flip_api.scripts.delete_trust

Hard-delete a single trust on the hub (deploy-time CLI).

Removes the trust row entirely so the slot can be UI-re-registered cleanly (name free, FL kit slot free, no archived row left behind). Handles the trust.id FK landscape explicitly — the schema has nine tables that reference trust.id and none of them declare ON DELETE CASCADE, so a naive session.delete(trust) would fail with a foreign-key violation. This script clears each dependent table in the right order before deleting the trust row.

Dependent tables (from flip_api.db.models.main_models):

Table | FK field | Strategy |

|--------------------------|—————————|-----------------| | fl_kit_slot | assigned_to_trust_id | NULL the FK | | fl_job_trust | trust_id (PK part) | DELETE rows | | fl_metrics | trust (NOT NULL) | DELETE rows | | fl_logs | trust (nullable) | DELETE rows | | model_trust_intersect | trust_id (nullable) | DELETE rows | | project_trust_intersect | trust_id (nullable) | DELETE rows | | query_result | trust_id (nullable) | DELETE rows | | trust_task | trust_id (NOT NULL) | DELETE rows | | xnat_project_status | trust_id (nullable) | DELETE rows |

For the nullable FKs we could either NULL or DELETE — DELETE makes the intent clearer (a metric/log/result tied to a now-gone trust serves no purpose and would orphan stats in the UI). The fl_kit_slot row is the exception: NULL’ing reclaims the slot for future registrations, which is the whole point of the delete.

Contract:

  • stdout — a single JSON object:

    • status: "deleted" — hard-delete succeeded. Includes trust_id, name, freed_fl_kit_slot, and a dependent_rows_deleted dict summarising the cascade.

    • status: "not_found" — no trust with that name; nothing to do. Includes name.

  • stderr — human-readable logging.

  • Exit code 0 on either status; non-zero only on argument errors or unexpected exceptions (e.g. an FK we haven’t accounted for).

Invoked by deploy/providers/AWS/scripts/delete-trust.sh as a one-off ECS task (mirrors the register-trusts.sh pattern). For local dev: docker compose exec flip-api uv run python -m flip_api.scripts.delete_trust --name <slot>.

Attributes

_DEPENDENT_TABLES

Functions

delete_one_trust(→ dict[str, Any])

Hard-delete a trust by name. Cascades through dependent tables.

main(→ None)

CLI entry point: hard-delete one trust, emit its status JSON to stdout.

Module Contents

flip_api.scripts.delete_trust._DEPENDENT_TABLES: tuple[tuple[type, str], Ellipsis]
flip_api.scripts.delete_trust.delete_one_trust(name: str, session: sqlmodel.Session) dict[str, Any]

Hard-delete a trust by name. Cascades through dependent tables.

Parameters:

  • name (str) – Trust display name (matches trust.name exactly).

  • session (Session) – SQLModel session.

Returns:

{"status": "deleted", ...} on success or {"status": "not_found", "name": name} when there’s nothing to delete.

Return type:

dict[str, Any]

flip_api.scripts.delete_trust.main() None

CLI entry point: hard-delete one trust, emit its status JSON to stdout.