Conversation
Add build script that reassembles configurator.html from src/ parts. Currently a trivial split (CSS, HTML skeleton, JS monolith) that produces a byte-identical output to the original. This establishes the round-trip verification baseline for subsequent extraction phases.
Split the monolithic JS into separate files: - src/js/i18n/all.js — translations + engine (~2,463 lines) - src/js/services/registry.js — event names, sources, permissions (~185 lines) - src/js/deploy/template-main.js — CFN template generator (~3,113 lines) - src/js/deploy/template-org.js — org/per-account templates (~229 lines) - src/js/deploy/instructions.js — instructions generator (~83 lines) - src/js/deploy/script-deploy.js — deploy.sh generator (~1,084 lines) Build output remains byte-identical to the original.
Split constants (TEMPLATE_VERSION, VERSION_HISTORY, renderVersionHistory) into src/js/constants.js. Remaining flow logic stays in app-pre.js for now — per-flow splitting will be done in a subsequent pass. Current structure: - src/css/styles.css (183 lines) - src/html/configurator.html (964 lines) - src/js/constants.js (345 lines) - src/js/app-pre.js (1,786 lines) — all flow logic - src/js/i18n/all.js (2,463 lines) — translations + engine - src/js/services/registry.js (185 lines) - src/js/deploy/template-main.js (3,113 lines) - src/js/deploy/instructions.js (83 lines) - src/js/deploy/template-org.js (229 lines) - src/js/deploy/script-deploy.js (1,084 lines) - src/js/app-post.js (92 lines) — output/download Build output remains byte-identical to the original.
Split app-pre.js into: - src/js/shared/ui.js (40 lines) — selectMode, step navigation - src/js/editor/editor-flow.js (795 lines) — editor flow - src/js/upgrade/upgrade-flow.js (124 lines) — upgrade flow - src/js/delete/delete-flow.js (408 lines) — delete flow - src/js/deploy/deploy-flow.js (419 lines) — deploy flow UI Output is functionally identical (same byte count, all functions present). Function order differs from the original since the interleaved flows are now grouped by module.
- Split i18n/all.js into 7 locale files + engine.js - Extract Lambda Python handler (2,082 lines) to src/templates/lambda-handler.py - Rename app-post.js → app.js Build output is functionally identical (all functions and i18n keys present, 216 bytes larger due to variable wrapper declarations).
Break the monolithic ALL_EVENT_NAMES/ALL_SOURCES/TAGGING_PERMISSIONS arrays into ~80 per-service files (e.g., ec2.js, rds.js, s3.js). Each file declares its source, events, and permissions. index.js aggregates them into the three flat arrays. Build script auto-discovers service files via directory listing. Adding a new service = drop a new .js file in src/js/services/. Includes README.md documenting the per-service format.
- scripts/verify-build.js — 13 sanity checks on built HTML - tests/unit/services.test.js — 10 tests (service module format, no duplicate sources) - tests/unit/i18n.test.js — 13 tests (locale files, engine functions) - tests/unit/build.test.js — 7 tests (built output completeness) - tests/unit/lambda.test.js — 5 tests (Python handler structure) - vitest.config.js + package.json scripts (build, test, verify) 35 tests, all passing.
- .github/workflows/build.yml — test → build → verify on PRs, auto-commit built output on main - Update generate_deploy_sh.js to use build/configurator.html - Replace root configurator.html with redirect to build/
- template-main.js now uses ${LAMBDA_HANDLER_CODE} placeholder
(3,113 → 1,032 lines; Python lives in src/templates/lambda-handler.py)
- Build script reads .py, indents for YAML, injects into JS bundle
- README updated: paths, Components table, new Development section
- All 35 tests passing, build verification clean
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines
+11
to
+29
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: 20 | ||
| - run: npm ci | ||
| - run: npx vitest run | ||
| - run: node scripts/build.js | ||
| - run: node scripts/verify-build.js | ||
|
|
||
| - name: Commit built configurator.html | ||
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | ||
| run: | | ||
| git config user.name "github-actions[bot]" | ||
| git config user.email "github-actions[bot]@users.noreply.github.com" | ||
| git add build/configurator.html | ||
| git diff --cached --quiet || git commit -m "build: regenerate configurator.html [skip ci]" | ||
| git push |
All lint scripts and workflows now read from build/configurator.html instead of the root (which is now a redirect). Added Node.js setup + build step to 6 lint jobs so the built file exists before linting.
Replace 6 redundant per-job builds with one shared build-configurator job. Lint jobs that need build/configurator.html now declare needs: build-configurator and download the artifact.
E2E workflow now builds configurator.html from src/ before Playwright generates deploy.sh. Ensures E2E always tests the current source, not a potentially stale committed build.
After per-service split, permissions are in individual service module objects rather than a single TAGGING_PERMISSIONS array. Updated sync-check.py to scan the entire built HTML for IAM action patterns instead of searching only within the TAGGING_PERMISSIONS block.
Updated OVERVIEW.md, INSTRUCTIONS.md, LIMITATIONS.md, README.md, VERSIONING.md, and design-reconciliation.md. CHANGELOG.md left unchanged (historical references).
Covers directory layout, build process, and how to add new services, locales, flows, and modify the Lambda handler.
Avoids false editor errors from HTML comments inside style/script tags.
Move build output from build/configurator.html back to the root so customers find it in the same place as before. Delete build/ directory. Updated: build.js, verify-build.js, build.test.js, generate_deploy_sh.js, all lint scripts, all workflows, all docs, .gitignore.
Add scripts/build-yaml.js that calls the same generateMainTemplate() to produce standalone YAML. Accepts --config JSON and --output path. E2E scope tests and deploy-single now generate their own YAML via build-yaml.js instead of deploying map2-auto-tagger-optimized.yaml. Each test bakes its specific config (MPE, VPC IDs, dates) directly. The standalone YAML and sync-check are kept for now — once E2E passes with the new path, they can be removed in a follow-up commit.
Delete map2-auto-tagger-optimized.yaml, sync-check.py, and .github/sync/ (canonical permissions file). All lint jobs now depend on build-configurator and use the generated configurator.yaml. One source of truth (src/), two build outputs (HTML + YAML), zero drift possible.
The download-artifact insertion collided with a checkout step that had fetch-depth: 0, producing two 'with:' blocks on the same step.
- cfn-lint: add -I W to ignore warnings (unused params expected with baked values in generated YAML) - generate_iam.py: load_canonical() now extracts permissions from configurator.yaml instead of the deleted tagging-permissions.txt
Bug 1: AutoTaggerFunction was missing DeadLetterConfig pointing to EventDLQ. Pre-existing gap between standalone YAML and configurator, now fixed in template-main.js. Bug 2: UUID strip regex was lost during lambda-handler.py extraction. StackSet instance stacks have a UUID suffix that must be stripped before comparing MPE IDs in the peer detector.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Brief description of the change and the problem it solves.
Type of change
Testing
Checklist
cfn-lintpasses — checked by CI).github/scripts/resource_groups/for E2E coverageCHANGELOG.mdupdatedCI Notes