feat(#653): Phase 2 — strip AWS SDK from codebuild + EKS backends#659
Merged
Conversation
Force-cutover of 6 AWS IaC modules to workflow-plugin-aws v0.2.0. Key divergence from #617: cloud_account_aws.go stays (AWSConfigProvider used by Phase 2 out-of-scope files). platform.dns module type stays; only Route53 backend is removed. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Fixes: infra.autoscaling_group missing from core (C-1), platform.dns validate-path guard gap (C-2), step count 15 not 16 (I-1), example/go.mod tidy + grep gate (I-2), platform.dns schema description stale (I-3), T1 file list ambiguity (m-1), T2 backend alternative justification (m-2), T3 DNS row keep/remove clarity (m-3). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add module/app_container.go as partial-edit target in T1: move ECSContainer struct in from platform_ecs.go, remove case *PlatformECS type switch branch, update default error message. - Record cycle 2 findings in adversarial review history. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…ix refinement) After removing case *PlatformECS, all ECS-specific structs and methods in app_container.go become dead code. Design updated to remove them entirely rather than leave dead code in place. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Fix schema: infra.autoscaling_group auto-generated from infraTypes, no manual module_schema.go entry needed. - Add app_container.go comment lines to string-update list. - Record cycle 3 PASS in adversarial review history. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
6 tasks, single PR. Covers: - T1: delete 14 files + app_container.go C-3 fix + regression gate - T2: replace Route53 backend with migration error stub - T3: strip registration sites + add infra.autoscaling_group - T4: internal/legacyaws + migration errors in engine + wfctl - T5: modernize legacy-aws-types rule + migration doc - T6: go mod tidy + CI grep gate Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…cycle 1) - T2: Init() succeeds for provider:aws (factory returns struct not error); migration error fires at Plan() time — fix test to call m.Plan() not m.Init(); fix mock import (module.NewMockApplication not mock.); remove deleted Route53 tests from file list - T4: replace nonexistent minimalConfigWithModule() with newIsolatedEngine(t) + config.WorkflowConfig pattern from engine_legacy_do_migration_test.go; fix package (workflow not workflow_test); fix Create() call to 4-arg signature; add PluginLoaded variant mirroring DO test Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- T5 test used nonexistent findRule/check/fix helpers and wrong package (modernize_test); actual pattern is package modernize, direct legacyAWSRule() call, yaml.Unmarshal + rule.Check/Fix — mirrors legacy_do_rule_test.go exactly - Remove duplicate "Add to pipeline step registry tests" paragraph - Fix yaml.Marshal round-trip in Fix test to match actual pattern Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Remove platform.ecs, platform.networking, platform.apigateway, platform.autoscaling module types and their 15 step types (ecs/apigw/scaling/network) from all registration sites: plugins/platform, schema/schema.go, schema/module_schema.go, schema/step_schema_builtins.go, cmd/wfctl/type_registry.go. Add infra.autoscaling_group to plugins/infra and type_registry.go. Update DOCUMENTATION.md with AWS IaC removal notice + infra.autoscaling_group row. Fix multi_region.go error string to reference infra.container_service. Regenerate schema/testdata/editor-schemas.golden.json. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Create internal/legacyaws/types.go mirroring internal/legacydo/types.go. Maps 4 removed module types (platform.ecs/networking/apigateway/autoscaling) and 15 removed step types to their infra.*/step.iac_* successors. RemovedInVersion = v0.53.0. Wire into engine.go, cmd/wfctl/validate.go, cmd/wfctl/ci_validate.go: - extra schema module types list includes legacyaws.ModuleTypes - post-validate sweep checks legacyaws.IsModuleType / IsStepType - actionable FormatModuleError / FormatStepError returned on match Remove 15 legacy step entries from cmd/wfctl/type_registry.go KnownStepTypes(). Tests: engine_legacyaws_test.go (plugin not loaded + plugin loaded branches) + cmd/wfctl/legacy_aws_types_removed_test.go (registry absent + validate/ci_validate paths). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add modernize/legacy_aws_rule.go mirroring legacy_do_rule.go: - ID: legacy-aws-types, Severity: error - Auto-fixes: platform.ecs→infra.container_service, platform.apigateway→infra.api_gateway, platform.autoscaling→infra.autoscaling_group - Flags but does not auto-fix: platform.networking (1→2 split) + all 15 step types (config key shape mismatch: platform + state_store vs legacy service/gateway/scaling keys) - Uses walkTypeNodes helper from legacy_do_rule.go (same package) Register legacyAWSRule() in modernize/modernize.go AllRules() list. Add docs/migrations/v0.53.0-aws-iac-removal.md with full migration recipe (install plugin, modernize, add provider, manual rewrites for networking + steps). Tests: TestLegacyAWSRule_Rewrites (3 auto-fixable types) + TestLegacyAWSRule_GapTypesFlaggedNotRewritten (networking + 6 step types). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
go mod tidy drops 3 freed AWS SDK packages: - service/apigatewayv2 (was platform.apigateway) - service/applicationautoscaling (was platform.autoscaling) - service/route53 (was platform.dns Route53 backend) Also tidy example/go.mod. Add aws-sdk-banned CI job to .github/workflows/ci.yml mirroring the godo-banned job: grep-gates both *.go imports and go.mod entries for the three freed service paths, excluding aws_absent_test.go. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
TestModernizeAllRulesRegistered: expected 9 rules → 10 (add legacy-aws-types). TestKnownStepTypesPopulated: remove 15 legacy AWS step entries from expected list (step.ecs_*/step.network_*/step.apigw_*/step.scaling_* all removed from KnownStepTypes). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Adversarial review PASS (2 cycles). 4-file disposition: - codebuild.go: strip codebuildAWSBackend → codebuildAWSErrorBackend - platform_kubernetes_kind.go: strip eksBackend → eksErrorBackend - pipeline_step_s3_upload.go: exempt (no go.mod win, useful utility step) - nosql_dynamodb.go: exempt (no real SDK import, only in doc comment) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Fix: serial-dependency warning on Task 3, test fail-mode description, errors import fate stated explicitly, rollback notes on T1+T2, PR base branch corrected to main, .claire typo fixed. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Strip aws-sdk-go-v2/service/codebuild from workflow core. Real AWS backend replaced by codebuildAWSErrorBackend that returns a helpful migration error directing users to workflow-plugin-aws. Mock backend unchanged. Rollback: git revert HEAD; go mod tidy to restore SDK imports.
Strip aws-sdk-go-v2/service/eks from workflow core. Real EKS backend replaced by eksErrorBackend that returns a helpful migration error directing users to workflow-plugin-aws. GKE and AKS backends unchanged. Rollback: git revert HEAD; go mod tidy to restore SDK imports.
go mod tidy drops service/codebuild (zero remaining importers) from go.mod and example/go.mod. service/eks remains (provider/aws/* are legitimate IaC importers). Extend aws-sdk-banned CI gate to module/ scope with codebuild and eks banned packages. Add codebuild + eks to aws_absent_test.go freed slice. CI grep gate scoped to module/ only so IaC provider paths are exempt.
Contributor
There was a problem hiding this comment.
Pull request overview
Phase 2 of issue #653 continues the AWS SDK removal from workflow core. It replaces the real codebuildAWSBackend and eksBackend implementations with thin error backends (codebuildAWSErrorBackend, eksErrorBackend) that surface actionable migration errors directing users to workflow-plugin-aws, drops the now-unused aws-sdk-go-v2/service/codebuild dependency from go.mod/example/go.mod, and extends the CI aws-sdk-banned gate to cover service/codebuild and service/eks in module/.
Changes:
- Replace
codebuildAWSBackendwithcodebuildAWSErrorBackend(and adjust tests) so theaws.codebuildmock backend stays functional but real AWS calls return a migration error. - Replace
eksBackendwitheksErrorBackendinplatform_kubernetes_kind.go; rewrite EKS tests to assert the migration error. - Drop
service/codebuildfromgo.mod/example/go.mod, extend theaws-sdk-bannedCI grep, and addservice/codebuild+service/eksto theaws_absent_test.gofreed list.
Reviewed changes
Copilot reviewed 56 out of 58 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| module/codebuild.go | Strips AWS SDK imports; replaces real backend with error stub returning migration error. |
| module/codebuild_test.go | Adds TestCodeBuildAWSBackendMigrationError; the test calls CreateProject() twice (nit). |
| module/platform_kubernetes_kind.go | Removes EKS SDK imports; replaces eksBackend with eksErrorBackend. |
| module/platform_kubernetes_test.go | Replaces stale EKS stub tests with migration-error assertion. |
| module/aws_absent_test.go | Adds service/codebuild and service/eks to the freed-imports list. |
| .github/workflows/ci.yml | Extends the AWS SDK ban grep gate to module/; note service/eks is intentionally omitted from the go.mod grep. |
| go.mod, go.sum, example/go.mod, example/go.sum | Drop service/codebuild (and example-only transitive entries). |
Note: many other files shown in the diff (platform_dns_backends.go, platform_ecs_test.go, platform_networking_test.go, platform_autoscaling*.go, pipeline_step_apigateway.go, schema/registry deletions, modernize rule, migration docs, etc.) are Phase 1 content from the base branch, not new in this Phase 2 PR.
…dd ci.yml go.mod gate comment - codebuild_test.go: capture CreateProject() error into variable on first call; reuse for nil-check and .Error() to avoid redundant call and subtle correctness assumption that both calls return identical messages. - ci.yml: add comment on go.mod grep gate explaining why service/eks is omitted (platform/ and provider/ have legitimate callers not yet migrated in Phase 2); prevents future confusion during Phase 3 migration. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- schema/schema.go: remove blank lines left from step.network_* and step.scaling_* removals in coreModuleTypes slice (stylistic clutter). - module/aws_absent_test.go: log parse errors via t.Logf instead of silently discarding with _ so that syntax errors in source files are visible during test runs. - .github/workflows/ci.yml: broaden first grep gate from module/ to full repo for fully-removed packages; add separate gate for service/eks that excludes only platform/ and provider/ (the two legitimate locations), catching any new eks imports in cmd/, iac/, plugin/, etc. - module/platform_kubernetes.go: remove dead helper safeIntToInt32 (was only called by the old eksBackend, now deleted) and its math import. - module/cloud_account_aws.go: remove dead helpers awsProviderFrom and parseStringSlice (also only called by the old eksBackend). Build verified: GOWORK=off go build ./... passes with no errors. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Resolves merge conflicts from Phase 1 PR #657 merging into main: - ci.yml: incorporate main's --exclude-dir flags for worktree paths while keeping Phase 2's broader repo scope + service/eks split gate. - schema/schema.go: keep blank-line removals from Phase 2 review fixes. - module/aws_absent_test.go: keep Phase 2's codebuild+eks freed additions + the parseErr t.Logf improvement from round-2 review. - example/go.mod + go.sum: go mod tidy after reconciling; service/codebuild absent (no importers), service/eks absent from example (transitively included via main module which still imports it via platform/provider). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
⏱ Benchmark Results✅ No significant performance regressions detected. benchstat comparison (baseline → PR)
|
4 tasks
intel352
added a commit
that referenced
this pull request
May 13, 2026
…EKS strip) (#660) Scored 5 design + 6 plan adversarial-review findings (all resolved upfront); 7 gate misses with specific plan/design checklist fix ideas. Pattern strength sufficient to ship 2 plugin-level follow-ups (lint/line-hygiene on derived test files — 3rd occurrence; branch-rebased-on-base check at PR creation — 1st occurrence with clear cause); 2 more waiting for one additional retro (dead-helper sweep; method-contract preservation in error-backend stubs).
intel352
added a commit
that referenced
this pull request
May 13, 2026
…EKS strip) (#661) Scored 5 design + 6 plan adversarial-review findings (all resolved upfront); 7 gate misses with specific plan/design checklist fix ideas. Pattern strength sufficient to ship 2 plugin-level follow-ups (lint/line-hygiene on derived test files — 3rd occurrence; branch-rebased-on-base check at PR creation — 1st occurrence with clear cause); 2 more waiting for one additional retro (dead-helper sweep; method-contract preservation in error-backend stubs).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
codebuildAWSBackend(~220 LOC) withcodebuildAWSErrorBackend— error stub directing users toworkflow-plugin-awseksBackend(~225 LOC) witheksErrorBackend— same pattern, same redirectgithub.com/aws/aws-sdk-go-v2/service/codebuildfromgo.modandexample/go.mod(zero remaining importers)aws-sdk-bannedCI gate to coverservice/codebuildandservice/eks; scopes *.go grep tomodule/(IaC provider paths inplatform/andprovider/legitimately importservice/eks)nosql_dynamodb.goandpipeline_step_s3_upload.goleft untouched per design (no real SDK import; no go.mod win)Test plan
TestCodeBuildAWSBackendMigrationError— PASS: migration error mentionsworkflow-plugin-aws,v0.53.0,provider: mockTestPlatformKubernetes_EKSBackendMigrationError— PASS: migration error mentionsworkflow-plugin-aws,v0.53.0,cluster_type: kindTestAWSServicePackagesAbsent— PASS:service/codebuildandservice/eksnot imported inmodule/GOWORK=off go test ./module/... -timeout 120s)GOWORK=off go build ./...)aws-sdk-bannedgrep gates pass (verified locally)service/codebuildabsent fromgo.modandexample/go.mod(verified bygo mod tidy)Files changed
module/codebuild.gocodebuildAWSBackendwithcodebuildAWSErrorBackend; drop SDK importsmodule/codebuild_test.goTestCodeBuildAWSBackendMigrationErrormodule/platform_kubernetes_kind.goeksBackendwitheksErrorBackend; drop SDK importsmodule/platform_kubernetes_test.goTestPlatformKubernetes_EKSBackendMigrationErrormodule/aws_absent_test.goservice/codebuild+service/ekstofreedslice.github/workflows/ci.ymlaws-sdk-bannedgate; scope *.go grep tomodule/go.mod,go.sumservice/codebuild(zero importers)example/go.mod,example/go.sumservice/codebuild🤖 Generated with Claude Code