control-tower icon indicating copy to clipboard operation
control-tower copied to clipboard
verified publisher icon EngineerBetter

Should prompt before creation

Open RichardBradley opened this issue 6 years ago • 6 comments

I tried to use "deploy" to update a control-tower CI and got the name wrong. It went ahead and created a new one without prompting for confirmation.

I think it should prompt before doing that.

RichardBradley avatar Aug 28 '19 11:08 RichardBradley

Out of curiosity, were you changing the configuration of the instance, or just updating to the latest version?

DanielJonesEB avatar Aug 28 '19 11:08 DanielJonesEB

I was trying to change the configuration

RichardBradley avatar Aug 28 '19 11:08 RichardBradley

I'm not sure how I feel about this. We could put a prompt in that says something like You're about to deploy a Control Tower named somename on every deploy but this seems somewhat unnecessary. It would only be guarding against the user failing to proofread their previous command. It would be just as easy to misread the name in the prompt imho.

On the other hand we could try putting a prompt in only in the case where you are updating an existing deployment but get the name wrong. In this case I can't think of a way we could distinguish between intentionally deploying with a similar name and accidentally typing the wrong name.

crsimmons avatar Sep 04 '19 13:09 crsimmons

I had similar thoughts @crsimmons. Maybe we could consider introducing an 'alias' like control-tower update that errs if the deployment doesn't already exists, but after that check just invokes the deploy code path?

DanielJonesEB avatar Sep 05 '19 07:09 DanielJonesEB

I think @DanielJonesEB's suggestion of separate "update" and "create" commands is the best. What benefit do you get from having update be the same command as create at present?

Whether or not you separate those two commands, I still think that prompting before the tool creates infrastructure would be more conventional. It might make for a cute demo if you can go from zero to running with a single keypress, but most people expect a confirm prompt before a tool spends money on their behalf.

As one supporting example: terraform always prompts for confirmation before it creates any infrastructure

[prompting] would only be guarding against the user failing to proofread their previous command. It would be just as easy to misread the name in the prompt imho.

It would also guard against users who misunderstood what the tool will do when given a command. In my case, I failed to guess the correct magic incantation to use to update a control tower that a colleague had created, even after reading all the documentation in this repos and checking the names of things in our AWS console.

RichardBradley avatar Sep 07 '19 19:09 RichardBradley

Had a very similar issue. Tried to update an existing deployment but forgot to add the namespace. It basically created a new deployment with a new namespace but with the same deploy name. This then caused TF issues since some resources were changed/updated. A destroy had to be manually done since it conflicted with both namespaces since it was under the same deploy name. Had to basically start from scratch and manually remove everything since the state file had entries from both deployments.

Since it is terraform possibly run a plan then with an accept or something do an apply. :shrug

EnorMOZ avatar Oct 03 '20 00:10 EnorMOZ