From 4edc4e4f12e8f3b536d4b2b2139437104cb35a7f Mon Sep 17 00:00:00 2001 From: Alexander Dupuy <75610395+dupuy26@users.noreply.github.com> Date: Wed, 17 Nov 2021 23:25:29 +0100 Subject: [PATCH] docs: document approve_policies command in comment_parser (#1886) * docs: document approve_policies command in help The `approve_policies` command was added with policy checking but was never included in the command parser help. Also update the comments in the file to reflect all of the commands. * feat: Better message on policy failure Include the specific command `approve_policies` in the message. --- .../exp-output-auto-policy-check.txt | 4 +++- .../exp-output-auto-policy-check.txt | 4 +++- .../exp-output-auto-policy-check.txt | 4 +++- .../exp-output-auto-policy-check.txt | 4 +++- .../policy-checks/exp-output-auto-policy-check.txt | 4 +++- server/events/comment_parser.go | 11 ++++++++--- server/events/comment_parser_test.go | 4 ++++ server/events/markdown_renderer.go | 4 +++- server/events/markdown_renderer_test.go | 8 ++++++-- 9 files changed, 36 insertions(+), 11 deletions(-) diff --git a/server/controllers/events/testfixtures/test-repos/policy-checks-apply-reqs/exp-output-auto-policy-check.txt b/server/controllers/events/testfixtures/test-repos/policy-checks-apply-reqs/exp-output-auto-policy-check.txt index 3e9ebf0534..60495fce53 100644 --- a/server/controllers/events/testfixtures/test-repos/policy-checks-apply-reqs/exp-output-auto-policy-check.txt +++ b/server/controllers/events/testfixtures/test-repos/policy-checks-apply-reqs/exp-output-auto-policy-check.txt @@ -10,6 +10,8 @@ FAIL - - main - WARNING: Null Resource creation is prohibit 1 test, 0 passed, 0 warnings, 1 failure, 0 exceptions ``` -* :heavy_check_mark: To **approve** failing policies either request an approval from approvers or address the failure by modifying the codebase. +* :heavy_check_mark: To **approve** failing policies an authorized approver can comment: + * `atlantis approve_policies` +* :repeat: Or, address the policy failure by modifying the codebase and re-planning. diff --git a/server/controllers/events/testfixtures/test-repos/policy-checks-diff-owner/exp-output-auto-policy-check.txt b/server/controllers/events/testfixtures/test-repos/policy-checks-diff-owner/exp-output-auto-policy-check.txt index 3e9ebf0534..60495fce53 100644 --- a/server/controllers/events/testfixtures/test-repos/policy-checks-diff-owner/exp-output-auto-policy-check.txt +++ b/server/controllers/events/testfixtures/test-repos/policy-checks-diff-owner/exp-output-auto-policy-check.txt @@ -10,6 +10,8 @@ FAIL - - main - WARNING: Null Resource creation is prohibit 1 test, 0 passed, 0 warnings, 1 failure, 0 exceptions ``` -* :heavy_check_mark: To **approve** failing policies either request an approval from approvers or address the failure by modifying the codebase. +* :heavy_check_mark: To **approve** failing policies an authorized approver can comment: + * `atlantis approve_policies` +* :repeat: Or, address the policy failure by modifying the codebase and re-planning. diff --git a/server/controllers/events/testfixtures/test-repos/policy-checks-extra-args/exp-output-auto-policy-check.txt b/server/controllers/events/testfixtures/test-repos/policy-checks-extra-args/exp-output-auto-policy-check.txt index 20ba22012c..3e51cc0bd6 100644 --- a/server/controllers/events/testfixtures/test-repos/policy-checks-extra-args/exp-output-auto-policy-check.txt +++ b/server/controllers/events/testfixtures/test-repos/policy-checks-extra-args/exp-output-auto-policy-check.txt @@ -10,6 +10,8 @@ FAIL - - null_resource_policy - WARNING: Null Resource crea 1 test, 0 passed, 0 warnings, 1 failure, 0 exceptions ``` -* :heavy_check_mark: To **approve** failing policies either request an approval from approvers or address the failure by modifying the codebase. +* :heavy_check_mark: To **approve** failing policies an authorized approver can comment: + * `atlantis approve_policies` +* :repeat: Or, address the policy failure by modifying the codebase and re-planning. diff --git a/server/controllers/events/testfixtures/test-repos/policy-checks-multi-projects/exp-output-auto-policy-check.txt b/server/controllers/events/testfixtures/test-repos/policy-checks-multi-projects/exp-output-auto-policy-check.txt index 994b49925e..2df6974dbc 100644 --- a/server/controllers/events/testfixtures/test-repos/policy-checks-multi-projects/exp-output-auto-policy-check.txt +++ b/server/controllers/events/testfixtures/test-repos/policy-checks-multi-projects/exp-output-auto-policy-check.txt @@ -30,7 +30,9 @@ FAIL - - main - WARNING: Forbidden Resource creation is pro 1 test, 0 passed, 0 warnings, 1 failure, 0 exceptions ``` -* :heavy_check_mark: To **approve** failing policies either request an approval from approvers or address the failure by modifying the codebase. +* :heavy_check_mark: To **approve** failing policies an authorized approver can comment: + * `atlantis approve_policies` +* :repeat: Or, address the policy failure by modifying the codebase and re-planning. --- diff --git a/server/controllers/events/testfixtures/test-repos/policy-checks/exp-output-auto-policy-check.txt b/server/controllers/events/testfixtures/test-repos/policy-checks/exp-output-auto-policy-check.txt index 3e9ebf0534..60495fce53 100644 --- a/server/controllers/events/testfixtures/test-repos/policy-checks/exp-output-auto-policy-check.txt +++ b/server/controllers/events/testfixtures/test-repos/policy-checks/exp-output-auto-policy-check.txt @@ -10,6 +10,8 @@ FAIL - - main - WARNING: Null Resource creation is prohibit 1 test, 0 passed, 0 warnings, 1 failure, 0 exceptions ``` -* :heavy_check_mark: To **approve** failing policies either request an approval from approvers or address the failure by modifying the codebase. +* :heavy_check_mark: To **approve** failing policies an authorized approver can comment: + * `atlantis approve_policies` +* :repeat: Or, address the policy failure by modifying the codebase and re-planning. diff --git a/server/events/comment_parser.go b/server/events/comment_parser.go index 515737568a..79f13e89dc 100644 --- a/server/events/comment_parser.go +++ b/server/events/comment_parser.go @@ -97,16 +97,19 @@ type CommentParseResult struct { // Valid commands contain: // - The initial "executable" name, 'run' or 'atlantis' or '@GithubUser' // where GithubUser is the API user Atlantis is running as. -// - Then a command, either 'plan', 'apply', 'approve_policies', or 'help'. +// - Then a command: 'plan', 'apply', 'unlock', 'version, 'approve_policies', +// or 'help'. // - Then optional flags, then an optional separator '--' followed by optional // extra flags to be appended to the terraform plan/apply command. // // Examples: // - atlantis help -// - run plan +// - run apply // - @GithubUser plan -w staging // - atlantis plan -w staging -d dir --verbose // - atlantis plan --verbose -- -key=value -key2 value2 +// - atlantis unlock +// - atlantis version // - atlantis approve_policies // func (e *CommentParser) Parse(comment string, vcsHost models.VCSHostType) CommentParseResult { @@ -166,7 +169,7 @@ func (e *CommentParser) Parse(comment string, vcsHost models.VCSHostType) Commen return CommentParseResult{CommentResponse: e.HelpComment(e.ApplyDisabled)} } - // Need to have a plan, apply, approve_policy or unlock at this point. + // Need plan, apply, unlock, approve_policies, or version at this point. if !e.stringInSlice(command, []string{models.PlanCommand.String(), models.ApplyCommand.String(), models.UnlockCommand.String(), models.ApprovePoliciesCommand.String(), models.VersionCommand.String()}) { return CommentParseResult{CommentResponse: fmt.Sprintf("```\nError: unknown command %q.\nRun 'atlantis --help' for usage.\n```", command)} } @@ -404,6 +407,8 @@ Commands: {{- end }} unlock Removes all atlantis locks and discards all plans for this PR. To unlock a specific plan you can use the Atlantis UI. + approve_policies + Approves all current policy checking failures for the PR. version Print the output of 'terraform version' help View help. diff --git a/server/events/comment_parser_test.go b/server/events/comment_parser_test.go index 5bf664714b..1331f420ba 100644 --- a/server/events/comment_parser_test.go +++ b/server/events/comment_parser_test.go @@ -729,6 +729,8 @@ Commands: To only apply a specific plan, use the -d, -w and -p flags. unlock Removes all atlantis locks and discards all plans for this PR. To unlock a specific plan you can use the Atlantis UI. + approve_policies + Approves all current policy checking failures for the PR. version Print the output of 'terraform version' help View help. @@ -756,6 +758,8 @@ Commands: To plan a specific project, use the -d, -w and -p flags. unlock Removes all atlantis locks and discards all plans for this PR. To unlock a specific plan you can use the Atlantis UI. + approve_policies + Approves all current policy checking failures for the PR. version Print the output of 'terraform version' help View help. diff --git a/server/events/markdown_renderer.go b/server/events/markdown_renderer.go index 36e7a0c680..9dfe07e3dc 100644 --- a/server/events/markdown_renderer.go +++ b/server/events/markdown_renderer.go @@ -371,7 +371,9 @@ var unwrappedErrTmplText = "**{{.Command}} Error**\n" + "{{.Error}}\n" + "```" + "{{ if eq .Command \"Policy Check\" }}" + - "\n* :heavy_check_mark: To **approve** failing policies either request an approval from approvers or address the failure by modifying the codebase.\n" + + "\n* :heavy_check_mark: To **approve** failing policies an authorized approver can comment:\n" + + " * `atlantis approve_policies`\n" + + "* :repeat: Or, address the policy failure by modifying the codebase and re-planning.\n" + "{{ end }}" var wrappedErrTmplText = "**{{.Command}} Error**\n" + "
Show Output\n\n" + diff --git a/server/events/markdown_renderer_test.go b/server/events/markdown_renderer_test.go index 0679a700b6..65a61d2817 100644 --- a/server/events/markdown_renderer_test.go +++ b/server/events/markdown_renderer_test.go @@ -49,7 +49,9 @@ func TestRenderErr(t *testing.T) { models.PolicyCheckCommand, err, "**Policy Check Error**\n```\nerr\n```" + - "\n* :heavy_check_mark: To **approve** failing policies either request an approval from approvers or address the failure by modifying the codebase.\n\n", + "\n* :heavy_check_mark: To **approve** failing policies an authorized approver can comment:\n" + + " * `atlantis approve_policies`\n" + + "* :repeat: Or, address the policy failure by modifying the codebase and re-planning.\n\n", }, } @@ -639,7 +641,9 @@ $$$ $$$ error $$$ -* :heavy_check_mark: To **approve** failing policies either request an approval from approvers or address the failure by modifying the codebase. +* :heavy_check_mark: To **approve** failing policies an authorized approver can comment: + * $atlantis approve_policies$ +* :repeat: Or, address the policy failure by modifying the codebase and re-planning. ---