Why Pre Workflow Hooks does not have WORKSPACE environment variable?
Opened this issue ยท 8 comments
Community Note
- Please vote on this issue by adding a ๐ reaction to the original issue to help the community and maintainers prioritize this request. Searching for pre-existing feature requests helps us consolidate datapoints for identical requirements into a single place, thank you!
- Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
- If you are interested in working on this issue or have submitted a pull request, please leave a comment.
- I'd be willing to implement this feature (contributing guide)
Describe the user story
As a Solutions Architect, I'd like to filter some commands (plan, apply etc) by workspace, but the docs say it doesn't have the WORKSPACE environment variable right there. Is it true?
Describe the solution you'd like
I'd like the WORKSPACE environment variable to be available in Pre Workflow Hooks.
+1.
Each workspace represents separate env and we need to use separate set of Creds(scoped) for various TF providres. Like mongo atlas, auth0 and etc. I want to use some identification of workspace within pre-hook which will set proper env variables.
Pre-workflow hooks run before Terraform is initialised, so no workspace setting is available.
Wouldn't customizing the workflows solve this problem? Example:
version: 3
projects:
- name: dev
dir: .
workflow: dev
workspace: dev
apply_requirements: [mergeable, approved]
- name: prod
dir: .
workflow: prod
workspace: prod
apply_requirements: [mergeable, approved]
workflows:
dev:
plan:
steps:
- init:
extra_args:
- "-upgrade"
- plan:
extra_args:
- "-var"
- "aws_role_arn='arn:aws:iam::<DEV-ACCOUNT-ID>:role/TerraformDeployer'"
- "-var"
- "env=dev"
prod:
plan:
steps:
- init:
extra_args:
- "-upgrade"
- plan:
extra_args:
- "-var"
- "aws_role_arn='arn:aws:iam::<PROD-ACCOUNT-ID>:role/TerraformDeployer'"
- "-var"
- "env=prod"so no workspace setting is available
Actually it has. Remember it inherits that from projects block (in Yaml manifest) like you've already shown:
projects:
- name: dev
dir: .
workflow: dev
workspace: dev
We just need to retrieve the workspace: dev back.
The pre-workflow-hooks are defined at the repo level though, not at project level.
What if you create a custom workflow and add a run step:
version: 3
projects:
- name: dev
dir: .
workflow: dev
workspace: dev
apply_requirements: [mergeable, approved]
workflows:
dev:
plan:
steps:
- init:
extra_args:
- "-upgrade"
- run: echo $WORKSPACE # do something with workspace
- plan:
extra_args:
- "-var"
- "aws_role_arn='arn:aws:iam::<DEV-ACCOUNT-ID>:role/TerraformDeployer'"
- "-var"
- "env=dev"Or maybe I misunderstood your use-case. Can you clarify it?
What do you mean by filter some commands (plan, apply etc) by workspace?
@IuryAlves Let me clarify then...
projects block can be in atlantis.yaml in repository configuration.
repos block must be in the server configuration.
Said that, I have it:
repos:
- id: /github\.com\/test\/.*/
repo_config_file: atlantis.yaml
allowed_overrides: [workflow]
plan_requirements: []
apply_requirements: []
import_requirements: []
policy_check: true
pre_workflow_hooks:
- run: |
echo "let me do sth for $WORKSPACE... oh no! Cant find it!"
description: Example
shell: sh
shellArgs: -c
commands: plan,apply,import
Pay attention the repos itself knows the project's repo_config_file wherein the project workspace is. So the webhook triggers it with all the needed data.
Thanks for the explanation! That is indeed not possible since the pre_workflow_hooks run before Atlantis clones the repository.
I don't think so. Unless it'd be overwritten later. Because prehooks can generate configuration file on runtime.
Could you show it?