Skip to content

Fix/remove mpe length limit#94

Merged
ngjinshan merged 5 commits into
mainfrom
fix/remove-mpe-length-limit
May 11, 2026
Merged

Fix/remove mpe length limit#94
ngjinshan merged 5 commits into
mainfrom
fix/remove-mpe-length-limit

Conversation

@ngjinshan
Copy link
Copy Markdown
Collaborator

@ngjinshan ngjinshan commented May 11, 2026

Description

Brief description of the change and the problem it solves.

Type of change

  • Bug fix
  • New resource type support
  • Security improvement
  • Documentation update

Testing

  • Tested end-to-end in a real AWS account (or CI E2E will cover this)
  • No false positives observed
  • CloudWatch logs reviewed for errors

Checklist

  • CloudFormation template is valid (cfn-lint passes — checked by CI)
  • IAM permissions follow least-privilege (only tag actions added)
  • If adding a new service handler: corresponding resource added to .github/scripts/resource_groups/ for E2E coverage
  • CHANGELOG.md updated

CI Notes

Layer 1 (lint) runs immediately on every PR — ~1 min.
Layer 2 (E2E) runs when configurator.yaml or configurator.html changes — ~37 min across 7 AWS accounts. No AWS credentials needed.
If Layer 2 fails, download verification-report.json from the Actions run for details.

ngjinshan added 4 commits May 10, 2026 22:20
@ngjinshan
fix: remove CloudFormation stack tagging (causes cascade failures)
65df6ed 
Remove CreateStack/CreateStackSet events and cloudformation:TagResource/
UpdateStack/UpdateStackSet permissions. CloudFormation stacks are not
MAP-eligible resources, and tagging them causes CFN to propagate tags
to child resources — triggering UPDATE_ROLLBACK_FAILED on unrelated
stacks when the tagger role lacks Describe permissions on those children.

DescribeStacks and ListStacks retained for peer-tagger detection.
@ngjinshan
docs: replace MAP_Included_Services_List.pdf with MAP_included.md
7b1e30c
@ngjinshan
fix(ui): Remove 10-character limit on MPE ID input fields
eecedbe 
The MPE ID input was restricted to exactly 10 characters across the
Editor, Upgrade, and Delete flows. Real MPE IDs can be 1–44 characters
(the deploy flow already allowed this). Align all flows to accept
1–44 chars with the same validation: uppercase A–Z and 0–9, at least
one letter and one digit.

Updated: regex validators, HTML maxlength attributes, error messages
across all 7 i18n locales.
@ngjinshan
fix(template): Remove explicit AutoTaggerLogGroup resource
10dc81e 
Prevents AlreadyExists error during upgrade. When upgrading from an
older template that lacked this resource, the Lambda has already run
and CloudWatch auto-created the log group. CFN then fails trying to
create a resource that already exists.

Same fix as PreflightLogGroup (v21.0.7). The Lambda already has
logs:CreateLogGroup permission; CloudWatch handles log group creation
automatically.
@ngjinshan ngjinshan requested a review from hyunsies as a code owner May 11, 2026 02:19
@ngjinshan ngjinshan merged commit bcd4bd3 into main May 11, 2026
20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hyunsies hyunsies Awaiting requested review from hyunsies hyunsies is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ngjinshan