cloudposse/atmos v1.190.0

on GitHub

why

• We are preparing to migrate to Atmos Pro and have moved the previous version of workflows into a separate folder

references

• slack

Summary by CodeRabbit

• Documentation
  • Updated GitHub Actions integration pages to embed legacy workflow examples via new RemoteFile sources (refs/heads/master).
  • Affected pages: Affected Stacks, Atmos Terraform Plan, Atmos Terraform Apply, Drift Detection, Drift Remediation, and Component Updater.
  • Examples now display the legacy snippets for plan, plan-matrix, apply, apply-matrix, drift detection/remediation, and components updater workflows.
  • No functional changes to the site; content updates only.

why

• Use an independent environment for screengrab generation

Summary by CodeRabbit

• Chores
  • Updated CI workflow to use the “screengrabs” environment for build jobs, aligning automation with the correct deployment context.
  • This affects internal pipelines for generating screen captures and does not alter product functionality or UI.
  • No action required from users; performance, features, and behavior remain unchanged.
  • Release contents are unaffected.

why

• Fix CI workflow run
• Allow to trigger workflows on screengrabs update PR creation
• Use the GitHub app to authenticate and create a PR
• To avoid a race condition for vhs workflows on set no-release label

why

• AGENTS.md duplicates information already in CLAUDE.md and .cursor/rules
• build.sh has wrong import paths and hasn't been used since 2021 (Makefile is the standard)
• package-lock.json in root is orphaned (no package.json) and belongs in website/ directory
• Consolidating documentation and removing misplaced files reduces confusion
• Cleaner root directory makes the project more maintainable

references

• build.sh was added in #56 (2021) during Go rewrite but never updated
• package-lock.json was accidentally created in root in #240 (2022)
• AGENTS.md was recently added in #1311 but duplicates existing docs

Summary by CodeRabbit

• Documentation

  • Added clear guidelines on handling golden snapshots, emphasizing when and how to update them.
  • Removed outdated agent guidelines to streamline contributor documentation.

• Chores

  • Removed the legacy build script and its version-embedding step to align with the current build process. Users should rely on the standard build tooling going forward.

Problem

Dependabot automatically adds semver labels (major, minor, patch) based on the version changes of dependencies. This causes our PR checks to fail because:

1. Dependabot PRs have both no-release (from our config) AND a semver label (auto-added)
2. Our semver check requires exactly ONE label
3. There's currently no way to disable Dependabot's automatic labeling behavior

Solution

This PR adds a preprocessing step in the pr-semver-labels job that:

• Detects when a PR is from Dependabot
• Removes any auto-added semver labels
• Preserves the no-release label
• Then allows the existing semver check to pass

Rationale

• Dependency version changes don't directly determine Atmos releases
• Atmos follows its own semantic versioning based on features and functionality
• Dependency updates are bundled with feature releases

References

This is a workaround for a known GitHub limitation. See:

• dependabot/dependabot-core#3465 (Feature request to opt-out)
• dependabot/dependabot-core#11783 (labels: [] regression)
• dependabot/dependabot-core#1871 (Why labels are auto-applied)

Test plan

• Verify workflow syntax is valid
• Test with next Dependabot PR to confirm labels are cleaned correctly
• Ensure regular PRs are unaffected

🤖 Generated with Claude Code

Summary by CodeRabbit

• Chores
  • Dependabot PRs now have automated removal of auto-added semver labels so they retain only the no-release label.
  • Workflow adds a Dependabot-specific gating step to run label cleanup only for Dependabot PRs.
  • Enforced PR labeling: exactly one of major, minor, patch, or no-release is required before merge.
  • Automated comments warn when required labels are missing and provide guidance.
  • Improved logging and permissions to make labeling automation more reliable.

why

• t.Skip() without a reason makes debugging difficult when tests are skipped
• Fatal exits in TestMain prevent tests from being properly reported as "skipped"
• Using t.Skipf() with descriptive messages helps developers understand why tests didn't run
• The linting rule prevents future code from using t.Skip() without reasons

Changes made

Test files updated (12 instances)

• All Windows-specific skips now explain why (symlinks, permissions, etc.)
• Dynamic skip messages preserved with proper formatting

CLI test infrastructure

• Added package-level skipReason variable set in TestMain
• Replaced logger.Fatal() calls for binary issues with skipReason setting
• TestMain always calls m.Run() to allow proper test reporting
• Individual test functions check skipReason and skip with message

Linting configuration

• Added forbidigo pattern to catch t.Skip( usage
• Removed forbidigo from test file exclusions to enforce the rule
• Pattern provides clear guidance: "Use t.Skipf with a descriptive reason"

Documentation

• Added "Test Skipping Conventions" section to CLAUDE.md
• Documents requirement for descriptive skip reasons
• Explains the CLI test skip mechanism

Testing

• ✅ All tests compile successfully
• ✅ Tests properly skip with reasons when binary is missing/stale
• ✅ Tests run normally when binary is available
• ✅ No remaining t.Skip() calls in codebase

Summary by CodeRabbit

• Documentation

  • Added mandatory guidance on test-skipping conventions requiring descriptive skip reasons.

• Tests

  • Standardized skip messages to be more descriptive across platforms.
  • Added early, graceful test skipping when required binaries or credentials are missing.
  • Adjusted test harness to enable non-fatal skips during test collection.

• Chores

  • Updated linter rules to discourage bare skips and recommend descriptive alternatives.
  • Added a gitignore entry to ignore a test artifact.

why

• Settings defined inlined should have top priority

references

• DEV-359: Review and fix atmos.yaml imports

Summary by CodeRabbit

• New Features

  • Configuration loading now stages imports before applying them, preserving override precedence so imported settings resolve correctly.

• Tests

  • Added fixtures covering CLI import override scenarios (commands, stacks, tools, vendor) and a test verifying command override behavior.

❯ atmos list components
armis/configuration

# Component structure
❯ alias atmos=/Users/rosesecurity/Desktop/Projects/atmos/build/atmos
❯ tree -d -L3
.
├── components
│   ├── packer
│   │   └── instance
│   └── terraform
│       └── armis
├── scripts
└── stacks
    ├── defaults
    │   ├── armis
    │   └── instance
    └── orgs

# Test locally-built Atmos
❯ atmos list components
armis/configuration
instance/defaults

• Updated getStackComponents in pkg/list/list_components.go to extract components from terraform, helmfile, and packer sections, returning all found components in a single list. The function now returns a generic parse error if no components are found, instead of a Terraform-specific error.
• Removed the now-unused ErrParseTerraformComponents error, simplifying error handling for component parsing.
• Updated test assertions in TestListComponentsWithStack to include Helmfile and Packer components in the expected output.
• Removed the test case for missing Terraform components, as the function now handles missing components more generically.
• Added new test data and a test case in TestGetComponentsForSpecificStack to verify Packer component extraction.

why

• Currently, atmos list components does not support components that are not Terraform. As we expand the tool to support more component types, being able to list these will be beneficial. This serves as a starting point, as we can add support for pretty printing components, types, and descriptions with Charmbracelet libraries. This pull request enhances the component extraction logic to support multiple component types (Terraform, Helmfile, and Packer) instead of only Terraform, and updates error handling and tests accordingly. The extraction function now aggregates all supported component types, and the tests have been expanded to cover these changes.

Summary by CodeRabbit

• New Features

  • Component listing now aggregates Terraform, Helmfile, and Packer components into a unified list and returns all found components.

• Bug Fixes

  • Replaced per-source "missing" errors with a single clear "no components found" response when nothing is present.

• Tests

  • Expanded test coverage with additional stacks and Packer components to validate unified listing behavior.