Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump github.com/cloudposse/atmos from 1.68.0 to 1.69.0 #378

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 10, 2024

Bumps github.com/cloudposse/atmos from 1.68.0 to 1.69.0.

Release notes

Sourced from github.com/cloudposse/atmos's releases.

v1.69.0

In Atmos v1.55 (PR #515) we switched to using the TF_WORKSPACE environment variable for selecting Terraform workspaces when issuing Terraform commands. This had the unintended consequence that the workspace was no longer being set for use outside of Atmos as a side effect. This version reverses that change, once again setting the workspace via terraform workspace select so that it remains selected after Atmos finishes. Expand the details below for an extended explanation.

what

  • Use terraform workspace select to select the workspace when needed
  • Do not ask for Read permissions for output files
  • Only attempt terraform workspace new when select returns with exit code 1; report any other kind of error

why

  • Restores previous behavior, which includes fixing #574, and leaving the active workspace selected for use by terraform commands outside of Atmos
  • Prevents users running under atmos terraform shell from having issues running terraform workspace commands or having the workspace remain selected after changing directories
  • Atmos does not need Read permission on outputs, and redirected outputs may not be readable, causing unnecessary failures
  • Avoid hiding unexpected errors

discussion

While Atmos is a powerful tool and for some there is a desire to make Atmos fully capable of replacing the terraform CLI entirely, we are not there yet. For now, there is a need to be able to use terraform alongside with atmos in some edge cases. Also, for some, there is a desire to bypass some of Atmos' overhead when running repeated tasks (especially failing tasks) by invoking terraform commands directly.

The issue of selecting a Terraform "workspace" highlights the kind of difficulty one runs into when designing a solution where Atmos and Terraform can work side by side. Terraform has the concept of, for each component, a "current workspace", which is a segregated Terraform state. Cloud Posse uses a different workspace for each deployment of a component (account and region and, where the component is deployed multiple times in the same account and region, each separate deployment).

The problem with a workspace selection is that it is stateful, modal, and mostly hidden. When you run a terraform command, the component it applies to is determined by the current working directory (one form of mode/state), and the workspace it uses is determined by either:

  1. The most recent invocation of terraform workspace select in that directory
  2. The value of the environment variable TF_WORKSPACE

with the environment variable taking precedence.

To further complicate matters, if you run terraform workspace select foo and the workspace foo has not been created, you get an error. Likewise, if you run TF_WORKSPACE=foo terraform init -reconfigure and the workspace foo does not exist, you get an error. But if you run TF_WORKSPACE=foo terraform plan and the workspace foo does not exist, it will silently and automatically be created for you (so beware of typos).

Whichever mechanism you choose, you are setting some kind of persistent state which affects what terraform commands affect, and it becomes easy to get lost as to what you are actually working on. Atmos handles this by always setting the state for its Terraform commands, which is admirable, and it can be more helpful to people using terraform directly if it helps those users manage this hidden state effectively.

Prior to Atmos version 1.55, its behavior was that if it ran any Terraform command that applied to a specific workspace (anything other than init), it selected the workspace, creating it if needed, and left the workspace selected. This means that if you working in the component directory, then any terraform commands like terraform state show would work on the component in the workspace of the stack you most recently used for that component. After running atmos terraform plan <component> -s <stack>, you could do everything else using plain Terraform commands if you wanted to (the only trick being that, for some commands, you would need to supply the -var-file that Atmos generated). While many users would never do things this way, in some use cases it can be particularly time saving. For example, you may want to run the same set of Terraform commands repeatedly on the same component, using different stacks, as can happen when migrating a component to a new version requires some manual steps.

As of Atmos 1.55, Atmos changed how it selects a workspace. It started using the environment variable TF_WORKSPACE instead of terraform workspace select. While this works for Atmos, it changes the behavior for running the bare terraform commands. No longer did Atmos set the workspace for you, nor would atmos terraform workspace <component> -s <stack> set the workspace for you, either. In fact, there was no longer any direct way to find out the correct workspace name to use. Your plain terraform commands worked on the default workspace, or whatever one was selected the last time you used an old version of Atmos.

So in summary, the change made using terraform harder to use, without appreciably making atmos easier to use. The change did eliminate a bug that was causing problems, and the consequences were not obvious (nor universally considered negative), so it was made. This PR fixes the bug a different way and restores the behavior of v1.54 and earlier.

In the long run, we are seeking ways to make these kinds of behaviors optional and easier to choose. For now, we are just reverting to the "tried-and-true" behavior to avoid further surprises.

references

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/cloudposse/atmos](https://github.com/cloudposse/atmos) from 1.68.0 to 1.69.0.
- [Release notes](https://github.com/cloudposse/atmos/releases)
- [Changelog](https://github.com/cloudposse/atmos/blob/master/CHANGELOG.md)
- [Commits](cloudposse/atmos@v1.68.0...v1.69.0)

---
updated-dependencies:
- dependency-name: github.com/cloudposse/atmos
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested review from a team as code owners April 10, 2024 07:45
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code minor New features that do not break anything labels Apr 10, 2024
@dependabot dependabot bot requested review from kevcube and Gowiem April 10, 2024 07:45
@mergify mergify bot added the auto-update This PR was automatically generated label Apr 10, 2024
Copy link
Contributor Author

dependabot bot commented on behalf of github Apr 15, 2024

Superseded by #379.

@dependabot dependabot bot closed this Apr 15, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/cloudposse/atmos-1.69.0 branch April 15, 2024 07:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
auto-update This PR was automatically generated dependencies Pull requests that update a dependency file go Pull requests that update Go code minor New features that do not break anything
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants