Merge branch 'main' into pin-buildx

runatlantis · Jun 6, 2023 · 726e51d · 726e51d
2 parents de4f89f + 0231970
commit 726e51d
Show file tree

Hide file tree

Showing 8 changed files with 123 additions and 11 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -62,7 +62,7 @@ WORKDIR /tmp/build
 
 # install conftest
 # renovate: datasource=github-releases depName=open-policy-agent/conftest
-ENV DEFAULT_CONFTEST_VERSION=0.42.1
+ENV DEFAULT_CONFTEST_VERSION=0.43.0
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN AVAILABLE_CONFTEST_VERSIONS=${DEFAULT_CONFTEST_VERSION} && \
     case ${TARGETPLATFORM} in \

diff --git a/go.mod b/go.mod
@@ -9,7 +9,7 @@ require (
 	github.com/briandowns/spinner v1.23.0
 	github.com/elazarl/go-bindata-assetfs v1.0.1
 	github.com/go-ozzo/ozzo-validation v3.6.0+incompatible
-	github.com/go-playground/validator/v10 v10.14.0
+	github.com/go-playground/validator/v10 v10.14.1
 	github.com/go-test/deep v1.1.0
 	github.com/golang-jwt/jwt/v5 v5.0.0
 	github.com/google/go-github/v52 v52.0.0

diff --git a/go.sum b/go.sum
@@ -140,8 +140,8 @@ github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/o
 github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
 github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
-github.com/go-playground/validator/v10 v10.14.0 h1:vgvQWe3XCz3gIeFDm/HnTIbj6UGmg/+t63MyGU2n5js=
-github.com/go-playground/validator/v10 v10.14.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU=
+github.com/go-playground/validator/v10 v10.14.1 h1:9c50NUPC30zyuKprjL3vNZ0m5oG+jU0zvx4AqHGnv4k=
+github.com/go-playground/validator/v10 v10.14.1/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
 github.com/go-test/deep v1.0.4/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=

diff --git a/server/events/markdown_renderer.go b/server/events/markdown_renderer.go
@@ -100,6 +100,7 @@ type planSuccessData struct {
 	DisableApply             bool
 	DisableRepoLocking       bool
 	EnableDiffMarkdownFormat bool
+	PlanStats                models.PlanSuccessStats
 }
 
 type policyCheckResultsData struct {
@@ -195,10 +196,19 @@ func (m *MarkdownRenderer) renderProjectResults(results []command.ProjectResult,
 		}
 		if result.PlanSuccess != nil {
 			result.PlanSuccess.TerraformOutput = strings.TrimSpace(result.PlanSuccess.TerraformOutput)
+			data := planSuccessData{
+				PlanSuccess:              *result.PlanSuccess,
+				PlanWasDeleted:           common.PlansDeleted,
+				DisableApply:             common.DisableApply,
+				DisableRepoLocking:       common.DisableRepoLocking,
+				EnableDiffMarkdownFormat: common.EnableDiffMarkdownFormat,
+				PlanStats:                result.PlanSuccess.Stats(),
+			}
 			if m.shouldUseWrappedTmpl(vcsHost, result.PlanSuccess.TerraformOutput) {
-				resultData.Rendered = m.renderTemplateTrimSpace(templates.Lookup("planSuccessWrapped"), planSuccessData{PlanSuccess: *result.PlanSuccess, PlanSummary: result.PlanSuccess.Summary(), PlanWasDeleted: common.PlansDeleted, DisableApply: common.DisableApply, DisableRepoLocking: common.DisableRepoLocking, EnableDiffMarkdownFormat: common.EnableDiffMarkdownFormat})
+				data.PlanSummary = result.PlanSuccess.Summary()
+				resultData.Rendered = m.renderTemplateTrimSpace(templates.Lookup("planSuccessWrapped"), data)
 			} else {
-				resultData.Rendered = m.renderTemplateTrimSpace(templates.Lookup("planSuccessUnwrapped"), planSuccessData{PlanSuccess: *result.PlanSuccess, PlanWasDeleted: common.PlansDeleted, DisableApply: common.DisableApply, DisableRepoLocking: common.DisableRepoLocking, EnableDiffMarkdownFormat: common.EnableDiffMarkdownFormat})
+				resultData.Rendered = m.renderTemplateTrimSpace(templates.Lookup("planSuccessUnwrapped"), data)
 			}
 			resultData.NoChanges = result.PlanSuccess.NoChanges()
 			numPlanSuccesses++

diff --git a/server/events/models/models.go b/server/events/models/models.go
@@ -23,6 +23,7 @@ import (
 	"net/url"
 	paths "path"
 	"regexp"
+	"strconv"
 	"strings"
 	"time"
 
@@ -384,7 +385,7 @@ type PolicySetStatus struct {
 // Summary regexes
 var (
 	reChangesOutside = regexp.MustCompile(`Note: Objects have changed outside of Terraform`)
-	rePlanChanges    = regexp.MustCompile(`Plan: \d+ to add, \d+ to change, \d+ to destroy.`)
+	rePlanChanges    = regexp.MustCompile(`Plan: (\d+) to add, (\d+) to change, (\d+) to destroy.`)
 	reNoChanges      = regexp.MustCompile(`No changes. (Infrastructure is up-to-date|Your infrastructure matches the configuration).`)
 )
 
@@ -426,6 +427,11 @@ func (p PlanSuccess) DiffMarkdownFormattedTerraformOutput() string {
 	return strings.TrimSpace(formattedTerraformOutput)
 }
 
+// Stats returns plan change stats and contextual information.
+func (p PlanSuccess) Stats() PlanSuccessStats {
+	return NewPlanSuccessStats(p.TerraformOutput)
+}
+
 // PolicyCheckResults is the result of a successful policy check run.
 type PolicyCheckResults struct {
 	// PolicySetResults is the output from policy check binary(conftest|opa)
@@ -618,3 +624,29 @@ type WorkflowHookCommandContext struct {
 	// UUID for reference
 	HookID string
 }
+
+// PlanSuccessStats holds stats for a plan.
+type PlanSuccessStats struct {
+	Add, Change, Destroy    int
+	Changes, ChangesOutside bool
+}
+
+func NewPlanSuccessStats(output string) PlanSuccessStats {
+	m := rePlanChanges.FindStringSubmatch(output)
+
+	s := PlanSuccessStats{
+		ChangesOutside: reChangesOutside.MatchString(output),
+		Changes:        len(m) > 0,
+	}
+
+	if s.Changes {
+		// We can skip checking the error here as we can assume
+		// Terraform output will always render an integer on these
+		// blocks.
+		s.Add, _ = strconv.Atoi(m[1])
+		s.Change, _ = strconv.Atoi(m[2])
+		s.Destroy, _ = strconv.Atoi(m[3])
+	}
+
+	return s
+}
diff --git a/server/events/models/models_test.go b/server/events/models/models_test.go
@@ -612,3 +612,73 @@ func TestPullStatus_StatusCount(t *testing.T) {
 	Equals(t, 1, ps.StatusCount(models.ErroredPolicyCheckStatus))
 	Equals(t, 1, ps.StatusCount(models.PassedPolicyCheckStatus))
 }
+
+func TestPlanSuccessStats(t *testing.T) {
+	tests := []struct {
+		name   string
+		output string
+		exp    models.PlanSuccessStats
+	}{
+		{
+			"has changes",
+			`An execution plan has been generated and is shown below.
+					Resource actions are indicated with the following symbols:
+					  - destroy
+					Terraform will perform the following actions:
+					  - null_resource.hi[1]
+					Plan: 1 to add, 3 to change, 2 to destroy.`,
+			models.PlanSuccessStats{
+				Changes: true,
+				Add:     1,
+				Change:  3,
+				Destroy: 2,
+			},
+		},
+		{
+			"no changes",
+			`An execution plan has been generated and is shown below.
+					Resource actions are indicated with the following symbols:
+					No changes. Infrastructure is up-to-date.`,
+			models.PlanSuccessStats{},
+		},
+		{
+			"changes outside",
+			`Note: Objects have changed outside of Terraform
+					Terraform detected the following changes made outside of Terraform since the
+					last "terraform apply":
+					No changes. Your infrastructure matches the configuration.`,
+			models.PlanSuccessStats{
+				ChangesOutside: true,
+			},
+		},
+		{
+			"changes and changes outside",
+			`Note: Objects have changed outside of Terraform
+					Terraform detected the following changes made outside of Terraform since the
+					last "terraform apply":
+					An execution plan has been generated and is shown below.
+					Resource actions are indicated with the following symbols:
+					  - destroy
+					Terraform will perform the following actions:
+					  - null_resource.hi[1]
+					Plan: 3 to add, 0 to change, 1 to destroy.`,
+			models.PlanSuccessStats{
+				Changes:        true,
+				ChangesOutside: true,
+
+				Add:     3,
+				Change:  0,
+				Destroy: 1,
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			s := models.NewPlanSuccessStats(tt.output)
+			if s != tt.exp {
+				t.Errorf("\nexp: %#v\ngot: %#v", tt.exp, s)
+			}
+		})
+	}
+}
diff --git a/testing/Dockerfile b/testing/Dockerfile
@@ -16,7 +16,7 @@ RUN case $(uname -m) in x86_64|amd64) ARCH="amd64" ;; aarch64|arm64|armv7l) ARCH
 
 # Install conftest
 # renovate: datasource=github-releases depName=open-policy-agent/conftest
-ENV CONFTEST_VERSION=0.42.1
+ENV CONFTEST_VERSION=0.43.0
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN case $(uname -m) in x86_64|amd64) ARCH="x86_64" ;; aarch64|arm64|armv7l) ARCH="arm64" ;; esac && \
     curl -LOs https://github.com/open-policy-agent/conftest/releases/download/v${CONFTEST_VERSION}/conftest_${CONFTEST_VERSION}_Linux_${ARCH}.tar.gz && \

diff --git a/yarn.lock b/yarn.lock
@@ -1668,9 +1668,9 @@ util-deprecate@^1.0.1:
   integrity sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==
 
 vite@~4.0.3:
-  version "4.0.4"
-  resolved "https://registry.yarnpkg.com/vite/-/vite-4.0.4.tgz#4612ce0b47bbb233a887a54a4ae0c6e240a0da31"
-  integrity sha512-xevPU7M8FU0i/80DMR+YhgrzR5KS2ORy1B4xcX/cXLsvnUWvfHuqMmVU6N0YiJ4JWGRJJsLCgjEzKjG9/GKoSw==
+  version "4.0.5"
+  resolved "https://registry.yarnpkg.com/vite/-/vite-4.0.5.tgz#634f0bd1edf8bb8468ed42a1c3fd938c67d2f94b"
+  integrity sha512-7m87RC+caiAxG+8j3jObveRLqaWA/neAdCat6JAZwMkSWqFHOvg8MYe5fAQxVBRAuKAQ1S6XDh3CBQuLNbY33w==
   dependencies:
     esbuild "^0.16.3"
     postcss "^8.4.20"