed
the
pr/needs-maintainer-review
aws-cdk-automation
temporarily deployed
to
automation
GitHub Actions
Inactive
3 participants
Reason for this change
The CDK CLI's
validatecommand runs synthesis and then reads the validation report JSON from the cloud assembly to handle display and failure reporting itself. Currently, synthesis both prints validation results to stderr and setsprocess.exitCode = 1on failure — duplicating what the CLI does and causing premature process exit.The CLI needs a way to tell synthesis: "just write the report, I'll handle the rest."
Description of changes
Introduces
@aws-cdk/core:failSynthOnValidationErrorscontext key incx-api(so the CLI can depend on it):true): Writes JSON report to cloud assembly, prints human-readable report to stderr, setsprocess.exitCode = 1on failure.false: Only writes the JSON report to the cloud assembly. No console output. No exit code. The caller handles reporting and failure.Other changes:
Validation failed. A copy of this report can be found in '<path>'The JSON report shape is compatible with the new
PolicyValidationReportJsontypes defined in aws/aws-cdk-cli#1515.Describe any new or updated permissions being added
N/A
Description of how you validated changes
failSynthOnValidationErrors=falsebehavior (JSON written, no exit code, no console output)Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license