Justin S
05/25/2023, 4:40 PM/events
?Justin S
05/25/2023, 4:40 PMrick
05/25/2023, 7:21 PMworkflows:
terraform:
plan:
steps:
- env:
name: AWS_ACCESS_KEY_ID
value: ${{secrets.AWS_ACCESS_KEY_ID}}
- env:
name: AWS_SECRET_ACCESS_KEY
value: ${{secrets.AWS_SECRET_ACCESS_KEY}}
- env:
name: AWS_DEFAULT_REGION
value: ${{secrets.AWS_DEFAULT_REGION}}
- run: echo $AWS_ACCESS_KEY_ID
- init
- plan
version: 3
projects:
- name: project1
dir: all/core/
terraform_version: v0.14.7
workflow: terraform
Prem Kumar Sompura
05/26/2023, 5:59 AMDISABLE APPLY COMMANDS
button? In our org, atlantis is running on internal network so any dev can reach atlantis website and click on this button. How can I remove this from website?Andrew Dionisio
05/26/2023, 1:41 PMatlantis apply
, it doesn’t apply anything and gives you Ran Apply for 0 projects? If I specify the dir and workspace manually, the apply worksJustin S
05/26/2023, 2:34 PMError: Failed to open TCP connection to 10.10.4.139:443 (execution expired)
Justin S
05/26/2023, 2:34 PMJustin S
05/26/2023, 2:43 PM2023/05/18 13:32:44 [warn] 30#30: *6280966 a client request body is buffered to a temporary file /tmp/nginx/client-body/0000000001, client: 10.10.3.51, server: atlantis-ops, request: "POST /events HTTP/1.1", host: "atlantis-ops"
Justin S
05/26/2023, 2:43 PMstreets
05/30/2023, 2:46 PMrepoConfig: |
---
repos:
id: "/.*/"
apply_requirements: [approved, mergeable]
branch: /PS-3422-atlantis/
atlantis-0 atlantis Error: initializing server: parsing /etc/atlantis/repos.yaml file: yaml: unmarshal errors:
JT
05/30/2023, 2:51 PM---
repos:
- id: /.*/
branch: /.*/
allowed_overrides: [workflow]
allow_custom_workflows: true
atlantis.yaml:
version: 3
automerge: true
delete_source_branch_on_merge: true
parallel_plan: true
parallel_apply: true
projects:
- name: 'project-dev'
dir: ./vender/project-dev/project/
workflow: normal
terraform_version: v1.4.5
autoplan:
enabled: true
when_modified: ["**/*.tf"]
workflows:
normal:
plan:
steps:
- init
- plan
- run: echo "FOOBAR"
streets
05/30/2023, 3:27 PMatlantis-0 atlantis {"level":"info","ts":"2023-05-30T15:25:43.779Z","caller":"events/command_runner.go:416","msg":"command was run on a pull request which doesn't match base branches
streets
05/30/2023, 3:27 PMAlberto Rojas
05/30/2023, 3:31 PMfailed to get default conftest version. Will attempt request scoped lazy loads DEFAULT_CONFTEST_VERSION not set
my server side config is: conftest_version: "0.42.1"
streets
05/30/2023, 3:53 PMPS-3422-atlantis
and my server yaml looks like:
repoConfig: |
---
repos:
id: "/.*/"
apply_requirements: [approved, mergeable]
branch: /PS-3422-atlantis/
JT
05/30/2023, 4:12 PMtext file busy
JT
05/30/2023, 6:20 PMautomerge: false
parallel_apply: true
parallel_plan: true
projects:
- autoplan:
enabled: true
when_modified:
- '*.hcl'
- '*.tf*'
- ../../../../terragrunt.hcl
- ../../../modules/project-module/*.tf*
dir: vendor/project/_projectA_-_cluster_/type-_region_
workspace: vendor_project__projectA_-_cluster__type-_region_
workflow: terragrunt
The above works but when I went to overwrite the configuration using the default example for terragrunt, it doesn't work which leads me to believe it's somehow different form what it normally does
workflows:
terragrunt:
plan:
steps:
- env:
name: TERRAGRUNT_TFPATH
command: 'echo "terraform${ATLANTIS_TERRAFORM_VERSION}"'
- env:
# Reduce Terraform suggestion output
name: TF_IN_AUTOMATION
value: 'true'
- run: terragrunt plan -out $PLANFILE
apply:
steps:
- env:
name: TERRAGRUNT_TFPATH
command: 'echo "terraform${ATLANTIS_TERRAFORM_VERSION}"'
- env:
# Reduce Terraform suggestion output
name: TF_IN_AUTOMATION
value: 'true'
- run: terragrunt apply $PLANFILE
Seth Floyd
05/30/2023, 7:20 PMGitHub
05/31/2023, 4:43 AMTomas Mota
06/01/2023, 9:05 AMrepos:
- id: /.*/
apply_requirements: [approved,mergeable,undiverged]
import_requirements: [approved,mergeable,undiverged]
- id: <http://git.mydomain.com/DeveloperPlatform/.*|git.mydomain.com/DeveloperPlatform/.*>
apply_requirements: [mergeable,undiverged]
workflow: packs
delete_source_branch_on_merge: true
policies:
owners:
users:
- tmm
policy_sets:
- name: packs-tests
path: /atlantis-data/policies/pack-tests
source: local
workflows:
packs:
policy_check:
steps:
- policy_check:
extra_args: ["-p", "/atlantis-data/policies/pack-tests"]
Tomas Mota
06/01/2023, 9:06 AMJT
06/01/2023, 3:09 PMMustafa Mujahid
06/01/2023, 3:11 PMstreets
06/01/2023, 6:17 PMBruno Schaatsbergen
06/05/2023, 2:43 PMross strickland
06/05/2023, 4:09 PMJustin S
06/05/2023, 6:48 PMjobs
on the UI as well?
Its strange to me that I can see what is locked, and in Gitlab I can see a job
that shows the TF plan that happened, but no way to get to it from the UI itselfJustin S
06/05/2023, 6:50 PMLuiz Silva
06/05/2023, 8:58 PM1 error occurred:
* error downloading 'repo download message'...
<mailto:git@github.com|git@github.com>: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Here is my python script:
import os
import requests
from github import GithubIntegration
def plan_workflow():
gh_app_id = os.environ['APP_ID_ENV']
gh_app_ssh_key = os.environ['GH_APP_KEY_ENV']
gh_app_installation_id = os.environ['GH_INSTALLATION_ID_ENV']
gh_owner = os.environ['GH_OWNER_ENV']
repo_name = 'reponame'
pr_number = <pull-number>
app = GithubIntegration(gh_app_id, gh_app_ssh_key)
access = app.get_access_token(gh_app_installation_id)
print
headers = {'Authorization': f'Bearer {access.token}'}
url = f'<https://api.github.com/repos/{gh_owner}/{repo_name}/pulls/{pr_number}/files>'
response = requests.get(url, headers=headers)
if response.status_code == 200:
pull_request_data = response.json()
pull_request_paths = [item['filename'] for item in pull_request_data if item['filename'].startswith('terraform') and item['filename'].endswith('main.hcl')]
plan_path = len(pull_request_paths)
for plan_path in pull_request_paths:
os.system(f"terragrunt plan --terragrunt-config ../../atlantis/repos/{gh_owner}/{repo_name}/{pr_number}/default/{plan_path}")
plan_workflow()
How can I use the same private key of the GitHub App to run the plans? I assume that there is a way because the atlantis use the GitHub App to clone the terragrunt declaration repository.
Thanks in advance!
PS: I’m running Atlantis inside of an EKS Clustercpuspellcaster
06/05/2023, 10:31 PMWARNING
As of now, not all custom workflow outputs and other terraform commands are not supported. Support for terragrunt has been added, see examples in Custom Workflows.There was some work on this performed last year, according to this PR I found, but apparently it only works with Terragrunt (?) We're interested in being able to provide the status of Terraform plan/applies to our devs via GitHub and the Atlantis UI, this would be really helpful. simple smile