atlantis-org-applyer

module
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 23, 2021 License: MIT

README

Atlantis Organisation Applyer

When working with Atlantis on a bigger project (multiple GitHub repositories) a need arose to give apply permissions to more people in the organisation.

This project provides a solution (in form of a binary) which allows to grant apply permissions to GitHub users and teams for specific repository and Atlantis project pairs.

Atlantis Integration

  • add atlantis-org-applyer binary to the VM image or Docker image:

    version=1.0.0
curl -SsLO "https://github.com/czerasz/atlantis-org-applyer/releases/download/v${version}/atlantis-org-applyer-v${version}-linux-amd64"
curl -SsLO "https://github.com/czerasz/atlantis-org-applyer/releases/download/v${version}/atlantis-org-applyer-v${version}.sha256sum"
grep "atlantis-org-applyer-v${version}-linux-amd64" "atlantis-org-applyer-v${version}.sha256sum" | sha256sum -c
chmod u+x "atlantis-org-applyer-v${version}-linux-amd64"

  • mount configuration at /etc/atlantis/atlantis-org-applyer.yaml

  • configure Atlantis workflow in repo config file (/etc/atlantis/repos.yaml):

    ---
...
workflows:
  standard:
    plan:
      steps:
      - env:
          name: GITHUB_BASE_URL # for GitHub Enterprise
          command: echo "https://${ATLANTIS_GH_HOSTNAME}/api/v3/"
      - env:
          name: GITHUB_TOKEN
          command: echo "${ATLANTIS_GH_TOKEN}"
      - env:
          name: CONFIG_PATH
          value: /etc/atlantis/atlantis-org-applyer.yaml
      - run: atlantis-org-applyer
      - apply

Sample Configurations (atlantis-org-applyer.yaml)

  • allow czerasz user to apply every PR on czerasz/repo-name repository:

    projects:
- repo_owner: czerasz
  repo_name: repo-name
  atlantis_project: '.*' # allow every Atlantis project
  applyers:
  - name: czerasz

  • allow atlantis team to apply every PR on czerasz/repo-name repository:

    projects:
- repo_owner: czerasz
  repo_name: repo-name
  atlantis_project: '.*' # allow every Atlantis project
  applyers:
  - name: atlantis
    type: team

    NOTE

    atlantis represents the GitHub team slug

  • allow atlantis team to apply every PR, on every repository in the czerasz organisation for projects prefixed with dev or test:

    projects:
- repo_owner: czerasz
  repo_name: '.*'
  atlantis_project: '^(dev|test).*'
  applyers:
  - name: atlantis
    type: team

  • allow atlantis-ninjas team to apply every PR, on czerasz/databases repository for projects prefixed with prod only if the PR is in mergeable state:

    projects:
- repo_owner: czerasz
  repo_name: '^databases$'
  atlantis_project: '^prod.*'
  required_mergeable: true
  applyers:
  - name: atlantis-ninjas
    type: team

    NOTE

    Remember to exclude mergeable from apply_requirements

Configuration Environment Variables

Variable Name DEscription Required Default
GITHUB_BASE_URL Custom URL when used with GitHub Enterprise installation yes ""
GITHUB_TOKEN GitHub token of API user yes -
BASE_REPO_OWNER Owner of the repository that the pull request will be merged into, ex. runatlantis yes -
BASE_REPO_NAME Name of the repository that the pull request will be merged into, ex. atlantis yes -
PULL_NUM Pull request number or ID, ex. 2 yes -
PROJECT_NAME Name of the project configured in atlantis.yaml yes -
USER_NAME Username of the VCS user running command, ex. czerasz yes -
CONFIG_PATH Configuration file used by atlantis-org-applyer yes atlantis-org-applyer.yaml

NOTE

Environment variable names were choosen to match as close as possible variables provided by Atlantis

Overview

Overview

Directories

Path Synopsis
cmd
atlantis-org-applyer

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.