Update github actions documentation #606
Conversation
| The action expects the atmos configuration file `atmos.yaml` to be present in the repository. | ||
| The config should have the following structure: | ||
|
|
||
| ```yaml | ||
| # .github/workflows/atmos-terraform-apply.yaml | ||
| name: "atmos-terraform-apply" | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| pull_request: | ||
| types: | ||
| - closed | ||
| branches: | ||
| - main | ||
|
|
||
| # These permissions are required for GitHub to assume roles in AWS | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
|
|
||
| jobs: | ||
| apply: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Terraform Apply | ||
| uses: cloudposse/github-action-atmos-terraform-apply@v2 | ||
| with: | ||
| component: "foobar" | ||
| stack: "plat-ue2-sandbox" | ||
| # ./rootfs/usr/local/etc/atmos/atmos.yaml | ||
| integrations: | ||
| github: | ||
| gitops: | ||
| terraform-version: 1.5.2 | ||
| infracost-enabled: false | ||
| artifact-storage: | ||
| region: us-east-2 | ||
| bucket: cptest-core-ue2-auto-gitops | ||
| table: cptest-core-ue2-auto-gitops-plan-storage | ||
| role: arn:aws:iam::xxxxxxxxxxxx:role/cptest-core-ue2-auto-gitops-gha | ||
| role: | ||
| plan: arn:aws:iam::yyyyyyyyyyyy:role/cptest-core-gbl-identity-gitops | ||
| apply: arn:aws:iam::yyyyyyyyyyyy:role/cptest-core-gbl-identity-gitops | ||
| matrix: | ||
| sort-by: .stack_slug | ||
| group-by: .stack_slug | split("-") | [.[0], .[2]] | join("-") | ||
| ``` | ||
|
|
||
| with the following configuration as an example: | ||
| > [!IMPORTANT] | ||
| > **Please note!** This GitHub Action only works with `atmos >= 1.63.0`. If you are using `atmos < 1.63.0` please use [`v1` version](https://github.com/cloudposse/github-action-atmos-terraform-plan/tree/v1). |
There was a problem hiding this comment.
this is all copy and pasted from affected-stacks.md above. Rather than having the same steps on both of these pages, can we create a new page for requirements and then link both these 2 pages to that new page?
That page could also be used for this ticket: https://linear.app/cloudposse/issue/DEV-1693/document-atmos-plan-storage-action-on-atmostools
There was a problem hiding this comment.
Good suggestion @milldr! We should put it here https://github.com/cloudposse/atmos/blob/12b5f67974859302fc3edcf0be738a98050f8c10/website/docs/integrations/github-actions/github-actions.mdx
And refer to it in the other documents.
There was a problem hiding this comment.
@goruha please see this conversation
website/docs/integrations/github-actions/atmos-terraform-drift-detection.md
Outdated
Show resolved
Hide resolved
website/docs/integrations/github-actions/atmos-terraform-drift-detection.md
Outdated
Show resolved
Hide resolved
website/docs/integrations/github-actions/atmos-terraform-apply.md
Outdated
Show resolved
Hide resolved
| stack: "plat-ue2-sandbox" | ||
| sha: ${{ github.sha }} | ||
| atmos-config-path: ./rootfs/usr/local/etc/atmos/ | ||
| atmos-version: 1.63.0 |
There was a problem hiding this comment.
Also, I believe we should consider moving this into the atmos.yaml for a few reasons:
- Ensure GitHub Actions and local execution use the same version
- Make it optional
- It's error prone and easily missed. See this thread in SweetOps
There was a problem hiding this comment.
If we support a version parameter, I think it doesn't belong in the integrations section, but more of a top-level section. Let's discuss with @aknysh
There was a problem hiding this comment.
we can create a separate section for it. Let's discuss
There was a problem hiding this comment.
We can not move into atmos.yaml
atmos-config-path: ./rootfs/usr/local/etc/atmos/
atmos-version: 1.63.0Because this setting is required by GitHub action to install Atmos and get gitops settings from atmos.yml config
| # This job is an example how to use the affected stacks with the matrix strategy | ||
| atmos-plan: | ||
| needs: ["atmos-affected"] | ||
| if: ${{ needs.atmos-affected.outputs.has-affected-stacks == 'true' }} | ||
| name: ${{ matrix.stack_slug }} | ||
| runs-on: ['self-hosted'] | ||
| strategy: | ||
| max-parallel: 10 | ||
| fail-fast: false # Don't fail fast to avoid locking TF State | ||
| matrix: ${{ fromJson(needs.atmos-affected.outputs.matrix) }} | ||
| ## Avoid running the same stack in parallel mode (from different workflows) | ||
| concurrency: | ||
| group: ${{ matrix.stack_slug }} | ||
| cancel-in-progress: false | ||
| steps: | ||
| - name: Plan Atmos Component | ||
| uses: cloudposse/github-action-atmos-terraform-plan@v2 | ||
| with: | ||
| component: ${{ matrix.component }} | ||
| stack: ${{ matrix.stack }} | ||
| atmos-config-path: ./rootfs/usr/local/etc/atmos/ | ||
| atmos-version: 1.63.0 |
There was a problem hiding this comment.
we can remove all of this, since this page is for "affected-stacks"
| # This job is an example how to use the affected stacks with the matrix strategy | |
| atmos-plan: | |
| needs: ["atmos-affected"] | |
| if: ${{ needs.atmos-affected.outputs.has-affected-stacks == 'true' }} | |
| name: ${{ matrix.stack_slug }} | |
| runs-on: ['self-hosted'] | |
| strategy: | |
| max-parallel: 10 | |
| fail-fast: false # Don't fail fast to avoid locking TF State | |
| matrix: ${{ fromJson(needs.atmos-affected.outputs.matrix) }} | |
| ## Avoid running the same stack in parallel mode (from different workflows) | |
| concurrency: | |
| group: ${{ matrix.stack_slug }} | |
| cancel-in-progress: false | |
| steps: | |
| - name: Plan Atmos Component | |
| uses: cloudposse/github-action-atmos-terraform-plan@v2 | |
| with: | |
| component: ${{ matrix.component }} | |
| stack: ${{ matrix.stack }} | |
| atmos-config-path: ./rootfs/usr/local/etc/atmos/ | |
| atmos-version: 1.63.0 |
|
These changes were released in v1.79.0. |
what
why
references