feat: atlantis import

[krrrr38]

what

• introduce import workflow step
  • import step process terraform import and discard plan file, cause existing plan file cannot be used anymore.
• import workflow run init and import steps
• command runner can handle atlantis import ADDRESS ID
  • currently import run on a single project only. this is because we don't run import on multiple projects in the general use-case.
• add import_requirements configuration not to edit tfstate without any reviews
• introduce atlantis import e2e tests

why

Currently, we need to do manual terraform operations to import unmanaged resources. If support atlantis import, we can handle these operations on vcs operation.

references

• debug PR: atlantis import krrrr38/atlantis-debug#3
• closes Support atlantis import subcommand #217

discussion

• PR is too large
• Support remaining atlantis terraform commands #2776
  • It's possible to close this PR, if the above feature will be introduced.
• pflag command handling
  • atlantis import -- ADDR ID
    • PROS
      • easy implementation
      • After -- comments can handled as terraform args.
    • CONS
      • pflag cannot handle it directory
  • atlantis import -a ADDR -i ID
    • PROS:
      • intuitive
      • pflag can show help
    • CONS:
      • CommentCommand need to handle command-specific parameters.
  • atlantis import ADDR ID <- choosed
    • PROS: more intuitive
    • CONS:
      • we need to manage extraArgs and newArgs in flags.
      • pflag cannot show ADDR ID usage in help like this?
      • append args into extraArgs

[nitrocode]

Wow. This looks very promising @krrrr38 !

I don't see how this can close the terraform pass through command #2776 . As amazing of a contribution as this is, it implements the import subcommand but not the state or validate or other terraform subcommands that #2776 refers to. Please don't see that as criticism. Keep going!

This is a very large PR so it will take time to review. Thank you for your efforts.

[nitrocode]

Please give an initial review when time permits @runatlantis/maintainers

cc: @albertollamaso @Fabianoshz @Fauzyy @SSKLCP (for visibility from our more recent golang expert contributors)

[Fabianoshz]

Aside from the metrics, only minor/nitpicks from my part.

Great PR, really nice work!

[albertollamaso]

LGTM

[jamengual]

@krrrr38 Amazing work, thanks so much for this PR.
As long as you address the comments it looks good to me

[nitrocode]

Looks good to me too. Please fix the conflicts and we can get this merged.

[nitrocode]

Hm the renaming of this file will remove any existing links that point to this page.

There's a way to alias pages. If you keep this file rename in place, could you add a link for the original page apply-requirements.md to redirect to the new page?

[krrrr38]

I added an empty page. I will try redirect plugin later.

https://vuepress-community.netlify.app/en/plugins/redirect/

[nitrocode]

cc: @chenrui333 @lilincmu in case this is what you folks mentioned a couple months ago

[nitrocode]

Suggested change

	This command discards terraform plan result. Before apply, required `atlantis plan` again.
	This command discards the terraform plan result. After an import and before an apply, another `atlantis plan` must be run again.

[nitrocode]

Because of the discarding of the plan after an import, should there be another flag to auto plan a project/dir/workspace after a successful import?

Also if an import command fails can we retain the plan instead of discarding it?

[krrrr38]

Because of the discarding of the plan after an import, should there be another flag to auto plan a project/dir/workspace after a successful import?

Currently, there is not such flag.
I thought that if users want to import one resource, autoplan is useful. But if try to import multiple imports, autoplan make the operation slow.
terraform import do not plan again, so I implements no-autoplan by default. We can provide such flag in the future as optional.

Also if an import command fails can we retain the plan instead of discarding it?

import_step_runner discard planfile if import has no err 👌

	out, err := p.TerraformExecutor.RunCommandWithVersion(ctx, filepath.Clean(path), importCmd, envs, tfVersion, ctx.Workspace)

	// If the import was successful and a plan file exists, delete the plan.
	planPath := filepath.Join(path, GetPlanFilename(ctx.Workspace, ctx.ProjectName))
	if err == nil {

[nitrocode]

Perhaps we can have an optional subcommand like we do for atlantis apply e.g. --auto-merge-disabled

For this case, perhaps a flag for --autoplan, --autoplan-on-success ? This could be added in a separate PR.

[krrrr38]

--autoplan looks good for import option. We can do atlantis pllan manually, so it is better to implement this after raised issue got votes.

[nitrocode]

Could you also update the tfvars section on the custom workflows page to show how to set it up for the import step? I've run into issues before where i need to pass in a custom tfvars file in order to get the import command to run correctly

https://www.runatlantis.io/docs/custom-workflows.html#tfvars-files

[nitrocode]

A test with tfvars may be useful too. Ignore me if that is overkill.

[krrrr38]

same with #2783 (comment)

[nitrocode]

Thank you @krrrr38 ! This change is going to help a lot!!

[jamengual]

What an example of teamwork!!!! thanks @krrrr38 @nitrocode @Fabianoshz @albertollamaso

[Dilergore]

Hi @krrrr38,

I recently started to enable this feature in our environment. For most of the workflow steps, we have customizations (plan, apply). I've been trying to figure out how I could run terraform import from a script instead of the pre-built step.

We might have a missing feature here for custom workflows, that there is no environment var holding the ADDRESS and the ID to be able to customize this. Am I right? If so, I will raise a feature request.

[krrrr38]

@Dilergore Thank you for using new feature.

ADDRESS ID are contains in COMMENT_ARGS in run step. But COMMENT_ARGS have 2 problems.

• Values are contained with comma.
• All characters are escaped by \.

This is also discussed in the Slack and there is a dirty workaround.. (slack invitation is existed in the repository README)
If you want to use more good solution, I'd be happy if you open a feature request or suggests good any ideas. Thanks.

[Dilergore]

@Dilergore Thank you for using new feature.

ADDRESS ID are contains in COMMENT_ARGS in run step. But COMMENT_ARGS have 2 problems.

• Values are contained with comma.
• All characters are escaped by \.

This is also discussed in the Slack and there is a dirty workaround.. (slack invitation is existed in the repository README) If you want to use more good solution, I'd be happy if you open a feature request or suggests good any ideas. Thanks.

Hi,

Thanks for the quick response, much appreciated.

I can confirm that the above is working, I was able to implement it as a custom step in the past 20 mins.

That said, I still think this should have its own dedicated variable. I will open a feature request.