feat: add FIS safe run preview

[YoungJinJung]

Summary

Add a safe-run preview to FIS experiment template detail so users can inspect blast radius and safeguards before any future execution support.

Related Issues

Closes #172

Validation

• go test ./internal/services/aws ./internal/app ./internal/domain
• make test
• make build
• git diff --check

Checklist

• Scope is focused
• Branch name follows docs/branch-naming-harness.md
• Documentation harness reviewed (docs/documentation-harness.md)
• README updated if user-facing behavior changed
• Relevant docs/ pages updated if architecture, auth, config, or workflow changed
• Tests/validation included
• Breaking changes documented

Notes

• Template detail now summarizes target groups, actions, active stop conditions, IAM role, selection modes, and blast-radius signals.
• Missing role ARN, missing active stop conditions, broad selection, and unbounded selectors are highlighted as review-required warnings.
• No execution path is added; the preview states the template ID that any future run path must type to confirm.

Summary by CodeRabbit

• New Features

  • Added safe-run preview for FIS experiment templates showing blast-radius summaries, risk levels, target/action/stop-condition counts, confirmation token prompt, and visual warnings.
  • Template detail view now supports scrolling through targets, actions, and stop conditions.

• Documentation

  • Updated README and architecture/project-overview docs to describe expanded FIS flows and safe-run preview details.

• Tests

  • Added unit and UI tests validating safe-run preview logic and safety-warning rendering.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 6c029fa1-001e-4011-94bb-c4e71f682975

📥 Commits

Reviewing files that changed from the base of the PR and between e135910 and 2ae0d93.

📒 Files selected for processing (2)

• internal/services/aws/fis_model.go
• internal/services/aws/fis_test.go

📜 Recent review details

🧰 Additional context used

📓 Path-based instructions (3)

**/*.go

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.go: Use lipgloss for styled TUI output — column-aligned tables with dimmed labels in Go implementation files
Implement scroll windowing with formula: visibleLines := max(m.height-N, 5) in Go TUI implementation

Files:

• internal/services/aws/fis_test.go
• internal/services/aws/fis_model.go

---

⚙️ CodeRabbit configuration file

**/*.go: For Go reviews, look beyond compilation and prioritize nil pointer risks,
context propagation, AWS SDK pagination, error wrapping, deterministic
sorting, and stable table/detail rendering. For new AWS service work,
verify that repository interfaces, model mapping, app integration, and
tests are updated together.

Files:

• internal/services/aws/fis_test.go
• internal/services/aws/fis_model.go

**/*_test.go

📄 CodeRabbit inference engine (CLAUDE.md)

Tests use mock client interfaces (see rds_test.go pattern) in Go test files

Files:

• internal/services/aws/fis_test.go

---

⚙️ CodeRabbit configuration file

**/*_test.go: Check that tests cover API errors, mapping edge cases, and navigation
state transitions, not only happy paths. Prefer mock-based tests that do
not depend on external AWS calls.

Files:

• internal/services/aws/fis_test.go

internal/services/aws/**

⚙️ CodeRabbit configuration file

internal/services/aws/**: For AWS integration code, focus on SDK client interface mockability,
paginator usage, nil/empty response handling, AWS pointer conversion,
stable list ordering, and user-facing error messages.

Files:

• internal/services/aws/fis_test.go
• internal/services/aws/fis_model.go

🔇 Additional comments (5)

internal/services/aws/fis_model.go (4)

23-36: Safe-run preview model shape and warning helper look good.

The FISSafeRunPreview fields and HasWarnings() helper are clear and aligned with the preview contract.

---

164-212: SafeRunPreview() safety evaluation is solid and deterministic.

Warning derivation is explicit, and sorting keeps output stable for UI/table rendering and tests.

---

249-277: Target blast-radius helpers are well factored.

BlastRadiusSummary(), HasTargetConstraint(), and IsBroadSelection() keep safety logic readable and reusable.

---

343-346: IsNone() now correctly handles blank stop-condition sources.

This fixes inactive stop-condition detection for whitespace/empty source values.

internal/services/aws/fis_test.go (1)

160-247: New safe-run preview tests provide good risk-path coverage.

These tests validate both guarded vs review-required outcomes and the blank/none stop-condition behavior that drives safety warnings.

---

Walkthrough

Adds an FIS Safe Run Preview: a computed FISSafeRunPreview model with risk/warnings and blast-radius summaries, rendered in the template detail UI with updated help and tests, and documented across README, architecture, and project-overview files.

Changes

FIS Safe Run Preview Feature

Layer / File(s)	Summary
Safe Run Preview Model & Validation Logic internal/services/aws/fis_model.go, internal/services/aws/fis_test.go	New FISSafeRunPreview type encapsulates risk level, target/action/stop-condition counts, derived blast-radius summaries, warnings, and confirmation token. FISExperimentTemplate.SafeRunPreview() evaluates template configuration to compute preview, generate warnings for missing IAM role/stop conditions/constraints, detect broad selections, and downgrade risk to "review required" when warnings present. Helper methods on FISTemplateTarget produce blast-radius summaries and detect constraint/broad-selection states; FISTemplateStopCondition.IsNone() identifies disabled conditions. Tests verify "guarded" risk with no warnings and "review required" risk with expected safety-check failures.
Template Detail UI & Interactive Help internal/app/screen_fis.go, internal/app/help.go, internal/app/app_test.go	templateDetailLines() now renders "Safe Run Preview" section with risk indicator (successStyle when no warnings, warningStyle when warnings present), target/action/stop-condition counts, IAM role, selection modes, optional blast-radius summaries, warning/success messaging with per-warning details, and future-execution confirmation token prompt. Help shortcuts updated to document ↑/↓, j/k scrolling through safe-run preview content. Test fixture adds ResourceTags to template target and asserts presence of safe-run-preview UI strings; new test validates safety-warning rendering for broad selection scenario.
Feature Description & Documentation internal/domain/catalog.go, README.md, docs/architecture.en.md, docs/architecture.ko.md, docs/project-overview.en.md, docs/project-overview.ko.md	Feature catalog description updated to emphasize safe-run preview and blast-radius capability. README expanded to document safe-run preview in template/run detail, scrolling through preview content, and Safe Run Preview section contents (blast-radius summary, target selection modes, action/stop-condition counts, IAM role, warnings, and confirmation-token requirement). Architecture and project-overview documentation (English and Korean) updated to list safe-run-preview flows alongside experiment template and history screens in FIS service scope.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 12.50% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title follows the required conventional prefix format with 'feat:' and clearly summarizes the main change of adding FIS safe run preview functionality.
Description check	✅ Passed	The PR description includes all required sections from the template: Summary, Related Issues, Validation, and a comprehensive Checklist with all items checked.
Linked Issues check	✅ Passed	The changes fully meet the acceptance criteria from issue #172: template detail preview includes blast radius/safety controls summary, UI highlights missing safeguards, tests validate preview rendering, and documentation is updated.
Out of Scope Changes check	✅ Passed	All changes are directly related to implementing the FIS safe-run preview feature; no out-of-scope modifications are present.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feature/172-fis-safe-run-preview

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[amazon-q-developer]

Review Complete

This PR successfully implements FIS safe run preview functionality without introducing any defects that block merge. The implementation follows established patterns, includes comprehensive test coverage, and properly handles security considerations for chaos engineering experiments.

Testing Validation:

• ✅ Unit tests cover both guarded and unsafe states
• ✅ Preview logic correctly flags missing safeguards
• ✅ Integration with existing FIS workflow maintains consistency

The feature is ready for merge.

---

You can now have the agent implement changes and create commits directly on your pull request's source branch. Simply comment with /q followed by your request in natural language to ask the agent to make changes.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@internal/services/aws/fis_model.go`:
- Around line 343-345: FISTemplateStopCondition.IsNone currently only treats
"none" as inactive; update it to consider empty/whitespace sources inactive as
well by trimming s.Source and returning true if the trimmed value is empty OR if
strings.EqualFold(trimmed, "none"); adjust the function to use a local trimmed
:= strings.TrimSpace(s.Source) and then return trimmed == "" ||
strings.EqualFold(trimmed, "none") so callers that check IsNone treat blank
sources as inactive.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 65db0ec7-6620-47c8-99d3-77736e8f9ed8

📥 Commits

Reviewing files that changed from the base of the PR and between 02ececc and e135910.

📒 Files selected for processing (11)

• README.md
• docs/architecture.en.md
• docs/architecture.ko.md
• docs/project-overview.en.md
• docs/project-overview.ko.md
• internal/app/app_test.go
• internal/app/help.go
• internal/app/screen_fis.go
• internal/domain/catalog.go
• internal/services/aws/fis_model.go
• internal/services/aws/fis_test.go

📜 Review details

🧰 Additional context used

📓 Path-based instructions (6)

docs/**

⚙️ CodeRabbit configuration file

docs/**: Documentation must match implemented behavior. When both English and
Korean docs are updated, verify that they preserve the same meaning.

Files:

• docs/architecture.en.md
• docs/project-overview.en.md
• docs/architecture.ko.md
• docs/project-overview.ko.md

**/*.go

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.go: Use lipgloss for styled TUI output — column-aligned tables with dimmed labels in Go implementation files
Implement scroll windowing with formula: visibleLines := max(m.height-N, 5) in Go TUI implementation

Files:

• internal/domain/catalog.go
• internal/app/help.go
• internal/app/screen_fis.go
• internal/services/aws/fis_model.go
• internal/services/aws/fis_test.go
• internal/app/app_test.go

---

⚙️ CodeRabbit configuration file

**/*.go: For Go reviews, look beyond compilation and prioritize nil pointer risks,
context propagation, AWS SDK pagination, error wrapping, deterministic
sorting, and stable table/detail rendering. For new AWS service work,
verify that repository interfaces, model mapping, app integration, and
tests are updated together.

Files:

• internal/domain/catalog.go
• internal/app/help.go
• internal/app/screen_fis.go
• internal/services/aws/fis_model.go
• internal/services/aws/fis_test.go
• internal/app/app_test.go

internal/app/**

⚙️ CodeRabbit configuration file

internal/app/**: For Bubble Tea screen changes, verify message routing, key handling,
filter target resets, height-based windowing, help text, and back/home
navigation against the existing screen patterns.

Files:

• internal/app/help.go
• internal/app/screen_fis.go
• internal/app/app_test.go

README.md

📄 CodeRabbit inference engine (CLAUDE.md)

README.md: When adding, modifying, or deleting features, always update README.md in parallel with code changes
Update Currently Implemented Features table in README.md: add new services/features, update status changes (🚧→✅), remove deleted items
Update TUI Key Bindings table in README.md when key bindings are added, changed, or deleted
Update Usage section in README.md when new CLI commands or flags are added
Update Configuration section in README.md when configuration format changes

Files:

• README.md

---

⚙️ CodeRabbit configuration file

README.md: Verify that README changes match actual CLI/TUI behavior and that
Currently Implemented Features, TUI Key Bindings, Usage, and
Configuration content stay aligned with code changes.

Files:

• README.md

internal/services/aws/**

⚙️ CodeRabbit configuration file

internal/services/aws/**: For AWS integration code, focus on SDK client interface mockability,
paginator usage, nil/empty response handling, AWS pointer conversion,
stable list ordering, and user-facing error messages.

Files:

• internal/services/aws/fis_model.go
• internal/services/aws/fis_test.go

**/*_test.go

📄 CodeRabbit inference engine (CLAUDE.md)

Tests use mock client interfaces (see rds_test.go pattern) in Go test files

Files:

• internal/services/aws/fis_test.go
• internal/app/app_test.go

---

⚙️ CodeRabbit configuration file

**/*_test.go: Check that tests cover API errors, mapping edge cases, and navigation
state transitions, not only happy paths. Prefer mock-based tests that do
not depend on external AWS calls.

Files:

• internal/services/aws/fis_test.go
• internal/app/app_test.go

🔇 Additional comments (14)

docs/architecture.ko.md (1)

214-214: FIS screen-family scope update is accurate.

This now explicitly includes the safe-run preview flow and stays consistent with the English architecture doc.

As per coding guidelines, "Documentation must match implemented behavior. When both English and Korean docs are updated, verify that they preserve the same meaning."

internal/domain/catalog.go (1)

113-113: Catalog description now matches the new FIS flow.

The updated feature description reflects safe-run preview plus recent history as intended.

docs/project-overview.ko.md (1)

28-28: Korean scope expansion is consistent and complete.

The FIS safe-run preview and enriched history/detail scope are documented clearly and stay in sync with the English overview.

As per coding guidelines, "Documentation must match implemented behavior. When both English and Korean docs are updated, verify that they preserve the same meaning."

docs/architecture.en.md (1)

214-214: Architecture screen-family update looks correct.

Including safe-run preview in the FIS flow keeps the architecture boundary accurate.

As per coding guidelines, "Documentation must match implemented behavior. When both English and Korean docs are updated, verify that they preserve the same meaning."

docs/project-overview.en.md (1)

28-28: Current Scope update is aligned with the feature behavior.

The FIS description now correctly captures safe-run preview plus richer template/history detail.

As per coding guidelines, "Documentation must match implemented behavior. When both English and Korean docs are updated, verify that they preserve the same meaning."

internal/services/aws/fis_model.go (1)

164-212: Safe-run preview derivation is well-structured and deterministic.

The computed counts/warnings plus sorted target/warning lists make the detail rendering stable and predictable.

Also applies to: 249-277

internal/app/screen_fis.go (1)

494-538: Safe-run preview rendering is integrated cleanly.

The section structure, warning styling, and confirmation-token prompt all align well with the intended safety-review UX.

internal/app/help.go (1)

488-488: Help text update matches the new detail layout.

Including safe-run preview in the scroll guidance keeps keyboard help accurate.

internal/services/aws/fis_test.go (2)

160-192: Good guarded-path safety preview test coverage.

This validates the core “safe” contract (risk level, counts, and no warnings) with deterministic inputs.

As per coding guidelines, **/*_test.go: “Check that tests cover API errors, mapping edge cases, and navigation state transitions, not only happy paths.”

---

194-231: Good unsafe-path warning coverage.

This test exercises multiple independent safety flags and confirms inactive none stop conditions are excluded from active counts.

As per coding guidelines, **/*_test.go: “Check that tests cover API errors, mapping edge cases, and navigation state transitions, not only happy paths.”

internal/app/app_test.go (2)

1148-1169: Safe-run preview happy-path rendering checks are solid.

The assertions now cover the added preview section and key safety summary text in template detail.

As per coding guidelines, internal/app/**: “For Bubble Tea screen changes, verify message routing, key handling, filter target resets, height-based windowing, help text, and back/home navigation against the existing screen patterns.”

---

1171-1194: Safety warning rendering test is strong and focused.

This covers the “review required” state with concrete warning strings plus the future type-to-confirm template ID prompt.

As per coding guidelines, **/*_test.go: “Check that tests cover API errors, mapping edge cases, and navigation state transitions, not only happy paths.”

README.md (2)

347-347: FIS navigation row is aligned with the new template-detail UX.

The key/help wording now clearly reflects safe-run preview visibility and detail scrolling behavior.

As per coding guidelines, README.md: “Verify that README changes match actual CLI/TUI behavior and that Currently Implemented Features, TUI Key Bindings, Usage, and Configuration content stay aligned with code changes.”

---

361-361: FIS feature paragraph accurately documents safety preview semantics.

It captures the blast-radius summary, warning classes, and the future typed template-ID confirmation guard.

As per coding guidelines, README.md: “Update the FIS section of ‘TUI Navigation’ to explicitly describe the new ‘safe-run preview’ ... Also document the safety UX requirement that any future execution path must require the user to type the template ID to confirm.”