Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(doc): update INTEGRATION_TESTS.md #30880

Closed
wants to merge 3 commits into from
Closed

chore(doc): update INTEGRATION_TESTS.md #30880

wants to merge 3 commits into from

Conversation

pahud
Copy link
Contributor

@pahud pahud commented Jul 17, 2024
edited
Loading

callout the env.account should not be defined in most cases, which might have a security concern discussed in #30831

Issue # (if applicable)

Closes #.

Reason for this change

Description of changes

Description of how you validated changes

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@pahud
chore(doc): Update INTEGRATION_TESTS.md
e06a2cb 
callout the env.account should not be defined
@aws-cdk-automation aws-cdk-automation requested a review from a team July 17, 2024 22:02
@github-actions github-actions bot added the p2 label Jul 17, 2024
@mergify mergify bot added the contribution/core This is a PR that came from AWS. label Jul 17, 2024
aws-cdk-automation
aws-cdk-automation previously requested changes Jul 17, 2024
View reviewed changes
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

@pahud pahud changed the title chore(doc): Update INTEGRATION_TESTS.md chore(doc): update INTEGRATION_TESTS.md Jul 17, 2024
ashishdhingra
ashishdhingra reviewed Jul 17, 2024
View reviewed changes
INTEGRATION_TESTS.md Outdated
@@ -119,6 +119,9 @@ This will:
Now when you run `npm test` it will synth the integ app and compare the result with the snapshot.
If the snapshot has changed the same process must be followed to update the snapshot.

*Note - When running integration tests, refrain from defining the `env.account` property for stacks. This ensures that the synthesized
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note should be bold 😊

@aws-cdk-automation aws-cdk-automation dismissed their stale review July 17, 2024 22:06

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

comcalvi
comcalvi requested changes Jul 17, 2024
View reviewed changes
INTEGRATION_TESTS.md Outdated
@@ -119,6 +119,9 @@ This will:
Now when you run `npm test` it will synth the integ app and compare the result with the snapshot.
If the snapshot has changed the same process must be followed to update the snapshot.

*Note - When running integration tests, refrain from defining the `env.account` property for stacks. This ensures that the synthesized
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this is the answer to this issue. I don't think account numbers are inherently considered sensitive information, but even if we decide to them as such, we should write a linter rule that explicitly prevents users from including them in snapshots.

This might not apply to all tests, some of them need real account numbers (like cross account tests)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@comcalvi Agree. I have rephrased it this way

Note - When running integration tests, env.account is generally not required unless some special cases like cross-account tests.

Feel free to suggest changes. I think we still have to remind users that env.account is generally not required and not recommended. Thoughts?

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 318e86b
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@pahud
Copy link
Contributor Author

pahud commented Jul 17, 2024
edited
Loading

Have discussed with the team. Closing in favor of a linter rule.

@pahud pahud closed this Jul 17, 2024
@github-actions github-actions bot mentioned this pull request Jul 22, 2024
Closed
@github-actions github-actions bot mentioned this pull request Aug 1, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ashishdhingra ashishdhingra ashishdhingra left review comments

@comcalvi comcalvi comcalvi requested changes

@aws-cdk-automation aws-cdk-automation aws-cdk-automation left review comments

Assignees
No one assigned
Labels
contribution/core This is a PR that came from AWS. p2
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@pahud @aws-cdk-automation @comcalvi @ashishdhingra