From 9bc94dee140fbf78c7d2ca36389cb643299417c9 Mon Sep 17 00:00:00 2001 From: Luke Massa Date: Thu, 9 Nov 2023 17:36:35 -0500 Subject: [PATCH] feat: remove silence whitelist errors flag (#3923) Co-authored-by: PePe Amengual --- cmd/server.go | 13 ------------ cmd/server_test.go | 40 ------------------------------------- server/user_config.go | 46 +++++++++++++++++++++---------------------- 3 files changed, 22 insertions(+), 77 deletions(-) diff --git a/cmd/server.go b/cmd/server.go index d9e37a7c62..d0aa2dfcc7 100644 --- a/cmd/server.go +++ b/cmd/server.go @@ -127,8 +127,6 @@ const ( SilenceForkPRErrorsFlag = "silence-fork-pr-errors" SilenceVCSStatusNoPlans = "silence-vcs-status-no-plans" SilenceAllowlistErrorsFlag = "silence-allowlist-errors" - // SilenceWhitelistErrorsFlag is deprecated for SilenceAllowlistErrorsFlag. - SilenceWhitelistErrorsFlag = "silence-whitelist-errors" SkipCloneNoChanges = "skip-clone-no-changes" SlackTokenFlag = "slack-token" SSLCertFileFlag = "ssl-cert-file" @@ -537,11 +535,6 @@ var boolFlags = map[string]boolFlag{ description: "Silences the posting of allowlist error comments.", defaultValue: false, }, - SilenceWhitelistErrorsFlag: { - description: "[Deprecated for --silence-allowlist-errors].", - defaultValue: false, - hidden: true, - }, DisableMarkdownFoldingFlag: { description: "Toggle off folding in markdown output.", defaultValue: false, @@ -938,9 +931,6 @@ func (s *ServerCmd) validate(userConfig server.UserConfig) error { if strings.Contains(userConfig.RepoAllowlist, "://") { return fmt.Errorf("--%s cannot contain ://, should be hostnames only", RepoAllowlistFlag) } - if userConfig.SilenceAllowlistErrors && userConfig.SilenceWhitelistErrors { - return fmt.Errorf("both --%s and --%s cannot be set–use --%s", SilenceAllowlistErrorsFlag, SilenceWhitelistErrorsFlag, SilenceAllowlistErrorsFlag) - } if userConfig.BitbucketBaseURL == DefaultBitbucketBaseURL && userConfig.BitbucketWebhookSecret != "" { return fmt.Errorf("--%s cannot be specified for Bitbucket Cloud because it is not supported by Bitbucket", BitbucketWebhookSecretFlag) @@ -1143,9 +1133,6 @@ func (s *ServerCmd) deprecationWarnings(userConfig *server.UserConfig) error { } // Handle repo whitelist deprecation. - if userConfig.SilenceWhitelistErrors { - userConfig.SilenceAllowlistErrors = true - } if userConfig.RepoWhitelist != "" { userConfig.RepoAllowlist = userConfig.RepoWhitelist } diff --git a/cmd/server_test.go b/cmd/server_test.go index 3ed524df77..387acf3de0 100644 --- a/cmd/server_test.go +++ b/cmd/server_test.go @@ -752,18 +752,6 @@ func TestExecute_TFEHostnameOnly(t *testing.T) { ErrEquals(t, "if setting --tfe-hostname, must set --tfe-token", err) } -// Can't use both --repo-allowlist and --repo-whitelist -func TestExecute_BothAllowAndWhitelist(t *testing.T) { - c := setup(map[string]interface{}{ - GHUserFlag: "user", - GHTokenFlag: "token", - RepoAllowlistFlag: "github.com", - RepoWhitelistFlag: "github.com", - }, t) - err := c.Execute() - ErrEquals(t, "both --repo-allowlist and --repo-whitelist cannot be set–use --repo-allowlist", err) -} - // Must set allow or whitelist. func TestExecute_AllowAndWhitelist(t *testing.T) { c := setup(map[string]interface{}{ @@ -774,19 +762,6 @@ func TestExecute_AllowAndWhitelist(t *testing.T) { ErrEquals(t, "--repo-allowlist must be set for security purposes", err) } -// Can't use both --silence-whitelist-errors and --silence-allowlist-errors -func TestExecute_BothSilenceAllowAndWhitelistErrors(t *testing.T) { - c := setup(map[string]interface{}{ - GHUserFlag: "user", - GHTokenFlag: "token", - RepoAllowlistFlag: "*", - SilenceWhitelistErrorsFlag: true, - SilenceAllowlistErrorsFlag: true, - }, t) - err := c.Execute() - ErrEquals(t, "both --silence-allowlist-errors and --silence-whitelist-errors cannot be set–use --silence-allowlist-errors", err) -} - func TestExecute_DisableApplyDeprecation(t *testing.T) { c := setupWithDefaults(map[string]interface{}{ DisableApplyFlag: true, @@ -797,21 +772,6 @@ func TestExecute_DisableApplyDeprecation(t *testing.T) { Equals(t, "plan,unlock", passedConfig.AllowCommands) } -// Test that we set the corresponding allow list values on the userConfig -// struct if the deprecated whitelist flags are used. -func TestExecute_RepoWhitelistDeprecation(t *testing.T) { - c := setup(map[string]interface{}{ - GHUserFlag: "user", - GHTokenFlag: "token", - RepoWhitelistFlag: "*", - SilenceWhitelistErrorsFlag: true, - }, t) - err := c.Execute() - Ok(t, err) - Equals(t, true, passedConfig.SilenceAllowlistErrors) - Equals(t, "*", passedConfig.RepoAllowlist) -} - func TestExecute_AutoDetectModulesFromProjects_Env(t *testing.T) { t.Setenv("ATLANTIS_AUTOPLAN_MODULES_FROM_PROJECTS", "**/init.tf") c := setupWithDefaults(map[string]interface{}{}, t) diff --git a/server/user_config.go b/server/user_config.go index 49e3ed6fba..45a6d4c5dd 100644 --- a/server/user_config.go +++ b/server/user_config.go @@ -104,30 +104,28 @@ type UserConfig struct { SilenceVCSStatusNoPlans bool `mapstructure:"silence-vcs-status-no-plans"` // SilenceVCSStatusNoProjects is whether autoplan should set commit status if no projects // are found. - SilenceVCSStatusNoProjects bool `mapstructure:"silence-vcs-status-no-projects"` - SilenceAllowlistErrors bool `mapstructure:"silence-allowlist-errors"` - // SilenceWhitelistErrors is deprecated in favour of SilenceAllowlistErrors - SilenceWhitelistErrors bool `mapstructure:"silence-whitelist-errors"` - SkipCloneNoChanges bool `mapstructure:"skip-clone-no-changes"` - SlackToken string `mapstructure:"slack-token"` - SSLCertFile string `mapstructure:"ssl-cert-file"` - SSLKeyFile string `mapstructure:"ssl-key-file"` - RestrictFileList bool `mapstructure:"restrict-file-list"` - TFDownload bool `mapstructure:"tf-download"` - TFDownloadURL string `mapstructure:"tf-download-url"` - TFEHostname string `mapstructure:"tfe-hostname"` - TFELocalExecutionMode bool `mapstructure:"tfe-local-execution-mode"` - TFEToken string `mapstructure:"tfe-token"` - VarFileAllowlist string `mapstructure:"var-file-allowlist"` - VCSStatusName string `mapstructure:"vcs-status-name"` - DefaultTFVersion string `mapstructure:"default-tf-version"` - Webhooks []WebhookConfig `mapstructure:"webhooks"` - WebBasicAuth bool `mapstructure:"web-basic-auth"` - WebUsername string `mapstructure:"web-username"` - WebPassword string `mapstructure:"web-password"` - WriteGitCreds bool `mapstructure:"write-git-creds"` - WebsocketCheckOrigin bool `mapstructure:"websocket-check-origin"` - UseTFPluginCache bool `mapstructure:"use-tf-plugin-cache"` + SilenceVCSStatusNoProjects bool `mapstructure:"silence-vcs-status-no-projects"` + SilenceAllowlistErrors bool `mapstructure:"silence-allowlist-errors"` + SkipCloneNoChanges bool `mapstructure:"skip-clone-no-changes"` + SlackToken string `mapstructure:"slack-token"` + SSLCertFile string `mapstructure:"ssl-cert-file"` + SSLKeyFile string `mapstructure:"ssl-key-file"` + RestrictFileList bool `mapstructure:"restrict-file-list"` + TFDownload bool `mapstructure:"tf-download"` + TFDownloadURL string `mapstructure:"tf-download-url"` + TFEHostname string `mapstructure:"tfe-hostname"` + TFELocalExecutionMode bool `mapstructure:"tfe-local-execution-mode"` + TFEToken string `mapstructure:"tfe-token"` + VarFileAllowlist string `mapstructure:"var-file-allowlist"` + VCSStatusName string `mapstructure:"vcs-status-name"` + DefaultTFVersion string `mapstructure:"default-tf-version"` + Webhooks []WebhookConfig `mapstructure:"webhooks"` + WebBasicAuth bool `mapstructure:"web-basic-auth"` + WebUsername string `mapstructure:"web-username"` + WebPassword string `mapstructure:"web-password"` + WriteGitCreds bool `mapstructure:"write-git-creds"` + WebsocketCheckOrigin bool `mapstructure:"websocket-check-origin"` + UseTFPluginCache bool `mapstructure:"use-tf-plugin-cache"` } // ToAllowCommandNames parse AllowCommands into a slice of CommandName