-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(checkout-strategy): On merge
strategy, reclone when necessary on base update
#3187
fix(checkout-strategy): On merge
strategy, reclone when necessary on base update
#3187
Conversation
The current "merge" checkout strategy is unsafe. It merges the PR and the base branch without holding the directory lock(s), so there is a potentially very long window where another PR can be applied and be unexpectedly reverted later. This happens occasionally if a PR causes plans in multiple directories, but is almost _guaranteed_ to happen if the initial plan has to wait until a lock is freed up and a manual "atlantis plan" command is given. Instead of printing a warning when this happens, we now merge again if necessary while holding the lock. Plans are then guaranteed to only be made when merged with the base branch for each directory being planned, and applying later should be safe even if the base branch sees further updates. This fixes/affects runatlantis#804, runatlantis#867, runatlantis#979
@finnag please fill out the pr template |
Updated desc to match template |
Thanks @finnag Please fix the broken test. Please also test this in your environment to ensure that it's working as expected. Test with both branch and merge strategy please. |
merge
strategy, reclone when necessary on base update
The test that times out looks like a flaky test on main.
Seems to fail with a timeout now and then, and sometimes you get this:
|
Even better:
usually fails on my machine. This is with main at 5be47fb |
The following patch will cause the test to fail reliably (maybe this should be a separate bug report for the github.com/runatlantis/atlantis/server/jobs test):
It causes
case, and then the message is lost. Limited time to track through the code today, so not sure exactly what is going on. Test failure:
|
Hi @finnag any update on the test failure? Is this something you can solve or is it something that can be solved in a separate ticket and pr? |
The test failure was fixed in a separate PR already. I've run this PR in various test setups, and it performs as intended - the usual workflows where you want to merge now work. |
@finnag have you tested this in monorepo or polirepo with workspaces and multiples dir? I'm concerned that when locks are per dir and or workspace we could potentially have a case where one PR against the same repo could pull HEAD but all other PRs on the same repo be behind. will this work if there are plans already existing on PRs and are ready to apply by running |
We're running it live in several monorepos now that have a lot of directories, and it seems to work well, there is no longer any need to manually merge/rebase PRs before planning or applying. It relies on the directory lock to keep the directory safe from modification by other PRs in the period between plan and apply. The flow per directory is: lock -> [internal merge with HEAD] -> plan -> apply -> merge PR -> unlock. The idea is that as long as the lock is held, no other PR can merge anything to main that needs the same lock, so there is no need to resync with main before the apply step. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not a blocking, just had a single comment to be aware of. Maybe leave a code comment for future coders as a TODO that the boolean to warn users can be refactored out in a later PR if its no longer needed.
We now verify that the first Clone with CheckoutMerge=true with a diverged base branch atually clones and merges again.
Thank you @finnag ! |
…n base update (#3187) * merge again if base branch has been updated The current "merge" checkout strategy is unsafe. It merges the PR and the base branch without holding the directory lock(s), so there is a potentially very long window where another PR can be applied and be unexpectedly reverted later. This happens occasionally if a PR causes plans in multiple directories, but is almost _guaranteed_ to happen if the initial plan has to wait until a lock is freed up and a manual "atlantis plan" command is given. Instead of printing a warning when this happens, we now merge again if necessary while holding the lock. Plans are then guaranteed to only be made when merged with the base branch for each directory being planned, and applying later should be safe even if the base branch sees further updates. This fixes/affects #804, #867, #979 * Remove diverged test that no longer applies * Reinstate TestClone_MasterHasDiverged test and make it pass * Extend TestClone_MasterHasDiverged to test new merging functionality We now verify that the first Clone with CheckoutMerge=true with a diverged base branch atually clones and merges again. --------- Co-authored-by: PePe Amengual <jose.amengual@gmail.com>
…n base update (runatlantis#3187) * merge again if base branch has been updated The current "merge" checkout strategy is unsafe. It merges the PR and the base branch without holding the directory lock(s), so there is a potentially very long window where another PR can be applied and be unexpectedly reverted later. This happens occasionally if a PR causes plans in multiple directories, but is almost _guaranteed_ to happen if the initial plan has to wait until a lock is freed up and a manual "atlantis plan" command is given. Instead of printing a warning when this happens, we now merge again if necessary while holding the lock. Plans are then guaranteed to only be made when merged with the base branch for each directory being planned, and applying later should be safe even if the base branch sees further updates. This fixes/affects runatlantis#804, runatlantis#867, runatlantis#979 * Remove diverged test that no longer applies * Reinstate TestClone_MasterHasDiverged test and make it pass * Extend TestClone_MasterHasDiverged to test new merging functionality We now verify that the first Clone with CheckoutMerge=true with a diverged base branch atually clones and merges again. --------- Co-authored-by: PePe Amengual <jose.amengual@gmail.com>
…n base update (runatlantis#3187) * merge again if base branch has been updated The current "merge" checkout strategy is unsafe. It merges the PR and the base branch without holding the directory lock(s), so there is a potentially very long window where another PR can be applied and be unexpectedly reverted later. This happens occasionally if a PR causes plans in multiple directories, but is almost _guaranteed_ to happen if the initial plan has to wait until a lock is freed up and a manual "atlantis plan" command is given. Instead of printing a warning when this happens, we now merge again if necessary while holding the lock. Plans are then guaranteed to only be made when merged with the base branch for each directory being planned, and applying later should be safe even if the base branch sees further updates. This fixes/affects runatlantis#804, runatlantis#867, runatlantis#979 * Remove diverged test that no longer applies * Reinstate TestClone_MasterHasDiverged test and make it pass * Extend TestClone_MasterHasDiverged to test new merging functionality We now verify that the first Clone with CheckoutMerge=true with a diverged base branch atually clones and merges again. --------- Co-authored-by: PePe Amengual <jose.amengual@gmail.com>
what
When using the merge checkout strategy, check if the base branch has
been updated before each plan operation and merge again if so.
why
The current "merge" checkout strategy is unsafe. It merges the PR and
the base branch without holding the directory lock(s), so there is a
potentially very long window where another PR can be applied and be
unexpectedly reverted later.
Instead of printing a warning when this happens, we now merge again
if necessary while holding the lock. Plans are then guaranteed to only
be made when merged with the base branch for each directory being planned,
and applying later should be safe because of the locks, even if the base
branch sees further updates.
tests
references