44 messages
π½οΈ
Justinalmost 2 years ago
Hey all, my team is working through updating some of our atmos configuration, and we're looking for some guidance around "when" to vendor? We're considering adding some logic to our GitHub Actions that would pull components for affected stacks allowing us to keep the code outside of the repository. Some wins here would be less to review on pull requests as we vendor new versions into different dev/stag/prod stages. However, is it a better play to vendor in as we develop and then commit the changes to the atmos repo?
Kubheraalmost 2 years ago(edited)
Hey Guys,
I have an use case where my component in atmos has just a terraform null_reource to execute a python script based on few triggers.
However, is there any way out I can still manage this similar to a component but not through terraform(null resource), can I use something like custom cli commands that atmos supports to do this?
Any input on this use case would be really appreciated.
I have an use case where my component in atmos has just a terraform null_reource to execute a python script based on few triggers.
However, is there any way out I can still manage this similar to a component but not through terraform(null resource), can I use something like custom cli commands that atmos supports to do this?
Any input on this use case would be really appreciated.
RBalmost 2 years ago
What do you folks think of allowing s3 module or component to have an option to add a suffix with a random string to avoid the high cost of unauthorized s3 denied access?
Or is there a gomplate way of generating a random id and passing it in the yaml to attributes ?
Or is there a gomplate way of generating a random id and passing it in the yaml to attributes ?
Erik Osterman (Cloud Posse)almost 2 years ago
Kubheraalmost 2 years ago(edited)
HI @Erik Osterman (Cloud Posse), I have an interesting use case where I have a stack with 10 components approximately and the all of these components are depending on a output of a single component which is being deployed at the first place as part of my stack. what I'm doing right now is reading out put of the component using remote-state feature of atmos, however, when I execute the workflow which has commands to execute all these components sequentially even there is a change only for a single component(this is the current design I came up with) it is reading the state file of the component every single time for each component and that is adding up extra time for my pipeline execution time. imagine if I have to deploy 100 stacks which are affected. is there any way to mimic this feature something similar to having a global variable in the stack file and refer the same all over the stack wherever it is needed?. basically what I'm looking for is, read once per stack for the output of a component and use it as part of all other dependant components.
Kubheraalmost 2 years ago
It would really save me a lot of time, anybody's help in this regard would be really appreciated.
Kubheraalmost 2 years ago
Thanks a ton in advance !!!
RBalmost 2 years ago
If a component's
enabled flag is set to false it should delete an existing component's infra, but what if you did not want the component to be acted on at all? Would a new metadata.enabled flag be acceptable? This way it wouldn't even create the workspace or run terraform commands. Atmos should just early exitJustinalmost 2 years ago
Hey all, happy Monday! I hope I have a quick question and I'm missing something obvious. I have the need to configure a provider for a component that require credentials stored in a GitHub secret. I'm missing how to get that data out of the secret and available for Atmos to use when building the provider_override.tf.json file in the component directory.
Is there some documentation or capability in Atmos to parse our YAML files and replace variable placeholders with content from a secret store?
providers:
provider_name:
alias: "example"
host: "<https://example.com>"
account_id: ${{ env.example_account_id }}
client_id: ${{ env.example_client_id }}
client_secret: ${{ env.example_client_secret }}Is there some documentation or capability in Atmos to parse our YAML files and replace variable placeholders with content from a secret store?
Stephan Helasalmost 2 years ago
Hi,
i don't know if its me or a bug π If i use Uppercase Letters in tenant, the remote state provider will downcase it and then not find the stack. I've simply renamed the stack, but wanted to let you know.
i don't know if its me or a bug π If i use Uppercase Letters in tenant, the remote state provider will downcase it and then not find the stack. I've simply renamed the stack, but wanted to let you know.
Stephan Helasalmost 2 years ago
Second thing, i'm not 100% sure, but i belive the remote-state provider ignores
stacks.name_template and only looks for stacks.name_patternErik Osterman (Cloud Posse)almost 2 years ago
I'd like to solicit more feedback on remote sources for components so we arrive at the best implementation.
https://github.com/cloudposse/atmos/issues/598
https://github.com/cloudposse/atmos/issues/598
RBalmost 2 years ago
Is there a way to list only real components ?
atmos list components --realStephan Helasalmost 2 years ago
Hi,
is there an json manifest for vendor.yaml?
is there an json manifest for vendor.yaml?
Stephan Helasalmost 2 years ago
Since inherit will not merge metadata, i need to define the component version for every component in every stack.
i try to dynamically name a component using catalog templates. But so far it is not working. With this approach i try to version my component but sill be able to use multiple instances of it.
import highlevel component in stack:
use import for the highlevel component:
use component template:
my component ends up beeing:
i try to dynamically name a component using catalog templates. But so far it is not working. With this approach i try to version my component but sill be able to use multiple instances of it.
import highlevel component in stack:
import:
- catalog/account/v0_1_0
- mixins/region/eu-central-1use import for the highlevel component:
import:
- path: catalog/components/account-vpc/v0_1_0
context:
name: 'vpc/{{ .setting.region }}'use component template:
components:
terraform:
'{{ .name }}':
metadata:
component: account-vpc/v0.1.0my component ends up beeing:
atmos list components -s accounts-sandbox-5
global
vpc/{{ .setting.region }}RBalmost 2 years ago
How does one provision a VPC with database specific subnets like terraform-aws-modules/vpc ?
Is it better to provision a new VPC instead ?
Is it better to provision a new VPC instead ?
Andrew Ochsneralmost 2 years ago(edited)
question... i know this has been covered here but I don't think I can find/search the history w/o it getting chopped off going to Free Slack.... any guidance around how to lookup resources/ids from prereq stacks? Is it always just use the remote-state data lookup? or is it just easier/preferred to do a regular data lookup like one would w/ any resources? guidance on when to use one or the other? In my environment (azure) we split up terraform state across the subscriptions that hold the resources so there's not liek a single blob storage that holds all of the state files...
Ryanalmost 2 years ago
Hey everyone, I figured I would come in here and ask before I start hacking around. We're leveraging the VPC module to build our pub/priv subnets, and I need to modify the default route on those public subnets away from the IGW to a Cisco device. I'm guessing this is outside the scope of the module but I figured I would ask π Hope you guys are having a good week.
Marvin de Bruinalmost 2 years ago(edited)
Heya! I'm following the Quick Start docs in Atmos, and I am enjoying it very much so far, its hard to not skip steps and go all in π I have ran in to a small issue though with provisioning, Im at the configure a TF backend, and it feels like the docs are skipping some steps between here: https://atmos.tools/quick-start/configure-terraform-backend#provision-terraform-s3-backend and https://atmos.tools/quick-start/configure-terraform-backend#configure-terraform-s3-backend. In the first section it describes that Atmos has the capability to provision itself a backend using the tfstate-backend component, but I can't find a good doc on how to actually use it, I tried and I see some errors I'll post in the thread here. In the next step it assumes provisioning is complete. Im happy to open a PR with the missing instructions if I figure it out.
RickAover 1 year ago
Go and Sprig functions π§΅
pvover 1 year ago
I have a variable that I need to pass that is formatted like this in HCL:
And I cannot get the value to translate properly. How do I fix my yaml file?
variable "firewall_rules" {
description = "value"
type = list(object({
name = string,
description = optional(string, null),
direction = string, # The input Value must be uppercase
priority = optional(number, 1000),
ranges = list(string),
source_tags = optional(list(string), null),
source_service_accounts = optional(list(string), null),
target_tags = optional(list(string), null),
target_service_accounts = optional(list(string), null),
allow = optional(list(object({
protocol = string # The input Value must be uppercase
ports = optional(list(string), [])
})), []),
deny = optional(list(object({
protocol = string # The input Value must be uppercase
ports = optional(list(string), [])
})), []),
log_config = optional(object({
metadata = string
}), null)
}))
default = []
}And I cannot get the value to translate properly. How do I fix my yaml file?
firewall_rules:
- name: "RULE_NAME"
description: "DESCRIPTION"
direction: "DIRECTION"
priority: <NUMBER>
ranges: ["<IP_RANGE>"]
- allow:
protocol: "PROTOCOL_TYPE"
ports: ["PORT1", "PORT2"]rssover 1 year ago(edited)
v1.73.0
Allow
Allow
Go templates in metadata.component section. Add components.terraform.command section to atmos.yaml. Document OpenTofu support @aknysh (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2309535706" data-permission-text="Title is...Erik Osterman (Cloud Posse)over 1 year ago
rssover 1 year ago(edited)
v1.74.0
Update Atmos logs. Update docs @aknysh (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2313407201" data-permission-text="Title is private" data-url="https://github.com/cloudposse/atmos/issues/605" data-hovercard-type="pull_request"...
Update Atmos logs. Update docs @aknysh (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2313407201" data-permission-text="Title is private" data-url="https://github.com/cloudposse/atmos/issues/605" data-hovercard-type="pull_request"...
rssover 1 year ago
v1.74.0
Update Atmos logs. Update docs @aknysh (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2313407201" data-permission-text="Title is private" data-url="https://github.com/cloudposse/atmos/issues/605" data-hovercard-type="pull_request"...
Update Atmos logs. Update docs @aknysh (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2313407201" data-permission-text="Title is private" data-url="https://github.com/cloudposse/atmos/issues/605" data-hovercard-type="pull_request"...
Andy Wortmanover 1 year ago
Is it possible to define multiple aws providers in atmos yaml, to be used by a single component? Iβm thinking of something like the below, but that obviously wonβt work because of the duplicate
aws: keysterraform:
providers:
aws:
region: us-west-2
assume_role:
role_arn: "role_1"
aws:
alias: "account_2"
region: us-west-2
assume_role:
role_arn: "role_2"E
erikover 1 year ago
We added a new
https://atmos.tools/quick-start/add-custom-commands
<File/> component to the docs, so it's easier to identify files from terminal output.https://atmos.tools/quick-start/add-custom-commands
rssover 1 year ago(edited)
v1.75.0
Improve
Improve
atmos validate stacks and atmos describe affected commands @aknysh (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2316727181" data-permission-text="Title is private" data-url="https://github.com/cloudposse/atmos/issues/608"...Erik Osterman (Cloud Posse)over 1 year ago
/github subscribe cloudposse/atmos releases
U
Unknown Userover 1 year ago
β
οΈ Subscribed to cloudposse/atmos. This channel will receive notifications for
issues, pulls, commits, releases, deploymentsErik Osterman (Cloud Posse)over 1 year ago
/github subscribe list features
U
Unknown Userover 1 year ago
Erik Osterman (Cloud Posse)over 1 year ago
/github unsubscribe cloudposse/atmos issues
U
Unknown Userover 1 year ago
This channel will receive notifications from cloudposse/atmos for:
pulls, commits, releases, deploymentsErik Osterman (Cloud Posse)over 1 year ago
/github unsubscribe cloudposse/atmos pulls commits deployments
U
Unknown Userover 1 year ago
This channel will receive notifications from cloudposse/atmos for:
releasesRBover 1 year ago
Are there plans to document integration atmos into argocd? I'd absolutely love the ability to auto sync stacks and manually sync stacks to apply terraform