Documentation ¶
Index ¶
- Variables
- type ArgCount
- type Context
- type DefaultTeamAllowlistChecker
- func (checker *DefaultTeamAllowlistChecker) HasRules() bool
- func (checker *DefaultTeamAllowlistChecker) IsCommandAllowedForAnyTeam(ctx models.TeamAllowlistCheckerContext, teams []string, command string) bool
- func (checker *DefaultTeamAllowlistChecker) IsCommandAllowedForTeam(_ models.TeamAllowlistCheckerContext, team string, command string) bool
- type Lock
- type LockMetadata
- type Name
- type ProjectContext
- type ProjectResult
- type ProjectScopeTags
- type Result
- type TeamAllowlistChecker
- type Trigger
Constants ¶
This section is empty.
Variables ¶
var AllCommentCommands = []Name{ Version, Plan, Apply, Unlock, ApprovePolicies, Import, State, }
AllCommentCommands are list of commands that can be run from a comment.
Functions ¶
This section is empty.
Types ¶
type ArgCount ¶ added in v0.23.0
func (ArgCount) IsMatchCount ¶ added in v0.23.0
IsMatchCount returns true if the number of arguments matches the requirement
type Context ¶
type Context struct { // HeadRepo is the repository that is getting merged into the BaseRepo. // If the pull request branch is from the same repository then HeadRepo will // be the same as BaseRepo. // See https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges HeadRepo models.Repo Pull models.PullRequest Scope tally.Scope // User is the user that triggered this command. User models.User Log logging.SimpleLogging // Current PR state PullRequestStatus models.PullReqStatus PullStatus *models.PullStatus // PolicySet is the policy set to target (if specified) for the approve_policies command. PolicySet string // ClearPolicyApproval is true if approval should be cleared on specified policies. ClearPolicyApproval bool Trigger Trigger // API is true if plan/apply by API endpoints API bool // TeamAllowlistChecker is used to check authorization on a project-level TeamAllowlistChecker TeamAllowlistChecker }
Context represents the context of a command that should be executed for a pull request.
type DefaultTeamAllowlistChecker ¶ added in v0.30.0
type DefaultTeamAllowlistChecker struct {
// contains filtered or unexported fields
}
DefaultTeamAllowlistChecker implements checking the teams and the operations that the members of a particular team are allowed to perform
func NewTeamAllowlistChecker ¶ added in v0.30.0
func NewTeamAllowlistChecker(allowlist string) (*DefaultTeamAllowlistChecker, error)
NewTeamAllowlistChecker constructs a new checker
func (*DefaultTeamAllowlistChecker) HasRules ¶ added in v0.30.0
func (checker *DefaultTeamAllowlistChecker) HasRules() bool
func (*DefaultTeamAllowlistChecker) IsCommandAllowedForAnyTeam ¶ added in v0.30.0
func (checker *DefaultTeamAllowlistChecker) IsCommandAllowedForAnyTeam(ctx models.TeamAllowlistCheckerContext, teams []string, command string) bool
IsCommandAllowedForAnyTeam returns true if any of the teams is allowed to execute the command and false otherwise.
func (*DefaultTeamAllowlistChecker) IsCommandAllowedForTeam ¶ added in v0.30.0
func (checker *DefaultTeamAllowlistChecker) IsCommandAllowedForTeam(_ models.TeamAllowlistCheckerContext, team string, command string) bool
IsCommandAllowedForTeam returns true if the team is allowed to execute the command and false otherwise.
type Lock ¶
type Lock struct { // Time is the time at which the lock was first created. LockMetadata LockMetadata CommandName Name }
Lock represents a global lock for an atlantis command (plan, apply, policy_check). It is used to prevent commands from being executed
type LockMetadata ¶
type LockMetadata struct {
UnixTime int64
}
LockMetadata contains additional data provided to the lock
type Name ¶
type Name int
Name is which command to run.
const ( // Apply is a command to run terraform apply. Apply Name = iota // Plan is a command to run terraform plan. Plan // Unlock is a command to discard previous plans as well as the atlantis locks. Unlock // PolicyCheck is a command to run conftest test. PolicyCheck // ApprovePolicies is a command to approve policies with owner check ApprovePolicies // Autoplan is a command to run terraform plan on PR open/update if autoplan is enabled Autoplan // Version is a command to run terraform version. Version // Import is a command to run terraform import Import // State is a command to run terraform state rm State )
func ParseCommandName ¶ added in v0.22.0
ParseCommandName parses raw name into a command name.
func (Name) CommandArgCount ¶ added in v0.23.0
CommandArgCount returns the number of required arguments for the command
func (Name) DefaultUsage ¶ added in v0.22.0
DefaultUsage returns the command default usage
func (Name) SubCommands ¶ added in v0.23.0
SubCommands returns the list of sub commands for the command
func (Name) TitleString ¶
TitleString returns the string representation in title form. ie. policy_check becomes Policy Check
type ProjectContext ¶
type ProjectContext struct { CommandName Name // ApplyCmd is the command that users should run to apply this plan. If // this is an apply then this will be empty. ApplyCmd string // ApprovePoliciesCmd is the command that users should run to approve policies for this plan. If // this is an apply then this will be empty. ApprovePoliciesCmd string // PlanRequirements is the list of requirements that must be satisfied // before we will run the plan stage. PlanRequirements []string // ApplyRequirements is the list of requirements that must be satisfied // before we will run the apply stage. ApplyRequirements []string // ImportRequirements is the list of requirements that must be satisfied // before we will run the import stage. ImportRequirements []string // AutomergeEnabled is true if automerge is enabled for the repo that this // project is in. AutomergeEnabled bool // ParallelApplyEnabled is true if parallel apply is enabled for this project. ParallelApplyEnabled bool // ParallelPlanEnabled is true if parallel plan is enabled for this project. ParallelPlanEnabled bool // ParallelPolicyCheckEnabled is true if parallel policy_check is enabled for this project. ParallelPolicyCheckEnabled bool // AutoplanEnabled is true if autoplanning is enabled for this project. AutoplanEnabled bool // BaseRepo is the repository that the pull request will be merged into. BaseRepo models.Repo // EscapedCommentArgs are the extra arguments that were added to the atlantis // command, ex. atlantis plan -- -target=resource. We then escape them // by adding a \ before each character so that they can be used within // sh -c safely, i.e. sh -c "terraform plan $(touch bad)". EscapedCommentArgs []string // HeadRepo is the repository that is getting merged into the BaseRepo. // If the pull request branch is from the same repository then HeadRepo will // be the same as BaseRepo. HeadRepo models.Repo // Dependencies are a list of project that this project relies on // their apply status. These projects must be applied first. // // Atlantis uses this information to valid the apply // orders and to warn the user if they're applying a project that // depends on other projects. DependsOn []string // Log is a logger that's been set up for this context. Log logging.SimpleLogging // Scope is the scope for reporting stats setup for this context Scope tally.Scope // PullReqStatus holds state about the PR that requires additional computation outside models.PullRequest PullReqStatus models.PullReqStatus // CurrentProjectPlanStatus is the status of the current project prior to this command. ProjectPlanStatus models.ProjectPlanStatus //PullStatus is the status of the current pull request prior to this command. PullStatus *models.PullStatus // ProjectPolicyStatus is the status of policy sets of the current project prior to this command. ProjectPolicyStatus []models.PolicySetStatus // Pull is the pull request we're responding to. Pull models.PullRequest // ProjectName is the name of the project set in atlantis.yaml. If there was // no name this will be an empty string. ProjectName string // RepoConfigVersion is the version of the repo's atlantis.yaml file. If // there was no file, this will be 0. RepoConfigVersion int // RePlanCmd is the command that users should run to re-plan this project. // If this is an apply then this will be empty. RePlanCmd string // RepoRelDir is the directory of this project relative to the repo root. RepoRelDir string // Steps are the sequence of commands we need to run for this project and this // stage. Steps []valid.Step // TerraformVersion is the version of terraform we should use when executing // commands for this project. This can be set to nil in which case we will // use the default Atlantis terraform version. TerraformVersion *version.Version // Configuration metadata for a given project. User models.User // Verbose is true when the user would like verbose output. Verbose bool // Workspace is the Terraform workspace this project is in. It will always // be set. Workspace string // PolicySets represent the policies that are run on the plan as part of the // policy check stage PolicySets valid.PolicySets // PolicySetTarget describes which policy sets to target on the approve_policies step. PolicySetTarget string // ClearPolicyApproval determines whether policy counts will be incremented or cleared. ClearPolicyApproval bool // DeleteSourceBranchOnMerge will attempt to allow a branch to be deleted when merged (AzureDevOps & GitLab Support Only) DeleteSourceBranchOnMerge bool // Repo locks mode: disabled, on plan or on apply RepoLocksMode valid.RepoLocksMode // RepoConfigFile RepoConfigFile string // UUID for atlantis logs JobID string // The index of order group. Before planning/applying it will use to sort projects. Default is 0. ExecutionOrderGroup int // If plans/applies should be aborted if any prior plan/apply fails AbortOnExcecutionOrderFail bool // Allows custom policy check tools outside of Conftest to run in checks CustomPolicyCheck bool SilencePRComments []string // TeamAllowlistChecker is used to check authorization on a project-level TeamAllowlistChecker TeamAllowlistChecker }
ProjectContext defines the context for a plan or apply stage that will be executed for a project.
func (ProjectContext) GetPolicyCheckResultFileName ¶ added in v0.24.0
func (p ProjectContext) GetPolicyCheckResultFileName() string
GetPolicyCheckResultFileName returns the filename (not the path) to store the result from conftest_client.
func (ProjectContext) GetShowResultFileName ¶
func (p ProjectContext) GetShowResultFileName() string
GetShowResultFileName returns the filename (not the path) to store the tf show result
func (ProjectContext) PolicyCleared ¶ added in v0.24.0
func (p ProjectContext) PolicyCleared() bool
PolicyCleared returns whether all policies are passing or not.
func (ProjectContext) PullInfo ¶
func (p ProjectContext) PullInfo() string
Gets a unique identifier for the current pull request as a single string
func (ProjectContext) SetProjectScopeTags ¶ added in v0.22.0
func (p ProjectContext) SetProjectScopeTags(scope tally.Scope) tally.Scope
SetProjectScopeTags adds ProjectContext tags to a new returned scope.
type ProjectResult ¶
type ProjectResult struct { Command Name SubCommand string RepoRelDir string Workspace string Error error Failure string PlanSuccess *models.PlanSuccess PolicyCheckResults *models.PolicyCheckResults ApplySuccess string VersionSuccess string ImportSuccess *models.ImportSuccess StateRmSuccess *models.StateRmSuccess ProjectName string SilencePRComments []string }
ProjectResult is the result of executing a plan/policy_check/apply for a specific project.
func (ProjectResult) CommitStatus ¶
func (p ProjectResult) CommitStatus() models.CommitStatus
CommitStatus returns the vcs commit status of this project result.
func (ProjectResult) IsSuccessful ¶
func (p ProjectResult) IsSuccessful() bool
IsSuccessful returns true if this project result had no errors.
func (ProjectResult) PlanStatus ¶
func (p ProjectResult) PlanStatus() models.ProjectPlanStatus
PlanStatus returns the plan status.
func (ProjectResult) PolicyStatus ¶ added in v0.24.0
func (p ProjectResult) PolicyStatus() []models.PolicySetStatus
PolicyStatus returns the approval status of policy sets of this project result.
type ProjectScopeTags ¶ added in v0.22.0
type ProjectScopeTags struct { BaseRepo string PrNumber string Project string ProjectPath string TerraformVersion string Workspace string }
func (ProjectScopeTags) Loadtags ¶ added in v0.22.0
func (s ProjectScopeTags) Loadtags() map[string]string
type Result ¶
type Result struct { Error error Failure string ProjectResults []ProjectResult // PlansDeleted is true if all plans created during this command were // deleted. This happens if automerging is enabled and one project has an // error since automerging requires all plans to succeed. PlansDeleted bool }
Result is the result of running a Command.
type TeamAllowlistChecker ¶ added in v0.30.0
type TeamAllowlistChecker interface { // HasRules returns true if the checker has rules defined HasRules() bool // IsCommandAllowedForTeam determines if the specified team can perform the specified action IsCommandAllowedForTeam(ctx models.TeamAllowlistCheckerContext, team, command string) bool // IsCommandAllowedForAnyTeam determines if any of the specified teams can perform the specified action IsCommandAllowedForAnyTeam(ctx models.TeamAllowlistCheckerContext, teams []string, command string) bool }