chore(appconfig): add typeAsString escape hatch for custom configuration types #36049
+82
−2
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
beginning-contributor
This was referenced Nov 13, 2025
mergify bot
pushed a commit
that referenced
this pull request
Nov 17, 2025
…6057) Added steps to save and upload pull request information. ### Issue # (if applicable) Closes #36055 ### Reason for this change THE PROBLEM: ------------ PR Linter can't determine which PR to validate because: 1. No pr_info artifact exists 2. pull_requests array is empty (GitHub limitation) THE SOLUTION: ------------- Add these steps to codebuild-pr-build.yml: ```yaml - name: Save PR info for PR Linter if: github.event_name == 'pull_request' run: | mkdir -p ./pr echo "${{ github.event.pull_request.number }}" > ./pr/pr_number echo "${{ github.event.pull_request.head.sha }}" > ./pr/pr_sha - name: Upload PR info artifact if: github.event_name == 'pull_request' uses: actions/upload-artifact@v5 with: name: pr_info path: pr/ ``` WHY IT WORKS: ------------- ``` BEFORE (BROKEN): ┌─────────────────────────────────────────────────────────┐ │ Codebuild PR Build │ │ Context: github.event.pull_request.number = 36049 ✓ │ │ Context: github.event.pull_request.head.sha = fc4... ✓│ │ │ │ ✗ Does NOT save this info │ │ ✗ Does NOT upload artifact │ └─────────────────────────────────────────────────────────┘ │ │ workflow_run event ▼ ┌─────────────────────────────────────────────────────────┐ │ PR Linter (workflow_run context) │ │ Context: github.event.workflow_run.pull_requests = [] │ │ Context: No PR info available ✗ │ │ │ │ Tries to download pr_info artifact ──► ✗ Not found │ │ Tries pull_requests[0].number ──────► ✗ Empty array │ │ │ │ Result: ✗ CANNOT DETERMINE PR NUMBER │ └─────────────────────────────────────────────────────────┘ AFTER (FIXED): ┌─────────────────────────────────────────────────────────┐ │ Codebuild PR Build │ │ Context: github.event.pull_request.number = 36049 ✓ │ │ Context: github.event.pull_request.head.sha = fc4... ✓│ │ │ │ ✓ Saves PR number to file: pr/pr_number │ │ ✓ Saves PR SHA to file: pr/pr_sha │ │ ✓ Uploads pr_info artifact │ │ └─ Contains: pr_number=36049, pr_sha=fc4... │ └─────────────────────────────────────────────────────────┘ │ │ workflow_run event │ (artifact travels with event) ▼ ┌─────────────────────────────────────────────────────────┐ │ PR Linter (workflow_run context) │ │ Context: github.event.workflow_run.pull_requests = [] │ │ │ │ Downloads pr_info artifact ─────────► ✓ Found! │ │ └─ Extracts pr/pr_number ────────► ✓ 36049 │ │ └─ Extracts pr/pr_sha ───────────► ✓ fc4... │ │ │ │ Result: ✓ PR NUMBER DETERMINED = 36049 │ │ ✓ Can now validate the correct PR │ └─────────────────────────────────────────────────────────┘ ``` KEY INSIGHT: ------------ ``` ┌──────────────────────────────────────────────────────────┐ │ The PR context EXISTS in Codebuild PR Build │ │ (triggered by pull_request event) │ │ │ │ But it DISAPPEARS in PR Linter │ │ (triggered by workflow_run event) │ │ │ │ Solution: PERSIST the context via artifact │ │ (artifacts survive the context switch) │ └──────────────────────────────────────────────────────────┘ ``` CONTEXT AVAILABILITY: --------------------- Codebuild PR Build (pull_request trigger): ✓ github.event.pull_request.number ✓ github.event.pull_request.head.sha ✓ github.event.pull_request.* (all PR data) PR Linter (workflow_run trigger): ✗ github.event.pull_request (doesn't exist) ✗ github.event.workflow_run.pull_requests (empty array) ✓ github.event.workflow_run.id (can download artifacts) ARTIFACT AS BRIDGE: ------------------- ``` Codebuild Context Artifact PR Linter Context ───────────────── ──────── ───────────────── PR #36049 workflow_run event pull_request event (no PR context) │ │ │ Has PR data │ No PR data │ │ ▼ ▼ Save to files ──────────► Download files - pr_number: 36049 Upload - pr_number: 36049 - pr_sha: fc4... artifact - pr_sha: fc4... pr_info ✓ PR context restored! ``` EXECUTION FLOW WITH FIX: ------------------------- ``` 1. PR opened ──► Codebuild PR Build starts │ ├─ github.event.pull_request.number = 36049 ✓ ├─ github.event.pull_request.head.sha = fc4... ✓ │ ├─ echo 36049 > pr/pr_number ├─ echo fc4... > pr/pr_sha └─ upload-artifact: pr_info └─ Artifact ID: 12345 2. Codebuild completes ──► workflow_run event fires │ └─ github.event.workflow_run.id = 19342493369 3. PR Linter triggered ──► download-if-workflow-run job │ ├─ Download artifact from run 19342493369 │ └─ Finds pr_info artifact (ID: 12345) ✓ │ ├─ Extract files: │ ├─ pr/pr_number = 36049 ✓ │ └─ pr/pr_sha = fc4... ✓ │ └─ Pass to validate-pr job: └─ PR_NUMBER=36049 ✓ └─ PR_SHA=fc4... ✓ 4. validate-pr job ──► Validates PR #36049 ✓ ``` SUMMARY: -------- The solution works because it: 1. Captures PR context when it's available (Codebuild) 2. Persists it in an artifact (survives context switch) 3. Restores it when needed (PR Linter) 4. Bypasses GitHub's pull_requests array limitation See #36055 for details ## How do I validate ### Test Environment Validated on fork repository: pahud#16 ### Validation Steps 1. **Applied the fix** to fork's `codebuild-pr-build.yml` (artifact upload steps) 2. **Created test PR** to trigger workflows 3. **Verified Codebuild workflow** uploaded `pr_info` artifact successfully 4. **Verified PR Linter workflow** downloaded artifact and applied label ### Results ✅ **Codebuild PR Build**: Successfully uploaded `pr_info` artifact containing: - `pr_number`: 16 - `pr_sha`: ebeaa4c... ✅ **PR Linter**: Successfully validated PR and applied label - Workflow run: https://github.com/pahud/aws-cdk/actions/runs/19380492593 - Label applied: `pr/needs-community-review` - Status: ✅ Success ### Evidence **Before fix:** - PR Linter failed with "Cannot determine PR number" - No `pr_info` artifact available - workflow_run.pull_requests array was empty **After fix:** - PR Linter successfully downloaded `pr_info` artifact - Correctly identified PR number and SHA - Applied appropriate review label ### Note on Fork Testing For fork testing only, I added a `pull_request_target` fallback to `pr-linter.yml` since `workflow_run` events don't trigger from fork workflows. This fallback is **not needed** for aws/aws-cdk as workflows run in the base repository context where `workflow_run` works correctly. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue # (if applicable)
Closes #.
Reason for this change
Allows customers to create custom configuration profile types not defined in the configuration profile enum.
Description of changes
Added a typeAsString property to the AppConfig configuration interfaces as an escape hatch that allows specifying custom configuration types as strings.
What code changes did you make?
Why do these changes address the issue?
What design decisions have you made?
Describe any new or updated permissions being added
Description of how you validated changes
Yes
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license