Introduce new validator cliContext option disableDefaultResourceFetcher #1526
Conversation
dehall
force-pushed
the
do_not_fetch_unknown_profiles
branch
from
89c2403 to
2ee99ec
Compare
|
I think you're right; that test does a lot that's outside of the very limited scope of testing this function. In fact, it errors locally for me after some commits to unrelated code. I think they way to make this more efficient and less prone to breakage would be to mock parts of the ValidationService instead of trying to use a full instance. There are examples in ValidationTests of how this can be done. I will have a look and see if I can start you on this path with some suggestions. |
|
I've had a chance to look at this more in depth now. @dehall I've made a commit that fixes this test, and adds a mocked version here: https://github.com/hapifhir/org.hl7.fhir.core/tree/do-20240115-unknown-profile-fetch I think the mocked test should stay where it is, but would like the validation test moved. @grahamegrieve I think this test Dylan wrote actually belongs in the validation tests in fhir-test-cases, but with an additional parameter that specifies whether or not to use the standalone fetcher. But before that takes place, we should address my concern below. Now that I've had a chance to look at this more deeply, I'm concerned that the intent implied by most of the methods and arguments looks very confusing. doNotFetchUnknownProfiles is essentially a description of the warning we want to see, but in actuality, it's disabling a default implementation of the resource fetcher altogether. If this was simply 'useDefaultResourceFetcher' and |
|
Thanks so much @dotasek - I really didn't intend for this to require so much time on your part. I defer to whatever you want to do, definitely agree that framing it as "using/disabling the resource fetcher" makes it easier to test. My only thought is that since the parameter name doesn't reflect the reason that the feature was added, how can we ensure it doesn't evolve in a way that breaks the original intent? Is the unit test I wrote enough to do that? (Or am I overthinking it because profile fetching is unlikely to change much going forward?) |
dehall
force-pushed
the
do_not_fetch_unknown_profiles
branch
from
2ee99ec to
80bf591
Compare
|
I've pushed an update that includes your new test cases and renames the parameter to |
dehall
force-pushed
the
do_not_fetch_unknown_profiles
branch
from
d7e5202 to
0f10e45
Compare
|
@dotasek Are the unit tests flaky on CI? I keep rebasing to get the latest from master and each time there's 1 or 2 different failures. This time it's in the |
org.hl7.fhir.validation/src/main/java/org/hl7/fhir/validation/cli/model/CliContext.java
Outdated
Show resolved
Hide resolved
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #1526 +/- ##
=========================================
Coverage 11.73% 11.73%
- Complexity 30374 30378 +4
=========================================
Files 2162 2162
Lines 667558 667565 +7
Branches 197134 197136 +2
=========================================
+ Hits 78344 78349 +5
Misses 560809 560809
- Partials 28405 28407 +2 ☔ View full report in Codecov by Sentry. |
dehall
changed the title
|
Merging after discussion with @grahamegrieve |
## Validator Changes * Fix significant bug where validator gets internal child lists incorrect and doesn't do complete validation when switching between validating profiles and resources directly * Performance improvement for validator parsing - thanks Brian Postlethwaite * Fix Crash on slicing a sliced element #862 * Fix ig loading from direct URL (#1559) * Fix bug copying constraints into Bundle.entry.resource profiles * Fix bug loading R5 extensions with imported value sets * Replace dom-3 with custom java code, and check xhtml references to contained content * Improve concept map code validation * Update observation validator for committee decision not to enforce Blood Pressure profile for Mean Blood Pressure * Validate value set internal codeSystem references * Split value set validation into 10k batches for very large extensional value sets * Hack fix for opd-3 * Fix bug where using ontoserver when not appropriate * Fix issues with inferSystem * Don't require HL7 committee for contained resources in HL7 namespace * Fix where validator was ignoring minimum cardinality for XML attributes (especially in CDA) * Improved ConceptMap validation * Updated IG versions used for -cda and -ccda CLI validation options. * Change validator so that it marks value properties in primitive data types as illegal ## Other code changes * Fix code system rendering for uri properties * Fix broken links Bundle and Profile rendering * Take copy of code when doing local validation * WIP: major refactor of cross version analysis * Add support for subsumes in tx client * Don't generate snapshots when scanning structure definitions for resource names * Work on ConceptMap infrastructure for cross-version analysis * Fix bug where not rendering ConceptMap relationships * Fix wrong URLs rendering Profiles and Questionnaires * Fix bug using wrong version constant for R3 * Updates for R5 StructureMap syntax * Support for case sensitive Code system tests * Add TurtleGeneratorTests for R5 * Introduce new validator cliContext option disableDefaultResourceFetcher (#1526) * Render contained resources when rendering Patient resources * Fix bug in FML Parser ***NO_CI***
This PR is the result of this discussion on Zulip: https://chat.fhir.org/#narrow/stream/291844-FHIR-Validator/topic/CLI.20option.20to.20not.20fetch.20unknown.20profiles.3F
Description:
This PR introduces a new option which disables the default resource fetcher in the validation engine. The resource fetcher is used to fetch IGs when an unknown profile is referenced. The default behavior of the validator is unchanged. The new setting is called
disableDefaultResourceFetcheror if using the CLI jar-disable-default-resource-fetcherThere are three end-user scenarios to consider:
disableDefaultResourceFetcher= truedisableDefaultResourceFetcher= true, and adding the appropriate IG tocliContext.igs/-igHistory/Context:
The Inferno team is continuing to look into replacing our validator wrapper service with the HL7 validator-wrapper, and we notice that our service will respond with a warning for unknown profiles in
meta.profile(e.g. "Profile reference 'http://hl7.org/fhir/us/core/StructureDefinition/us-core-patient' has not been checked because it is unknown, and the validator is set to not fetch unknown profiles") but the validator-wrapper will fetch the appropriate IG and validate the resource against the profile. For our use case of certification, I'm not sure it's relevant if the resource validates against any profiles other than the one under test, and we're also concerned that fetching arbitrary IGs could pollute the validator session.This is because we directly instantiate a ValidatorEngine and don't set a "fetcher" whereas the validator-wrapper uses a ValidationService which does set a "fetcher" on the
ValidatorEngines it spins up. Per David's suggestion on the Zulip thread, I've added a new CLI option which, if true, does not set that fetcher.Original text below for reference only
Description:
This PR introduces a new option which prevents the validator from fetching (and validating against) unknown profiles. The default behavior of the validator is unchanged. The new setting is called
doNotFetchUnknownProfilesor if using the CLI jar-do-not-fetch-unknown-profilesThere are three scenarios to consider:
doNotFetchUnknownProfiles= truedoNotFetchUnknownProfiles= true, and adding the appropriate IG tocliContext.igs/-igNotes on testing:
I added a unit test to check the three scenarios as mentioned above:
doNotFetchUnknownProfiles= truedoNotFetchUnknownProfiles= true, and adding the appropriate IG tocliContext.igsI don't really like the test though - it's much too slow. Any suggestions on a better test approach are very welcome. (I've also selected a test resource that passes validation with the profile. A better test might use a test resource that fails profile validation but succeeds with the "not checked" warning when
doNotFetchUnknownProfilesis set, but I didn't see any examples of those in the existing test set. Wasn't sure if adding a whole new test resource here was appropriate)