Merged
Conversation
…sign - docs/roadmaps/submission-flow-redesign.md: full plan, decisions, task tracker, flow diagram, file-mapping reference - submissions/.gitkeep: placeholder for future processed config submissions
…-facing patterns - Rewrite issue template: add submission type dropdown (Fix vs New Vendor), customer-facing deployment patterns (HyperConverged/Switched/Switchless), 'What's wrong?' textarea, node count, lab JSON input, BMC marked lab-only - Rewrite process-submission instructions: remove non-existent backend/ refs, inline Copilot analysis, add credential scan, data sanitization step, file-mapping guide for Fix submissions, artifact creation for New Vendor - Update triage workflow: validate submission type, credential scan, lab JSON syntax check, auto-apply new-vendor label - Rewrite CONTRIBUTING.md: customer-facing pattern names, two submission paths (Fix + New Vendor), pattern identification guide, sanitization guidance, example submissions - Add PATTERN_SWITCHED and PATTERN_SWITCHLESS constants - Update roadmap with completed phases
- Validation logic: Python replica of triage workflow JS, tested with ~40 mock issue body scenarios (valid/invalid submissions, credentials, spam injection, checkboxes, required fields, lab JSON) - YAML schema: parse config-submission.yml, verify required fields, dropdown options, render modes, checkboxes - Cross-file consistency: deployment patterns, roles, field headings, credential placeholders, submission types consistent across all files - File path existence: all paths referenced in process instructions exist - Constants alignment: VENDOR_FIRMWARE_MAP, pattern constants documented Total test count: 103 original + 96 submission flow = 199
- Adversarial inputs: empty body, whitespace-only, garbage text, 100K-line config, JSON bomb (100 levels deep), malformed JSON, XSS via img/onerror, stacked injection, credential-only config, unicode/null bytes, regex bomb - Error message clarity: all errors have ❌ marker, warnings have⚠️ , credential errors tell user about $CREDENTIAL_PLACEHOLDER$, short config suggests full running config, missing fields lists which ones, examples in 'what's wrong' warning - Infinite loop guards: workflow only triggers on opened/edited (not labeled or issue_comment), requires config-submission label filter Total test count: 103 original + 121 submission flow = 224
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request significantly enhances the config submission workflow and related documentation for Azure Local network templates. The changes improve the clarity, structure, and validation of switch config submissions, strengthen credential sanitization requirements, and update the backend and testing documentation to reflect new workflows, validation logic, and increased test coverage.
Issue Template Improvements:
.github/ISSUE_TEMPLATE/config-submission.ymltemplate to support both reporting issues and contributing new vendor/model configs, added dropdowns for submission type and deployment pattern, and clarified/sanitized form fields and instructions for sensitive data. [1] [2]Process & Validation Instructions:
.github/instructions/process-submission.instructions.mdto:Copilot & Test Documentation Updates:
.github/copilot-instructions.mdfor handling storage VLANs based on deployment pattern, and updated the test suite documentation to reflect the expanded test coverage (227 tests total, including new submission flow tests). [1] [2] [3] [4] [5]These changes collectively make the submission process clearer for users, ensure stricter data sanitization, and streamline validation and automation for maintainers.
References:
[1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16]