Code Monkey home page Code Monkey logo

Comments (8)

brunsgaard avatar brunsgaard commented on July 28, 2024 3

@lkysow the --write-git-creds does indeed work, but we have to parse it to our container as an environment variable because the terraform module does not allow us to specify arguments for the container.

As input to the atlantis module I am setting

  custom_environment_variables = [
    { "name" : "ATLANTIS_WRITE_GIT_CREDS",
      "value" : "1"
    }
  ]

The module sources must be on the form

module "vpc" {
  source = "git::https://github.com/brunsgaard/terraform-modules.git//modules/foo?ref=master"
}

Then you should be good to go :)

from terraform-aws-atlantis.

lkysow avatar lkysow commented on July 28, 2024 1

Did you try something like https://github.com/helm/charts/blob/master/stable/atlantis/values.yaml#L41-L52?

from terraform-aws-atlantis.

tomaszdudek7 avatar tomaszdudek7 commented on July 28, 2024

@cjs226
Did you resolve this? If yes, how?

from terraform-aws-atlantis.

cjs226 avatar cjs226 commented on July 28, 2024

@spaszek I did not.

from terraform-aws-atlantis.

tomaszdudek7 avatar tomaszdudek7 commented on July 28, 2024

@cjs226

Fortunately, I just did(for selfhosted GitLab - but I guess you can do the GitHub/BitBucket the same way, with different env variables).

It requires few steps, I have also added terragrunt in the process:

  • create a copy of this file, name it docker-entrypoint.sh and add crucial lines somewhere:
git config --system url."https://oauth2:$ATLANTIS_GITLAB_TOKEN@git.company.com/".insteadOf "ssh://[email protected]"
git config --add --system url."https://oauth2:$ATLANTIS_GITLAB_TOKEN@git.company.com/".insteadOf "[email protected]:"

Note that every character counts (the : in [email protected]: for example) - it is just a find&replace on given phrase automatically done by git I think. There are also two lines because my Terragrunt module happened to use git-submodules and referenced it without ssh://

  • add repos.yaml to enable terragrunt:
repos:
  - id: "/.*/"
    workflow: terragrunt
workflows:
  terragrunt:
    plan:
      steps:
        - run: terragrunt plan -no-color -out=$PLANFILE
    apply:
      steps:
        - run: terragrunt apply -no-color $PLANFILE
  • create custom Dockerfile:
FROM runatlantis/atlantis:v0.9.0
RUN wget https://github.com/gruntwork-io/terragrunt/releases/download/v0.19.21/terragrunt_linux_amd64 && \
    mv terragrunt_linux_amd64 /usr/local/bin/terragrunt
RUN chmod +x /usr/local/bin/terragrunt

RUN chown -R atlantis:atlantis /usr/local/bin/terragrunt
COPY repos.yaml /atlantis/config/

COPY docker-entrypoint-enhanced.sh /atlantis/config/docker-entrypoint-enhanced.sh
RUN chmod +x /atlantis/config/docker-entrypoint-enhanced.sh

ENTRYPOINT ["/atlantis/config/docker-entrypoint-enhanced.sh"]
CMD ["server"]

  • push the image somewhere (if its a private Docker repository then a little tweak in Task Definition is required)

  • add this environment variable to the container definition to enable terragrunt too:

   {
      name  = "ATLANTIS_REPO_CONFIG"
      value = "/atlantis/config/repos.yaml"
   }
  • change var.atlantis_image to point to your custom image

...and that's it. I also had to provide AWS_SECRET_ACCESS_KEY and AWS_ACCESS_KEY_ID manually, but I plan to use assumed roles(between multiple accounts) in the future. Good luck.

from terraform-aws-atlantis.

autotune avatar autotune commented on July 28, 2024

I am running into the same issue with github @lkysow is there not a way to configure gitconfig from within the current module?

from terraform-aws-atlantis.

lkysow avatar lkysow commented on July 28, 2024

I am running into the same issue with github @lkysow is there not a way to configure gitconfig from within the current module?

There's the --write-git-creds flag but I don't know if that will fix the host key verification errors.

  --write-git-creds
      Write out a .git-credentials file with the provider user and token to allow
      cloning private modules over HTTPS or SSH. This writes secrets to disk and
      should only be enabled in a secure environment.

from terraform-aws-atlantis.

github-actions avatar github-actions commented on July 28, 2024

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

from terraform-aws-atlantis.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.