Documentation ¶
Overview ¶
Package server handles the web server and executing commands that come in via webhooks.
Index ¶
- Constants
- func ParseAtlantisURL(u string) (*url.URL, error)
- type AzureDevopsRequestValidator
- type Config
- type DefaultAzureDevopsRequestValidator
- type DefaultGithubRequestValidator
- type DefaultGitlabRequestParserValidator
- type EventsController
- func (e *EventsController) HandleAzureDevopsPullRequestCommentedEvent(w http.ResponseWriter, event *azuredevops.Event, azuredevopsReqID string)
- func (e *EventsController) HandleAzureDevopsPullRequestEvent(w http.ResponseWriter, event *azuredevops.Event, azuredevopsReqID string)
- func (e *EventsController) HandleBitbucketCloudCommentEvent(w http.ResponseWriter, body []byte, reqID string)
- func (e *EventsController) HandleBitbucketServerCommentEvent(w http.ResponseWriter, body []byte, reqID string)
- func (e *EventsController) HandleGithubCommentEvent(w http.ResponseWriter, event *github.IssueCommentEvent, githubReqID string)
- func (e *EventsController) HandleGithubPullRequestEvent(w http.ResponseWriter, pullEvent *github.PullRequestEvent, githubReqID string)
- func (e *EventsController) HandleGitlabCommentEvent(w http.ResponseWriter, event gitlab.MergeCommentEvent)
- func (e *EventsController) HandleGitlabMergeRequestEvent(w http.ResponseWriter, event gitlab.MergeEvent)
- func (e *EventsController) Post(w http.ResponseWriter, r *http.Request)
- type GithubAppController
- type GithubRequestValidator
- type GithubSetupData
- type GitlabRequestParserValidator
- type IndexData
- type LockDetailData
- type LockIndexData
- type LocksController
- type RequestLogger
- type Router
- type Server
- type StatusController
- type StatusResponse
- type TemplateWriter
- type UserConfig
- type WebhookConfig
Constants ¶
const ( // LockViewRouteName is the named route in mux.Router for the lock view. // The route can be retrieved by this name, ex: // mux.Router.Get(LockViewRouteName) LockViewRouteName = "lock-detail" // LockViewRouteIDQueryParam is the query parameter needed to construct the lock view // route. ex: // mux.Router.Get(LockViewRouteName).URL(LockViewRouteIDQueryParam, "my id") LockViewRouteIDQueryParam = "id" // binDirName is the name of the directory inside our data dir where // we download binaries. BinDirName = "bin" // terraformPluginCacheDir is the name of the dir inside our data dir // where we tell terraform to cache plugins and modules. TerraformPluginCacheDirName = "plugin-cache" )
Variables ¶
This section is empty.
Functions ¶
func ParseAtlantisURL ¶ added in v0.4.12
ParseAtlantisURL parses the user-passed atlantis URL to ensure it is valid and we can use it in our templates. It removes any trailing slashes from the path so we can concatenate it with other paths without checking.
Types ¶
type AzureDevopsRequestValidator ¶ added in v0.10.0
type AzureDevopsRequestValidator interface { // Validate returns the JSON payload of the request. // If both username and password values have a length greater than zero, // it checks that the credentials match those configured in Atlantis. // If either username or password have a length of zero, the payload is // returned without further checking. Validate(r *http.Request, user []byte, pass []byte) ([]byte, error) }
AzureDevopsRequestValidator handles checking if Azure DevOps requests contain a valid Basic authentication username and password.
type Config ¶ added in v0.1.3
type Config struct { AllowForkPRsFlag string AtlantisURLFlag string AtlantisVersion string DefaultTFVersionFlag string RepoConfigJSONFlag string SilenceForkPRErrorsFlag string }
Config holds config for server that isn't passed in by the user.
type DefaultAzureDevopsRequestValidator ¶ added in v0.10.0
type DefaultAzureDevopsRequestValidator struct{}
DefaultAzureDevopsRequestValidator handles checking if Azure DevOps requests contain the correct Basic auth username and password.
func (*DefaultAzureDevopsRequestValidator) Validate ¶ added in v0.10.0
func (d *DefaultAzureDevopsRequestValidator) Validate(r *http.Request, user []byte, pass []byte) ([]byte, error)
Validate returns the JSON payload of the request. If secret is not empty, it checks that the request was signed by secret and returns an error if it was not. If secret is empty, it does not check if the request was signed.
type DefaultGithubRequestValidator ¶ added in v0.2.0
type DefaultGithubRequestValidator struct{}
DefaultGithubRequestValidator handles checking if GitHub requests are signed properly by the secret.
type DefaultGitlabRequestParserValidator ¶ added in v0.4.0
type DefaultGitlabRequestParserValidator struct{}
DefaultGitlabRequestParserValidator parses and validates GitLab requests.
func (*DefaultGitlabRequestParserValidator) ParseAndValidate ¶ added in v0.4.0
func (d *DefaultGitlabRequestParserValidator) ParseAndValidate(r *http.Request, secret []byte) (interface{}, error)
ParseAndValidate returns the JSON payload of the request. See GitlabRequestParserValidator.ParseAndValidate().
type EventsController ¶ added in v0.1.3
type EventsController struct { CommandRunner events.CommandRunner PullCleaner events.PullCleaner Logger *logging.SimpleLogger Parser events.EventParsing CommentParser events.CommentParsing ApplyDisabled bool // GithubWebhookSecret is the secret added to this webhook via the GitHub // UI that identifies this call as coming from GitHub. If empty, no // request validation is done. GithubWebhookSecret []byte GithubRequestValidator GithubRequestValidator GitlabRequestParserValidator GitlabRequestParserValidator // GitlabWebhookSecret is the secret added to this webhook via the GitLab // UI that identifies this call as coming from GitLab. If empty, no // request validation is done. GitlabWebhookSecret []byte RepoAllowlistChecker *events.RepoAllowlistChecker // SilenceAllowlistErrors controls whether we write an error comment on // pull requests from non-allowlisted repos. SilenceAllowlistErrors bool // SupportedVCSHosts is which VCS hosts Atlantis was configured upon // startup to support. SupportedVCSHosts []models.VCSHostType VCSClient vcs.Client TestingMode bool // BitbucketWebhookSecret is the secret added to this webhook via the Bitbucket // UI that identifies this call as coming from Bitbucket. If empty, no // request validation is done. BitbucketWebhookSecret []byte // AzureDevopsWebhookUser is the Basic authentication username added to this // webhook via the Azure DevOps UI that identifies this call as coming from your // Azure DevOps Team Project. If empty, no request validation is done. // For more information, see https://docs.microsoft.com/en-us/azure/devops/service-hooks/services/webhooks?view=azure-devops AzureDevopsWebhookBasicUser []byte // AzureDevopsWebhookPassword is the Basic authentication password added to this // webhook via the Azure DevOps UI that identifies this call as coming from your // Azure DevOps Team Project. If empty, no request validation is done. AzureDevopsWebhookBasicPassword []byte AzureDevopsRequestValidator AzureDevopsRequestValidator }
EventsController handles all webhook requests which signify 'events' in the VCS host, ex. GitHub.
func (*EventsController) HandleAzureDevopsPullRequestCommentedEvent ¶ added in v0.10.0
func (e *EventsController) HandleAzureDevopsPullRequestCommentedEvent(w http.ResponseWriter, event *azuredevops.Event, azuredevopsReqID string)
HandleAzureDevopsPullRequestCommentedEvent handles comment events from Azure DevOps where Atlantis commands can come from. It's exported to make testing easier. Sometimes we may want data from the parent azuredevops.Event struct, so we handle type checking here. Requires Resource Version 2.0 of the Pull Request Commented On webhook payload.
func (*EventsController) HandleAzureDevopsPullRequestEvent ¶ added in v0.10.0
func (e *EventsController) HandleAzureDevopsPullRequestEvent(w http.ResponseWriter, event *azuredevops.Event, azuredevopsReqID string)
HandleAzureDevopsPullRequestEvent will delete any locks associated with the pull request if the event is a pull request closed event. It's exported to make testing easier.
func (*EventsController) HandleBitbucketCloudCommentEvent ¶ added in v0.4.4
func (e *EventsController) HandleBitbucketCloudCommentEvent(w http.ResponseWriter, body []byte, reqID string)
HandleBitbucketCloudCommentEvent handles comment events from Bitbucket.
func (*EventsController) HandleBitbucketServerCommentEvent ¶ added in v0.4.4
func (e *EventsController) HandleBitbucketServerCommentEvent(w http.ResponseWriter, body []byte, reqID string)
HandleBitbucketServerCommentEvent handles comment events from Bitbucket.
func (*EventsController) HandleGithubCommentEvent ¶ added in v0.2.0
func (e *EventsController) HandleGithubCommentEvent(w http.ResponseWriter, event *github.IssueCommentEvent, githubReqID string)
HandleGithubCommentEvent handles comment events from GitHub where Atlantis commands can come from. It's exported to make testing easier.
func (*EventsController) HandleGithubPullRequestEvent ¶ added in v0.2.0
func (e *EventsController) HandleGithubPullRequestEvent(w http.ResponseWriter, pullEvent *github.PullRequestEvent, githubReqID string)
HandleGithubPullRequestEvent will delete any locks associated with the pull request if the event is a pull request closed event. It's exported to make testing easier.
func (*EventsController) HandleGitlabCommentEvent ¶ added in v0.2.0
func (e *EventsController) HandleGitlabCommentEvent(w http.ResponseWriter, event gitlab.MergeCommentEvent)
HandleGitlabCommentEvent handles comment events from GitLab where Atlantis commands can come from. It's exported to make testing easier.
func (*EventsController) HandleGitlabMergeRequestEvent ¶ added in v0.2.0
func (e *EventsController) HandleGitlabMergeRequestEvent(w http.ResponseWriter, event gitlab.MergeEvent)
HandleGitlabMergeRequestEvent will delete any locks associated with the pull request if the event is a merge request closed event. It's exported to make testing easier.
func (*EventsController) Post ¶ added in v0.1.3
func (e *EventsController) Post(w http.ResponseWriter, r *http.Request)
Post handles POST webhook requests.
type GithubAppController ¶ added in v0.14.0
type GithubAppController struct { AtlantisURL *url.URL Logger *logging.SimpleLogger GithubSetupComplete bool GithubHostname string GithubOrg string }
GithubAppController handles the creation and setup of a new GitHub app
func (*GithubAppController) ExchangeCode ¶ added in v0.14.0
func (g *GithubAppController) ExchangeCode(w http.ResponseWriter, r *http.Request)
ExchangeCode handles the user coming back from creating their app A code query parameter is exchanged for this app's ID, key, and webhook_secret Implements https://developer.github.com/apps/building-github-apps/creating-github-apps-from-a-manifest/#implementing-the-github-app-manifest-flow
func (*GithubAppController) New ¶ added in v0.14.0
func (g *GithubAppController) New(w http.ResponseWriter, r *http.Request)
New redirects the user to create a new GitHub app
type GithubRequestValidator ¶ added in v0.2.0
type GithubRequestValidator interface { // Validate returns the JSON payload of the request. // If secret is not empty, it checks that the request was signed // by secret and returns an error if it was not. // If secret is empty, it does not check if the request was signed. Validate(r *http.Request, secret []byte) ([]byte, error) }
GithubRequestValidator handles checking if GitHub requests are signed properly by the secret.
type GithubSetupData ¶ added in v0.14.0
type GithubSetupData struct { Target string Manifest string ID int64 Key string WebhookSecret string URL string }
GithubSetupData holds the data for rendering the github app setup page
type GitlabRequestParserValidator ¶ added in v0.4.0
type GitlabRequestParserValidator interface { // ParseAndValidate validates that the request has a token header matching secret. // If the secret does not match it returns an error. // If secret is empty it does not check the token header. // It then parses the request as a GitLab object depending on the header // provided by GitLab identifying the webhook type. If the webhook type // is not recognized it will return nil but will not return an error. // Usage: // event, err := GitlabRequestParserValidator.ParseAndValidate(r, secret) // if err != nil { // return // } // switch event := event.(type) { // case gitlab.MergeCommentEvent: // // handle // case gitlab.MergeEvent: // // handle // default: // // unsupported event // } ParseAndValidate(r *http.Request, secret []byte) (interface{}, error) }
GitlabRequestParserValidator parses and validates GitLab requests.
type IndexData ¶ added in v0.3.3
type IndexData struct { Locks []LockIndexData AtlantisVersion string // CleanedBasePath is the path Atlantis is accessible at externally. If // not using a path-based proxy, this will be an empty string. Never ends // in a '/' (hence "cleaned"). CleanedBasePath string }
IndexData holds the data for rendering the index page
type LockDetailData ¶ added in v0.1.3
type LockDetailData struct { LockKeyEncoded string LockKey string RepoOwner string RepoName string PullRequestLink string LockedBy string Workspace string Time time.Time AtlantisVersion string // CleanedBasePath is the path Atlantis is accessible at externally. If // not using a path-based proxy, this will be an empty string. Never ends // in a '/' (hence "cleaned"). CleanedBasePath string }
LockDetailData holds the fields needed to display the lock detail view.
type LockIndexData ¶ added in v0.1.3
type LockIndexData struct { LockPath string RepoFullName string PullNum int Path string Workspace string Time time.Time TimeFormatted string }
LockIndexData holds the fields needed to display the index view for locks.
type LocksController ¶ added in v0.3.10
type LocksController struct { AtlantisVersion string AtlantisURL *url.URL Locker locking.Locker Logger *logging.SimpleLogger VCSClient vcs.Client LockDetailTemplate TemplateWriter WorkingDir events.WorkingDir WorkingDirLocker events.WorkingDirLocker DB *db.BoltDB DeleteLockCommand events.DeleteLockCommand }
LocksController handles all requests relating to Atlantis locks.
func (*LocksController) DeleteLock ¶ added in v0.3.10
func (l *LocksController) DeleteLock(w http.ResponseWriter, r *http.Request)
DeleteLock handles deleting the lock at id and commenting back on the pull request that the lock has been deleted.
func (*LocksController) GetLock ¶ added in v0.3.10
func (l *LocksController) GetLock(w http.ResponseWriter, r *http.Request)
GetLock is the GET /locks/{id} route. It renders the lock detail view.
type RequestLogger ¶
type RequestLogger struct {
// contains filtered or unexported fields
}
RequestLogger logs requests and their response codes.
func NewRequestLogger ¶
func NewRequestLogger(logger *logging.SimpleLogger) *RequestLogger
NewRequestLogger creates a RequestLogger.
func (*RequestLogger) ServeHTTP ¶
func (l *RequestLogger) ServeHTTP(rw http.ResponseWriter, r *http.Request, next http.HandlerFunc)
ServeHTTP implements the middleware function. It logs all requests at DEBUG level.
type Router ¶ added in v0.4.0
type Router struct { // Underlying is the router that the routes have been constructed on. Underlying *mux.Router // LockViewRouteName is the named route for the lock view that can be Get'd // from the Underlying router. LockViewRouteName string // LockViewRouteIDQueryParam is the query parameter needed to construct the // lock view: underlying.Get(LockViewRouteName).URL(LockViewRouteIDQueryParam, "my id"). LockViewRouteIDQueryParam string // AtlantisURL is the fully qualified URL that Atlantis is // accessible from externally. AtlantisURL *url.URL }
Router can be used to retrieve Atlantis URLs. It acts as an intermediary between the underlying router and the rest of Atlantis that might need to construct URLs to different resources.
func (*Router) GenerateLockURL ¶ added in v0.4.0
GenerateLockURL returns a fully qualified URL to view the lock at lockID.
type Server ¶
type Server struct { AtlantisVersion string AtlantisURL *url.URL Router *mux.Router Port int PreWorkflowHooksCommandRunner *events.DefaultPreWorkflowHooksCommandRunner CommandRunner *events.DefaultCommandRunner Logger *logging.SimpleLogger Locker locking.Locker EventsController *EventsController GithubAppController *GithubAppController LocksController *LocksController StatusController *StatusController IndexTemplate TemplateWriter LockDetailTemplate TemplateWriter SSLCertFile string SSLKeyFile string Drainer *events.Drainer }
Server runs the Atlantis web server.
func NewServer ¶
func NewServer(userConfig UserConfig, config Config) (*Server, error)
NewServer returns a new server. If there are issues starting the server or its dependencies an error will be returned. This is like the main() function for the server CLI command because it injects all the dependencies.
func (*Server) Healthz ¶ added in v0.4.1
func (s *Server) Healthz(w http.ResponseWriter, _ *http.Request)
Healthz returns the health check response. It always returns a 200 currently.
type StatusController ¶ added in v0.13.0
type StatusController struct { Logger *logging.SimpleLogger Drainer *events.Drainer }
StatusController handles the status of Atlantis.
func (*StatusController) Get ¶ added in v0.13.0
func (d *StatusController) Get(w http.ResponseWriter, r *http.Request)
Get is the GET /status route.
type StatusResponse ¶ added in v0.13.0
type TemplateWriter ¶ added in v0.1.3
type TemplateWriter interface { // Execute applies a parsed template to the specified data object, // writing the output to wr. Execute(wr io.Writer, data interface{}) error }
TemplateWriter is an interface over html/template that's used to enable mocking.
type UserConfig ¶ added in v0.3.3
type UserConfig struct { AllowForkPRs bool `mapstructure:"allow-fork-prs"` AllowRepoConfig bool `mapstructure:"allow-repo-config"` AtlantisURL string `mapstructure:"atlantis-url"` Automerge bool `mapstructure:"automerge"` AzureDevopsToken string `mapstructure:"azuredevops-token"` AzureDevopsUser string `mapstructure:"azuredevops-user"` AzureDevopsWebhookPassword string `mapstructure:"azuredevops-webhook-password"` AzureDevopsWebhookUser string `mapstructure:"azuredevops-webhook-user"` BitbucketBaseURL string `mapstructure:"bitbucket-base-url"` BitbucketToken string `mapstructure:"bitbucket-token"` BitbucketUser string `mapstructure:"bitbucket-user"` BitbucketWebhookSecret string `mapstructure:"bitbucket-webhook-secret"` CheckoutStrategy string `mapstructure:"checkout-strategy"` DataDir string `mapstructure:"data-dir"` DisableApplyAll bool `mapstructure:"disable-apply-all"` DisableApply bool `mapstructure:"disable-apply"` DisableAutoplan bool `mapstructure:"disable-autoplan"` DisableMarkdownFolding bool `mapstructure:"disable-markdown-folding"` DisableRepoLocking bool `mapstructure:"disable-repo-locking"` EnablePolicyChecksFlag bool `mapstructure:"enable-policy-checks"` GithubHostname string `mapstructure:"gh-hostname"` GithubToken string `mapstructure:"gh-token"` GithubUser string `mapstructure:"gh-user"` GithubWebhookSecret string `mapstructure:"gh-webhook-secret"` GithubOrg string `mapstructure:"gh-org"` GithubAppID int64 `mapstructure:"gh-app-id"` GithubAppKey string `mapstructure:"gh-app-key-file"` GithubAppSlug string `mapstructure:"gh-app-slug"` GitlabHostname string `mapstructure:"gitlab-hostname"` GitlabToken string `mapstructure:"gitlab-token"` GitlabUser string `mapstructure:"gitlab-user"` GitlabWebhookSecret string `mapstructure:"gitlab-webhook-secret"` HidePrevPlanComments bool `mapstructure:"hide-prev-plan-comments"` LogLevel string `mapstructure:"log-level"` ParallelPoolSize int `mapstructure:"parallel-pool-size"` PlanDrafts bool `mapstructure:"allow-draft-prs"` Port int `mapstructure:"port"` RepoConfig string `mapstructure:"repo-config"` RepoConfigJSON string `mapstructure:"repo-config-json"` RepoAllowlist string `mapstructure:"repo-allowlist"` // RepoWhitelist is deprecated in favour of RepoAllowlist. RepoWhitelist string `mapstructure:"repo-whitelist"` // RequireApproval is whether to require pull request approval before // allowing terraform apply's to be run. RequireApproval bool `mapstructure:"require-approval"` // RequireMergeable is whether to require pull requests to be mergeable before // allowing terraform apply's to run. RequireMergeable bool `mapstructure:"require-mergeable"` SilenceForkPRErrors bool `mapstructure:"silence-fork-pr-errors"` // SilenceVCSStatusNoPlans is whether autoplan should set commit status if no plans // are found. SilenceVCSStatusNoPlans bool `mapstructure:"silence-vcs-status-no-plans"` SilenceAllowlistErrors bool `mapstructure:"silence-allowlist-errors"` // SilenceWhitelistErrors is deprecated in favour of SilenceAllowlistErrors SilenceWhitelistErrors bool `mapstructure:"silence-whitelist-errors"` SkipCloneNoChanges bool `mapstructure:"skip-clone-no-changes"` SlackToken string `mapstructure:"slack-token"` SSLCertFile string `mapstructure:"ssl-cert-file"` SSLKeyFile string `mapstructure:"ssl-key-file"` TFDownloadURL string `mapstructure:"tf-download-url"` TFEHostname string `mapstructure:"tfe-hostname"` TFEToken string `mapstructure:"tfe-token"` VCSStatusName string `mapstructure:"vcs-status-name"` DefaultTFVersion string `mapstructure:"default-tf-version"` Webhooks []WebhookConfig `mapstructure:"webhooks"` WriteGitCreds bool `mapstructure:"write-git-creds"` }
UserConfig holds config values passed in by the user. The mapstructure tags correspond to flags in cmd/server.go and are used when the config is parsed from a YAML file.
func (UserConfig) ToLogLevel ¶ added in v0.4.13
func (u UserConfig) ToLogLevel() logging.LogLevel
ToLogLevel returns the LogLevel object corresponding to the user-passed log level.
type WebhookConfig ¶ added in v0.2.0
type WebhookConfig struct { // Event is the type of event we should send this webhook for, ex. apply. Event string `mapstructure:"event"` // WorkspaceRegex is a regex that is used to match against the workspace // that is being modified for this event. If the regex matches, we'll // send the webhook, ex. "production.*". WorkspaceRegex string `mapstructure:"workspace-regex"` // Kind is the type of webhook we should send, ex. slack. Kind string `mapstructure:"kind"` // Channel is the channel to send this webhook to. It only applies to // slack webhooks. Should be without '#'. Channel string `mapstructure:"channel"` }
WebhookConfig is nested within UserConfig. It's used to configure webhooks.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
db
Package db handles our database layer.
|
Package db handles our database layer. |
locking/mocks/matchers
Code generated by pegomock.
|
Code generated by pegomock. |
matchers
Code generated by pegomock.
|
Code generated by pegomock. |
mocks/matchers
Code generated by pegomock.
|
Code generated by pegomock. |
runtime
Package runtime holds code for actually running commands vs.
|
Package runtime holds code for actually running commands vs. |
runtime/cache/mocks/matchers
Code generated by pegomock.
|
Code generated by pegomock. |
runtime/mocks/matchers
Code generated by pegomock.
|
Code generated by pegomock. |
runtime/models/mocks/matchers
Code generated by pegomock.
|
Code generated by pegomock. |
runtime/policy/mocks/matchers
Code generated by pegomock.
|
Code generated by pegomock. |
terraform/mocks/matchers
Code generated by pegomock.
|
Code generated by pegomock. |
vcs/bitbucketcloud
Package bitbucketcloud holds code for Bitbucket Cloud aka (bitbucket.org).
|
Package bitbucketcloud holds code for Bitbucket Cloud aka (bitbucket.org). |
vcs/common
Package common is used to share common code between all VCS clients without running into circular dependency issues.
|
Package common is used to share common code between all VCS clients without running into circular dependency issues. |
vcs/mocks/matchers
Code generated by pegomock.
|
Code generated by pegomock. |
webhooks/mocks/matchers
Code generated by pegomock.
|
Code generated by pegomock. |
yaml/raw
Package raw contains the golang representations of the YAML elements supported in atlantis.yaml.
|
Package raw contains the golang representations of the YAML elements supported in atlantis.yaml. |
yaml/valid
Package valid contains the structs representing the atlantis.yaml config after it's been parsed and validated.
|
Package valid contains the structs representing the atlantis.yaml config after it's been parsed and validated. |
mocks/matchers
Code generated by pegomock.
|
Code generated by pegomock. |
matchers
Code generated by pegomock.
|
Code generated by pegomock. |
Code generated for package static by go-bindata DO NOT EDIT.
|
Code generated for package static by go-bindata DO NOT EDIT. |