/terraform-null-atlantis-repo-config

Module for generating Atlantis repo config file. It contains set of custom workflows

Primary LanguageHCLApache License 2.0Apache-2.0

Terraform Atlantis Repo Config Module

Terraform

License Release

We help companies turn their data into assets

This module generates a server side repo config that can be passed to Atlantis server. It also contains a set of opinionated custom workflows that are ready for usage.

USAGE

module "template" {
  source = "github.com/getindata/terraform-null-atlantis-repo-config"

  repos = [
    {
      id                              = "/.*/"
      allowed_overrides               = ["workflow", "delete_source_branch_on_merge"]
      allow_custom_workflows          = true
      allow_all_server_side_workflows = true
    }
  ]

  repos_common_config = {
    apply_requirements = ["approved", "mergeable"]
  }

  workflows = {
    terragrunt-basic-with-features = {
      import = {
        steps = []
      }
      
      checkov                = { enabled = true, soft_fail = true }
      infracost              = { enabled = true }
      check_gitlab_approvals = { enabled = true }
      asdf                   = { enabled = true }
    }
  }
}

Infracost configuration

Every workflow can have separately configurable Infracost post workflow hook. As you can see in the example above to enable it you need to set enabled parameter to true.
Other parameters are:

  • platform - used to configure which platform Infracost should interact with. Currently supported are: GitHub, GitLab and Bitbucket.
  • token_environment_variable - used to specifying a custom environment variable with an access token to use to authorize when posting comments
  • behavior - used to configuring how comments are posted. Possible values: update, hide-and-new, delete-and-new and new. For more details see: https://www.infracost.io/docs/features/cli_commands/

Autoconfiguration based on platform

If you don't specify token_environment_variable then an environment variable with an access token will be chosen automatically based on specified platform, e.g. on GitLab it will be ATLANTIS_GITLAB_TOKEN.

EXAMPLES

Inputs

Name Description Type Default Required
repo_config_file Configures config file generation if enabled 
object({
    enabled = optional(bool, false)
    path    = optional(string, ".")
    name    = optional(string, "repo_config.yaml")
    format  = optional(string, "yaml")
  })
 {} no
repos Map of repositories and their configs. Refer to https://www.runatlantis.io/docs/server-side-repo-config.html#example-server-side-repo 
list(object({
    id                            = optional(string, "/.*/")
    branch                        = optional(string)
    apply_requirements            = optional(list(string))
    allowed_overrides             = optional(list(string))
    allowed_workflows             = optional(list(string), [])
    allow_custom_workflows        = optional(bool)
    delete_source_branch_on_merge = optional(bool)
    pre_workflow_hooks = optional(list(object({
      run = string
    })))
    post_workflow_hooks = optional(list(object({
      run = string
    })))
    workflow = optional(string)
    ######### Helpers #########
    allow_all_server_side_workflows = optional(bool, false)
    terragrunt_atlantis_config = optional(object({
      enabled              = optional(bool)
      output               = optional(string)
      automerge            = optional(bool)
      autoplan             = optional(bool)
      parallel             = optional(bool)
      cascade_dependencies = optional(bool)
      filter               = optional(string)
      use_project_markers  = optional(bool)
    }), {})
  }))
 [] no
repos_common_config Common config that will be merged into each item of the repos list 
object({
    id                            = optional(string)
    branch                        = optional(string)
    apply_requirements            = optional(list(string))
    allowed_overrides             = optional(list(string))
    allowed_workflows             = optional(list(string))
    allow_custom_workflows        = optional(bool)
    delete_source_branch_on_merge = optional(bool)
    pre_workflow_hooks = optional(list(object({
      run = string
    })))
    post_workflow_hooks = optional(list(object({
      run = string
    })))
    workflow = optional(string)
    ######### Helpers #########
    allow_all_server_side_workflows = optional(bool, false)
    terragrunt_atlantis_config = optional(object({
      enabled              = optional(bool, false)
      output               = optional(string, "atlantis.yaml")
      automerge            = optional(bool)
      autoplan             = optional(bool)
      parallel             = optional(bool)
      cascade_dependencies = optional(bool)
      filter               = optional(string)
      use_project_markers  = optional(bool)
    }), {})
    infracost = optional(object({
      enabled = optional(bool, false)
    }), {})
  })
 {} no
workflows List of custom workflow that will be added to the repo config file 
map(object({
    plan = optional(object({
      steps = optional(list(object({
        env = optional(object({
          name    = string
          command = string
        }))
        run      = optional(string)
        multienv = optional(string)
        atlantis_step = optional(object({
          command    = string
          extra_args = optional(list(string))
        }))
      })))
    }))
    apply = optional(object({
      steps = optional(list(object({
        env = optional(object({
          name    = string
          command = string
        }))
        run      = optional(string)
        multienv = optional(string)
        atlantis_step = optional(object({
          command    = string
          extra_args = optional(list(string))
        }))
      })))
    }))
    import = optional(object({
      steps = optional(list(object({
        env = optional(object({
          name    = string
          command = string
        }))
        run      = optional(string)
        multienv = optional(string)
        atlantis_step = optional(object({
          command    = string
          extra_args = optional(list(string))
        }))
      })))
    }))
    state_rm = optional(object({
      steps = optional(list(object({
        env = optional(object({
          name    = string
          command = string
        }))
        run      = optional(string)
        multienv = optional(string)
        atlantis_step = optional(object({
          command    = string
          extra_args = optional(list(string))
        }))
      })))
    }))
    template = optional(string, "terragrunt-basic")
    asdf = optional(object({
      enabled = optional(bool, false)
    }), {})
    checkov = optional(object({
      enabled   = optional(bool, false)
      soft_fail = optional(bool, false)
      file      = optional(string, "$SHOWFILE")
    }), {})
    infracost = optional(object({
      enabled                    = optional(bool, false)
      platform                   = optional(string, "gitlab")
      token_environment_variable = optional(string)
      behavior                   = optional(string, "new")
    }), {})
    pull_gitlab_variables = optional(object({
      enabled = optional(bool, false)
    }), {})
    check_gitlab_approvals = optional(object({
      enabled = optional(bool, false)
    }), {}),
  }))
 {} no

Modules

No modules.

Outputs

Name Description
repo_config Repo config object
repos List of repos config
repos_config_json Repo config converted to json string
repos_config_yaml Repo config converted to json string
workflows Custom Atlantis workflows

Providers

Name Version
local >= 1.3

Requirements

Name Version
terraform >= 1.3
local >= 1.3

Resources

Name Type
local_file.repo_config resource

CONTRIBUTING

Contributions are very welcomed!

Start by reviewing contribution guide and our code of conduct. After that, start coding and ship your changes by creating a new PR.

LICENSE

Apache 2 Licensed. See LICENSE for full details.

AUTHORS

Made with contrib.rocks.