#atlantis (2021-01)
| Discuss the Atlantis (<http://runatlantis.io | runatlantis.io>) |
**Archive: ** https://archive.sweetops.com/atlantis/
2021-01-07
Has anybody had issues with the new TF0.14 dependency lock files and Atlantis?
Getting “Error: Failed to install provider from shared cache” when committing the lock files
2021-01-08
Looks like the hashes are different depending on the platform that the init is run
I have not seen an error like that in 0.13.5 I have not used 0.14 yet
If you use exclusively Atlantis, you won’t see lock files at all, since they won’t ever be committed
Maybe a future use case for Atlantis to commit these lock files
It could be
2021-01-13
Any recommendation on how to use Atlantis to have a previous step to analyze security in terraform code? I mean, opened Sec Groups, IAM resources wide open…? Or if there is a better tool I would thank you.
Here is a feature that will be merged soon that enables opa policy checks in Atlantis natively
any idea when this is coming?
It should come on the next release that is a bit late
Nice man can’t wait for this, any chance you could ping over the PR for reference please?
yes one sec
2021-01-14
https://github.com/runatlantis/atlantis/pull/1340 @Erik Osterman (Cloud Posse) related to our conversation in OfficeHours
2021-01-21
Currently trying to use yaml anchors in atlantis.yaml (repo-side) to save some code. No matter how I write it, I always get a parsing atlantis.yaml: yaml: line XXX: did not find expected key Anyone knows if anchors are supported by their yaml parser at all?
version: 3
automerge: true
projects:
# Project Definitions
- &terraform_project
name: "ecr"
dir: "terraform/coreeng/global/us-east-1/ecr"
workflow: "terragrunt"
workspace: "default"
apply_requirements:
- "approved"
- "mergeable"
autoplan:
enabled: true
when_modified:
- "*.tf"
- "*.hcl"
- <<: *terraform_project
name: "dev/us-east-1/badgers-service"
dir: "terraform/test/dev/us-east-1/badgers-service"
autoplan:
enabled: true
when_modified:
- "../../badgers-service.hcl"
- "*.tf"
- "*.hcl"
Trying this in the workflow definition (with no luck) as such:
workflows:
terraform-playground:
envs: &envs
- env:
name: AWS_SECRET_JSON
command: aws sts assume-role --role-arn arn:aws:iam::123456789:role/ATLANTIS"
- env:
name: AWS_ACCESS_KEY_ID
command: echo "${AWS_SECRET_JSON}" | grep AccessKeyId | awk -F'"' '{print $4}'
- env:
name: AWS_SECRET_ACCESS_KEY
command: echo "${AWS_SECRET_JSON}" | grep SecretAccessKey | awk -F'"' '{print $4}'
- env:
name: AWS_SESSION_TOKEN
command: echo "${AWS_SECRET_JSON}" | grep SessionToken | awk -F'"' '{print $4}'
plan:
steps:
*envs
- run: terraform init
- run: terraform plan -no-color -out $PLANFILE
apply:
steps:
*envs
- run: terraform apply -no-color $PLANFILE