Atlantis server side repo config branch filter not working

[vikiuvb]

I'm using the latest version of Atlantis - https://github.com/runatlantis/atlantis/releases/tag/v0.17.0. According to this pull request - https://github.com/runatlantis/atlantis/pull/1383, adding a branch in the server config should match only the pull request whose base branch matches the branch pattern.

I'm using the following configuration.

repos:
  - id: <repoId>
    branch: local
    workflow: workflow-local

Atlantis is executing the terraform plan even if the base branch of the pull request is not local. My use case is similar to https://github.com/runatlantis/atlantis/issues/982. I thought the latest release supporting branch filter should solve my use case. Am I missing something?

[minamijoyo]

Looks duplicated https://github.com/runatlantis/atlantis/issues/1539

[minamijoyo]

@vikiuvb The bug #1539 was fixed in v0.17.3 via #1768. Note that the branch keyword is a regex pattern. You should use branch: /^local$/

[sujeets-toast]

Here branch is destination for pullrequest branch: /^pull_request_destination_banch_name$/

[jluque0101]

Hi @minamijoyo I am trying to assign requirements when creating PR against specific branches (master|main|prod|prd). First I target all repos and filter by branch (dev|develop) relaxing requirements to just diverged. After that I define a new rule that targets all repositories again this time filtering for production branches so I can update apply_requirementsto be mergeable as well however I am finding that when creating a PR against one of the development branches Atlantis doesn't trigger any job.

The reason why I am using /.*/ in both is due to the amount of repositories, ideally I'd like to avoid add repository settings one by one.

It seems the last match is the one taking precedence and therefore atlantis doesn't do anything for development branches.

  - id: /.*/
    branch: /^(dev|develop)$/
    workflow: multibranch
    allow_custom_workflows: true
    allowed_overrides: [ workflow ]
    plan_requirements: [ undiverged ]
    apply_requirements: [ undiverged ]
    import_requirements: [ undiverged ]
  - id: /.*/
    branch: /^(master|main|prod|prd)$/
    workflow: multibranch
    allow_custom_workflows: true
    allowed_overrides: [ workflow ]
    plan_requirements: [ undiverged ]
    apply_requirements: [ undiverged, mergeable ]
    import_requirements: [ undiverged ]

Is there a way to approach this currently? I am writing here because this issue seems to be somehow related to this issue but I'll be happy to open a new one if that's required, thanks!

[minamijoyo]

Hi @jluque0101, I’m not sure it is a valid configuration to specify multiple any /.*/ matches for repository IDs. If so, it is unclear which should be prioritized. https://www.runatlantis.io/docs/server-side-repo-config.html#repo

Regarding the branch attribute, the base branch restriction feature, a workflow will be triggered only if the specified base branch is used. Note that this is not a configuration selector like the id attribute. Atlantis does not have a way to determine which configuration to use based on the branch. So duplicated definitions seem to conflict with the requirements.

I guess what you need is a feature to customize settings based on both the repository ID and the base branch, isn’t it? If so, I recommend you open a new feature request.

[jluque0101]

Thanks @minamijoyo is clear now, I believe I misunderstood how branch filter works.

[dimisjim]

I've opened an issue which kinda relates to this here (which can maybe be closed?): https://github.com/runatlantis/atlantis/issues/4245

The id repo & branch matcher behaviour wasn't clear for me: I had multiple same repo ids, but each for different branches, and didn't know whether the branch regex was incorrect, or something else (maybe the error sent could be improved too, coz I was just receiving: "command was run on a pull request which doesn't match base branches"))