feat(overlays): add archive overlay engine and config model#275
Conversation
There was a problem hiding this comment.
Pull request overview
This PR introduces the configuration surface and core utilities for archive-scoped overlays, extending component overlays so certain file overlays can target paths inside a source archive (extract → modify → repack), alongside schema/doc updates and supporting archive utilities.
Changes:
- Adds
archivetoComponentOverlaywith validation and fingerprint handling for archive-scoped overlays. - Extends
internal/utils/archivewith compression sniffing, strict unsupported-entry handling, and related tests. - Adds an (currently internal) archive overlay processing implementation plus tests, and updates user/config documentation and schema snapshots.
Reviewed changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| schemas/azldev.schema.json | Adds archive field to overlay schema and updates file description. |
| scenario/snapshots/TestSnapshotsContainer_config_generate-schema_stdout_1.snap | Updates schema snapshot output to include archive. |
| scenario/snapshots/TestSnapshots_config_generate-schema_stdout_1.snap | Updates schema snapshot output to include archive. |
| internal/utils/archive/archive.go | Adds compression sniffing, ExtractAuto, extract options, and strict unsupported-entry behavior. |
| internal/utils/archive/archive_test.go | Adds coverage for compression sniffing/mislabeled archives and strict unsupported-entry behavior. |
| internal/projectconfig/overlay.go | Adds Archive field, archive validation helpers, and fingerprint inclusion behavior. |
| internal/projectconfig/overlay_test.go | Adds validation and behavior tests for archive-scoped overlays. |
| internal/projectconfig/fingerprint_test.go | Tightens validation of allowed fingerprint struct tag forms/options. |
| internal/fingerprint/fingerprint_test.go | Adds a fingerprint regression test ensuring archive scoping changes the computed identity. |
| internal/app/azldev/core/sources/overlays.go | Updates overlay application gating to “loose-file” overlays (excludes archive-scoped). |
| internal/app/azldev/core/sources/archiveoverlays.go | Introduces archive extract/modify/repack engine with atomic repack behavior. |
| internal/app/azldev/core/sources/archiveoverlays_internal_test.go | Adds internal tests covering archive overlay processing, batching semantics, and safety behaviors. |
| docs/user/reference/config/overlays.md | Documents archive overlays and adds examples/field reference updates. |
Add the archive extract/apply/repack engine plus the ComponentOverlay 'archive' field, validation, and fingerprint handling. Extends internal/utils/archive with compression sniffing, ExtractAuto, and strict unsupported-entry handling. Pipeline wiring and hash tracking follow in a subsequent change.
c8b6390 to
0a209cc
Compare
trungams
left a comment
There was a problem hiding this comment.
Just a high level question: what is the intended use case for file-search-replace? It looks to me like something that can be achieved via a patch file.
This can be achieved through a patch file yes, but the source itself must be modified because we cannot check in source code that is perceived to have malware/zipbomb type files. Both of which cause scanning to fail |
Tonisal-byte
left a comment
There was a problem hiding this comment.
Should resolve #281
[Part 1 of 2] Adds the foundation for archive-scoped overlays.
This introduces the archive field on component overlays, allowing supported file overlays to target files inside source archives rather than loose files in the sources tree. It adds validation, fingerprint handling, schema updates, and archive utility support for safe extract/repack behavior, including compression sniffing and strict handling of unsupported tar entry types.
Example config:
Follow-up PR #276