feat(configurator): delete.sh flow (v20.6.0)#49
Merged
Conversation
New fourth configurator mode: "Delete existing deployment". Generates delete.sh that cleanly removes MAP Auto-Tagger deployments. MINOR bump — safe in-place upgrade (YAML runtime byte-identical to v20.5.4 except four version stamps; adds new UI + new generated script only). Implements items 2, 4, 5, 6, 8 of Jin's Wave-0 scope (PR #27): - #2 Rename destroy → delete throughout (filename / UI / i18n keys / docs / internal JS) - #4 Default UX is "delete ALL map-auto-tagger-mig* in region"; opt-in checkbox reveals specific-MPE input - #5 Staging-bucket handling is automatic: delete when no other deployments remain, retain otherwise (no opt-in checkbox) - #6 Log-group opt-in kept (default off; audit history preserved) - #8 Type-DELETE confirmation works for both "delete all" and "scope to MPE" paths Flow: three-step (Configure → Review → Download), mirroring Deploy / Editor / Upgrade. Generates delete-all.sh by default; delete-<mpe>- <mpe>.sh when scoped. Script: - Enumerates map-auto-tagger-mig* Stacks and StackSets in region - For StackSets: deletes instances in parallel (100% tolerance), then the StackSet itself. 30-min wait ceiling. - For Stacks: delete-stack + wait - S3 staging bucket auto-decided — kept if any other deployment remains, deleted otherwise (race: simultaneous scoped deletes could both retain; accepted, same class as §1.108 TOCTOU) - Optional: delete matching CloudWatch Log Groups - NEVER deletes: map-migrated tags on AWS resources, StackSet admin / execution IAM roles (shared org scaffolding) - Legacy pre-namespacing stack detection — if no map-auto-tagger-mig* matches, probes for unnamespaced map-auto-tagger and emits manual- delete instructions instead of silent exit (same pattern as upgrade.sh v20.5.4) - Idempotent: missing resources = skipped (not failed); non-zero exit only on real failures MPE-ID regex in UI is permissive (alphanumeric, any length ≤20) to match the Lambda runtime's AllowedPattern ^mig[a-zA-Z0-9]+$. Will tighten to ^mig[a-z0-9]{10}$ once H6 product call lands repo-wide. Flagged as follow-up in CHANGELOG. English-only for new i18n keys (ui_mode_delete_*, ui_delete_*, err_delete_*); 7 non-English locales fall back to English via existing t() behavior. Translation follow-up flagged; same pattern as ui_update_confirm_risk (PR #47) and ui_upgrade_* (PR #48a). E2E coverage deferred to a follow-up PR per Sprint 7 P3 mandate (every generator output gets E2E before ship). The delete.sh harness lives alongside the existing deploy.sh harness in .github/scripts/ — separating the two PRs keeps both reviewable. Layer 1 local: sync-check ✅, lint_cfn_correctness ✅, lint_event_prefixes ✅, lint_shell_injection ✅, HTML well-formed ✅, YAML Lambda py_compile ✅, cfn-lint ✅. Both script variants (delete-all and scoped) render cleanly and pass `bash -n`. Co-authored-by: Jin Shan Ng <ngjinshan99@gmail.com> Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…0.6.0) Three fixes to the delete.sh flow before PR #49 merges: 1. MPE ID format enforcement now mirrors Editor/Update modes — DELETE_MPE_REGEX tightened from /^[a-zA-Z0-9]+$/ to the same 10-char /^(?=.*[A-Z])(?=.*[0-9])[A-Z0-9]{10}$/ the other flows use. Invalid rows get red .error highlighting like updateReview(). 2. MPE input auto-uppercases and strips non-[A-Z0-9] on keystroke, matching the editor/update inputs. maxlength also dropped from 20 to 10 to reflect the real format. 3. Language switching mid-flow now re-renders the delete review table (dstep2) and the delete-instructions preview (dstep3) — previously only the main editor step2 and deploy step3 were re-rendered on language switch. Also fills 31 missing delete-related i18n keys across ko/ja/zh/id/th/vi (previously all fell through to English) and defines rv_enabled which was referenced in deleteReview() but never in TRANSLATIONS. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
New fourth configurator mode — Delete existing deployment. Generates
delete.shthat cleanly removes MAP Auto-Tagger deployments in the selected region. MINOR bump; runtime YAML byte-identical to v20.5.4 except for four version stamps.Implements items 2, 4, 5, 6, 8 of Jin's Wave-0 scope (aws-samples PR #27). Items 1 and 3 already shipped as PRs #47 and #48a; item 7 N/A on current main.
Flow
Three steps: Configure → Review → Download (same pattern as Deploy / Editor / Upgrade tabs).
Default: delete every
map-auto-tagger-mig*Stack and StackSet in the region. Opt-in checkbox scopes to specific MPE(s).Output filename:
delete-all.shby defaultdelete-<mpe>-<mpe>.shwhen scopedConfirmation: type
DELETE(uppercase) — works for both paths.Script behavior
map-auto-tagger-mig*Stacks and StackSets in regiondelete-stack-instancesin parallel (100% tolerance), 30-min wait ceiling, thendelete-stack-setdelete-stack+wait stack-delete-completeauto-map-tagger-\${ACCOUNT}: auto-decided — retained if any othermap-auto-tagger-mig*deployment remains in the region (sibling-safe), deleted otherwisemap-migratedtags on AWS resources (MAP credits remain intact), StackSet admin/execution IAM roles (shared org scaffolding)map-auto-tagger-mig*match and an unnamespacedmap-auto-taggerstack exists, emits manual-delete instructions instead of silent exit (same pattern as upgrade.sh v20.5.4)Accepted limits
Follow-ups tracked
^mig[a-zA-Z0-9]+$(matches Lambda runtime). Will tighten to^mig[a-z0-9]{10}$when H6 product call lands repo-wide.ui_mode_delete_title,ui_delete_*,err_delete_*); 7 non-English locales fall back to English via existingt()behavior. Translation follow-up (same pattern asui_update_confirm_risk/ui_upgrade_*).Supersedes
Jin's PR #27 (commits
b034c93adding destroy-flow +a392cearenaming destroy→delete). Re-anchored against post-#33/#35/#37/#38/#44 main; uppercaseDELETEconfirmation (item 8); permissive MPE regex to match Lambda; legacy-stack probe added.Test plan
delete-alland scoped). Rendered scripts passbash -n.delete-all.sh) → scope-to-MPE path (confirm filename includes MPEs)Test delete.sh generation and executionto the harnessCo-authored-by: Jin Shan Ng (aws-samples PR #27 Wave-0 scope).
🤖 Generated with Claude Code