[ENG-14822][steps] Coerce env in steps to string

[szdziedzic]

Why

Passing numeric values in workflow step env (e.g. env: { HOMEBREW_NO_AUTO_UPDATE: 1 }) results in a validation error because env values are required to be strings. YAML naturally parses unquoted numbers as numeric types, so users hit this unexpectedly.

How

Updated the Joi env validation schema in BuildFunctionCallSchema to accept both numbers and strings via Joi.alternatives().try(Joi.number(), Joi.string().allow('')), with a .custom() callback that coerces numbers to strings via String(value). This matches the coercion pattern used elsewhere in the codebase (e.g. stringLike in eas-cli).

Booleans and objects are still rejected — booleans because YAML accepts both True and true (coercing would lose casing), and objects because they aren't valid env values.

Test Plan

• Updated existing error message assertions to match the new "must be one of [number, string]" validation message.
• Added two new test cases verifying that numeric env values are coerced to strings for both run commands and function calls.
• All 290 tests in the steps package pass.

[linear]

ENG-14822 Coerce `env` in steps to string

[szdziedzic]

• [ENG-14822][steps] Coerce env in steps to string #3583 👈 (View in Graphite)
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[Copilot]

Pull request overview

This PR updates the build-steps config validation to accept numeric env values in step definitions and coerce them to strings during Joi validation, aligning config parsing with how environment variables are ultimately represented.

Changes:

• Allow env values in step configs to be number | string, and coerce validated values to strings.
• Update existing validation error-message assertions to match the new Joi alternatives type error.
• Add tests to verify numeric env values are coerced to strings for both run steps and function-call steps.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File	Description
packages/steps/src/BuildConfig.ts	Expands Joi schema for env values to accept numbers and coerces validated values to strings.
packages/steps/src/tests/BuildConfig-test.ts	Updates error expectations and adds tests covering number-to-string coercion for env.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

With Joi's default convert: true, Joi.number() will coerce numeric-looking strings (e.g. '001', '1e3') into numbers before the .custom(String) runs, which can silently change env values (leading zeros, scientific notation, etc.). To avoid mutating string inputs, make the number branch strict (e.g. Joi.number().strict()) or prefer the string alternative and only accept actual numbers without coercing strings to numbers.

Suggested change

	.try(Joi.number(), Joi.string().allow(''))
	.try(Joi.number().strict(), Joi.string().allow(''))

[Copilot]

Consider adding a regression test that a numeric-like string env value (e.g. PORT: '001') remains unchanged after validation. This will catch unintended Joi conversion where strings are coerced into numbers and then stringified, potentially losing formatting.

[szdziedzic]

/changelog-entry bug-fix [steps] Coerce numeric env values to strings in workflow step configuration

[github-actions]

Subscribed to pull request

File Patterns	Mentions
**/*	@douglowder

Generated by CodeMention

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

PR description says there are two new test cases verifying numeric env coercion for both run steps and function calls, but this test file only adds coverage for run.env (and a separate case for numeric-like strings). Either add a test that asserts numeric env values are coerced for function-call steps (e.g. say_hi.env) or update the PR description/test plan to match what’s actually covered.

[github-actions]

✅ Thank you for adding the changelog entry!

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated no new comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 54.28%. Comparing base (c6d4fae) to head (d0f25b7).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3583      +/-   ##
==========================================
+ Coverage   54.27%   54.28%   +0.01%     
==========================================
  Files         820      820              
  Lines       35055    35056       +1     
  Branches     7260     7260              
==========================================
+ Hits        19024    19025       +1     
  Misses      15944    15944              
  Partials       87       87              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.