Track actions taken against orgs #3835
Draft
+3,140
−277
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… orgs as part of the org config
Still remaining: - Add tracking for all file and directory access by standard tasks - Add tracking for package uninstalls - Add tracking for metadata retrieve operations including retrieves in transforms
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request introduces a new framework for tracking individual org related actions. The goal is to provide both better observability and auditability to the dynamic decisions made by CumulusCI and hopefully to be able to replay all actions run against the previous scratch org on refresh.
I first realized the need for this while working on the OrgSnapshots functionality I'm building. I needed to know the resolved dependencies from the flow run by a previous GitHub Actions step. CumulusCI currently doesn't store that info anywhere. Also,
update_dependenciesdoesn't store the resolved dependencies inreturn_values, which is also included in this branch :)I'll be working on docs and test cases as well as using and improving this framework before bringing the PR out of draft.
For now...
track_historyproperty onorgs -> scratch -> <org_name>to enable history tracking. No history tracking is recorded on any orgs by defaultOrgHistoryandOrgActionwith base classes and implementations for a common set of actions against orgs:track_historyis enabled for the org, recording of each action with full hashed details are stored inorg_config.history.actionscci historycommand group with subcommands:list: List and filter actions for a given org for display or jsoninfo <action_hash>: Get the details for an action for display or jsonclear: Select and filter specific actions from the org's historyenable|disable: Enable/disable tracking on the orgI also need to go through all the built in task classes and make sure they're recording their actions:
ActionFileReference: Path and hash of file contentsActionScratchDefReference: Extension ofActionFileReferencethat adds parsing the json into a Python dict in thescratchdeffield and using that for the hash, reducing risk of whitespace and other formatting differences impacting the hashActionDirectoryReference: Path and hash of all recursive contentsActionMetadataDeployment: Path and hash of the metadata that was deployed. Stub for future optimization of hashingActionCommandExecution: Any external command executed withcommand,return_code,output, andstderr