Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update atlantis #79

Merged
merged 5 commits into from
Jun 6, 2019
+188 −66
Merged

Update atlantis #79

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
f95aa6e
Update `atlantis`
aknysh Jun 5, 2019
181762c
Update `atlantis`
aknysh Jun 5, 2019
1cbc6f8
Update `atlantis`
aknysh Jun 5, 2019
b6136c6
Update `atlantis`
aknysh Jun 6, 2019
55e6f5e
Update `atlantis`
aknysh Jun 6, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 1 addition & 2 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ ENV DOCKER_TAG="latest"
# General
ENV NAMESPACE="cpco"
ENV STAGE="testing"
ENV DOMAIN_NAME="testing.cloudposse.co"
ENV ZONE_ID="Z3SO0TKDDQ0RGG"

# Geodesic banner
Expand Down Expand Up @@ -70,7 +69,7 @@ ENV NODE_MIN_SIZE="4"
COPY rootfs/ /

# Install atlantis
RUN curl -fsSL -o /usr/bin/atlantis https://github.com/cloudposse/atlantis/releases/download/0.5.2/atlantis_linux_amd64 && \
RUN curl -fsSL -o /usr/bin/atlantis https://github.com/cloudposse/atlantis/releases/download/0.8.0/atlantis_linux_amd64 && \
chmod 755 /usr/bin/atlantis

WORKDIR /conf/
2 changes: 1 addition & 1 deletion LICENSE
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -186,7 +186,7 @@
same "printed page" as the copyright notice for easier
identification within third-party archives.

Copyright 2018 Cloud Posse, LLC
Copyright 2018-2019 Cloud Posse, LLC

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
Expand Down
187 changes: 131 additions & 56 deletions atlantis.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,65 +2,140 @@ version: 2

projects:

- name: "tfstate-backend"
workflow: "make"
dir: "conf/tfstate-backend"
workspace: "default"
terraform_version: "v0.11.10"
autoplan:
when_modified:
- "Makefile*"
- "*.tf"
- "*.tfvars"
- ".envrc"
enabled: true
apply_requirements:
- "approved"
- name: "account-dns"
workflow: "make"
dir: "conf/account-dns"
workspace: "default"
terraform_version: "v0.11.10"
autoplan:
when_modified:
- "Makefile*"
- "*.tf"
- "*.tfvars"
- ".envrc"
enabled: true
apply_requirements:
- "approved"

- name: "account-dns"
workflow: "make"
dir: "conf/account-dns"
workspace: "default"
terraform_version: "v0.11.10"
autoplan:
when_modified:
- "Makefile*"
- "*.tf"
- "*.tfvars"
- ".envrc"
enabled: true
apply_requirements:
- "approved"
- name: "acm"
workflow: "make"
dir: "conf/acm"
workspace: "default"
terraform_version: "v0.11.10"
autoplan:
when_modified:
- "Makefile*"
- "*.tf"
- "*.tfvars"
- ".envrc"
enabled: true
apply_requirements:
- "approved"

- name: "acm"
workflow: "make"
dir: "conf/acm"
workspace: "default"
terraform_version: "v0.11.10"
autoplan:
when_modified:
- "Makefile*"
- "*.tf"
- "*.tfvars"
- ".envrc"
enabled: true
apply_requirements:
- "approved"
- name: "backing-services"
workflow: "make"
dir: "conf/backing-services"
workspace: "default"
terraform_version: "v0.11.10"
autoplan:
when_modified:
- "Makefile*"
- "*.tf"
- "*.tfvars"
- ".envrc"
enabled: true
apply_requirements:
- "approved"

- name: "cloudtrail"
workflow: "make"
dir: "conf/cloudtrail"
workspace: "default"
terraform_version: "v0.11.10"
autoplan:
when_modified:
- "Makefile*"
- "*.tf"
- "*.tfvars"
- ".envrc"
enabled: true
apply_requirements:
- "approved"
- name: "chamber"
workflow: "make"
dir: "conf/chamber"
workspace: "default"
terraform_version: "v0.11.10"
autoplan:
when_modified:
- "Makefile*"
- "*.tf"
- "*.tfvars"
- ".envrc"
enabled: true
apply_requirements:
- "approved"

- name: "cloudtrail"
workflow: "make"
dir: "conf/cloudtrail"
workspace: "default"
terraform_version: "v0.11.10"
autoplan:
when_modified:
- "Makefile*"
- "*.tf"
- "*.tfvars"
- ".envrc"
enabled: true
apply_requirements:
- "approved"

- name: "example"
workflow: "make"
dir: "conf/example"
workspace: "default"
terraform_version: "v0.11.10"
autoplan:
when_modified:
- "Makefile*"
- "*.tf"
- "*.tfvars"
- ".envrc"
enabled: true
apply_requirements:
- "approved"

- name: "kops"
workflow: "make"
dir: "conf/kops"
workspace: "default"
terraform_version: "v0.11.10"
autoplan:
when_modified:
- "Makefile*"
- "*.tf"
- "*.tfvars"
- ".envrc"
enabled: true
apply_requirements:
- "approved"

- name: "kops-aws-platform"
workflow: "make"
dir: "conf/kops-aws-platform"
workspace: "default"
terraform_version: "v0.11.10"
autoplan:
when_modified:
- "Makefile*"
- "*.tf"
- "*.tfvars"
- ".envrc"
enabled: true
apply_requirements:
- "approved"

- name: "tfstate-backend"
workflow: "make"
dir: "conf/tfstate-backend"
workspace: "default"
terraform_version: "v0.11.10"
autoplan:
when_modified:
- "Makefile*"
- "*.tf"
- "*.tfvars"
- ".envrc"
enabled: true
apply_requirements:
- "approved"

workflows:
make:
Expand Down
1 change: 0 additions & 1 deletion conf/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@
**/.terraform/*
*.tfstate
*.tfstate.*
*.tfvars

# Module directory
.terraform
Expand Down
5 changes: 1 addition & 4 deletions conf/ecs/.envrc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,4 @@
# Import the remote module
export TF_CLI_INIT_FROM_MODULE="git::https://github.com/cloudposse/terraform-root-modules.git//aws/ecs?ref=tags/0.40.0"
export TF_CLI_PLAN_PARALLELISM=2

use envrc
use terraform 0.11
use atlantis
use tfenv
1 change: 1 addition & 0 deletions conf/ecs/Makefile.tasks
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,5 @@ reset:
## Coldstart setup
coldstart:
terraform apply -target module.dns
terraform apply -target module.acm_request_certificate
terraform apply
22 changes: 22 additions & 0 deletions conf/ecs/atlantis-repo-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# https://www.runatlantis.io/docs/configuring-atlantis.html
# https://www.runatlantis.io/docs/server-configuration.html
# https://www.runatlantis.io/docs/server-side-repo-config.html
# https://www.runatlantis.io/docs/repo-level-atlantis-yaml.html

# repos lists the config for specific repos
repos:
# id can either be an exact repo ID or a regex.
# If using a regex, it must start and end with a slash
# Repo ID's are of the form {VCS hostname}/{org}/{repo name}
- id: github.com/cloudposse/testing.cloudposse.co

# apply_requirements sets the Apply Requirements for all repos that match
apply_requirements: [approved]

# allowed_overrides specifies which keys can be overridden by this repo in
# its atlantis.yaml file
allowed_overrides: [apply_requirements, workflow]

# allow_custom_workflows defines whether this repo can define its own
# workflows. If false (default), the repo can only use server-side defined workflows
allow_custom_workflows: true
30 changes: 28 additions & 2 deletions conf/ecs/atlantis.auto.tfvars
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,15 @@
# Write the atlantis_gh_token to SSM parameter store:
# chamber write atlantis atlantis_gh_token "....."

# When using Cognito authentication (atlantis_authentication_type = COGNITO), write the following values to SSM parameter store:
# chamber write atlantis atlantis_cognito_user_pool_arn "....."
# chamber write atlantis atlantis_cognito_user_pool_client_id "....."
# chamber write atlantis atlantis_cognito_user_pool_domain "....."

# When using OIDC authentication (atlantis_authentication_type = OIDC), write the following values to SSM parameter store:
# chamber write atlantis atlantis_oidc_client_id "....."
# chamber write atlantis atlantis_oidc_client_secret "....."

atlantis_enabled = "true"

atlantis_branch = "master"
Expand All @@ -8,10 +20,24 @@ atlantis_repo_owner = "cloudposse"

atlantis_repo_whitelist = ["github.com/cloudposse/testing.cloudposse.co"]

atlantis_allow_repo_config = "true"
atlantis_repo_config = "/conf/ecs/atlantis-repo-config.yaml"

atlantis_gh_user = "cloudpossebot"

atlantis_gh_team_whitelist = "cloudposse:*,engineering:*"

atlantis_wake_word = "atlantis"
atlantis_authentication_type = ""

atlantis_alb_ingress_unauthenticated_paths = ["/*"]

atlantis_alb_ingress_listener_unauthenticated_priority = "50"

region = "us-west-2"

availability_zones = ["us-west-2a", "us-west-2b"]

nat_gateway_enabled = "false"

nat_instance_enabled = "true"

nat_instance_type = "t3.micro"
3 changes: 3 additions & 0 deletions conf/ecs/terraform.envrc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# Import the remote module
export TF_CLI_INIT_FROM_MODULE="git::https://github.com/cloudposse/terraform-root-modules.git//aws/ecs?ref=tags/0.87.0"
export TF_CLI_PLAN_PARALLELISM=2