feat(core): acknowledge warnings #26144
Conversation
This PR adds the ability to acknowledge annotation warning messages. I've updated some of the annotations in the `rds.Cluster` construct to show how this will work. After this is merged we can work on adding the ids to all of the warning messages throughout the construct library. The main motivation behind this is to allow people to set the `--strict` mode to fail synthesis on warnings. Currently it is all or nothing, you have to get rid of _all_ warnings to use `--strict`. With this feature users will be able to `acknowledge` warnings saying that they are aware, but it does not apply to them. Since we want all warnings to now have an id this will deprecate the `addWarning` method and adds a new `addWarningV2` method. Since the acknowledgements and warnings are written as metadata, it is possible to enhance this in the future to report on warnings and acknowledgements.
|
|
There was a problem hiding this comment.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.
corymhall
added
the
pr-linter/exempt-integ-test
aws-cdk-automation
dismissed
their stale review
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
allowed-breaking-changes.txt
Outdated
| @@ -164,3 +164,7 @@ removed:aws-cdk-lib.triggers.TriggerProps.timeout | |||
| change-return-type:aws-cdk-lib.aws_ec2.SecurityGroup.determineRuleScope | |||
| # broken only in non-JS/TS, where that was not previously usable | |||
| strengthened:aws-cdk-lib.aws_s3_deployment.BucketDeploymentProps | |||
|
|
|||
| # weakened added additional types to a union type, meaning all new props are optional | |||
There was a problem hiding this comment.
Need a second opinion on this
aws-cdk-automation
added
the
pr/needs-community-review
There was a problem hiding this comment.
Thanks for this, this will be a great improvement!
My overall concerns are:
- I'd like to do the filtering inside the CDK app and not change the cloud assembly format.
- Quite personal, but I don't like the format of the suppression flags. I'd personally prefer
camelCaseorkebab-case, and not too many components to it.
The last one can be argued though, there is no accounting for taste I guess. But maybe put it up to the team with a couple of alternatives?
| @@ -639,10 +639,10 @@ export abstract class FleetBase extends cdk.Resource implements IFleet { | |||
| } | |||
|
|
|||
| protected warnVpcPeeringAuthorizations(scope: Construct): void { | |||
| cdk.Annotations.of(scope).addWarning([ | |||
| cdk.Annotations.of(scope).addWarningV2('Gamelift:Fleet:AutorizeVpcPeering', [ | |||
There was a problem hiding this comment.
If we're going to schematize this, let's set a standard? This one uses a 3-part warning, the one below uses a 2-part warning.
If we take a cue from the feature flags, which this feels a bit similar to, maybe the flag format is something like @aws-cdk/aws-service:someCamelCaseTerm ?
There was a problem hiding this comment.
yeah I like this format better @aws-cdk/aws-service:someCamelCaseTerm. I'll update.
packages/@aws-cdk/aws-servicecatalogappregistry-alpha/test/application-associator.test.ts
Outdated
Show resolved
Hide resolved
| /** | ||
| * @see ArtifactMetadataEntryType.ACKNOWLEDGE | ||
| */ | ||
| export interface AcknowledgementMetadataEntry { |
There was a problem hiding this comment.
Why do acknowledgements need to make it into the Cloud Assembly? Can't we choose to not emit acknowledged warnings?
| public addWarningV2(id: string, message: string) { | ||
| const warning = { | ||
| id: id, | ||
| scope: this.scope.node.path, |
There was a problem hiding this comment.
Metadata messages are already attached to a scope, so this information will be doubled?
| for (const [_path, md] of Object.entries(s.metadata ?? {})) { | ||
| for (const x of md) { | ||
| if (x.type === 'aws:cdk:acknowledge') { | ||
| acknoledgement.message = x.data as string; |
There was a problem hiding this comment.
Mutations in the THEN part of a test?
There was a problem hiding this comment.
Just asking, if you need to do this work it probably wants to go into a reusable function that's in the core library?
| @@ -78,8 +78,8 @@ describe('app', () => { | |||
| '/stack1/s1c1': [{ type: 'aws:cdk:logicalId', data: 's1c1' }], | |||
| '/stack1/s1c2': | |||
| [{ type: 'aws:cdk:logicalId', data: 's1c2' }, | |||
| { type: 'aws:cdk:warning', data: 'warning1' }, | |||
| { type: 'aws:cdk:warning', data: 'warning2' }], | |||
| { type: 'aws:cdk:warning', data: { id: 'warning1', message: 'warning1', scope: 'stack1/s1c2' } }, | |||
There was a problem hiding this comment.
This changes the type associated with aws:cdk:warning. I don't think that's safe if we consider external processors (like SST undoubtedly does).
Either we now have a new type aws:cdk:warningv2, or we find a way to add the new information additively into the old schema.
But if we can keep warning filtering entirely in the CDK app, there's no need to change this format at all. We can turn the message of a warningv2 into:
{ type: 'aws:cdk:warning', data: '[warning1] warning message here' }
And it'll be backwards compatible.
There was a problem hiding this comment.
Or honestly, a better message would probably be:
warning message here [warning1]
| if (entry.type === cxschema.ArtifactMetadataEntryType.ACKNOWLEDGE) { | ||
| const data = (entry.data as cxschema.AcknowledgementMetadataEntry); | ||
| acks.set(data.id, data.scopes); | ||
| } |
There was a problem hiding this comment.
I think all of this work should probably happen at synth time in the CDK app.
There was a problem hiding this comment.
I started going down that path and ended up with this solution for a couple of reasons, the main one being that we create a new instance of Annotations every time we create a message. We currently use the metadata as the storage mechanism. In order to do it at synth time we would need to implement a new storage mechanism. This probably wouldn't be too bad (probably just another construct we getOrCreate).
I can explore that.
There was a problem hiding this comment.
Here's what we could do:
acknowledgeWarning()will:- Set context which will prevent warnings with that ID being set in the future
- Will remove any existing metadata warnings with that ID right now
That would achieve it?
There was a problem hiding this comment.
We can't set context after constructs have been added.
What about something like this (pseudo code)
class AnnotationManager extends Construct {
private constructor(scope: Construct) {
attachCustomSynthesis(this, {
onSynthesize: () => {
this.warnings.forEach(warning => node.addMetadata(...))
}
}
}
public addWarning() {
if (!this.acks.has()) {
this.warnings.set();
}
}
public ack() {
if (this.warnings.has()) {
this.warnings.delete();
}
this.acks.add();
}
}
rix0rrr
changed the title
aws-cdk-automation
removed
the
pr/needs-community-review
Honestly, I've seen this restriction do more harm than good. I'm not opposed to removing it. |
| With the recommended solution the only major consequence is that it requires | ||
| updating the `metadata-schema`, but we can do this in a non-breaking way | ||
| (addition of new types). The alternatives may also require changes to the schema |
There was a problem hiding this comment.
It changes the schema, and interpreting the schema becomes more complex. I would really really like to avoid having an add list and a scrap list in the same piece of data, that the client hen has to evaluate.
Adding this as a feature to the core seems preferable to me.
There was a problem hiding this comment.
@rix0rrr Then do you think the context + remove metadata option is the one to go with?
…s-cdk into pr/corymhall/26144
…s-cdk into pr/corymhall/26144
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
This PR adds the ability to acknowledge annotation warning messages.
The main motivation behind this is to allow people to set the
--strictmode to fail synthesis on warnings. Currently it is all or nothing, you have to get rid of all warnings to use--strict. With this feature users will be able toacknowledgewarnings saying that they are aware, but it does not apply to them.Since we want all warnings to now have an id this will deprecate the
addWarningmethod and adds a newaddWarningV2method.Since the acknowledgements and warnings are written as metadata, it is possible to enhance this in the future to report on warnings and acknowledgements.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license