What Changed
The ASIM template validation test infrastructure has been updated to address reliability issues and improve performance:
- Local File Access: Template validation now reads YAML files from the checked-out repository instead of attempting to fetch raw GitHub URLs, eliminating malformed URL errors
- GitHub API Integration: Fork modification checks now use the GitHub API to enumerate changed files rather than git diff operations
- Workflow Optimization: Removed the “Checkout pull request branch” step from security-gate workflow to improve execution time
- Error Handling: Enhanced error reporting and exit code handling for test failures
The Python validation script (.script/tests/asimParsersTest/VerifyASimParserTemplate.py) was refactored to replace HTTP requests with local file system operations.
Security Impact
Data Fidelity Risk: Before this fix, ASIM parser validation tests were unreliable due to network-dependent URL fetching failures. This meant invalid parser configurations could potentially pass through CI without proper validation, creating a risk of:
- ASIM parsers with incorrect schema mappings reaching production
- Missing mandatory fields (EventProduct, EventVendor) not being detected
- Malformed parser references in union parsers going unnoticed
- Sample data validation being skipped due to URL resolution failures
Operational Impact: The fix ensures consistent validation of ASIM parser templates, preventing broken parsers from being merged that could cause data ingestion failures or incorrect normalization. Parser contributors will now experience more reliable CI feedback on their YAML template formatting and compliance.
Reliability Improvement: Eliminates the “Most of the time, the Template Validation test cannot find the files” issue described in the PR, ensuring validation runs consistently execute the full test suite.
Affected Files
.github/workflows/runAsimSchemaAndDataTesters.yaml
.script/tests/asimParsersTest/VerifyASimParserTemplate.py