#atlantis (2021-05)
| Discuss the Atlantis (<http://runatlantis.io | runatlantis.io>) |
**Archive: ** https://archive.sweetops.com/atlantis/
2021-05-03
If there is a repo level atlantis.yaml file containing directories dir1 and dir2 and a PR comes in that affects the terraform module dir3, atlantis will show a 0 / 0 approval check for the PR. This seems like a bug, no ?
and if you run atlantis plan manually it says no plans?
it says no plans
oh, not sure how to run atlantis manually. ill have to check that
weird
2021-05-07
does anyone know (or have ideas) how to fix atlantis (using the upstream fargate module) taking a long time when a lot of PRs are being executed from different repositories
like how to debug on the server, or how to redeploy?
at present we have quite a few PRs currently being planned/applied across a number of repos
when this happens we find that Atlantis slows down massively
not sure if increasing https://github.com/terraform-aws-modules/terraform-aws-atlantis/blob/master/variables.tf#L284-L288 would help?
Nope, don’t do that.
Atlantis uses a local BoltDB, more tasks isn’t what you want.
i thought that might be the case
Beef up the Fargate task size CPU/mem
Makes a big difference
yeh makes sense
any recommendations?
ecs_task_memory = 4096
ecs_task_cpu = 2048
Depends how many concurrent plan/apply you expect to run, how long is a piece of string
We also set ATLANTIS_PARALLEL_POOL_SIZE to 50
what does that do?
I run on a m5.2xlarge (8 vCPU, 32gb mem) EC2 instance and often have hundreds of plans run in parallel.
RTFM
i thought that only works when using workspaces?
There is a difference I believe between Atlantis workspaces and Terraform workspaces, if that is what you are thinking of
changes applied, lets see what this does to the speed, fingers crossed
:wave: Hi all, quick question, do env vars set with the env step persist between runs? For example if I run atlantis plan which sets FOO=BAR, will $FOO be there if I run atlantis plan again?
2021-05-14
hey :wave: I’m trying to modify a resource that does not have support with Terraform yet - updating cognito user pool with custom email sender. I can do this with null_resource command aws cognito-idp update-user-pool --user-pool-id … . I have added awscli to atlantis image, that’s done, however what would be the best way of passing aws credentials without baking them into the image? Atlantis runs on Fargate at the moment
instance profile
the fargate task execution role
add the permissions there
if you are running TF already then you probably have the permissions
I’ve been running terraform without issues however, aws cli requires credentials and profile to be configured , doesn’t it?
no
if it runs on an instance or task
[profile marketingadmin]
role_arn = arn:aws:iam::123456789012:role/marketingadminrole
credential_source = Ec2InstanceMetadata
Perfect, thank you @jose.amengual
np
This is a problem we encounter in certain places too, can’t pass Terraform cred providers down into null_resources, so turn your one liner command into a script and that script needs to assume the correct role.
2021-05-17
2021-05-27
policies:
owners:
users:
- nishkrishnan
policy_sets:
- name: null_resource_warning
path: <CODE_DIRECTORY>/policies/null_resource_warning
source: local
^^ Looking at the conftest/OPA stuff in Atlantis, what can source be there? Does it need to be local ?
Hmm, looks like these need to be local for now…
2021-05-28
is anyone else experiencing Atlantis being unable to auto-merge gitlab PRs to master which the gitlab API moved to the default branch of main earlier this week?
Bah, looks like you can’t use the inbuilt Atlantis policy checks if using Terragrunt. Anyone else hit this or got it working? Failing when trying to run terraform show which works when running terragrunt show
{"level":"error","ts":1622220562.7195866,"caller":"terraform/terraform_client.go:277","msg":"running \"/usr/local/bin/terraform show -no-color -json /home/atlantis/.atlantis/repos/userservices/userservices-infrastructure/806/default/terraform/prod/prod/us-west-2/platform-dependencies/prod::prod::us-west-2::platform-dependencies-default.tfplan\" in \"/home/atlantis/.atlantis/repos/userservices/userservices-infrastructure/806/default/terraform/prod/prod/us-west-2/platform-dependencies\": exit status 1","json":{"repo":"userservices/userservices-infrastructure","pull":"806"},"stacktrace":"github.com/runatlantis/atlantis/server/events/terraform.(*DefaultClient).RunCommandWithVersion\n\t/home/circleci/project/server/events/terraform/terraform_client.go:277\ngithub.com/runatlantis/atlantis/server/events/runtime.(*ShowStepRunner).Run\n\t/home/circleci/project/server/events/runtime/show_step_runner.go:42\ngithub.com/runatlantis/atlantis/server/events/runtime.(*PlanTypeStepRunnerDelegate).Run\n\t/home/circleci/project/server/events/runtime/plan_type_step_runner_delegate.go:64\ngithub.com/runatlantis/atlantis/server/events/runtime.(*MinimumVersionStepRunnerDelegate).Run\n\t/home/circleci/project/server/events/runtime/minimum_version_step_runner_delegate.go:43\ngithub.com/runatlantis/atlantis/server/events.(*DefaultProjectCommandRunner).runSteps\n\t/home/circleci/project/server/events/project_command_runner.go:381\ngithub.com/runatlantis/atlantis/server/events.(*DefaultProjectCommandRunner).doPolicyCheck\n\t/home/circleci/project/server/events/project_command_runner.go:246\ngithub.com/runatlantis/atlantis/server/events.(*DefaultProjectCommandRunner).PolicyCheck\n\t/home/circleci/project/server/events/project_command_runner.go:145\ngithub.com/runatlantis/atlantis/server/events.runProjectCmds\n\t/home/circleci/project/server/events/project_command_pool_executor.go:47\ngithub.com/runatlantis/atlantis/server/events.(*PolicyCheckCommandRunner).Run\n\t/home/circleci/project/server/events/policy_check_command_runner.go:59\ngithub.com/runatlantis/atlantis/server/events.(*PlanCommandRunner).runAutoplan\n\t/home/circleci/project/server/events/plan_command_runner.go:144\ngithub.com/runatlantis/atlantis/server/events.(*PlanCommandRunner).Run\n\t/home/circleci/project/server/events/plan_command_runner.go:221\ngithub.com/runatlantis/atlantis/server/events.(*DefaultCommandRunner).RunAutoplanCommand\n\t/home/circleci/project/server/events/command_runner.go:160"}