CCM-19694: Config validation

[m-houston]

Summary

This PR adds shared config-store integrity validation, surfaces those validation results through the Excel parser, and ensures the DynamoDB/EventBridge publishers fail early with clearer error output when the config is incomplete or internally inconsistent.

What changed

packages/file-store

• Added validateConfigStoreIntegrity() for cross-record/business-rule validation.
• Added integrity checks for promoted letter-variant records, including:
  • promoted variants must reference sufficiently promoted pack-specification records
  • promoted variants must have matching promoted supplier-pack records
  • PROD supplier packs must be in APPROVED state to count as valid
  • supplier-scoped variants must have a matching supplier pack for that supplier
  • referenced volume-group records must exist
  • referenced volume-group records must have an associated supplier-allocation
• Added detailed mapping diagnostics to validation issues so failures include the pack/spec and supplier-pack combinations examined.
• Added details?: string[] to shared ValidationIssue.
• Aligned validation schema imports with the source-domain schemas used by parsing to avoid false negatives caused by schema drift.

packages/excel-parser

• Added validateIncompleteMappings() to run the shared integrity validation against parsed workbook data.
• Added grouped warning formatting so mapping warnings are presented per variant instead of as a flat list.
• Updated CLI output to show grouped warnings and mapping-combination diagnostics.
• Added synthetic regression coverage for invalid mapping scenarios without using real workbook IDs.

packages/ddb-publisher

• Runs shared integrity validation after schema validation and before audit/publish.
• Fails fast if integrity validation reports issues.
• Includes validation detail lines in error summaries for easier diagnosis.

packages/eventbridge-publisher

• Runs shared integrity validation after schema validation and before publish.
• Fails fast if integrity validation reports issues.
• Includes validation detail lines in error summaries for easier diagnosis.

Why

Previously, schema validation alone could succeed even when promoted variants did not have valid downstream mappings for publication.

This PR adds a shared integrity-validation layer so incomplete or inconsistent promoted configurations are caught before publish, and the resulting errors are much easier to interpret.

Validation

The following checks were run locally:

npm run test:unit --workspace=@supplier-config/excel-parser
npm run typecheck --workspace=@supplier-config/excel-parser

npm run test:unit --workspace=@supplier-config/file-store
npm run typecheck --workspace=@supplier-config/file-store

npm run test:unit --workspace=@supplier-config/ddb-publisher
npm run typecheck --workspace=@supplier-config/ddb-publisher

npm run test:unit --workspace=@supplier-config/eventbridge-publisher
npm run typecheck --workspace=@supplier-config/eventbridge-publisher

Type of changes

• Refactoring (non-breaking change)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would change existing functionality)
• Bug fix (non-breaking change which fixes an issue)

Checklist

• I am familiar with the contributing guidelines
• I have followed the code style of the project
• I have added tests to cover my changes
• I have updated the documentation accordingly
• This PR is a result of pair or mob programming

• This PR includes code generated by a coding agent

---

Sensitive Information Declaration

To ensure the utmost confidentiality and protect your and others privacy, we kindly ask you to NOT including PII (Personal Identifiable Information) / PID (Personal Identifiable Data) or any other sensitive data in this PR (Pull Request) and the codebase changes. We will remove any PR that do contain any sensitive information. We really appreciate your cooperation in this matter.

• I confirm that neither PII/PID nor sensitive data are included in this PR and the codebase changes.

[Copilot]

Pull request overview

This PR adds a shared “config-store integrity” validation layer to catch cross-record/business-rule inconsistencies that schema validation alone can’t detect, and wires it through the Excel parser plus both DynamoDB and EventBridge publishers so they fail early with more actionable diagnostics.

Changes:

• Added validateConfigStoreIntegrity() in @supplier-config/file-store to validate promoted letter-variant → pack-specification / supplier-pack mappings and volume-group / supplier-allocation references, including diagnostic detail lines.
• Added Excel-parser support to run integrity validation against parsed workbook data and report grouped per-variant warnings via CLI.
• Updated both publishers to run integrity validation after schema validation and include diagnostic detail lines in thrown error summaries; updated GitHub composite actions to better resolve bundles when referenced by commit SHA.

Reviewed changes

Copilot reviewed 23 out of 23 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
packages/file-store/src/validation/entity-schemas.ts	Centralises entity→schema mapping using source-domain schemas.
packages/file-store/src/validation/config-store-validator.ts	Switches to shared schema map import for schema validation.
packages/file-store/src/validation/config-store-integrity-validator.ts	Implements cross-record integrity validation + diagnostics for promoted variants.
packages/file-store/src/types.ts	Extends ValidationIssue with optional details lines.
packages/file-store/src/index.ts	Exports integrity validator from package entrypoint.
packages/file-store/src/tests/config-store-validator.test.ts	Updates schema mocking to match new per-entity schema imports.
packages/file-store/src/tests/config-store-integrity-validator.test.ts	Adds unit coverage for integrity rules and diagnostic output.
packages/excel-parser/src/mapping-validation.ts	Builds an in-memory store from parse results and runs shared integrity validation as warnings.
packages/excel-parser/src/mapping-validation-report.ts	Groups and formats mapping warnings per variant with deduped detail lines.
packages/excel-parser/src/index.ts	Re-exports new mapping validation/report APIs.
packages/excel-parser/src/cli-parse.ts	Adds --check-mappings option and grouped warning output.
packages/excel-parser/src/tests/mapping-validation.test.ts	Adds regression tests for mapping validation warnings.
packages/excel-parser/src/tests/mapping-validation.specifications.test.ts	Adds synthetic diagnostics coverage without relying on real workbook IDs.
packages/excel-parser/src/tests/mapping-validation-report.test.ts	Tests warning grouping/deduping/formatting logic.
packages/excel-parser/src/tests/cli-parse.formatting.test.ts	Ensures inputs produce multiple warnings sharing detail lines for grouping.
packages/excel-parser/README.md	Documents new mapping validation CLI option + API usage.
packages/excel-parser/package.json	Adds dependency on @supplier-config/file-store to consume shared validation.
packages/eventbridge-publisher/src/run.ts	Runs integrity validation pre-publish; includes details lines in error summaries.
packages/eventbridge-publisher/src/tests/run.test.ts	Adds tests for integrity-validation failure mode and detail inclusion.
packages/ddb-publisher/src/run.ts	Runs integrity validation pre-audit/publish; includes details lines in error summaries.
packages/ddb-publisher/src/tests/run.test.ts	Adds tests for integrity-validation failure mode and detail inclusion.
actions/eventbridge-publish/action.yml	Enhances bundle resolution: attempts tag resolution for commit SHA refs; falls back to workflow artifacts by commit/branch.
actions/ddb-publish/action.yml	Same bundle-resolution enhancement as eventbridge-publish action.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.