Skip to content

Commit

Permalink
Refactor @jjulien's server-side config work.
Browse files Browse the repository at this point in the history
  • Loading branch information
lkysow committed Mar 27, 2019
1 parent 1fcdaba commit d78b106
Show file tree
Hide file tree
Showing 88 changed files with 4,589 additions and 3,348 deletions.
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ test-coverage:

test-coverage-html:
@mkdir -p .cover
@go test -covermode atomic -coverprofile .cover/cover.out $(PKG)
@go test -covermode atomic -coverpkg $(PKG_COMMAS) -coverprofile .cover/cover.out $(PKG)
go tool cover -html .cover/cover.out

dist: ## Package up everything in static/ using go-bindata-assetfs so it can be served by a single binary
Expand Down
24 changes: 18 additions & 6 deletions cmd/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ var stringFlags = []stringFlag{
},
{
name: ConfigFlag,
description: "Path to config file. All flags can be set in a YAML config file instead.",
description: "Path to yaml config file where flag values can also be set.",
},
{
name: CheckoutStrategyFlag,
Expand Down Expand Up @@ -171,7 +171,7 @@ var stringFlags = []stringFlag{
},
{
name: RepoConfigFlag,
description: "Path to a repo config file, used to configure how atlantis.yaml will behave on repos. Repos can be specified as an exact string or using regular expressions",
description: "Path to a repo config file, used to customize how Atlantis runs on each repo. See runatlantis.io/docs for more details.",
},
{
name: RepoWhitelistFlag,
Expand Down Expand Up @@ -216,7 +216,12 @@ var boolFlags = []boolFlag{
" Should only be enabled in a trusted environment since it enables a pull request to run arbitrary commands" +
" on the Atlantis server.",
defaultValue: false,
deprecated: fmt.Sprintf("use --%s to allow sensitive keys in atlantis.yaml", RepoConfigFlag),
deprecated: fmt.Sprintf(`set a --%s file with the following config instead:
repos:
- id: /.*/
allowed_overrides: [workflow, apply_requirements]
allow_custom_workflows: true
`, RepoConfigFlag),
},
{
name: AutomergeFlag,
Expand All @@ -227,11 +232,21 @@ var boolFlags = []boolFlag{
name: RequireApprovalFlag,
description: "Require pull requests to be \"Approved\" before allowing the apply command to be run.",
defaultValue: false,
deprecated: fmt.Sprintf(`set a --%s file with the following config instead:
repos:
- id: /.*/
apply_requirements: [approved]
`, RepoConfigFlag),
},
{
name: RequireMergeableFlag,
description: "Require pull requests to be mergeable before allowing the apply command to be run.",
defaultValue: false,
deprecated: fmt.Sprintf(`set a --%s file with the following config instead:
repos:
- id: /.*/
apply_requirements: [mergeable]
`, RepoConfigFlag),
},
{
name: SilenceWhitelistErrorsFlag,
Expand Down Expand Up @@ -456,9 +471,6 @@ func (s *ServerCmd) validate(userConfig server.UserConfig) error {
if (userConfig.SSLKeyFile == "") != (userConfig.SSLCertFile == "") {
return fmt.Errorf("--%s and --%s are both required for ssl", SSLKeyFileFlag, SSLCertFileFlag)
}
if userConfig.AllowRepoConfig && userConfig.RepoConfig != "" {
return fmt.Errorf("You cannot use both --%s and --%s together. --%s is deprecated and will be removed in a later version, you should use --%s instead", AllowRepoConfigFlag, RepoConfigFlag, AllowRepoConfigFlag, RepoConfigFlag)
}

// The following combinations are valid.
// 1. github user and token set
Expand Down
10 changes: 0 additions & 10 deletions cmd/server_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -914,16 +914,6 @@ func TestExecute_BitbucketServerBaseURLPort(t *testing.T) {
Equals(t, "http://mydomain.com:7990", passedConfig.BitbucketBaseURL)
}

// Cannot use both --allow-repo-config and --repo-config
func TestExecute_AllowRepoConfigWithAllowRestrictedRepoConfig(t *testing.T) {
c := setup(map[string]interface{}{
cmd.AllowRepoConfigFlag: true,
cmd.RepoConfigFlag: "somefile",
})
err := c.Execute()
ErrEquals(t, "You cannot use both --allow-repo-config and --repo-config together. --allow-repo-config is deprecated and will be removed in a later version, you should use --repo-config instead", err)
}

func setup(flags map[string]interface{}) *cobra.Command {
vipr := viper.New()
for k, v := range flags {
Expand Down
10 changes: 10 additions & 0 deletions runatlantis.io/.vuepress/components/HomeCustom.vue
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,13 @@
</div>
</div>
</div>
<div class="home getting-started-footer">
<div class="hero">
<p class="action" v-if="data.actionText && data.actionLink">
<a href="/guide/" class="nav-link action-button">Get Started →</a>
</p>
</div>
</div>
<div class="footer" v-if="data.footer">
{{ data.footer }}
</div>
Expand Down Expand Up @@ -268,6 +275,9 @@
text-align center
color lighten($textColor, 25%)
.getting-started-footer
padding 2.5rem 0
margin 0 auto
.workflow-container
border-top 2px solid $borderColor
Expand Down
31 changes: 15 additions & 16 deletions runatlantis.io/.vuepress/config.js
Original file line number Diff line number Diff line change
Expand Up @@ -37,11 +37,9 @@ module.exports = {
'/guide/': [
'',
'test-drive',
'getting-started',
'atlantis-yaml-use-cases'
'testing-locally',
],
'/docs/': [
['', 'Overview'],
{
title: 'Installing Atlantis',
collapsable: true,
Expand All @@ -52,29 +50,30 @@ module.exports = {
'webhook-secrets',
'deployment',
'configuring-webhooks',
'server-configuration',
'provider-credentials',
'terraform-enterprise'
'provider-credentials'
]
},
{
title: 'Using Atlantis',
title: 'Configuring Atlantis',
collapsable: true,
children: [
['using-atlantis', 'Overview']
['configuring-atlantis', 'Overview'],
'server-configuration',
'server-side-repo-config',
'custom-workflows',
'repo-level-atlantis-yaml',
'upgrading-atlantis-yaml-to-version-2',
'apply-requirements',
'checkout-strategy',
'terraform-versions',
'terraform-enterprise'
]
},
{
title: 'Customizing Atlantis',
title: 'Using Atlantis',
collapsable: true,
children: [
['customizing-atlantis', 'Overview'],
'repos-yaml-reference',
'atlantis-yaml-reference',
'upgrading-atlantis-yaml-to-version-2',
'apply-requirements',
'checkout-strategy',
'terraform-versions'
['using-atlantis', 'Overview']
]
},
{
Expand Down
6 changes: 3 additions & 3 deletions runatlantis.io/docs/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,11 @@ These docs are for users that are ready to get Atlantis installed and start usin

:::tip Looking to get started?
If you're new here, check out the [Guide](/guide/)
where you can try our [Test Drive](/guide/test-drive.html) or [Run Atlantis Locally](/guide/getting-started.html).
where you can try our [Test Drive](/guide/test-drive.html) or [Run Atlantis Locally](/guide/testing-locally.html).
:::

### Next Steps
* [Installing Atlantis](/docs/installation-guide.html)&nbsp;&nbsp;&nbsp;&nbsp;Get Atlantis up and running
* [Using Atlantis](using-atlantis.html)&nbsp;&nbsp;&nbsp;&nbsp;How do I use Atlantis to run Terraform
* [Customizing Atlantis](customizing-atlantis.html)&nbsp;&nbsp;&nbsp;&nbsp;Modify how Atlantis works for my use case
* [Configuring Atlantis](configuring-atlantis.html)&nbsp;&nbsp;&nbsp;&nbsp;Configure how Atlantis works for your specific use-cases
* [Using Atlantis](using-atlantis.html)&nbsp;&nbsp;&nbsp;&nbsp;How do you use Atlantis?
* [How Atlantis Works](how-atlantis-works.html)&nbsp;&nbsp;&nbsp;&nbsp;Internals of what Atlantis is doing
38 changes: 22 additions & 16 deletions runatlantis.io/docs/access-credentials.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Git Host Access Credentials
This doc describes how to create credentials on your Git host (GitHub, GitLab or Bitbucket)
This page describes how to create credentials for your Git host (GitHub, GitLab or Bitbucket)
that Atlantis will use to make API calls.
[[toc]]

Expand All @@ -14,27 +14,33 @@ will come from that user so it might be confusing if its coming from a personal

## Generating an Access Token
Once you've created a new user (or decided to use an existing one), you need to
generate an access token. Read on for the instructions for your Git host.

### Create a GitHub Token
**NOTE: The Atlantis user must have "Write permissions" (for repos in an organization) or be a "Collaborator" (for repos in a user account) to be able to set commit statuses:**
generate an access token. Read on for the instructions for your specific Git host:
* [GitHub](#github)
* [GitLab](#gitlab)
* [Bitbucket Cloud (bitbucket.org)](#bitbucket-cloud-bitbucket-org)
* [Bitbucket Server (aka Stah)](#bitbucket-server-aka-stash)

### GitHub
- Create a Personal Access Token by following: [https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/#creating-a-token](https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/#creating-a-token)
- Create the token with **repo** scope
- Record the access token
::: warning
Your Atlantis user must also have "Write permissions" (for repos in an organization) or be a "Collaborator" (for repos in a user account) to be able to set commit statuses:
![Atlantis status](./images/status.png)
- create a Personal Access Token by following [https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/#creating-a-token](https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/#creating-a-token)
- create the token with **repo** scope
- record the access token
:::

### Create a GitLab Token
- follow [https://docs.gitlab.com/ce/user/profile/personal_access_tokens.html#creating-a-personal-access-token](https://docs.gitlab.com/ce/user/profile/personal_access_tokens.html#creating-a-personal-access-token)
- create a token with **api** scope
- record the access token
### GitLab
- Follow: [https://docs.gitlab.com/ce/user/profile/personal_access_tokens.html#creating-a-personal-access-token](https://docs.gitlab.com/ce/user/profile/personal_access_tokens.html#creating-a-personal-access-token)
- Create a token with **api** scope
- Record the access token

### Create a Bitbucket Cloud (bitbucket.org) App Password
- create an App Password by following [https://confluence.atlassian.com/bitbucket/app-passwords-828781300.html#Apppasswords-Createanapppassword](https://confluence.atlassian.com/bitbucket/app-passwords-828781300.html#Apppasswords-Createanapppassword)
### Bitbucket Cloud (bitbucket.org)
- Create an App Password by following [https://confluence.atlassian.com/bitbucket/app-passwords-828781300.html#Apppasswords-Createanapppassword](https://confluence.atlassian.com/bitbucket/app-passwords-828781300.html#Apppasswords-Createanapppassword)
- Label the password "atlantis"
- Select **Pull requests**: **Read** and **Write** so that Atlantis can read your pull requests and write comments to them
- record the access token
- Record the access token

### Create a Bitbucket Server (aka Stash) Personal Access Token
### Bitbucket Server (aka Stash)
- Click on your avatar in the top right and select **Manage account**
- Click **Personal access tokens** in the sidebar
- Click **Create a token**
Expand Down
Loading

0 comments on commit d78b106

Please sign in to comment.