Background
The current integration test suite (added in #745) deploys all fixtures to LocalStack and verifies that deployment succeeds. This catches runtime errors — malformed IAM policies, invalid state machine definitions, etc.
However, some bugs produce structurally incorrect CloudFormation templates that LocalStack accepts without error but that cause silent failures in production. Two examples already fixed:
Proposed solution
After sls compose deploy runs (which internally packages each fixture and writes the compiled template to .serverless/cloudformation-template-update-stack.json), run a second step that executes verify.test.js files co-located with each fixture:
fixtures/
notifications/
serverless.yml
verify.test.js ← asserts exactly one SNS TopicPolicy per topic, etc.
circular-dependency/
serverless.yml
verify.test.js ← asserts no { Ref: Lambda } in IAM policy resources, etc.
basic-state-machine/
serverless.yml
# no verify.test.js needed — deploy success is sufficient
Runner added to the CI workflow after the deploy step:
npx mocha fixtures/**/verify.test.js
The verify.test.js files use the same Mocha + Chai setup as the rest of the test suite and read the already-generated .serverless/cloudformation-template-update-stack.json for their assertions.
Why this matters
This closes the gap between "deploys without error" and "generates a correct template". It also gives future contributors a clear pattern for adding template-level assertions when fixing compilation bugs.
Background
The current integration test suite (added in #745) deploys all fixtures to LocalStack and verifies that deployment succeeds. This catches runtime errors — malformed IAM policies, invalid state machine definitions, etc.
However, some bugs produce structurally incorrect CloudFormation templates that LocalStack accepts without error but that cause silent failures in production. Two examples already fixed:
AWS::SNS::TopicPolicyresources targeting the same topic. CloudFormation silently overwrites the first with the second. LocalStack deploys green; the bug is only visible by inspecting the generated template.{ Ref: LambdaFunction }in an IAM policy resource resolves to the function name, not its ARN. LocalStack's IAM validates this and rejects it — but only because IAM happens to validate it. A future similar bug might not be caught this way.Proposed solution
After
sls compose deployruns (which internally packages each fixture and writes the compiled template to.serverless/cloudformation-template-update-stack.json), run a second step that executesverify.test.jsfiles co-located with each fixture:Runner added to the CI workflow after the deploy step:
npx mocha fixtures/**/verify.test.jsThe
verify.test.jsfiles use the same Mocha + Chai setup as the rest of the test suite and read the already-generated.serverless/cloudformation-template-update-stack.jsonfor their assertions.Why this matters
This closes the gap between "deploys without error" and "generates a correct template". It also gives future contributors a clear pattern for adding template-level assertions when fixing compilation bugs.