feat: enable full validation for configs and locks#177
Merged
dmcilvaney merged 8 commits intoMay 12, 2026
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR removes the rollout gating for lock/config validation and makes lock-file consistency checks the default behavior during component resolution, while also renaming the “source identity” APIs to better reflect what they do.
Changes:
- Enable default-on lock validation (removing the prior env-var gate) and adjust commands that should skip validation (e.g., update/list/changed) to do so explicitly.
- Rename identity resolution APIs from
Resolve*toCalculate*acrossSourceManagerand upstream providers, updating call sites and mocks. - Improve synthetic-history behavior by falling back to the on-disk lock when the lock file isn’t yet committed.
Reviewed changes
Copilot reviewed 19 out of 19 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| internal/providers/sourceproviders/sourceproviders_test/sourcemanager_mocks.go | Regenerated gomock for SourceManager to reflect CalculateSourceIdentity rename. |
| internal/providers/sourceproviders/sourcemanager.go | Renames identity APIs and updates upstream identity resolution to call provider CalculateSourceIdentity. |
| internal/providers/sourceproviders/sourcemanager_test.go | Updates tests to match CalculateSourceIdentity rename. |
| internal/providers/sourceproviders/rpmcontentsprovider.go | Renames provider method to CalculateSourceIdentity. |
| internal/providers/sourceproviders/identityprovider_test.go | Updates provider tests and adjusts expectations around locked-data behavior. |
| internal/providers/sourceproviders/fedorasourceprovider.go | Renames method and changes semantics to always resolve from upstream (no locked short-circuit). |
| internal/projectconfig/configfile.go | Makes per-component upstream-distro.snapshot rejection unconditional (no env gate). |
| internal/projectconfig/configfile_test.go | Updates test setup for unconditional snapshot rejection. |
| internal/projectconfig/component.go | Removes obsolete TODO commentary around lock-validation rollout. |
| internal/fingerprint/fingerprint.go | Updates documentation strings to reference CalculateSourceIdentity. |
| internal/app/azldev/core/testutils/testenv.go | Adds helpers to write a minimal lock and register upstream components for tests. |
| internal/app/azldev/core/sources/synthistory.go | Adds fallback synthetic history behavior using on-disk lock when HEAD lock is missing; removes env-gated error path. |
| internal/app/azldev/core/components/resolver.go | Removes env-var gating; lock validation is now controlled by SkipLockValidation only. |
| internal/app/azldev/core/components/resolver_test.go | Updates tests to account for locked data population and new validation behavior. |
| internal/app/azldev/core/components/filter.go | Changes --skip-lock-validation default to false (validation on). |
| internal/app/azldev/cmds/component/update.go | Ensures update skips validation at the operation level; switches to CalculateSourceIdentity. |
| internal/app/azldev/cmds/component/list.go | Ensures list skips validation at the operation level. |
| internal/app/azldev/cmds/component/changed.go | Ensures changed skips validation at the operation level. |
| docs/developer/reference/component-identity-and-locking.md | Updates developer documentation to reference CalculateSourceIdentity. |
Comments suppressed due to low confidence (1)
internal/projectconfig/configfile.go:126
- This change makes per-component 'upstream-distro.snapshot' unconditionally invalid (no longer gated). Since this is a user-facing config validation change, the user config reference under
docs/user/reference/config/should be updated in the same PR to document that per-component snapshots are disallowed and to point users to distro/group snapshots or 'upstream-commit' pins.
// Per-component snapshot timestamps are not allowed. Components inherit
// the snapshot from the distro/group default-component-config or the
// project's default-distro. Per-component snapshots would create
// non-deterministic builds that the lock file cannot reliably track.
// Use an explicit 'upstream-commit' pin instead.
// Validate overlay configurations for each component.
for componentName, component := range f.Components {
for i, overlay := range component.Overlays {
err := overlay.Validate()
if err != nil {
return fmt.Errorf("invalid overlay %d for component %#q:\n%w", i+1, componentName, err)
}
}
// Validate build configuration.
err := component.Build.Validate()
if err != nil {
return fmt.Errorf("invalid build config for component %#q:\n%w", componentName, err)
}
if err := validateSourceFiles(component.SourceFiles, componentName); err != nil {
return err
}
if component.Spec.UpstreamDistro.Snapshot != "" {
return fmt.Errorf(
"component %#q has a per-component 'snapshot' on 'upstream-distro'; "+
"snapshots should be set on the distro or group default-component-config, "+
"or use 'upstream-commit' to pin a specific commit",
componentName)
}
dmcilvaney
force-pushed
the
damcilva/enable_full_validation
branch
from
9bcbc17 to
83e5eb3
Compare
dmcilvaney
force-pushed
the
damcilva/enable_full_validation
branch
from
83e5eb3 to
0833977
Compare
dmcilvaney
changed the title
dmcilvaney
force-pushed
the
damcilva/enable_full_validation
branch
from
877ebe0 to
56df4a7
Compare
Remove AZLDEV_ENABLE_LOCK_VALIDATION env var gate — validation is now always-on. Per-component snapshot rejection is unconditional. - SkipLockValidation moved into UpdateComponents, ListComponentConfigs, ChangedComponents (not just CLI handlers) - --skip-lock-validation hidden on update/list/changed commands - Rename ResolveIdentity → CalculateSourceIdentity, remove lock shortcut from source provider (always resolves from upstream) - Remove stale TODO(lockfiles) comments - Test env: AddUpstreamComponent + WriteDefaultLock helpers - Regenerate CLI docs and MCP snapshot
dmcilvaney
force-pushed
the
damcilva/enable_full_validation
branch
from
56df4a7 to
eea0291
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 25 out of 25 changed files in this pull request and generated 3 comments.
Comments suppressed due to low confidence (1)
internal/providers/sourceproviders/fedorasourceprovider.go:276
- The PR description (and developer doc update) mention renaming
ResolveIdentity→CalculateSourceIdentity, but the codebase still defines/usesResolveIdentity(provider) andResolveSourceIdentity(source manager); there are noCalculateSourceIdentitysymbols in the repo. Either complete the rename (and regenerate mocks/tests as needed) or update the PR description/docs to match the implemented API.
// ResolveIdentity implements [SourceIdentityProvider] by resolving the upstream
// commit hash for the component from the dist-git repository. This always
// contacts upstream (clone + snapshot/HEAD resolution or pin validation) —
// callers that want the cached locked commit should read
// [projectconfig.ComponentLockData.UpstreamCommit] directly.
func (g *FedoraSourcesProviderImpl) ResolveIdentity(
ctx context.Context,
component components.Component,
) (string, error) {
if component.GetName() == "" {
return "", errors.New("component name cannot be empty")
}
upstreamName := component.GetConfig().Spec.UpstreamName
if upstreamName == "" {
upstreamName = component.GetName()
}
gitRepoURL, err := fedorasource.BuildDistGitURL(g.distroGitBaseURI, upstreamName)
if err != nil {
return "", fmt.Errorf("failed to build dist-git URL for %#q:\n%w", upstreamName, err)
}
return g.resolveCommit(ctx, gitRepoURL, upstreamName, component.GetConfig().Spec.UpstreamCommit)
}
09f3db7 to
c55db6e
Compare
dmcilvaney
force-pushed
the
damcilva/enable_full_validation
branch
from
c55db6e to
99bb594
Compare
dmcilvaney
force-pushed
the
damcilva/enable_full_validation
branch
from
99bb594 to
be55d49
Compare
reubeno
approved these changes
May 12, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Enable full lock validation by default
Removes the
AZLDEV_ENABLE_LOCK_VALIDATIONenv var rollout gate. Lock file validation is now always-on for consumer commands. Missing or stale locks produce a hard error with a fix suggestion.Validation policy by command
build,render,query,prepare-sources,diff-sourcesupdatelistchangedKey changes
Validation always-on:
AZLDEV_ENABLE_LOCK_VALIDATIONenv var removed — validation is unconditionalSkipLockValidationmoved from CLI handlers intoUpdateComponents,ListComponentConfigs,ChangedComponentsso programmatic callers get correct behavior--skip-lock-validationhidden on update/list/changed (always overridden internally)TODO(lockfiles)comments removedSource provider cleanup:
FedoraSourcesProviderImpl.ResolveIdentity— always resolves from upstreamEffectiveUpstreamCommitfallback toSpec.UpstreamCommitkept for--skip-lock-validationusersTest infrastructure:
TestEnv.AddUpstreamComponent(t, name)— registers component + writes lockTestEnv.WriteDefaultLock(t, name)— writes minimal valid lock for custom configsScenario test fix:
component update -abefore build (lock validation requires it)WithPreCommand(...string)option added toProjectTestwith shell-safe quoting