fix(e2e): CP DELETE /cp/admin/tenants body uses 'confirm', not 'confirm_token'

Verified against live staging: the admin endpoint returns 400 'confirm field must equal the URL slug' when the body key is 'confirm_token'. Every workflow's safety-net teardown step + the main harness + the Playwright teardown all had the wrong key. Fixed all six call sites. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 04:50:28 -07:00 · 2026-04-21 04:50:28 -07:00 · 6bd674e412
commit 6bd674e412
parent d7193dfa34
6 changed files with 6 additions and 6 deletions
--- a/.github/workflows/canary-staging.yml
+++ b/.github/workflows/canary-staging.yml
@ -148,6 +148,6 @@ jobs:
            curl -sS -X DELETE "$MOLECULE_CP_URL/cp/admin/tenants/$slug" \
              -H "Authorization: Bearer $ADMIN_TOKEN" \
              -H "Content-Type: application/json" \
-              -d "{\"confirm_token\":\"$slug\"}" >/dev/null || true
+              -d "{\"confirm\":\"$slug\"}" >/dev/null || true
          done
          exit 0
--- a/.github/workflows/e2e-staging-canvas.yml
+++ b/.github/workflows/e2e-staging-canvas.yml
@ -111,6 +111,6 @@ jobs:
            curl -sS -X DELETE "$MOLECULE_CP_URL/cp/admin/tenants/$slug" \
              -H "Authorization: Bearer $ADMIN_TOKEN" \
              -H "Content-Type: application/json" \
-              -d "{\"confirm_token\":\"$slug\"}" >/dev/null || true
+              -d "{\"confirm\":\"$slug\"}" >/dev/null || true
          done
          exit 0
--- a/.github/workflows/e2e-staging-saas.yml
+++ b/.github/workflows/e2e-staging-saas.yml
@ -138,6 +138,6 @@ jobs:
            curl -sS -X DELETE "$MOLECULE_CP_URL/cp/admin/tenants/$slug" \
              -H "Authorization: Bearer $ADMIN_TOKEN" \
              -H "Content-Type: application/json" \
-              -d "{\"confirm_token\":\"$slug\"}" >/dev/null || true
+              -d "{\"confirm\":\"$slug\"}" >/dev/null || true
          done
          exit 0
--- a/.github/workflows/e2e-staging-sanity.yml
+++ b/.github/workflows/e2e-staging-sanity.yml
@ -147,6 +147,6 @@ jobs:
            curl -sS -X DELETE "$MOLECULE_CP_URL/cp/admin/tenants/$slug" \
              -H "Authorization: Bearer $ADMIN_TOKEN" \
              -H "Content-Type: application/json" \
-              -d "{\"confirm_token\":\"$slug\"}" >/dev/null || true
+              -d "{\"confirm\":\"$slug\"}" >/dev/null || true
          done
          exit 0
--- a/canvas/e2e/staging-teardown.ts
+++ b/canvas/e2e/staging-teardown.ts
@ -45,7 +45,7 @@ export default async function globalTeardown(): Promise<void> {
        Authorization: `Bearer ${ADMIN_TOKEN}`,
        "Content-Type": "application/json",
      },
-      body: JSON.stringify({ confirm_token: slug }),
+      body: JSON.stringify({ confirm: slug }),
    });
    if (res.ok) {
      console.log(`[staging-teardown] ${slug} deleted`);
--- a/tests/e2e/test_staging_full_saas.sh
+++ b/tests/e2e/test_staging_full_saas.sh
@ -84,7 +84,7 @@ cleanup_org() {
  curl "${CURL_COMMON[@]}" -X DELETE "$CP_URL/cp/admin/tenants/$SLUG" \
    -H "Authorization: Bearer $ADMIN_TOKEN" \
    -H "Content-Type: application/json" \
-    -d "{\"confirm_token\":\"$SLUG\"}" >/dev/null 2>&1 \
+    -d "{\"confirm\":\"$SLUG\"}" >/dev/null 2>&1 \
    && ok "Teardown request accepted" \
    || log "Teardown returned non-2xx (may already be gone)"