search

runatlantis / helm-charts

Atlantis Helm Chart
Apache License 2.0
115 stars 186 forks source link

GithubApp config fails to start without github.user|token|secret but the latter overwrites atlantis-webhook.github_secret #318

Closed zen closed 1 year ago

zen commented 1 year ago

I'm deploying atlantis to EKS with AWS ALB Ingress (not relevant in this particular context).

I'm bootstrapping atlantis to get Github App configured with following settings:

github:
  user: fake
  token: fake
  secret: fake

After the Github App is configured with:

githubApp:
    id: 12345
    slug: atlantis-app
    key: |
        -----BEGIN RSA PRIVATE KEY-----
        -----END RSA PRIVATE KEY-----
    secret: gaderypoluki

I removed github config and pod would not start and got following errror:

{"level":"debug","ts":"2023-08-25T13:31:43.427Z","caller":"vcs/github_client.go:104","msg":"GH User: ","json":{}}
Error: initializing server: getting user: getting app details: GET https://api.github.com/apps/atlantis-app: 404 Not Found []

But when I leave github.* values then atlantis-webhook.github_secret is overwritten with fake value and app is able to start with:

{"level":"debug","ts":"2023-08-25T14:28:03.877Z","caller":"vcs/github_client.go:104","msg":"GH User: fake","json":{}}
{"level":"info","ts":"2023-08-25T14:28:03.877Z","caller":"vcs/git_cred_writer.go:29","msg":"wrote git credentials to /home/atlantis/.git-credentials","json":{}}
{"level":"info","ts":"2023-08-25T14:28:03.878Z","caller":"vcs/git_cred_writer.go:59","msg":"successfully ran git config --global credential.helper store","json":{}}
{"level":"info","ts":"2023-08-25T14:28:03.879Z","caller":"vcs/git_cred_writer.go:65","msg":"successfully ran git config --global url.https://fake@github.com.insteadOf ssh://git@github.com","json":{}}
{"level":"info","ts":"2023-08-25T14:28:04.703Z","caller":"server/server.go:443","msg":"Utilizing BoltDB","json":{}}
{"level":"info","ts":"2023-08-25T14:28:04.706Z","caller":"policy/conftest_client.go:151","msg":"failed to get default conftest version. Will attempt request scoped lazy loads DEFAULT_CONFTEST_VERSION not set","json":{}}
{"level":"info","ts":"2023-08-25T14:28:04.707Z","caller":"server/server.go:974","msg":"Atlantis started - listening on port 4141","json":{}}
{"level":"info","ts":"2023-08-25T14:28:04.707Z","caller":"scheduled/executor_service.go:51","msg":"Scheduled Executor Service started","json":{}}

What is a proper way to even start atlantis in such a case.

zen commented 1 year ago

Ok, so I figured out it's an incorrect githubApp.slug.

Documentation on that is very poor, does not stress out that this is actual value form Github App you need to fetch. Also this value is hard to get from the app.