server

package
v0.27.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 12, 2023 License: Apache-2.0 Imports: 45 Imported by: 21

Documentation

Overview

Package server handles the web server and executing commands that come in via webhooks.

Index

Constants

View Source
const (
	// LockViewRouteName is the named route in mux.Router for the lock view.
	// The route can be retrieved by this name, ex:
	//   mux.Router.Get(LockViewRouteName)
	LockViewRouteName = "lock-detail"
	// LockViewRouteIDQueryParam is the query parameter needed to construct the lock view
	// route. ex:
	//   mux.Router.Get(LockViewRouteName).URL(LockViewRouteIDQueryParam, "my id")
	LockViewRouteIDQueryParam = "id"
	// ProjectJobsViewRouteName is the named route in mux.Router for the log stream view.
	ProjectJobsViewRouteName = "project-jobs-detail"
	// binDirName is the name of the directory inside our data dir where
	// we download binaries.
	BinDirName = "bin"
	// terraformPluginCacheDir is the name of the dir inside our data dir
	// where we tell terraform to cache plugins and modules.
	TerraformPluginCacheDirName = "plugin-cache"
)

Variables

This section is empty.

Functions

func ParseAtlantisURL added in v0.4.12

func ParseAtlantisURL(u string) (*url.URL, error)

ParseAtlantisURL parses the user-passed atlantis URL to ensure it is valid and we can use it in our templates. It removes any trailing slashes from the path so we can concatenate it with other paths without checking.

Types

type Config added in v0.1.3

type Config struct {
	AllowForkPRsFlag        string
	AtlantisURLFlag         string
	AtlantisVersion         string
	DefaultTFVersionFlag    string
	RepoConfigJSONFlag      string
	SilenceForkPRErrorsFlag string
}

Config holds config for server that isn't passed in by the user.

type RequestLogger

type RequestLogger struct {
	WebAuthentication bool
	WebUsername       string
	WebPassword       string
	// contains filtered or unexported fields
}

RequestLogger logs requests and their response codes. as well as handle the basicauth on the requests

func NewRequestLogger

func NewRequestLogger(s *Server) *RequestLogger

NewRequestLogger creates a RequestLogger.

func (*RequestLogger) ServeHTTP

func (l *RequestLogger) ServeHTTP(rw http.ResponseWriter, r *http.Request, next http.HandlerFunc)

ServeHTTP implements the middleware function. It logs all requests at DEBUG level.

type Router added in v0.4.0

type Router struct {
	// Underlying is the router that the routes have been constructed on.
	Underlying *mux.Router
	// LockViewRouteName is the named route for the lock view that can be Get'd
	// from the Underlying router.
	LockViewRouteName string
	// ProjectJobsViewRouteName is the named route for the projects active jobs
	ProjectJobsViewRouteName string
	// LockViewRouteIDQueryParam is the query parameter needed to construct the
	// lock view: underlying.Get(LockViewRouteName).URL(LockViewRouteIDQueryParam, "my id").
	LockViewRouteIDQueryParam string
	// AtlantisURL is the fully qualified URL that Atlantis is
	// accessible from externally.
	AtlantisURL *url.URL
}

Router can be used to retrieve Atlantis URLs. It acts as an intermediary between the underlying router and the rest of Atlantis that might need to construct URLs to different resources.

func (*Router) GenerateLockURL added in v0.4.0

func (r *Router) GenerateLockURL(lockID string) string

GenerateLockURL returns a fully qualified URL to view the lock at lockID.

func (*Router) GenerateProjectJobURL added in v0.18.0

func (r *Router) GenerateProjectJobURL(ctx command.ProjectContext) (string, error)

func (*Router) GenerateProjectWorkflowHookURL added in v0.22.0

func (r *Router) GenerateProjectWorkflowHookURL(hookID string) (string, error)

type Server

type Server struct {
	AtlantisVersion                string
	AtlantisURL                    *url.URL
	Router                         *mux.Router
	Port                           int
	PostWorkflowHooksCommandRunner *events.DefaultPostWorkflowHooksCommandRunner
	PreWorkflowHooksCommandRunner  *events.DefaultPreWorkflowHooksCommandRunner
	CommandRunner                  *events.DefaultCommandRunner
	Logger                         logging.SimpleLogging
	StatsScope                     tally.Scope
	StatsReporter                  tally.BaseStatsReporter
	StatsCloser                    io.Closer
	Locker                         locking.Locker
	ApplyLocker                    locking.ApplyLocker
	VCSEventsController            *events_controllers.VCSEventsController
	GithubAppController            *controllers.GithubAppController
	LocksController                *controllers.LocksController
	StatusController               *controllers.StatusController
	JobsController                 *controllers.JobsController
	APIController                  *controllers.APIController
	IndexTemplate                  templates.TemplateWriter
	LockDetailTemplate             templates.TemplateWriter
	ProjectJobsTemplate            templates.TemplateWriter
	ProjectJobsErrorTemplate       templates.TemplateWriter
	SSLCertFile                    string
	SSLKeyFile                     string
	CertLastRefreshTime            time.Time
	KeyLastRefreshTime             time.Time
	SSLCert                        *tls.Certificate
	Drainer                        *events.Drainer
	WebAuthentication              bool
	WebUsername                    string
	WebPassword                    string
	ProjectCmdOutputHandler        jobs.ProjectCommandOutputHandler
	ScheduledExecutorService       *scheduled.ExecutorService
}

Server runs the Atlantis web server.

func NewServer

func NewServer(userConfig UserConfig, config Config) (*Server, error)

NewServer returns a new server. If there are issues starting the server or its dependencies an error will be returned. This is like the main() function for the server CLI command because it injects all the dependencies.

func (*Server) GetSSLCertificate added in v0.21.0

func (s *Server) GetSSLCertificate(*tls.ClientHelloInfo) (*tls.Certificate, error)

func (*Server) Healthz added in v0.4.1

func (s *Server) Healthz(w http.ResponseWriter, _ *http.Request)

Healthz returns the health check response. It always returns a 200 currently.

func (*Server) Index added in v0.1.3

func (s *Server) Index(w http.ResponseWriter, _ *http.Request)

Index is the / route.

func (*Server) Start

func (s *Server) Start() error

Start creates the routes and starts serving traffic.

type UserConfig added in v0.3.3

type UserConfig struct {
	AllowForkPRs                bool   `mapstructure:"allow-fork-prs"`
	AllowCommands               string `mapstructure:"allow-commands"`
	AtlantisURL                 string `mapstructure:"atlantis-url"`
	AutoDiscoverModeFlag        string `mapstructure:"autodiscover-mode"`
	Automerge                   bool   `mapstructure:"automerge"`
	AutoplanFileList            string `mapstructure:"autoplan-file-list"`
	AutoplanModules             bool   `mapstructure:"autoplan-modules"`
	AutoplanModulesFromProjects string `mapstructure:"autoplan-modules-from-projects"`
	AzureDevopsToken            string `mapstructure:"azuredevops-token"`
	AzureDevopsUser             string `mapstructure:"azuredevops-user"`
	AzureDevopsWebhookPassword  string `mapstructure:"azuredevops-webhook-password"`
	AzureDevopsWebhookUser      string `mapstructure:"azuredevops-webhook-user"`
	AzureDevOpsHostname         string `mapstructure:"azuredevops-hostname"`
	BitbucketBaseURL            string `mapstructure:"bitbucket-base-url"`
	BitbucketToken              string `mapstructure:"bitbucket-token"`
	BitbucketUser               string `mapstructure:"bitbucket-user"`
	BitbucketWebhookSecret      string `mapstructure:"bitbucket-webhook-secret"`
	CheckoutDepth               int    `mapstructure:"checkout-depth"`
	CheckoutStrategy            string `mapstructure:"checkout-strategy"`
	DataDir                     string `mapstructure:"data-dir"`
	DisableApplyAll             bool   `mapstructure:"disable-apply-all"`
	DisableAutoplan             bool   `mapstructure:"disable-autoplan"`
	DisableAutoplanLabel        string `mapstructure:"disable-autoplan-label"`
	DisableMarkdownFolding      bool   `mapstructure:"disable-markdown-folding"`
	DisableRepoLocking          bool   `mapstructure:"disable-repo-locking"`
	DisableUnlockLabel          string `mapstructure:"disable-unlock-label"`
	DiscardApprovalOnPlanFlag   bool   `mapstructure:"discard-approval-on-plan"`
	EmojiReaction               string `mapstructure:"emoji-reaction"`
	EnablePolicyChecksFlag      bool   `mapstructure:"enable-policy-checks"`
	EnableRegExpCmd             bool   `mapstructure:"enable-regexp-cmd"`
	EnableDiffMarkdownFormat    bool   `mapstructure:"enable-diff-markdown-format"`
	ExecutableName              string `mapstructure:"executable-name"`
	// Fail and do not run the Atlantis command request if any of the pre workflow hooks error.
	FailOnPreWorkflowHookError      bool   `mapstructure:"fail-on-pre-workflow-hook-error"`
	HideUnchangedPlanComments       bool   `mapstructure:"hide-unchanged-plan-comments"`
	GithubAllowMergeableBypassApply bool   `mapstructure:"gh-allow-mergeable-bypass-apply"`
	GithubHostname                  string `mapstructure:"gh-hostname"`
	GithubToken                     string `mapstructure:"gh-token"`
	GithubUser                      string `mapstructure:"gh-user"`
	GithubWebhookSecret             string `mapstructure:"gh-webhook-secret"`
	GithubOrg                       string `mapstructure:"gh-org"`
	GithubAppID                     int64  `mapstructure:"gh-app-id"`
	GithubAppKey                    string `mapstructure:"gh-app-key"`
	GithubAppKeyFile                string `mapstructure:"gh-app-key-file"`
	GithubAppSlug                   string `mapstructure:"gh-app-slug"`
	GithubTeamAllowlist             string `mapstructure:"gh-team-allowlist"`
	GitlabHostname                  string `mapstructure:"gitlab-hostname"`
	GitlabToken                     string `mapstructure:"gitlab-token"`
	GitlabUser                      string `mapstructure:"gitlab-user"`
	GitlabWebhookSecret             string `mapstructure:"gitlab-webhook-secret"`
	IncludeGitUntrackedFiles        bool   `mapstructure:"include-git-untracked-files"`
	APISecret                       string `mapstructure:"api-secret"`
	HidePrevPlanComments            bool   `mapstructure:"hide-prev-plan-comments"`
	LockingDBType                   string `mapstructure:"locking-db-type"`
	LogLevel                        string `mapstructure:"log-level"`
	MarkdownTemplateOverridesDir    string `mapstructure:"markdown-template-overrides-dir"`
	ParallelPoolSize                int    `mapstructure:"parallel-pool-size"`
	ParallelPlan                    bool   `mapstructure:"parallel-plan"`
	ParallelApply                   bool   `mapstructure:"parallel-apply"`
	StatsNamespace                  string `mapstructure:"stats-namespace"`
	PlanDrafts                      bool   `mapstructure:"allow-draft-prs"`
	Port                            int    `mapstructure:"port"`
	QuietPolicyChecks               bool   `mapstructure:"quiet-policy-checks"`
	RedisDB                         int    `mapstructure:"redis-db"`
	RedisHost                       string `mapstructure:"redis-host"`
	RedisPassword                   string `mapstructure:"redis-password"`
	RedisPort                       int    `mapstructure:"redis-port"`
	RedisTLSEnabled                 bool   `mapstructure:"redis-tls-enabled"`
	RedisInsecureSkipVerify         bool   `mapstructure:"redis-insecure-skip-verify"`
	RepoConfig                      string `mapstructure:"repo-config"`
	RepoConfigJSON                  string `mapstructure:"repo-config-json"`
	RepoAllowlist                   string `mapstructure:"repo-allowlist"`

	// RequireApproval is whether to require pull request approval before
	// allowing terraform apply's to be run.
	RequireApproval bool `mapstructure:"require-approval"`
	// RequireMergeable is whether to require pull requests to be mergeable before
	// allowing terraform apply's to run.
	RequireMergeable bool `mapstructure:"require-mergeable"`
	// SilenceNoProjects is whether Atlantis should respond to a PR if no projects are found.
	SilenceNoProjects bool `mapstructure:"silence-no-projects"`
	// RequireUnDiverged is whether to require pull requests to rebase default branch before
	// allowing terraform apply's to run.
	RequireUnDiverged   bool `mapstructure:"require-undiverged"`
	SilenceForkPRErrors bool `mapstructure:"silence-fork-pr-errors"`
	// SilenceVCSStatusNoPlans is whether autoplan should set commit status if no plans
	// are found.
	SilenceVCSStatusNoPlans bool `mapstructure:"silence-vcs-status-no-plans"`
	// SilenceVCSStatusNoProjects is whether autoplan should set commit status if no projects
	// are found.
	SilenceVCSStatusNoProjects bool            `mapstructure:"silence-vcs-status-no-projects"`
	SilenceAllowlistErrors     bool            `mapstructure:"silence-allowlist-errors"`
	SkipCloneNoChanges         bool            `mapstructure:"skip-clone-no-changes"`
	SlackToken                 string          `mapstructure:"slack-token"`
	SSLCertFile                string          `mapstructure:"ssl-cert-file"`
	SSLKeyFile                 string          `mapstructure:"ssl-key-file"`
	RestrictFileList           bool            `mapstructure:"restrict-file-list"`
	TFDownload                 bool            `mapstructure:"tf-download"`
	TFDownloadURL              string          `mapstructure:"tf-download-url"`
	TFEHostname                string          `mapstructure:"tfe-hostname"`
	TFELocalExecutionMode      bool            `mapstructure:"tfe-local-execution-mode"`
	TFEToken                   string          `mapstructure:"tfe-token"`
	VarFileAllowlist           string          `mapstructure:"var-file-allowlist"`
	VCSStatusName              string          `mapstructure:"vcs-status-name"`
	DefaultTFVersion           string          `mapstructure:"default-tf-version"`
	Webhooks                   []WebhookConfig `mapstructure:"webhooks"`
	WebBasicAuth               bool            `mapstructure:"web-basic-auth"`
	WebUsername                string          `mapstructure:"web-username"`
	WebPassword                string          `mapstructure:"web-password"`
	WriteGitCreds              bool            `mapstructure:"write-git-creds"`
	WebsocketCheckOrigin       bool            `mapstructure:"websocket-check-origin"`
	UseTFPluginCache           bool            `mapstructure:"use-tf-plugin-cache"`
}

UserConfig holds config values passed in by the user. The mapstructure tags correspond to flags in cmd/server.go and are used when the config is parsed from a YAML file.

func (UserConfig) ToAllowCommandNames added in v0.22.0

func (u UserConfig) ToAllowCommandNames() ([]command.Name, error)

ToAllowCommandNames parse AllowCommands into a slice of CommandName

func (UserConfig) ToLogLevel added in v0.4.13

func (u UserConfig) ToLogLevel() logging.LogLevel

ToLogLevel returns the LogLevel object corresponding to the user-passed log level.

type WebhookConfig added in v0.2.0

type WebhookConfig struct {
	// Event is the type of event we should send this webhook for, ex. apply.
	Event string `mapstructure:"event"`
	// WorkspaceRegex is a regex that is used to match against the workspace
	// that is being modified for this event. If the regex matches, we'll
	// send the webhook, ex. "production.*".
	WorkspaceRegex string `mapstructure:"workspace-regex"`
	// BranchRegex is a regex that is used to match against the base branch
	// that is being modified for this event. If the regex matches, we'll
	// send the webhook, ex. "main.*".
	BranchRegex string `mapstructure:"branch-regex"`
	// Kind is the type of webhook we should send, ex. slack.
	Kind string `mapstructure:"kind"`
	// Channel is the channel to send this webhook to. It only applies to
	// slack webhooks. Should be without '#'.
	Channel string `mapstructure:"channel"`
}

WebhookConfig is nested within UserConfig. It's used to configure webhooks.

Directories

Path Synopsis
core
config/raw
Package raw contains the golang representations of the YAML elements supported in atlantis.yaml.
Package raw contains the golang representations of the YAML elements supported in atlantis.yaml.
config/valid
Package valid contains the structs representing the atlantis.yaml config after it's been parsed and validated.
Package valid contains the structs representing the atlantis.yaml config after it's been parsed and validated.
db
Package db handles our database layer.
Package db handles our database layer.
redis
Package redis handles our remote database layer.
Package redis handles our remote database layer.
runtime
Package runtime holds code for actually running commands vs.
Package runtime holds code for actually running commands vs.
vcs
vcs/bitbucketcloud
Package bitbucketcloud holds code for Bitbucket Cloud aka (bitbucket.org).
Package bitbucketcloud holds code for Bitbucket Cloud aka (bitbucket.org).
vcs/common
Package common is used to share common code between all VCS clients without running into circular dependency issues.
Package common is used to share common code between all VCS clients without running into circular dependency issues.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL