Contrib.social

[meta] Make recipes safer to use in the real world by supporting config validation and rolling back a broken recipe

Open on Drupal.org β†’
Created on 30 November 2023, over 1 year ago

Problem/Motivation

When you apply a recipe to your site, there is no real promise that it will work. For example, a recipe can ship invalid config, or it can ship config that conflicts with other config in insidious ways.

That's bad enough, but what's really uncool is that, if a recipe does blow up while being applied, it just leaves a mess - some config has been modified by the recipe, other config hasn't, and you're stuck in the middle. If you didn't make a backup before applying the recipe, you're in trouble.

What this means is that recipes, as they exist right now, are unsafe to use except in controlled conditions, by people who know what they're doing. They are definitely not safe for production. The inability to know whether a recipe is shipping valid config is an obstacle to creating recipes that other people can use.

Our aim in this issue (and its children), then, is twofold:

  1. Do what we can to ensure a recipe is shipping sane and safe (this usually means "valid") config.
  2. If a recipe breaks while applying, ensure that the recipe runner doesn't leave a colossal mess behind.

These two things would go a very, very long way towards making recipes safe to use in the real world.

Remaining tasks

These are in priority order. Postponed issues are blocked by issues either in core, or further up in the list.

  1. #3390919: If a recipe fails to apply due to config validation errors, revert the site's config to its original state β†’ will add the necessary internals and API for a recipe to be "reverted" at the config level. In other words, after this issue, it is possible for changes made by a recipe to be automatically rolled back. This doesn't mean the changes will be rolled back -- this issue is merely adding the plumbing for that to work.

Once we have that, we can start validating config as we create it. We need to validate it one piece at a time, because config validation constraints sometimes depend on other config already existing.

There are two ways recipes modify config: importing it wholesale, and config actions. We need validation for both:

  1. #3401867: [PP-1] Validate config that gets imported from modules or the recipe's config directory β†’ will validate imported config.
  2. #3401723: [PP-1] Config modified by action plugins should be validated before it is saved β†’ will validate config modified by config actions.

In both of these issues, any validation error will cause the recipe to fail, and config to be reverted.

Meanwhile, in core, config validation work is related. The issues we need to land in order for this to be useful are:

Bear in mind that these core issues aren't blocking us, but until they land, config validation in recipes is relatively useless.

πŸ“Œ Task
Status

Active

Version

10.2

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States phenaproxima Massachusetts

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024