github cloudposse/atmos v1.168.0
on GitHub

latest releases: v1.170.0, v1, v1.169.0...
11 days ago
Update dry run for `atmos vendor pull` to support `ssh` + detailed SCP urls alignment @Listener430 (#1076)

what

This PR upgrades the output of dry run mode for vendor pull command.
After the change is applied, the dry run mode shows

  1. details on the SCP-style links converion,
  2. Injected tokens
  3. urls being vendored in a santized format
    yet there's no actual files download.

Dry run output

dry_run_output

Non-dry run output (actual vendoring)

actual_vendoring

Add SSM param assume role @mcalhoun (#1170)

what

  • Add the ability to assume a role when reading/writing AWS SSM param store

why

  • In order to be able to read values cross-account
Refactor `list components` and fix lints @Cerebrovinny (#1162)

what && why

  • Refactor list components for new lint standards
Convert SCP-style URLs into proper SSH URLs for `atmos vendor pull`@Listener430 (#1149)

what

  • Convert SCP-style URLs into proper SSH URLs for atmos vendor pull

why

  1. Sometimes vendoring urls are provided in a non-standard, SCP-style Git URLs formt which omits a scheme and use a colon for separation. In order Go’s URL parser can process them, they have to be converted into fully qualified URLs (using SSH or HTTPS).
  2. Vendoring now honors tokens for Gitlab and Bitbucket for https vendoring
  3. Masking of sensative data in debug statements in Custom Detector
  4. Links without explicit scheme were indication were not handled correctly, e.g. this one failed
    git::git@github.com:cloudposse/terraform-null-label.git?ref={{.Version}}
  5. credentials for http vendoring were read from the token only for github, but not fot bitbucket and gitlab

Testing

Use this to run only test cases relevant for this PR
$ go test -v -run '^TestCLICommands/(atmos_vendor_pull_using_SSH|atmos_vendor_pull_with_custom_detector_and_handling_credentials_leakage)$' github.com/cloudposse/atmos/tests

non-standard SCP-style links handling
github ssh vendor pull

Token injections were tested wtih bitbucket and gitlab (http) for private and public repos + ssh vendoring for both.
Listing them here as there are no dedicated tests/repos available for testing at bitbucket/gitlab.

gitlab over ssh private repo
gitlab over https private repo with a token
bitbucket public repo over ssh
bitbucket private repo over ssh
bitbucket https public repo with token set and no token set works
bitbucket https private repo
gitlab over https public repo no auth

Fix Vendoring Issues with Globs and Symlinks @Listener430 (#984)

what

  • Fix Vendoring Issues with Globs and Symlinks

why

  • double star globs were not correctly matching multiple segments in all cases
  • vendoring without a shallow depth is 2x slower
  • the //. is an esoteric expression to copy all files from the root. Rather than expect users to know this, we default it where it makes sense.

Case 1. Globs 

    included_paths:
      - "**/{demo-library,demo-stacks}/**/*.{tf,md}"
    excluded_paths:
      - "**/demo-library/**/*.{tfvars,tf}"

Case 2. Globs without double stars upfront 

included_paths:
        - "/weather/*.md"

Case 3. Shallow globs and folder exclusion 

included_paths:
       - "**/demo-localstack/*"
       - "**/demo-library/**"
     excluded_paths:
       - "**/demo-library/**/stargazers/**"
       - "**/demo-library/**/*.tf"
Check out latest releases or
releases around cloudposse/atmos v1.168.0

Don't miss a new atmos release

NewReleases is sending notifications on new releases.

Get notifications