Skip to content

Deprecate "teardown infrastructure" GitHub workflow#802

Merged
forstmeier merged 2 commits intomasterfrom
deprecate-teardown-infrastructure-workflow
Mar 25, 2026
Merged

Deprecate "teardown infrastructure" GitHub workflow#802
forstmeier merged 2 commits intomasterfrom
deprecate-teardown-infrastructure-workflow

Conversation

@forstmeier
Copy link
Copy Markdown
Collaborator

@forstmeier forstmeier commented Mar 22, 2026

Overview

Changes

  • remove "teardown infrastructure" GitHub workflow

Context

I'd rather just get rid of it to avoid accidental teardowns.

Summary by CodeRabbit

  • Chores
    • Removed the manual GitHub Actions workflow that was used for infrastructure teardown operations.

Copilot AI review requested due to automatic review settings March 22, 2026 02:45
@github-project-automation github-project-automation Bot moved this to In Progress in Overview Mar 22, 2026
@github-actions github-actions Bot requested a review from chrisaddy March 22, 2026 02:45
@github-actions github-actions Bot added the yaml YAML code updates label Mar 22, 2026
@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented Mar 22, 2026

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 3a5ee2b3-f2ae-4b75-b957-3fdec536cc4e

📥 Commits

Reviewing files that changed from the base of the PR and between eab3c93 and 5e203a8.

📒 Files selected for processing (1)
  • .github/workflows/teardown_infrastructure.yaml
💤 Files with no reviewable changes (1)
  • .github/workflows/teardown_infrastructure.yaml

📝 Walkthrough

Walkthrough

Removed the GitHub Actions workflow file for manual infrastructure teardown that previously allowed operators to trigger Pulumi infrastructure stack teardown with AWS credential configuration and Flox environment activation.

Changes

Cohort / File(s) Summary
Infrastructure Teardown Workflow Removal
.github/workflows/teardown_infrastructure.yaml
Deleted entire GitHub Actions workflow that provided manual infrastructure teardown via workflow_dispatch, including AWS credential assumption, Flox setup, and Pulumi stack teardown execution.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the main change: removal of the teardown infrastructure GitHub workflow to prevent accidental teardowns.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch deprecate-teardown-infrastructure-workflow

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps Bot commented Mar 22, 2026

Greptile Summary

This PR removes the manually-triggered (workflow_dispatch) GitHub Actions workflow responsible for tearing down the Pulumi-managed AWS infrastructure. The author's stated motivation — preventing accidental teardowns — is a sound operational safety reason for the deletion.

  • The deleted workflow had no scheduled trigger; it was purely manual, so no automation is broken by its removal.
  • All referenced secrets (AWS_IAM_INFRASTRUCTURE_ROLE_ARN, AWS_REGION, PULUMI_ACCESS_TOKEN) are only consumed by this workflow, so no other workflows are affected.
  • No code, configuration, or documentation files outside of .github/workflows/ are touched.

No issues found — this is a clean, intentional deletion.

Confidence Score: 5/5

  • Safe to merge — deleting a manual-only workflow carries no risk of breaking existing automation.
  • Single-file deletion of a workflow_dispatch-only workflow. No scheduled jobs, no downstream dependencies, and the stated motivation (avoiding accidental teardowns) is a legitimate operational concern. No issues were found.
  • No files require special attention.

Important Files Changed

Filename Overview
.github/workflows/teardown_infrastructure.yaml Deleted the manual workflow_dispatch-triggered workflow that ran mask infrastructure stack down via Pulumi. Clean removal with no side effects.

Reviews (2): Last reviewed commit: "Merge branch 'master' into deprecate-tea..." | Re-trigger Greptile

Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Removes the manually-triggered GitHub Actions workflow that tears down infrastructure to reduce the risk of accidental destructive runs.

Changes:

  • Delete .github/workflows/teardown_infrastructure.yaml workflow.
Comments suppressed due to low confidence (1)

.github/workflows/teardown_infrastructure.yaml:1

  • Deleting this workflow removes it from GitHub Actions, but Pulumi production config still lists teardown_infrastructure.yaml under fund:githubWorkflowFiles (used to build the OIDC workflow ref allowlist). That leaves stale/extra IAM trust permissions for a workflow that no longer exists and makes it easy to re-enable teardown by re-adding the file without an infra change. Remove this filename from the Pulumi config (and/or update the allowlist source) as part of the deprecation/removal.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@forstmeier forstmeier merged commit e378255 into master Mar 25, 2026
12 checks passed
@forstmeier forstmeier deleted the deprecate-teardown-infrastructure-workflow branch March 25, 2026 01:14
@github-project-automation github-project-automation Bot moved this from In Progress to Done in Overview Mar 25, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

yaml YAML code updates

Projects

Archived in project

Development

Successfully merging this pull request may close these issues.

2 participants