diff --git a/Dockerfile b/Dockerfile index 646d172e2a..cb14a17f4d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ ARG DEBIAN_TAG=12.8-slim@sha256:d365f4920711a9074c4bcd178e8f457ee59250426441ab2a ARG GOLANG_TAG=1.23.4-alpine@sha256:c23339199a08b0e12032856908589a6d41a0dab141b8b3b21f156fc571a3f1d3 # renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp -ARG DEFAULT_TERRAFORM_VERSION=1.10.3 +ARG DEFAULT_TERRAFORM_VERSION=1.10.4 # renovate: datasource=github-releases depName=opentofu/opentofu versioning=hashicorp ARG DEFAULT_OPENTOFU_VERSION=1.8.8 # renovate: datasource=github-releases depName=open-policy-agent/conftest @@ -13,7 +13,11 @@ ARG DEFAULT_CONFTEST_VERSION=0.56.0 # Stage 1: build artifact and download deps -FROM golang:${GOLANG_TAG} AS builder +FROM --platform=$BUILDPLATFORM golang:${GOLANG_TAG} AS builder + +# These are automatically populated by Docker +ARG TARGETOS +ARG TARGETARCH ARG ATLANTIS_VERSION=dev ENV ATLANTIS_VERSION=${ATLANTIS_VERSION} @@ -42,7 +46,7 @@ RUN --mount=type=cache,target=/go/pkg/mod \ COPY . /app RUN --mount=type=cache,target=/go/pkg/mod \ --mount=type=cache,target=/root/.cache/go-build \ - CGO_ENABLED=0 go build -trimpath -ldflags "-s -w -X 'main.version=${ATLANTIS_VERSION}' -X 'main.commit=${ATLANTIS_COMMIT}' -X 'main.date=${ATLANTIS_DATE}'" -v -o atlantis . + CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -trimpath -ldflags "-s -w -X 'main.version=${ATLANTIS_VERSION}' -X 'main.commit=${ATLANTIS_COMMIT}' -X 'main.date=${ATLANTIS_DATE}'" -v -o atlantis . FROM debian:${DEBIAN_TAG} AS debian-base diff --git a/server/controllers/events/events_controller_e2e_test.go b/server/controllers/events/events_controller_e2e_test.go index 3b66a28225..4588b04127 100644 --- a/server/controllers/events/events_controller_e2e_test.go +++ b/server/controllers/events/events_controller_e2e_test.go @@ -948,6 +948,25 @@ func TestGitHubWorkflowWithPolicyCheck(t *testing.T) { {"exp-output-merge.txt"}, }, }, + { + Description: "1 failing policy and 1 passing policy with --quiet-policy-checks", + RepoDir: "policy-checks-multi-projects", + ModifiedFiles: []string{"dir1/main.tf,", "dir2/main.tf"}, + PolicyCheck: true, + ExpAutoplan: true, + ExpPolicyChecks: true, + ExpQuietPolicyChecks: true, + ExpQuietPolicyCheckFailure: true, + Comments: []string{ + "atlantis apply", + }, + ExpReplies: [][]string{ + {"exp-output-autoplan.txt"}, + {"exp-output-auto-policy-check-quiet.txt"}, + {"exp-output-apply.txt"}, + {"exp-output-merge.txt"}, + }, + }, { Description: "failing policy without policies passing using extra args", RepoDir: "policy-checks-extra-args", @@ -1183,7 +1202,7 @@ func TestGitHubWorkflowWithPolicyCheck(t *testing.T) { userConfig.EnablePolicyChecksFlag = c.PolicyCheck userConfig.QuietPolicyChecks = c.ExpQuietPolicyChecks - ctrl, vcsClient, githubGetter, atlantisWorkspace := setupE2E(t, c.RepoDir, setupOption{}) + ctrl, vcsClient, githubGetter, atlantisWorkspace := setupE2E(t, c.RepoDir, setupOption{userConfig: userConfig}) // Set the repo to be cloned through the testing backdoor. repoDir, headSHA := initializeRepo(t, c.RepoDir) @@ -1274,13 +1293,13 @@ type setupOption struct { allowCommands []command.Name disableAutoplan bool disablePreWorkflowHooks bool + userConfig server.UserConfig } func setupE2E(t *testing.T, repoDir string, opt setupOption) (events_controllers.VCSEventsController, *vcsmocks.MockClient, *mocks.MockGithubPullGetter, *events.FileWorkspace) { allowForkPRs := false discardApprovalOnPlan := true dataDir, binDir, cacheDir := mkSubDirs(t) - // Mocks. e2eVCSClient := vcsmocks.NewMockClient() e2eStatusUpdater := &events.DefaultCommitStatusUpdater{Client: e2eVCSClient} @@ -1493,7 +1512,18 @@ func setupE2E(t *testing.T, repoDir string, opt setupOption) (events_controllers pullUpdater := &events.PullUpdater{ HidePrevPlanComments: false, VCSClient: e2eVCSClient, - MarkdownRenderer: events.NewMarkdownRenderer(false, false, false, false, false, false, "", "atlantis", false), + MarkdownRenderer: events.NewMarkdownRenderer( + false, // gitlabSupportsCommonMark + false, // disableApplyAll + false, // disableApply + false, // disableMarkdownFolding + false, // disableRepoLocking + false, // enableDiffMarkdownFormat + "", // markdownTemplateOverridesDir + "atlantis", // executableName + false, // hideUnchangedPlanComments + opt.userConfig.QuietPolicyChecks, // quietPolicyChecks + ), } autoMerger := &events.AutoMerger{ diff --git a/server/controllers/events/testdata/test-repos/policy-checks-multi-projects/exp-output-auto-policy-check-quiet.txt b/server/controllers/events/testdata/test-repos/policy-checks-multi-projects/exp-output-auto-policy-check-quiet.txt new file mode 100644 index 0000000000..57a3dfefe3 --- /dev/null +++ b/server/controllers/events/testdata/test-repos/policy-checks-multi-projects/exp-output-auto-policy-check-quiet.txt @@ -0,0 +1,44 @@ +Ran Policy Check for 2 projects: + +1. dir: `dir1` workspace: `default` +1. dir: `dir2` workspace: `default` +--- + +### 2. dir: `dir2` workspace: `default` +**Policy Check Failed**: Some policy sets did not pass. +#### Policy Set: `test_policy` +```diff +FAIL - - main - WARNING: Forbidden Resource creation is prohibited. + +1 test, 0 passed, 0 warnings, 1 failure, 0 exceptions + +``` + + +#### Policy Approval Status: +``` +policy set: test_policy: requires: 1 approval(s), have: 0. +``` +* :heavy_check_mark: To **approve** this project, comment: + ```shell + atlantis approve_policies -d dir2 + ``` +* :put_litter_in_its_place: To **delete** this plan and lock, click [here](lock-url) +* :repeat: To re-run policies **plan** this project again by commenting: + ```shell + atlantis plan -d dir2 + ``` + +--- +* :heavy_check_mark: To **approve** all unapplied plans from this Pull Request, comment: + ```shell + atlantis approve_policies + ``` +* :put_litter_in_its_place: To **delete** all plans and locks from this Pull Request, comment: + ```shell + atlantis unlock + ``` +* :repeat: To re-run policies **plan** this project again by commenting: + ```shell + atlantis plan + ``` diff --git a/server/events/command_runner_test.go b/server/events/command_runner_test.go index cd9cbc10e4..7b06d0f015 100644 --- a/server/events/command_runner_test.go +++ b/server/events/command_runner_test.go @@ -126,7 +126,7 @@ func setup(t *testing.T, options ...func(testConfig *TestConfig)) *vcsmocks.Mock pullUpdater = &events.PullUpdater{ HidePrevPlanComments: false, VCSClient: vcsClient, - MarkdownRenderer: events.NewMarkdownRenderer(false, false, false, false, false, false, "", "atlantis", false), + MarkdownRenderer: events.NewMarkdownRenderer(false, false, false, false, false, false, "", "atlantis", false, false), } autoMerger = &events.AutoMerger{ diff --git a/server/events/markdown_renderer.go b/server/events/markdown_renderer.go index 4ce268c239..e685122b08 100644 --- a/server/events/markdown_renderer.go +++ b/server/events/markdown_renderer.go @@ -57,6 +57,7 @@ type MarkdownRenderer struct { markdownTemplates *template.Template executableName string hideUnchangedPlanComments bool + quietPolicyChecks bool } // commonData is data that all responses have. @@ -72,6 +73,7 @@ type commonData struct { EnableDiffMarkdownFormat bool ExecutableName string HideUnchangedPlanComments bool + QuietPolicyChecks bool VcsRequestType string } @@ -131,11 +133,12 @@ type policyCheckResultsData struct { } type projectResultTmplData struct { - Workspace string - RepoRelDir string - ProjectName string - Rendered string - NoChanges bool + Workspace string + RepoRelDir string + ProjectName string + Rendered string + NoChanges bool + IsSuccessful bool } // Initialize templates @@ -149,6 +152,7 @@ func NewMarkdownRenderer( markdownTemplateOverridesDir string, executableName string, hideUnchangedPlanComments bool, + quietPolicyChecks bool, ) *MarkdownRenderer { var templates *template.Template templates, _ = template.New("").Funcs(sprig.TxtFuncMap()).ParseFS(templatesFS, "templates/*.tmpl") @@ -166,6 +170,7 @@ func NewMarkdownRenderer( markdownTemplates: templates, executableName: executableName, hideUnchangedPlanComments: hideUnchangedPlanComments, + quietPolicyChecks: quietPolicyChecks, } } @@ -192,6 +197,7 @@ func (m *MarkdownRenderer) Render(ctx *command.Context, res command.Result, cmd EnableDiffMarkdownFormat: m.enableDiffMarkdownFormat, ExecutableName: m.executableName, HideUnchangedPlanComments: m.hideUnchangedPlanComments, + QuietPolicyChecks: m.quietPolicyChecks, VcsRequestType: vcsRequestType, } @@ -224,9 +230,10 @@ func (m *MarkdownRenderer) renderProjectResults(ctx *command.Context, results [] for _, result := range results { resultData := projectResultTmplData{ - Workspace: result.Workspace, - RepoRelDir: result.RepoRelDir, - ProjectName: result.ProjectName, + Workspace: result.Workspace, + RepoRelDir: result.RepoRelDir, + ProjectName: result.ProjectName, + IsSuccessful: result.IsSuccessful(), } if result.PlanSuccess != nil { result.PlanSuccess.TerraformOutput = strings.TrimSpace(result.PlanSuccess.TerraformOutput) diff --git a/server/events/markdown_renderer_test.go b/server/events/markdown_renderer_test.go index 39810dab13..2fb90c256b 100644 --- a/server/events/markdown_renderer_test.go +++ b/server/events/markdown_renderer_test.go @@ -60,7 +60,18 @@ func TestRenderErr(t *testing.T) { }, } - r := events.NewMarkdownRenderer(false, false, false, false, false, false, "", "atlantis", false) + r := events.NewMarkdownRenderer( + false, // gitlabSupportsCommonMark + false, // disableApplyAll + false, // disableApply + false, // disableMarkdownFolding + false, // disableRepoLocking + false, // enableDiffMarkdownFormat + "", // markdownTemplateOverridesDir + "atlantis", // executableName + false, // hideUnchangedPlanComments + false, // quietPolicyChecks + ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" logger.Info(logText) @@ -124,7 +135,18 @@ func TestRenderFailure(t *testing.T) { }, } - r := events.NewMarkdownRenderer(false, false, false, false, false, false, "", "atlantis", false) + r := events.NewMarkdownRenderer( + false, // gitlabSupportsCommonMark + false, // disableApplyAll + false, // disableApply + false, // disableMarkdownFolding + false, // disableRepoLocking + false, // enableDiffMarkdownFormat + "", // markdownTemplateOverridesDir + "atlantis", // executableName + false, // hideUnchangedPlanComments + false, // quietPolicyChecks + ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" logger.Info(logText) @@ -163,7 +185,18 @@ func TestRenderFailure(t *testing.T) { } func TestRenderErrAndFailure(t *testing.T) { - r := events.NewMarkdownRenderer(false, false, false, false, false, false, "", "atlantis", false) + r := events.NewMarkdownRenderer( + false, // gitlabSupportsCommonMark + false, // disableApplyAll + false, // disableApply + false, // disableMarkdownFolding + false, // disableRepoLocking + false, // enableDiffMarkdownFormat + "", // markdownTemplateOverridesDir + "atlantis", // executableName + false, // hideUnchangedPlanComments + false, // quietPolicyChecks + ) logger := logging.NewNoopLogger(t).WithHistory() ctx := &command.Context{ Log: logger, @@ -1159,7 +1192,392 @@ $$$ }, } - r := events.NewMarkdownRenderer(false, false, false, false, false, false, "", "atlantis", false) + r := events.NewMarkdownRenderer( + false, // gitlabSupportsCommonMark + false, // disableApplyAll + false, // disableApply + false, // disableMarkdownFolding + false, // disableRepoLocking + false, // enableDiffMarkdownFormat + "", // markdownTemplateOverridesDir + "atlantis", // executableName + false, // hideUnchangedPlanComments + false, // quietPolicyChecks + ) + logger := logging.NewNoopLogger(t).WithHistory() + logText := "log" + logger.Info(logText) + ctx := &command.Context{ + Log: logger, + Pull: models.PullRequest{ + BaseRepo: models.Repo{ + VCSHost: models.VCSHost{ + Type: models.Github, + }, + }, + }, + } + for _, c := range cases { + t.Run(c.Description, func(t *testing.T) { + res := command.Result{ + ProjectResults: c.ProjectResults, + } + for _, verbose := range []bool{true, false} { + t.Run(c.Description, func(t *testing.T) { + cmd := &events.CommentCommand{ + Name: c.Command, + SubName: c.SubCommand, + Verbose: verbose, + } + s := r.Render(ctx, res, cmd) + if !verbose { + Equals(t, normalize(c.Expected), normalize(s)) + } else { + log := fmt.Sprintf("[INFO] %s", logText) + Equals(t, normalize(c.Expected+ + fmt.Sprintf("
Log\n

\n\n```\n%s\n```\n

", log)), normalize(s)) + } + }) + } + }) + } +} + +func TestRenderProjectResultsWithQuietPolicyChecks(t *testing.T) { + cases := []struct { + Description string + Command command.Name + SubCommand string + ProjectResults []command.ProjectResult + VCSHost models.VCSHostType + Expected string + }{ + { + "single successful policy check with multiple policy sets and project name", + command.PolicyCheck, + "", + []command.ProjectResult{ + { + PolicyCheckResults: &models.PolicyCheckResults{ + PolicySetResults: []models.PolicySetResult{ + { + PolicySetName: "policy1", + PolicyOutput: `FAIL - - main - WARNING: Null Resource creation is prohibited. + +2 tests, 1 passed, 0 warnings, 1 failure, 0 exceptions`, + Passed: false, + ReqApprovals: 1, + }, + { + PolicySetName: "policy2", + PolicyOutput: "2 tests, 2 passed, 0 warnings, 0 failure, 0 exceptions", + Passed: true, + ReqApprovals: 1, + }, + }, + LockURL: "lock-url", + RePlanCmd: "atlantis plan -d path -w workspace", + ApplyCmd: "atlantis apply -d path -w workspace", + }, + Workspace: "workspace", + RepoRelDir: "path", + ProjectName: "projectname", + }, + }, + models.Github, + ` +Ran Policy Check for project: $projectname$ dir: $path$ workspace: $workspace$ + +#### Policy Set: $policy1$ +$$$diff +FAIL - - main - WARNING: Null Resource creation is prohibited. + +2 tests, 1 passed, 0 warnings, 1 failure, 0 exceptions +$$$ + +#### Policy Set: $policy2$ +$$$diff +2 tests, 2 passed, 0 warnings, 0 failure, 0 exceptions +$$$ + + +#### Policy Approval Status: +$$$ +policy set: policy1: requires: 1 approval(s), have: 0. +policy set: policy2: passed. +$$$ +* :heavy_check_mark: To **approve** this project, comment: + $$$shell + + $$$ +* :put_litter_in_its_place: To **delete** this plan and lock, click [here](lock-url) +* :repeat: To re-run policies **plan** this project again by commenting: + $$$shell + atlantis plan -d path -w workspace + $$$ + +--- +* :fast_forward: To **apply** all unapplied plans from this Pull Request, comment: + $$$shell + atlantis apply + $$$ +* :put_litter_in_its_place: To **delete** all plans and locks from this Pull Request, comment: + $$$shell + atlantis unlock + $$$ +`, + }, + { + "single successful policy check with project name", + command.PolicyCheck, + "", + []command.ProjectResult{ + { + PolicyCheckResults: &models.PolicyCheckResults{ + PolicySetResults: []models.PolicySetResult{ + { + PolicySetName: "policy1", + // strings.Repeat require to get wrapped result + PolicyOutput: strings.Repeat("line\n", 13) + `FAIL - - main - WARNING: Null Resource creation is prohibited. + +2 tests, 1 passed, 0 warnings, 1 failure, 0 exceptions`, + Passed: false, + ReqApprovals: 1, + }, + }, + LockURL: "lock-url", + RePlanCmd: "atlantis plan -d path -w workspace", + ApplyCmd: "atlantis apply -d path -w workspace", + }, + Workspace: "workspace", + RepoRelDir: "path", + ProjectName: "projectname", + }, + }, + models.Github, + ` +Ran Policy Check for project: $projectname$ dir: $path$ workspace: $workspace$ + +
Show Output + +#### Policy Set: $policy1$ +$$$diff +line +line +line +line +line +line +line +line +line +line +line +line +line +FAIL - - main - WARNING: Null Resource creation is prohibited. + +2 tests, 1 passed, 0 warnings, 1 failure, 0 exceptions +$$$ + + +
+ +#### Policy Approval Status: +$$$ +policy set: policy1: requires: 1 approval(s), have: 0. +$$$ +* :heavy_check_mark: To **approve** this project, comment: + $$$shell + + $$$ +* :put_litter_in_its_place: To **delete** this plan and lock, click [here](lock-url) +* :repeat: To re-run policies **plan** this project again by commenting: + $$$shell + atlantis plan -d path -w workspace + $$$ +$$$ +policy set: policy1: 2 tests, 1 passed, 0 warnings, 1 failure, 0 exceptions +$$$ + +--- +* :fast_forward: To **apply** all unapplied plans from this Pull Request, comment: + $$$shell + atlantis apply + $$$ +* :put_litter_in_its_place: To **delete** all plans and locks from this Pull Request, comment: + $$$shell + atlantis unlock + $$$ +`, + }, + { + "multiple successful policy checks", + command.PolicyCheck, + "", + []command.ProjectResult{ + { + Workspace: "workspace", + RepoRelDir: "path", + PolicyCheckResults: &models.PolicyCheckResults{ + PolicySetResults: []models.PolicySetResult{ + { + PolicySetName: "policy1", + PolicyOutput: "4 tests, 4 passed, 0 warnings, 0 failures, 0 exceptions", + Passed: true, + }, + }, + LockURL: "lock-url", + ApplyCmd: "atlantis apply -d path -w workspace", + RePlanCmd: "atlantis plan -d path -w workspace", + }, + }, + { + Workspace: "workspace", + RepoRelDir: "path2", + ProjectName: "projectname", + PolicyCheckResults: &models.PolicyCheckResults{ + PolicySetResults: []models.PolicySetResult{ + { + PolicySetName: "policy1", + PolicyOutput: "4 tests, 4 passed, 0 warnings, 0 failures, 0 exceptions", + Passed: true, + }, + }, LockURL: "lock-url2", + ApplyCmd: "atlantis apply -d path2 -w workspace", + RePlanCmd: "atlantis plan -d path2 -w workspace", + }, + }, + }, + models.Github, + ` +Ran Policy Check for 2 projects: + +1. dir: $path$ workspace: $workspace$ +1. project: $projectname$ dir: $path2$ workspace: $workspace$ +--- + +* :fast_forward: To **apply** all unapplied plans from this Pull Request, comment: + $$$shell + atlantis apply + $$$ +* :put_litter_in_its_place: To **delete** all plans and locks from this Pull Request, comment: + $$$shell + atlantis unlock + $$$ +`, + }, + { + "successful, failed, and errored policy check", + command.PolicyCheck, + "", + []command.ProjectResult{ + { + Workspace: "workspace", + RepoRelDir: "path", + PolicyCheckResults: &models.PolicyCheckResults{ + PolicySetResults: []models.PolicySetResult{ + { + PolicySetName: "policy1", + PolicyOutput: "4 tests, 4 passed, 0 warnings, 0 failures, 0 exceptions", + Passed: true, + }, + }, LockURL: "lock-url", + ApplyCmd: "atlantis apply -d path -w workspace", + RePlanCmd: "atlantis plan -d path -w workspace", + }, + }, + { + Workspace: "workspace", + RepoRelDir: "path2", + Failure: "failure", + PolicyCheckResults: &models.PolicyCheckResults{ + PolicySetResults: []models.PolicySetResult{ + { + PolicySetName: "policy1", + PolicyOutput: "4 tests, 2 passed, 0 warnings, 2 failures, 0 exceptions", + Passed: false, + ReqApprovals: 1, + }, + }, LockURL: "lock-url", + ApplyCmd: "atlantis apply -d path -w workspace", + RePlanCmd: "atlantis plan -d path -w workspace", + }, + }, + { + Workspace: "workspace", + RepoRelDir: "path3", + ProjectName: "projectname", + Error: errors.New("error"), + }, + }, + models.Github, + ` +Ran Policy Check for 3 projects: + +1. dir: $path$ workspace: $workspace$ +1. dir: $path2$ workspace: $workspace$ +1. project: $projectname$ dir: $path3$ workspace: $workspace$ +--- + +### 2. dir: $path2$ workspace: $workspace$ +**Policy Check Failed**: failure +#### Policy Set: $policy1$ +$$$diff +4 tests, 2 passed, 0 warnings, 2 failures, 0 exceptions +$$$ + + +#### Policy Approval Status: +$$$ +policy set: policy1: requires: 1 approval(s), have: 0. +$$$ +* :heavy_check_mark: To **approve** this project, comment: + $$$shell + + $$$ +* :put_litter_in_its_place: To **delete** this plan and lock, click [here](lock-url) +* :repeat: To re-run policies **plan** this project again by commenting: + $$$shell + atlantis plan -d path -w workspace + $$$ + +--- +### 3. project: $projectname$ dir: $path3$ workspace: $workspace$ +**Policy Check Error** +$$$ +error +$$$ + +--- +* :heavy_check_mark: To **approve** all unapplied plans from this Pull Request, comment: + $$$shell + atlantis approve_policies + $$$ +* :put_litter_in_its_place: To **delete** all plans and locks from this Pull Request, comment: + $$$shell + atlantis unlock + $$$ +* :repeat: To re-run policies **plan** this project again by commenting: + $$$shell + atlantis plan + $$$ +`, + }, + } + + r := events.NewMarkdownRenderer( + false, // gitlabSupportsCommonMark + false, // disableApplyAll + false, // disableApply + false, // disableMarkdownFolding + false, // disableRepoLocking + false, // enableDiffMarkdownFormat + "", // markdownTemplateOverridesDir + "atlantis", // executableName + false, // hideUnchangedPlanComments + true, // quietPolicyChecks + ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" logger.Info(logText) @@ -1356,9 +1774,10 @@ $$$ false, // disableMarkdownFolding false, // disableRepoLocking false, // enableDiffMarkdownFormat - "", // MarkdownTemplateOverridesDir + "", // markdownTemplateOverridesDir "atlantis", // executableName false, // hideUnchangedPlanComments + false, // quietPolicyChecks ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" @@ -1540,9 +1959,10 @@ $$$ false, // disableMarkdownFolding false, // disableRepoLocking false, // enableDiffMarkdownFormat - "", // MarkdownTemplateOverridesDir + "", // markdownTemplateOverridesDir "atlantis", // executableName false, // hideUnchangedPlanComments + false, // quietPolicyChecks ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" @@ -1598,9 +2018,10 @@ func TestRenderCustomPolicyCheckTemplate_DisableApplyAll(t *testing.T) { false, // disableMarkdownFolding false, // disableRepoLocking false, // enableDiffMarkdownFormat - tmpDir, // MarkdownTemplateOverridesDir + tmpDir, // markdownTemplateOverridesDir "atlantis", // executableName false, // hideUnchangedPlanComments + false, // quietPolicyChecks ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" @@ -1672,9 +2093,10 @@ func TestRenderProjectResults_DisableFolding(t *testing.T) { true, // disableMarkdownFolding false, // disableRepoLocking false, // enableDiffMarkdownFormat - "", // MarkdownTemplateOverridesDir + "", // markdownTemplateOverridesDir "atlantis", // executableName false, // hideUnchangedPlanComments + false, // quietPolicyChecks ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" @@ -1781,9 +2203,10 @@ func TestRenderProjectResults_WrappedErr(t *testing.T) { false, // disableMarkdownFolding false, // disableRepoLocking false, // enableDiffMarkdownFormat - "", // MarkdownTemplateOverridesDir + "", // markdownTemplateOverridesDir "atlantis", // executableName false, // hideUnchangedPlanComments + false, // quietPolicyChecks ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" @@ -1926,9 +2349,10 @@ func TestRenderProjectResults_WrapSingleProject(t *testing.T) { false, // disableMarkdownFolding false, // disableRepoLocking false, // enableDiffMarkdownFormat - "", // MarkdownTemplateOverridesDir + "", // markdownTemplateOverridesDir "atlantis", // executableName false, // hideUnchangedPlanComments + false, // quietPolicyChecks ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" @@ -2076,9 +2500,10 @@ func TestRenderProjectResults_MultiProjectApplyWrapped(t *testing.T) { false, // disableMarkdownFolding false, // disableRepoLocking false, // enableDiffMarkdownFormat - "", // MarkdownTemplateOverridesDir + "", // markdownTemplateOverridesDir "atlantis", // executableName false, // hideUnchangedPlanComments + false, // quietPolicyChecks ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" @@ -2155,9 +2580,10 @@ func TestRenderProjectResults_MultiProjectPlanWrapped(t *testing.T) { false, // disableMarkdownFolding false, // disableRepoLocking false, // enableDiffMarkdownFormat - "", // MarkdownTemplateOverridesDir + "", // markdownTemplateOverridesDir "atlantis", // executableName false, // hideUnchangedPlanComments + false, // quietPolicyChecks ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" @@ -2381,9 +2807,10 @@ This plan was not saved because one or more projects failed and automerge requir false, // disableMarkdownFolding false, // disableRepoLocking false, // enableDiffMarkdownFormat - "", // MarkdownTemplateOverridesDir + "", // markdownTemplateOverridesDir "atlantis", // executableName false, // hideUnchangedPlanComments + false, // quietPolicyChecks ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" @@ -2937,9 +3364,10 @@ $$$ false, // disableMarkdownFolding true, // disableRepoLocking false, // enableDiffMarkdownFormat - "", // MarkdownTemplateOverridesDir + "", // markdownTemplateOverridesDir "atlantis", // executableName false, // hideUnchangedPlanComments + false, // quietPolicyChecks ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" @@ -3074,9 +3502,10 @@ $$$ false, // disableMarkdownFolding true, // disableRepoLocking false, // enableDiffMarkdownFormat - "", // MarkdownTemplateOverridesDir + "", // markdownTemplateOverridesDir "atlantis", // executableName false, // hideUnchangedPlanComments + false, // quietPolicyChecks ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" @@ -3533,9 +3962,10 @@ func TestRenderProjectResultsWithEnableDiffMarkdownFormat(t *testing.T) { false, // disableMarkdownFolding false, // disableRepoLocking true, // enableDiffMarkdownFormat - "", // MarkdownTemplateOverridesDir + "", // markdownTemplateOverridesDir "atlantis", // executableName false, // hideUnchangedPlanComments + false, // quietPolicyChecks ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" @@ -3588,9 +4018,10 @@ func BenchmarkRenderProjectResultsWithEnableDiffMarkdownFormat(b *testing.B) { false, // disableMarkdownFolding false, // disableRepoLocking true, // enableDiffMarkdownFormat - "", // MarkdownTemplateOverridesDir + "", // markdownTemplateOverridesDir "atlantis", // executableName false, // hideUnchangedPlanComments + false, // quietPolicyChecks ) logger := logging.NewNoopLogger(b).WithHistory() logText := "log" @@ -3793,7 +4224,18 @@ Ran Plan for 3 projects: }, } - r := events.NewMarkdownRenderer(false, false, false, false, false, false, "", "atlantis", true) + r := events.NewMarkdownRenderer( + false, // gitlabSupportsCommonMark + false, // disableApplyAll + false, // disableApply + false, // disableMarkdownFolding + false, // disableRepoLocking + false, // enableDiffMarkdownFormat + "", // markdownTemplateOverridesDir + "atlantis", // executableName + true, // hideUnchangedPlanComments + false, // quietPolicyChecks + ) logger := logging.NewNoopLogger(t).WithHistory() logText := "log" logger.Info(logText) diff --git a/server/events/templates/multi_project_policy.tmpl b/server/events/templates/multi_project_policy.tmpl index add574fde4..276dfe2b72 100644 --- a/server/events/templates/multi_project_policy.tmpl +++ b/server/events/templates/multi_project_policy.tmpl @@ -2,8 +2,10 @@ {{ template "multiProjectHeader" . -}} {{ $disableApplyAll := .DisableApplyAll -}} {{ $hideUnchangedPlans := .HideUnchangedPlanComments -}} +{{ $quietPolicyChecks := .QuietPolicyChecks -}} {{ range $i, $result := .Results -}} {{ if (and $hideUnchangedPlans $result.NoChanges) }}{{continue}}{{end -}} +{{ if (and $quietPolicyChecks $result.IsSuccessful) }}{{continue}}{{end -}} ### {{ add $i 1 }}. {{ if $result.ProjectName }}project: `{{ $result.ProjectName }}` {{ end }}dir: `{{ $result.RepoRelDir }}` workspace: `{{ $result.Workspace }}` {{ $result.Rendered }} diff --git a/server/events/templates/multi_project_policy_unsuccessful.tmpl b/server/events/templates/multi_project_policy_unsuccessful.tmpl index 039dd9ce7c..7e11821dfd 100644 --- a/server/events/templates/multi_project_policy_unsuccessful.tmpl +++ b/server/events/templates/multi_project_policy_unsuccessful.tmpl @@ -1,7 +1,9 @@ {{ define "multiProjectPolicyUnsuccessful" -}} {{ template "multiProjectHeader" . -}} {{ $disableApplyAll := .DisableApplyAll -}} +{{ $quietPolicyChecks := .QuietPolicyChecks -}} {{ range $i, $result := .Results -}} +{{ if (and $quietPolicyChecks $result.IsSuccessful) }}{{continue}}{{end -}} ### {{ add $i 1 }}. {{ if $result.ProjectName }}project: `{{ $result.ProjectName }}` {{ end }}dir: `{{ $result.RepoRelDir }}` workspace: `{{ $result.Workspace }}` {{ $result.Rendered }} diff --git a/server/server.go b/server/server.go index a77eeddaf8..6f4e31c497 100644 --- a/server/server.go +++ b/server/server.go @@ -460,6 +460,7 @@ func NewServer(userConfig UserConfig, config Config) (*Server, error) { userConfig.MarkdownTemplateOverridesDir, userConfig.ExecutableName, userConfig.HideUnchangedPlanComments, + userConfig.QuietPolicyChecks, ) var lockingClient locking.Locker diff --git a/testdrive/utils.go b/testdrive/utils.go index 872e750d4f..50f3bf2555 100644 --- a/testdrive/utils.go +++ b/testdrive/utils.go @@ -35,7 +35,7 @@ import ( ) const hashicorpReleasesURL = "https://releases.hashicorp.com" -const terraformVersion = "1.10.3" // renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp +const terraformVersion = "1.10.4" // renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp const ngrokDownloadURL = "https://bin.equinox.io/c/4VmDzA7iaHb" const ngrokAPIURL = "localhost:41414" // We hope this isn't used. const atlantisPort = 4141 diff --git a/testing/Dockerfile b/testing/Dockerfile index 875e4dc556..a676d3b858 100644 --- a/testing/Dockerfile +++ b/testing/Dockerfile @@ -6,7 +6,7 @@ RUN apt-get update && apt-get --no-install-recommends -y install unzip \ # Install Terraform # renovate: datasource=github-releases depName=hashicorp/terraform versioning=hashicorp -ENV TERRAFORM_VERSION=1.10.3 +ENV TERRAFORM_VERSION=1.10.4 RUN case $(uname -m) in x86_64|amd64) ARCH="amd64" ;; aarch64|arm64|armv7l) ARCH="arm64" ;; esac && \ wget -nv -O terraform.zip https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_${ARCH}.zip && \ mkdir -p /usr/local/bin/tf/versions/${TERRAFORM_VERSION} && \