feat(yaml): release-ready yaml engine v2#8
Merged
Conversation
…riven fixes
Brings the v2 declarative engine to the bar set by the Terraform provider:
covers every product resource (status pages + branding + components/groups,
monitors, alert channels, notification policies, resource groups, environments,
secrets, tags, dependencies), survives the full BDD scenario matrix mirrored
from TF, and produces zero phantom drift on a clean re-plan.
Highlights
- Schema/transform/handlers
- Removed PASSWORD / IP_RESTRICTED visibility from public surface (not GA).
- Default `requireAck=false` and assertion `severity=fail` on outbound
requests so we match API persistence and stop reporting phantom drift.
- `stripNullish` snapshot helper aligns the alert-channel configHash and
every other monitor/policy snapshot with the API's canonicalized form.
- Engine semantics
- `hasChildChanges` on the handler interface lets `diffSection` queue an
update when only nested children differ (e.g. a new status-page
component) — fixes a long-standing miss on parent-byte-identical pages.
- Pending-ref placeholders (`registerYamlPendingRefs` + `isPending` on
`RefEntry`) let existing resources resolve refs to brand-new peers
during snapshot computation; differ ignores pending entries when
deciding create vs update; resolver swaps placeholders for real IDs
after create.
- `RESOURCE_ORDER` reordered so monitors create before notification
policies (policy matchRules can reference monitor IDs).
- ESM fix in `lib/resources.ts`: replaced CJS `require('node:fs')` with a
top-level `import` so the `--branding-file` flag works in the actual
ES-module runtime (caught by surface tests).
- Status-pages imperative subcommands (components/groups/domains/incidents/
subscribers list + create/update on components) tightened up.
Tests
- 575 unit tests passing (transform, handlers, differ, resolver, state,
child-reconciler, interpolation, moved, validator, zod-schemas,
idempotency).
- All `xfail` markers from earlier BDD rollout removed — the underlying
bugs are fixed and the unit-level assertions inverted to the correct
expectation.
Note: requires the matching API list-endpoint enrichment + alert-channel
canonical hash changes in mono to land first; without those, the CLI will
report phantom drift in production.
Made-with: Cursor
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Brings the v2 declarative YAML engine to release readiness — full resource
coverage (status pages + branding + components/groups, monitors, alert
channels, notification policies, resource groups, environments, secrets,
tags, dependencies), parity with the Terraform provider's BDD scenario
matrix, and zero phantom drift on a clean re-plan.
What landed
Schema / transform / handlers
PASSWORDandIP_RESTRICTEDvisibility from the public surface (not GA).requireAck=falseand assertionseverity=failoutbound so we match API persistence.stripNullishsnapshot helper aligns alert-channelconfigHashand every monitor/policy snapshot with the API's canonical form — kills phantom drift from API-echoed nulls.Engine semantics
hasChildChangeson the handler interface lets the differ queue an update when only nested children differ (e.g. a new status-page component on a byte-identical page).registerYamlPendingRefs+isPendingonRefEntry) let existing resources resolve refs to brand-new peers during snapshot computation. Differ ignores pending entries when deciding create vs update; resolver swaps placeholders for real IDs after create.RESOURCE_ORDERreordered so monitors create before notification policies (policy matchRules can reference monitor IDs).Other
lib/resources.ts(require('node:fs')→ top-levelimport) so--branding-fileworks in the ESM runtime — caught by surface tests.Test coverage
mono/tests/surfaces/cli/(status pages + branding + components/groups + YAML engine).xfailmarkers from earlier rollout removed; underlying bugs fixed and unit assertions inverted to the correct expectation.Cross-repo dependency⚠️
This PR depends on matching changes in
devhelmhq/monothat must land first (or together):MonitorServiceImpl.enrichPageFully.canonicalConfigHashnull-stripping so it matches the CLI'sstripNullish + stableStringify + sha256Hex.members[]with name/slug.tests/surfaces/cli/(the mono surface-integration-test workflow runs them against the released CLI tag).Without (1–3) the CLI will report phantom drift on every plan in production. Without (4) the mono surface-integration job for the release tag will fail to find the new tests.
Test plan
npm run lintcleannpm run typecheckcleannpm test— 575 / 575npm run buildproduces oclif manifest cleanlyMade with Cursor