Initial implementation by aknysh · Pull Request #1 · cloudposse/atmos

aknysh · 2020-10-11T03:37:39Z

what

Initial implementation of variants CLI cloud automation tool
Add README
Add example

why

Create a CLI tool and provide usage example for
- Provisioning Terraform projects
- Deploying helm charts to Kubernetes clusters using helmfiles
- Executing helm commands on Kubernetes clusters
- Provisioning istio on Kubernetes clusters using [istio operator (https://istio.io/latest/blog/2019/introducing-istio-operator/) and helmfile
- Combining various commands into workflows to execute many commands sequentially in just one step
- ... and many more

README.md

osterman · 2020-10-12T18:40:08Z

Please move README.md to README.yaml

README.md

osterman · 2020-10-12T18:52:06Z

Please remove the current examples. They are too complex, too much tech debt to maintain, and not something we can more easily test, ideally without an AWS account.

osterman · 2020-10-12T18:52:44Z

Keep in mind, we'll be using this in https://github.com/cloudposse/reference-architectures so we'll have more advanced examples that we actually test and maintain. Just not here.

README.md

This commit addresses the second round of CodeRabbit review comments: Comment #1 - Global flags in planfile commands: - Add global flag parsing (--base-path, --config, --config-path, --profile) to delete.go, download.go, and upload.go using flags.ParseGlobalFlags() - Refactored upload.go to extract helper functions and reduce function length Comment #3 - GenerateKey placeholder validation: - Add validation for required fields (Stack, Component, SHA) when used in pattern - Return ErrPlanfileKeyInvalid error instead of leaving placeholders unreplaced - Update interface_test.go with new test cases for validation behavior Comments #4-5 - Golden file anchor mismatches: - Update templates to use user-content- prefix on anchor IDs for proper markdown link fragment resolution - Regenerate all golden files to match new template output 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

1. Fix hydration mismatch: Initialize isFullscreen/isMobile to false, then set mobile state after mount in useEffect (Comment #1) 2. Fix stale closure in resize handler: Use ref to track current fullscreen state instead of closure value (Comment #2) 3. Remove unused import: Remove createPortal from SlideNotesPopout (Comment #3) 4. Fix popout window recreation: Remove currentSlide/totalSlides/ currentNotes from dependency array so window isn't recreated on every slide change (Comment #4) 5. Fix XSS vulnerability: Use textContent instead of innerHTML when setting notes content in popout window (Comment #5) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

…omization (#1925) * feat: Improve slide deck mobile responsiveness and fullscreen behavior - Auto-enter fullscreen mode on mobile/tablet devices (touch + width ≤ 1024px) - Detect device orientation and screen dimensions for responsive behavior - Remove forced dark mode styling; fullscreen now respects current theme - Add responsive breakpoints for tablet (996px) and mobile (768px) - Implement viewport-based scaling for text and images on mobile - Maintain 2-column split layouts on mobile with scaled content - Increase z-index to 99999 to prevent navbar overlap in fullscreen - Improve padding and spacing for mobile screens - Use clamp() with viewport units (vw) for fluid typography 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com> * feat: Add responsive scaling for desktop fullscreen mode - Remove max-width constraint (1600px) on fullscreen slide wrapper - Use viewport-based sizing to fill entire screen while maintaining 16:9 - Scale slide content width from 800px to 85-90% in fullscreen - Add clamp() with vw units for text scaling in fullscreen: - Titles scale from 2.5rem to 4rem (4vw) - Title slides scale from 3.5rem to 5.5rem (5vw) - Content/lists scale from 1.25rem to 2rem (2vw) - Code scales from 0.9rem to 1.3rem (1.2vw) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore: Increase bomb image width from 180px to 280px 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Allow vertical scrolling in fullscreen slides for long content Changes overflow from hidden to overflow-y: auto so YAML code blocks and other long content can be scrolled within the slide. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Make mobile fullscreen fill entire viewport without black borders Remove 16:9 aspect ratio constraint on mobile so the slide background extends to fill the entire screen instead of showing black bars. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Remove dark borders on mobile fullscreen by making containers transparent Make all fullscreen containers transparent so the slide's background extends to fill the entire viewport without visible borders. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Restore solid background and visible controls on mobile fullscreen - Use solid background color instead of transparent to hide page behind - Add fixed positioning for toolbar at bottom of screen - Add fixed positioning for nav buttons with semi-transparent background - Add padding-bottom to slide content to avoid toolbar overlap 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Hide left-area container in mobile fullscreen mode The left-area container was taking up space in the flex layout even though the nav buttons were fixed positioned, causing a dark strip on the left side of the slide. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Improve vertical centering in mobile fullscreen mode - Changed container align-items from stretch to center - Added flexbox centering to slide-wrapper - Changed slide height from 100% to auto with min-height: 100% - Added explicit flexbox centering to slide element 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Keep prev navigation button visible in mobile fullscreen Instead of hiding the left-area container completely (which also hides the prev button), collapse it to width: 0 but keep overflow: visible so the fixed-positioned nav button still renders. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Ensure vertical centering for content layout slides on mobile - Changed slide height back to 100% (from auto with min-height) - Added explicit centering override for content layout slides - Keep text-align: left for content readability 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Enable vertical scrolling on mobile fullscreen slides - Changed slide from flexbox to block display to allow overflow scrolling - Moved vertical centering to slide__inner using min-height + flexbox - margin: auto centers content when it's shorter than viewport - Long content can now scroll properly 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Use absolute positioning for mobile slide to enable scrolling - Removed flexbox from slide-wrapper (was preventing scroll) - Used absolute positioning on slide to fill container - Slide now has fixed dimensions and can scroll content 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Use 'justify-content: safe center' for vertical centering with scroll - Use 'safe center' which centers when content fits, aligns to start when overflow - Keep flexbox display for proper centering - Remove conflicting display: block from Slide.css 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Use margin:auto on slide__inner for vertical centering - Removed 'justify-content: safe center' (limited browser support) - Use margin: auto on slide__inner with flex-shrink: 0 - This centers when content is short, scrolls when content overflows 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Remove top padding from mobile fullscreen slide Changed padding from '1.5rem 2rem' to '0 2rem' to eliminate the top offset that was pushing content down. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Remove all top padding from mobile fullscreen slides - Added !important to slide padding override (0 1.5rem) - Explicitly set margin: auto and padding: 0 on slide__inner 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Add horizontal padding to slide__inner on mobile fullscreen Changed padding from 0 to '0 1rem' for left/right spacing. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: Add customizable speaker notes with position, display mode, and popout options - Add notes preferences state (position, displayMode, isPopout) to context with localStorage persistence - Add bottom position for notes panel (Google Slides style) with 25vh height - Add shrink display mode that resizes slides instead of overlaying - Add toolbar controls to toggle position, display mode, and popout (desktop only) - Add popout window component with BroadcastChannel sync for cross-window navigation - Fix navigation buttons z-index to work when notes overlay is present - Ensure notes content is scrollable with proper min-height: 0 on flex child 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor: Move notes preference controls to SlideNotesPanel header Move the position toggle, display mode toggle, and popout button from the main toolbar into the SlideNotesPanel header. The main toolbar now only shows a single notes button that toggles notes or brings them back from popout mode. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Add horizontal padding to bottom position speaker notes The notes content was flush against the left/right edges when in bottom position. Added 2rem padding to both header and content for better visual spacing. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Extend progress bar to full width in page mode The progress bar was respecting the container padding, leaving gaps on the sides. Now uses negative margins to extend edge-to-edge. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address CodeRabbit review comments for SlideDeck 1. Fix hydration mismatch: Initialize isFullscreen/isMobile to false, then set mobile state after mount in useEffect (Comment #1) 2. Fix stale closure in resize handler: Use ref to track current fullscreen state instead of closure value (Comment #2) 3. Remove unused import: Remove createPortal from SlideNotesPopout (Comment #3) 4. Fix popout window recreation: Remove currentSlide/totalSlides/ currentNotes from dependency array so window isn't recreated on every slide change (Comment #4) 5. Fix XSS vulnerability: Use textContent instead of innerHTML when setting notes content in popout window (Comment #5) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Improve popout window slide state synchronization - Add refs to track current slide state for immediate popout initialization - Create updatePopoutContent helper to consolidate DOM update logic - Immediately update popout content after document.close() to avoid "Loading..." flash - Add popup=yes to window.open() for better browser compatibility - Note: Arc browser opens popups as tabs by design, but BroadcastChannel sync still works 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: Add slide-notes-extractor plugin for TTS export Creates plain text files from SlideNotes content at build time for OpenAI TTS. Files are output to build/slides/{deck-name}/slide{N}.txt and sync to S3 with the rest of the build. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: Add TTS player for speaker notes Implement a full-featured Text-to-Speech player for slide speaker notes: - Play/Pause/Stop controls in both toolbar and player bar - Mute toggle with visual feedback (red icon when muted) - Voice selector with 6 OpenAI voices (alloy, echo, fable, nova, onyx, shimmer) - Speed control (0.5x to 2x) - Progress bar with seek capability - Auto-advance to next slide when audio completes - Auto-continue playback when manually navigating slides - Preferences persistence (voice, speed, mute) in localStorage - Keyboard shortcuts: P (play/pause), M (mute) Uses the Cloud Posse TTS API which converts slide notes .txt files (generated at build time by slide-notes-extractor plugin) to speech. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address security and accessibility review comments - Fix XSS vulnerability in slide-notes-extractor by using iterative tag stripping and removing any remaining < or > characters - Add keyboard support to TTSPlayer progress bar (ArrowLeft/Right for 5s seek, Home/End for start/end) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * fix: Auto-play TTS continues after slide advance The TTS auto-play feature was not continuing playback after auto-advancing to the next slide because the "was playing" state was cleared before the slide change occurred. Changed to use a dedicated autoPlayRef that: - Gets set to true when user starts playing - Stays true across slide transitions (so next slide auto-plays) - Gets cleared on pause, stop, or reaching the last slide Also wired up TTSPlayer callbacks so pause/stop/resume properly update the auto-play state. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Use text extraction approach for HTML sanitization Changed from iterative tag stripping to text extraction approach to address CodeQL "incomplete multi-character sanitization" alert. The new approach: 1. Extracts text content between HTML tags 2. Joins with spaces to preserve word boundaries 3. Removes any stray angle brackets as final cleanup This avoids the regex replacement pitfall where removing one tag could leave fragments that combine into new tags. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: Add 2-second delay between slides during TTS auto-play When auto-playing speaker notes, there's now a 2-second pause between slides to give listeners time to absorb the content before the next slide's audio begins. The delay is: - Configurable via AUTO_ADVANCE_DELAY constant (currently 2000ms) - Cancelled when user pauses or stops playback - Cleaned up on component unmount 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor: Split TTS auto-advance delay into 1s after + 1s before Split the 2-second delay between slides into two parts: - 1 second after the current slide's audio ends - 1 second before the next slide's audio starts This provides a more balanced pause that gives time for both the current slide to sink in and for the visual transition to the next slide before audio begins. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor: Rename TTS delay constants for clarity Rename AUTO_ADVANCE_DELAY_AFTER/BEFORE to AUTO_ADVANCE_DELAY and AUTO_PLAY_DELAY for clearer semantics: - AUTO_ADVANCE_DELAY: delay before advancing to next slide - AUTO_PLAY_DELAY: delay before starting audio on new slide 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Keep TTS player bar visible during slide transitions Add isAutoPlaying state to track auto-play mode for UI updates. Previously, the TTSPlayer bar would disappear during the 1-second delay between slides because neither isPlaying nor isPaused was true. Now the bar stays visible when navigating via the drawer or during auto-advance transitions. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Show loading spinner during TTS slide transitions The play button now shows a loading spinner during the delay between slides when in auto-play mode. Previously it would briefly show the play icon which was jarring. Changes: - Always show the TTS button (not conditional on currentNotes) - Show spinner when isAutoPlaying but not yet playing/paused - Button stays active during auto-play transitions 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Reuse Audio element for iOS autoplay compatibility iOS Safari blocks audio playback that isn't directly triggered by user interaction. Creating a new Audio() element for each slide broke the user-activation chain, causing "request is not allowed by the user agent" errors on mobile. Fix: Reuse a single persistent Audio element and update its src property instead of creating new elements. This preserves the user-activation state established on the first tap. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: Prefetch TTS audio in parallel with delay Start the TTS API call immediately when a slide changes, running it in parallel with the AUTO_PLAY_DELAY. This way the delay is: max(delay, api_call_time) instead of: delay + api_call_time Added prefetch() function to useTTS that returns a playPrefetched() function, allowing the fetch and delay to run concurrently. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: Prefetch next slide audio while current slide plays Add background prefetching of n+1 slide audio to eliminate API latency between slides during auto-play. Changes: - Add prefetch cache (Map keyed by slide+voice) - Add prefetchInBackground() for silent background fetching - Update play() and prefetch() to check cache first - Trigger background prefetch when audio starts playing Now while slide N plays, slide N+1 audio is fetched in parallel. When advancing, the cached audio is used immediately. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Handle unhandled promise rejection in TTS resume The resume callback was calling audio.play() without handling the returned Promise, which could lead to unhandled rejections when autoplay is blocked or other playback errors occur. Now properly chains .then/.catch to update state appropriately on success or failure. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Improve mobile portrait fullscreen layout for slides Address issues in mobile Safari portrait mode: - Use dvh units to account for dynamic browser UI (URL bar) - Add safe-area-inset padding for notched devices - Reduce font sizes for narrow portrait viewports - Stack split layouts vertically in portrait - Align content to top instead of center to prevent overlap 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Center slide content vertically in mobile portrait mode Reverted to centered vertical alignment for slides in portrait mode. The previous top-alignment looked unbalanced for shorter content. Content will scroll if it overflows. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Haiku 4.5 <noreply@anthropic.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Andriy Knysh <aknysh@users.noreply.github.com>

- cmd/auth/shell.go: Use envpkg.MergeGlobalEnv() for consistency with exec.go (addresses CodeRabbit comment #3 about env merging inconsistency) - cmd/auth/whoami.go: Use %w for error wrapping to preserve error chain (addresses CodeRabbit comment #4 about error wrapping) - tests/cli_describe_component_test.go: Use cross-platform TTY detection with term.IsTTYSupportForStdout() and close file handle properly (addresses CodeRabbit comments #5, #6) - tests/describe_test.go: Add skipIfNoTTY helper with cross-platform TTY detection and proper file handle cleanup (addresses CodeRabbit comments #7, #8) Note: Comments #1 and #2 (codeql clear-text logging) are false positives - the atmos auth env command intentionally outputs credentials for shell sourcing, similar to `aws configure export-credentials`. Suppression comments are already in place. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

This commit addresses the second round of CodeRabbit review comments: Comment #1 - Global flags in planfile commands: - Add global flag parsing (--base-path, --config, --config-path, --profile) to delete.go, download.go, and upload.go using flags.ParseGlobalFlags() - Refactored upload.go to extract helper functions and reduce function length Comment #3 - GenerateKey placeholder validation: - Add validation for required fields (Stack, Component, SHA) when used in pattern - Return ErrPlanfileKeyInvalid error instead of leaving placeholders unreplaced - Update interface_test.go with new test cases for validation behavior Comments #4-5 - Golden file anchor mismatches: - Update templates to use user-content- prefix on anchor IDs for proper markdown link fragment resolution - Regenerate all golden files to match new template output 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

- cmd/auth/shell.go: Use envpkg.MergeGlobalEnv() for consistency with exec.go (addresses CodeRabbit comment #3 about env merging inconsistency) - cmd/auth/whoami.go: Use %w for error wrapping to preserve error chain (addresses CodeRabbit comment #4 about error wrapping) - tests/cli_describe_component_test.go: Use cross-platform TTY detection with term.IsTTYSupportForStdout() and close file handle properly (addresses CodeRabbit comments #5, #6) - tests/describe_test.go: Add skipIfNoTTY helper with cross-platform TTY detection and proper file handle cleanup (addresses CodeRabbit comments #7, #8) Note: Comments #1 and #2 (codeql clear-text logging) are false positives - the atmos auth env command intentionally outputs credentials for shell sourcing, similar to `aws configure export-credentials`. Suppression comments are already in place. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Adds comprehensive tests for: - CleanExpiredWorkdirs with mock filesystem - formatDuration for human-readable output - getLastAccessedTime with atime fallback to mtime - checkWorkdirExpiry with valid/corrupt/missing metadata - isLocalSource for local vs remote URI detection Also fixes linter issues: - godot: Fix comment in duration.go - revive: Refactor formatWithOptions to map-based dispatch Addresses CodeRabbit comment #1 requesting improved patch coverage. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

This commit addresses the second round of CodeRabbit review comments: Comment #1 - Global flags in planfile commands: - Add global flag parsing (--base-path, --config, --config-path, --profile) to delete.go, download.go, and upload.go using flags.ParseGlobalFlags() - Refactored upload.go to extract helper functions and reduce function length Comment #3 - GenerateKey placeholder validation: - Add validation for required fields (Stack, Component, SHA) when used in pattern - Return ErrPlanfileKeyInvalid error instead of leaving placeholders unreplaced - Update interface_test.go with new test cases for validation behavior Comments #4-5 - Golden file anchor mismatches: - Update templates to use user-content- prefix on anchor IDs for proper markdown link fragment resolution - Regenerate all golden files to match new template output 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Adds comprehensive tests for: - CleanExpiredWorkdirs with mock filesystem - formatDuration for human-readable output - getLastAccessedTime with atime fallback to mtime - checkWorkdirExpiry with valid/corrupt/missing metadata - isLocalSource for local vs remote URI detection Also fixes linter issues: - godot: Fix comment in duration.go - revive: Refactor formatWithOptions to map-based dispatch Addresses CodeRabbit comment #1 requesting improved patch coverage. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

- Use filepath.Join for OS-safe test paths (Comments #1, #6) - Route FileCache operations through injected FileSystem interface (Comment #2) - Add ErrCacheFetch sentinel and wrap fetch() errors (Comment #3) - Fix misleading "log" comment in GetOrFetch (Comment #4) - Add missing BrowserSessionWarningShown assertion (Comment #5) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

…2010) * fix: JIT source provisioning now takes precedence over local components When both source.uri and provision.workdir.enabled are configured on a component, the JIT source provisioner now always runs, even if a local component already exists. This ensures that source + workdir provisioning always vendors from the remote source to the workdir path, respecting the version specified in stack config rather than using a potentially stale local component. Added regression test to verify source provisioning takes precedence when both local component and source config are present. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com> * feat: version-aware JIT source provisioning with TTL-based cleanup - Implement intelligent re-provisioning for remote sources based on version/URI changes - Add incremental local sync with per-file checksum comparison using SyncDir - Support TTL-based cleanup for stale workdirs via duration parsing - Move workdir metadata from flat file to .atmos/metadata.json for better organization - Track source_uri, source_version, and last_accessed timestamps - Add new CLI flags: --expired, --ttl, --dry-run for workdir clean command - Update workdir list and show commands with version and access information - Extract duration parsing to new pkg/duration package for reusability Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor: Reduce cyclomatic and cognitive complexity in workdir/source packages - Extract helper functions to reduce function complexity: - duration.go: Use maps for unit multipliers and keywords, extract parseInteger/parseWithSuffix/parseKeyword - provision_hook.go: Extract isNonEmptyDir and checkMetadataChanges - clean.go: Extract checkWorkdirExpiry, getLastAccessedTime, getModTimeFromEntry - fs.go: Extract syncSourceToDest, fileNeedsCopy, deleteRemovedFiles - workdir.go: Extract validateComponentPath, computeContentHash, create localMetadataParams struct - Pass localMetadataParams by pointer to avoid hugeParam warning Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: Update source-provisioning example to use demo-library Replace terraform-null-label (which is a module, not a component) with demo-library components that can actually be run with terraform apply. The example now demonstrates both source types: - weather: LOCAL source (../demo-library/weather) - ipinfo: REMOTE source (github.com/cloudposse/atmos//examples/demo-library/ipinfo) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address PR review comments for JIT source provisioning - Add duration overflow guard in ParseDuration (Comment #6) - Fix non-workdir re-provisioning: skip metadata check for non-workdir targets (Comments #7, #11) - Detect version removal: trigger re-provisioning when version is removed (Comments #8, #14) - Fix blog date 2025 → 2026 (Comments #9, #16) - Surface metadata read failures as warnings in ListWorkdirs (Comment #10) - Add periods to comment block in needsProvisioning (Comment #12) - Treat .atmos-only directories as empty in isNonEmptyDir (Comment #13) - Skip .atmos during source walk in syncSourceToDest (Comment #15) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Update golden snapshot for atmos describe config Add the new provision.workdir section to the expected output, matching the new JIT source provisioning configuration schema. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address additional PR review comments - Guard against int64 overflow in parseWithSuffix (Comment #2) - Branch metadata writing by source type - local vs remote (Comment #3) - Add permission checks to fileNeedsCopy for mode changes (Comment #4) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: Add tests to improve coverage for workdir and source provisioning Adds comprehensive tests for: - CleanExpiredWorkdirs with mock filesystem - formatDuration for human-readable output - getLastAccessedTime with atime fallback to mtime - checkWorkdirExpiry with valid/corrupt/missing metadata - isLocalSource for local vs remote URI detection Also fixes linter issues: - godot: Fix comment in duration.go - revive: Refactor formatWithOptions to map-based dispatch Addresses CodeRabbit comment #1 requesting improved patch coverage. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Return wrapped error from ReadMetadata instead of warning Changes error handling in ListWorkdirs to return a wrapped error when ReadMetadata fails, surfacing permission/corruption issues to callers. Directories without metadata (metadata == nil) still skip silently. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: Improve test coverage and address CodeRabbit review comments - Add metadata_test.go with tests for UpdateLastAccessed and readMetadataUnlocked - Add buildLocalMetadata tests covering all timestamp preservation branches - Add cleanExpiredWorkdirs and CleanExpiredWorkdirs tests - Fix ListWorkdirs to skip invalid metadata instead of failing entire operation - Fix zero timestamp display to show "-" instead of "0001-01-01" - Fix isLocalSource to use filepath.IsAbs for Windows path support - Fix godot lint issues in log_utils.go Coverage improvements: - pkg/provisioner/workdir: 82.1% -> 88.1% - cmd/terraform/workdir: 58.7% -> 92.2% (function coverage) - UpdateLastAccessed: 0% -> 84.2% - readMetadataUnlocked: 0% -> 100% - buildLocalMetadata: 57% -> 100% - cleanExpiredWorkdirs: 0% -> 100% Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: Add JIT source provisioning tests for destroy and init commands Add test coverage to confirm that JIT source provisioning correctly takes precedence over local components for all terraform subcommands, not just plan. These tests verify that when: - source.uri is configured - provision.workdir.enabled: true - A local component exists at components/terraform/<component>/ The workdir is populated from the remote source, NOT copied from the local component. This confirms the fix in ExecuteTerraform() works universally for destroy and init commands. Uses table-driven test pattern to avoid code duplication. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: Expand JIT source tests to cover all terraform subcommands Expand table-driven test to verify JIT source provisioning works for all 22 terraform subcommands that operate on a component with a stack: Core execution: apply, deploy, destroy, init, workspace State/resource: console, force-unlock, get, graph, import, output, refresh, show, state, taint, untaint Validation/info: metadata, modules, providers, test, validate All commands correctly trigger JIT source provisioning when: - source.uri is configured - provision.workdir.enabled: true - A local component exists The workdir is populated from remote source, not local component. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: Improve test coverage and address CodeRabbit review comments - Make tests fail-fast instead of silently skipping when files don't exist - Verify context.tf exists (proving remote source was used) - Assert main.tf does NOT exist (proving local component wasn't copied) - Remove unused strings import - Update roadmap with JIT source provisioning precedence milestone - Update vendoring initiative progress from 86% to 89% Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Add JIT source provisioning to generate commands (#2019) - Add JIT source provisioning to terraform generate varfile - Add JIT source provisioning to terraform generate backend - Add JIT source provisioning to helmfile generate varfile - Add JIT source provisioning to packer output - Update golden snapshot for secrets-masking_describe_config test The generate commands were missing JIT source provisioning that exists in ExecuteTerraform(), causing them to fail with JIT-vendored components. This fix adds the same pattern to all affected commands. Closes #2019 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: Add automatic component refresh milestone to roadmap Add new milestone to Vendoring & Resilience initiative: - "Automatic component refresh on version changes" - Links to PR #2010 and version-aware-jit-provisioning blog post - Update progress from 89% to 95% Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: Improve test coverage and address CodeRabbit review comments - Add tests for workdir clean command edge cases - Add tests for workdir show command scenarios - Add duration parsing tests for TTL validation - Add filesystem tests for workdir operations - Add metadata lock tests for Unix file locking Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Windows test compatibility and improve error hint accuracy - Skip permission-based tests on Windows (Unix permissions not supported) - TestFileNeedsCopy_DifferentPermissions - TestCopyFile_PreservesPermissions - TestServiceProvision_WriteMetadataFails (read-only dirs work differently) - Use actual componentPath in error hint instead of hardcoded path Addresses CodeRabbit review feedback. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address CodeRabbit review comments - Wrap auto-provision error with ErrSourceProvision sentinel (packer_output.go) - Add error wrapping with ErrWorkdirMetadata in Windows metadata loader - Document circular import limitation preventing cmd.NewTestKit usage Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Use runtime.GOOS instead of os.Getenv for Windows detection GOOS is a compile-time constant, not a runtime environment variable. os.Getenv("GOOS") returns empty unless explicitly set. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore: Ignore flaky kubernetes.io URLs in link checker The kubernetes.io domain frequently has connection failures/timeouts in CI, causing spurious link check failures. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: Improve JIT source test assertions with explicit failure Instead of silently passing when main.tf doesn't exist, the tests now: - Explicitly fail if main.tf exists (unexpected) - Read and check for LOCAL_VERSION_MARKER to provide better diagnostics - Use t.Fatalf to fail fast with clear error messages Addresses CodeRabbit feedback about test assertion clarity. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: improve coverage for JIT source provisioning Add comprehensive tests for: - pkg/provisioner/workdir/metadata.go: - MetadataPath function - WriteMetadata with all fields populated - ReadMetadata new location priority over legacy - UpdateLastAccessed preserves all fields - pkg/provisioner/workdir/clean.go: - checkWorkdirExpiry for expired/non-expired workdirs - getModTimeFromEntry - findExpiredWorkdirs with mixed workdirs - CleanExpiredWorkdirs with empty base path - Clean with Expired option precedence - formatDuration edge cases - pkg/provisioner/workdir/fs.go: - DefaultPathFilter.Match with patterns - SyncDir with nested directories - SyncDir updating changed files - pkg/provisioner/source/provision_hook.go: - checkMetadataChanges with version scenarios - isNonEmptyDir edge cases - needsProvisioning for non-workdir targets - writeWorkdirMetadata source type detection - writeWorkdirMetadata preserving ContentHash Coverage improvements: - workdir package: ~79% → 92.5% - source package: ~76% → 83.6% Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Haiku 4.5 <noreply@anthropic.com> Co-authored-by: aknysh <andriy.knysh@gmail.com>

…cle (#2079) * feat: Add CI Summary Templates and --ci flag for automated pipelines Implement comprehensive CI integration with rich tfcmt-style templates for terraform plan/apply outputs. Auto-generates job summaries, outputs, and artifact management. - Add CIProvider interface for extensible CI component support - Implement terraform CI provider with JSON-based output parsing - Create embedded default templates (plan.md, apply.md) with resource counts, badges, and collapsible sections - Add template loader with atmos.yaml override support (base_path, per-component templates) - Add generic CI provider for local testing (--ci flag without platform detection) - Implement unified CI executor with hook bindings and declarative actions - Add golden file tests for template regression testing - Add --ci flag to plan/apply commands (respects CI env var precedence) - Wire CI hooks through terraform PostRunE for automatic execution Template features match existing GitHub Actions with tfcmt formatting: - Plan summaries with resource change badges (CREATE, CHANGE, REPLACE, DESTROY) - Caution warning when resources will be deleted - Terraform output variables table after apply - Error/warning extraction from command output - Markdown rendering with collapsible sections CI integration is controlled by: 1. ci.enabled in atmos.yaml (enables/disables integration) 2. CI environment detection (GitHub Actions auto-detected) 3. --ci flag on plan/apply (forces CI mode for testing) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com> * fix: Add perf.Track and linting fixes for CI package - Add defer perf.Track() to all public functions in CI package - Fix import ordering (go-fumpt) - Fix octal literal formatting (0644 → 0o644) - Update golangci.yml to exclude pkg/ci/github/ from depguard - Update lintroller to exclude pkg/ci/ from some checks - Fix test file permission literals 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: Add blog post announcing native CI integration Announces the new native CI integration feature with: - Simple GitHub Actions workflow examples - Explanation of auto-detection and --ci flag - Matrix strategy for multiple components - Local testing instructions - Configuration options 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Add missing planfile packages and fix broken blog link The planfile command and pkg/ci/planfile packages were not committed because .gitignore had a rule `**/planfile` which ignored any directory named "planfile". Changed the rule to only ignore files matching `*.planfile` pattern (already covered by existing rules). Also: - Fixed broken link in CI integration blog post that referenced /ci - Added pkg/ci/planfile/s3/ to golangci exclusions for AWS SDK imports - Fixed lint issues in internal/exec/describe_affected.go Note: The newly tracked files have pre-existing lint issues that will need to be addressed in a follow-up commit. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Remove duplicate defaultFilePermissions constant The constant was already defined in docs_generate.go in the same package. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address all lint issues in CI integration code Refactored CI integration code to resolve all lint issues without using nolint directives: - Extract helper functions to reduce cyclomatic/cognitive complexity - Use pointer parameters for large structs (hugeParam fixes) - Extract constants for magic numbers - Refactor nested if blocks into early returns - Split long functions into focused helpers Files refactored: - cmd/ci/status.go: Split getRepoContext into helper functions - cmd/terraform/planfile/*.go: Extract format/download helpers - pkg/ci/executor.go: Extract platform detection and binding logic - pkg/ci/terraform/parser.go: Extract resource processing functions - pkg/ci/planfile/github/store.go: Extract repo info and zip handling - pkg/ci/templates/loader.go: Extract template loading by source 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: Update golden snapshots for CI integration Regenerated golden snapshots to reflect new CI integration features: - New `ci` command in atmos --help output - New `planfile` subcommand under `terraform` - New `--ci` flag for terraform plan/apply commands - New CI configuration fields in describe config output 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Make TestLoaderResolvePath cross-platform compatible Use filepath.FromSlash() for path literals in test expectations to ensure the test passes on both Unix and Windows, where path separators differ. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: Update CI PRDs with implementation status - native-ci-integration.md: Added Implementation Status section showing Phase 1 complete, Phase 2 ~70%, and Phases 3-6 pending. Updated package structure and Files to Create table with status indicators. Documented additional components implemented beyond original PRD. - ci-summary-templates.md: Marked as complete with all files implemented. Added missing test files to the implementation table. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: Clarify CI mode activation in blog post Address review comment: clarify that ci.enabled: true in atmos.yaml is respected as a way to enable CI mode. Added numbered list of activation conditions and clarified precedence order. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address CodeRabbit review comments on CI integration This commit addresses multiple CodeRabbit review comments: - cmd/terraform/planfile/download.go: Fix double %w error wrapping using errors.Join, fix Windows path handling using filepath.Base() - cmd/terraform/planfile/upload.go: Fix unreachable GitHub Actions detection by reordering store type logic - pkg/ci/github/checks.go: Add documentation for completed status mapping, remove unused mapGitHubConclusionToCheckRunState function - pkg/ci/planfile/github/store.go: Add HTTP timeout (30s) for artifact downloads, fix error wrapping with errors.Join - pkg/ci/planfile/local/store.go: Fix file filter to only skip .metadata.json files - pkg/ci/planfile/s3/store.go: Simplify error check functions by removing unused second parameter - pkg/ci/terraform/provider.go: Add nil check for result parameter in GetOutputVariables - tools/lintroller/rule_perf_track.go: Add pkg/template exclusion with proper documentation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address additional CodeRabbit review comments on CI integration This commit addresses the second round of CodeRabbit review comments: Comment #1 - Global flags in planfile commands: - Add global flag parsing (--base-path, --config, --config-path, --profile) to delete.go, download.go, and upload.go using flags.ParseGlobalFlags() - Refactored upload.go to extract helper functions and reduce function length Comment #3 - GenerateKey placeholder validation: - Add validation for required fields (Stack, Component, SHA) when used in pattern - Return ErrPlanfileKeyInvalid error instead of leaving placeholders unreplaced - Update interface_test.go with new test cases for validation behavior Comments #4-5 - Golden file anchor mismatches: - Update templates to use user-content- prefix on anchor IDs for proper markdown link fragment resolution - Regenerate all golden files to match new template output 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: Add comprehensive CI integration test coverage Add test files for CI integration packages to improve code coverage: - pkg/ci/planfile/github/store_test.go: GitHub Artifacts store tests - pkg/ci/planfile/s3/store_test.go: S3 store helper function tests - pkg/ci/github/status_test.go: GitHub status fetching tests - pkg/ci/github/checks_test.go: Check run creation/update tests - cmd/ci/status_test.go: CI status command helper tests - pkg/ci/output_test.go: Output writer tests - cmd/terraform/planfile/upload_test.go: Upload command helper tests - cmd/terraform/planfile/list_test.go: List formatting tests - Expanded pkg/ci/executor_test.go with data structure tests - Expanded pkg/ci/planfile/local/store_test.go with edge cases Also removes accidentally committed lintroller binary and adds it to .gitignore. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor: Restructure CI config schema for provider-agnostic naming Reorganize CI configuration from confusing nested structure to a cleaner, provider-agnostic structure with four top-level capabilities: - output: key=value pairs for downstream jobs (GitHub: $GITHUB_OUTPUT) - summary: markdown job summary (GitHub: $GITHUB_STEP_SUMMARY) - checks: commit status checks (GitHub: Check Runs API) - comments: PR/MR comments (GitHub: PR comments, GitLab: MR notes) Key changes: - Rename status_checks -> checks - Rename pr_comment -> comments - Move variables under output where it belongs - Remove outputs wrapper (was conflating concepts) - Add template field to summary and comments configs This structure supports GitHub Actions, GitLab CI, and other CI providers with consistent, intuitive naming. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * feat: Wire up CI config settings to executor implementation - Add isActionEnabled() to check if CI actions are enabled based on config - Summary and Output enabled by default, Checks disabled by default - Upload/Download always enabled (controlled by planfile config) - Add filterVariables() to filter output variables by CI.Output.Variables - Update executeSummaryAction() to support custom template from config - Add comprehensive tests for config-aware behavior 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address CodeRabbit review comments on CI integration - Use ErrNotImplemented for GitHub Artifacts upload limitation - Fix broken internal link fragment in plan_no_changes.md template - Remove non-deterministic TestGetDefaultProvider test - Remove tautological TestTableHeaderWidth and TestPlanfileInfoSorting tests - Use errors.Is() for specific error sentinel verification in upload_test.go - Handle JSON decode errors in checks_test.go mock handlers - Check url.Parse errors in checks_test.go - Fix config key names in PRD docs (ci.checks.enabled, ci.comments.enabled) - Add Screengrab component to ci/status.mdx per documentation standards 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address error handling patterns in CI and config code Changes: - Use consistent fmt.Errorf("%w: ...") pattern in planfile store instead of errors.Join() for consistency with other methods - Make error messages unique to avoid linter warning about duplicate string literals - Fix type switch on error to use errors.As() in config loading - Add nolint comment for ATMOS_CLI_CONFIG_PATH os.Getenv (bootstrap config) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: Move ATMOS_PROFILE/ATMOS_IDENTITY env vars to job level Move environment variables from step level to job level in workflow examples for better practice. This ensures all steps in the job have access to the environment variables without repetition. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: Restructure PRD and blog with reproducibility narrative Lead with WHY before WHAT: complex bash scripts in CI workflows signal hidden complexity from tools not designed for CI. The reproducibility principle—same command, same behavior everywhere—is now the core narrative for native CI integration. PRD changes: - Add Executive Summary with key insight - Expand Problem Statement with Hidden Complexity Problem - Add The Reproducibility Principle section with before/after examples - Rename "What You Get" to "What This Enables" (after context) - Remove duplicate Problem Statement section Blog post changes: - Lead with reproducibility narrative - Add "The Problem with CI Glue Code" section - Add "The Reproducibility Principle" with concrete examples - Add "What This Enables" to connect solution to problem 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: Add formal functional requirements and fix matrix examples Add Functional Requirements (FR-1 through FR-9): - FR-1: CI Environment Detection - FR-2: Job Summary Output - FR-3: CI Output Variables - FR-4: Status Checks - FR-5: Planfile Storage - FR-6: Plan Verification - FR-7: Command Parity - FR-8: Describe Affected Matrix Format - FR-9: CI Status Command Add Non-Functional Requirements (NFR-1 through NFR-4): - NFR-1: Performance targets - NFR-2: Reliability (graceful degradation) - NFR-3: Security boundaries - NFR-4: Extensibility Fix matrix examples to use --output-file flag: - Add --output-file="$GITHUB_OUTPUT" usage pattern - Show complete workflow example with affected job - Document key=value output format for $GITHUB_OUTPUT 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Remove pkg/template from perf-track exclusions The pkg/template package performs template.Parse and recursive AST tree traversal, which are non-trivial operations requiring perf tracking per coding guidelines. Only trivial String() methods qualify for exclusion. Addresses CodeRabbit review comment. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address CodeRabbit review comments on CI integration - Parse global flags before loading config in ci status command - Add static error sentinels for planfile operations - Add validation to planfile registry Register function - Wrap errors with static sentinels in local and S3 stores - Fix MD028 violations in markdown templates with HTML comments 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: Update golden snapshots for CI schema and terraform flags Update snapshots to reflect: - CI config schema changes (outputs->output, status_checks->checks, pr_comment->comments, added summary section) - New terraform apply flags (--auto-generate-backend-file, --init-run-reconfigure) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: Regenerate terraform plan help snapshot Update snapshot for terraform plan --help to include new flags: - --auto-generate-backend-file - --init-run-reconfigure 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Use platform-specific absolute paths in TestLoaderResolvePath On Windows, filepath.IsAbs() requires a drive letter (e.g., C:\) for a path to be considered absolute. The test was using Unix-style paths (/absolute/path) which become \absolute\path on Windows - not absolute. This fix uses runtime.GOOS to select appropriate absolute paths for each platform, ensuring the test works correctly on both Windows and Unix systems. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address CodeRabbit review comments on planfile commands 1. delete.go: Require --force flag for deletion (returns error instead of silently exiting), using static error ErrPlanfileDeleteRequireForce 2. list.go: Add global flag parsing (--base-path, --config, etc.) 3. show.go: Add global flag parsing (--base-path, --config, etc.) 4. check.go: Add Name field to UpdateCheckRunOptions (distinct from Title) 5. checks.go: Use opts.Name instead of opts.Title for GitHub API Note: Comment #5 about template field access was investigated and found to be a false positive. The templates correctly access fields from TerraformTemplateContext which provides .Resources, .HasChanges() etc. at the top level (not under .Result). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * refactor: Use StandardParser pattern and pkg/list for planfile commands Refactor all 5 planfile commands (list, show, delete, download, upload) to: 1. Use StandardParser pattern for flag handling (instead of package-level variables) 2. Use pkg/list infrastructure for list output formatting (instead of custom formatters) Benefits: - Automatic environment variable support (ATMOS_PLANFILE_*) - Proper precedence handling (CLI > ENV > config > defaults) - Type-safe options structs - Consistent output formatting with TTY detection - Less code to maintain 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore: Add .claude/plans/ to .gitignore 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Rename shadowed fmt variable to outputFmt in list.go The local variable `fmt` was shadowing the imported fmt package. Renamed to `outputFmt` to avoid the shadowing issue. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address CodeRabbit review comments on CI integration - Use *bool pointer types for CI config Enabled fields to distinguish "not set" from "explicitly false" (fixes isActionEnabled defaults) - Document Detect() non-deterministic map iteration order in registry.go - Replace manual mock with mockgen-generated MockComponentCIProvider - Add validation for empty Stack/ComponentFromArg in GetArtifactKey - Add perf.Track() to RunCIHooks function per coding guidelines 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore: Add TODO comment for GetArtifactKey interface consideration Address CodeRabbit feedback about aligning with planfile.GenerateKey validation pattern. The current defensive approach with placeholders is appropriate since the key is only used for debug logging, but noted for future consideration if the interface is used for actual operations. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Remove unused PlanFile and Content fields from Hook struct These fields were placeholders for deprecated CI hook commands (ci.upload, ci.download, ci.summary). The modern approach uses RunCIHooks which delegates to ci.Execute() with provider bindings. Added comment explaining the deprecation and pointing to pkg/ci/. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address CodeRabbit review comments on CI integration (part 2) - GenericProvider: Return ErrCIOperationNotSupported error instead of (nil, nil) for GetStatus, CreateCheckRun, and UpdateCheckRun methods to prevent nil dereference panics at call sites - s3/store.go: Wrap loadMetadata errors with ErrPlanfileMetadataFailed sentinel for consistent error handling - loader_test.go: Handle fs.Sub error explicitly with panic for the (impossible) failure case since the directory is compile-time embedded 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Address CodeRabbit review comments on CI integration (part 3) Security fixes: - Add path traversal validation in local planfile store to prevent directory escape attacks via malicious keys Bug fixes: - Fix type assertion panic in hooks.go when "hooks" section is missing - Replace custom errorAs with stdlib errors.As in S3 store Code quality improvements: - Replace custom replaceAll/indexOf functions with strings.ReplaceAll - Fix comment/constant name mismatch in status.go - Add error logging in GitHub provider init - Simplify error wrapping in download.go using errUtils.Build() - Use errUtils.Build() pattern in delete.go for consistency - Refactor store detection into helper functions in upload.go Implementation: - Implement actual upload/download actions in executor.go instead of no-op placeholders. Actions now read/write planfiles to configured storage backends with proper metadata. Documentation: - Add thread-safety documentation for regex compilation in parser.go - Add comment about file permissions in describe_affected.go - Add planfile subcommand documentation (upload, download, list, delete, show) Testing: - Add path traversal prevention tests for local store - Remove obsolete tests for deleted custom helper functions 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Wrap errors with static sentinels per CodeRabbit review - Wrap file open errors in output.go with ErrCIOutputWriteFailed and ErrCISummaryWriteFailed sentinels - Wrap JSON unmarshal errors in parser.go with ErrParseFile sentinel This ensures consistent error checking using errors.Is() throughout the codebase. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Wrap write errors with static sentinels per CodeRabbit review - Wrap fmt.Fprintf error in WriteOutput with ErrCIOutputWriteFailed - Wrap WriteString error in WriteSummary with ErrCISummaryWriteFailed 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * test: Regenerate golden snapshots for CI/terraform features Update golden snapshot files to include new features added to this branch: - ci command (CI/CD integration) - planfile subcommand for terraform - --ci flag for terraform plan - planfiles configuration section Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix: Update ui.* calls to match new void-return API Main branch merged #1980 which removed error returns from ui.* functions. Updated cmd/ci/status.go and cmd/terraform/planfile/*.go to match the new API that doesn't return values. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * [autofix.ci] apply automated fixes * fix: Wrap CI status fetch failures with sentinel error Address CodeRabbit feedback: Wrap provider.GetStatus errors with ErrCIStatusFetchFailed sentinel so callers can reliably detect the failure class, following coding guidelines for error handling. Also fixes: - gofumpt formatting in schema.go - godot (comment periods) in log_utils.go Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * [autofix.ci] apply automated fixes * Added native ci fixtures * Added test to clarify atmos terraform planfile list works * Added terraform planfile cmd * Move planfile name from options to flags * Added planfile storage on terraform plan * Regenerate snapshots for planfile subcommand in terraform help Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Regenerate secrets-masking snapshot for planfiles and ci config sections Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix readme and tests * Refactor ci pkg - defnine providers and plugins * Move generic provider to separate package * [autofix.ci] apply automated fixes * Separate provider and plugin interfaces * Refactor code * Refactor * Refactor * Refactoring * Added before.terraform.plan hook * Added before.terraform.plan * Add CI failure test case and refactor generic provider UI output Refactor UpdateCheckRun to use consistent UI method per status (success, error, warning) for title and summary lines. Add mock-failure component and acceptance test verifying check run failure reporting with --ci flag. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Added error checks * Prepare cancel check test case * Added outputs * Fix outputs * Fix tests * Fix hooks * Fix hooks * Force local storage usage * Force local storage usage * Force local storage usage * Added debug logs * Fix golden snapshot * Fix golden snapshot * Install GHA * Fix mock component * Fix ci summary * Fix tests * Fix markdown * Fix outputs parse * [autofix.ci] apply automated fixes * Fix parser * Fix warning * [autofix.ci] apply automated fixes * Fix templating * Fix templating * Macos Tests takes more the 45 minutes * Macos Tests takes more the 45 minutes * Fix macos longs running tests * Fix macos atmos vendor pull * [autofix.ci] apply automated fixes * Added native ci fixtures * Added test to clarify atmos terraform planfile list works * Added terraform planfile cmd * Move planfile name from options to flags * Added planfile storage on terraform plan * Regenerate snapshots for planfile subcommand in terraform help Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Regenerate secrets-masking snapshot for planfiles and ci config sections Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix readme and tests * Refactor ci pkg - defnine providers and plugins * Move generic provider to separate package * Separate provider and plugin interfaces * [autofix.ci] apply automated fixes * Refactor code * Refactor * Refactor * Refactoring * Added before.terraform.plan hook * Added before.terraform.plan * Add CI failure test case and refactor generic provider UI output Refactor UpdateCheckRun to use consistent UI method per status (success, error, warning) for title and summary lines. Add mock-failure component and acceptance test verifying check run failure reporting with --ci flag. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Added error checks * Prepare cancel check test case * Added outputs * Fix outputs * Fix tests * Fix hooks * Fix hooks * Force local storage usage * Force local storage usage * Force local storage usage * Added debug logs * Fix golden snapshot * Install GHA * Fix mock component * Fix ci summary * Fix tests * Fix markdown * Fix outputs parse * Fix parser * [autofix.ci] apply automated fixes * Fix warning * Fix templating * [autofix.ci] apply automated fixes * Fix templating * Macos Tests takes more the 45 minutes * Macos Tests takes more the 45 minutes * Fix macos longs running tests * Fix macos atmos vendor pull * Fix git toolchain * Added summary output * [autofix.ci] apply automated fixes * Improve terraform output parse * Change release workflow to use feature release file * Change release workflow to use auto-release script * Fix plugin terraform outputs * Fix terraform summary output * Fix no changes template * Fix test * Fix ci summary * Fix summary template * Added test * Added failure summary * Parse errors * Fix test * Fix test * Added github upload implementation * [autofix.ci] apply automated fixes * Added github upload implementation * Fix github storage * [autofix.ci] apply automated fixes * Fix github storage * Added md5 * Added artifacts storage * Update PRD * Update PRD * FR-6: CI-integrated stored vs fresh plan verification (#2147) * Added artifacts storage * Update PRD * Update PRD * Accept artifact storage interface * Updated PRD * Implement phase 2 * Added planfile storage * Update atmos in native-ci * Update PRD * Update native-ci-integration PRD * Added deceompose PRD * Decompose PRD * Clarify questions * Decompose clarification * Decompose clarification * Decompose clarification * Decompose clarification * Decompose clarification * Update implemented features * Update implemented features * Update implemented features * Update implemented features * Update implemented features * Update implemented features * Update implemented features * Update implemented features * Update implemented features * Update implemented features * Update implemented features * Update implemented features * Refactor executor-plugin * Refactor executor-plugin * Refactor executor-plugin * Update PRDs * Update PRDs * Move checkrun storage to github implementation * planfile storage validation PRD * Make local get sha from git * Added PRD to fix planfile storage metadata * Fix planfile storage medatada * Store planfile with lock file * Store planfile with lock file * Store planfile with lock file * Added planfile artifact store multiple files * Added planfile artifact store multiple files * Added planfile artifact store multiple files * Added planfile artifact store multiple files * Planfile and artifact store integration * Define responsibility between planfile storage, artifact storage and backend storage * Move github and s3 storage to artifact package * Generaliza github storage * Generaliza github storage * Improve planfile cli * Update status * Added terraform apply ci * Update prds * Apply terraform outputs * Update PRds with the status * Apply CI plan verfication step 1 * planfile download fix prd * Fix planfile download * Fix planfile download * Added apply verification plan * [autofix.ci] apply automated fixes * Fix CI test failures: update snapshots and stderr patterns - Add --verify-plan flag to apply help golden snapshots - Fix CI test stderr patterns: "CI action failed" → "CI hook" to match actual warning output ("CI hook handler failed", "CI check run creation failed") Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update apply planfile storage prd * Clarify PRds * Added apply ci integration * [autofix.ci] apply automated fixes * Fix tests * fix tests * fix tests * Set atmos.config ci.enabled top priority * Update PRD * Fix auth problem * Fix outputs * Fix output * Added outputs parser * [autofix.ci] apply automated fixes * Fix github provider detection * Fix apply output summary * Enrich apply summary with resource lists and per-action badges Rewrite apply.md template to match plan.md style: CloudPosse logo, per-action-type badges (CREATE/CHANGE/DESTROY), CAUTION block for destroys, and resource lists by action type in diff code blocks. Parse resource names from apply progress lines (Creating/Modifying/ Destroying) to populate CreatedResources, UpdatedResources, and DeletedResources. Downgrade check run token errors to Debug level. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Render badges inline on a single line in plan and apply summaries Use right-trimming (-}}) on badge template blocks so multiple badges (CREATE/CHANGE/REPLACE/DESTROY) render on the same line instead of each appearing on a separate line. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Show plan diffs in apply summary instead of just result line Rework cleanApplyOutput to strip pre-plan noise and apply progress lines while keeping the plan resource diffs, apply result, and outputs. This gives the apply summary the same detail as the plan summary. Add OpenTofu marker support for plan output stripping. Use case-insensitive regex for progress lines since terraform outputs "Still modifying..." with lowercase after Still. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Added apply warnings * Skip planfile storages if prirorities are empty * Fix github statuses update * Make CI experementatl * [autofix.ci] apply automated fixes * Decrease timeout for jobs in test workflow Reduced timeout for job and acceptance tests from 60 to 45 minutes. * Fix tests with experimental message * Update implementation status * Fix tests * Update documentation * Update documentation * Fix links * Fix documentation * Fix broken links * Update documentation * Address documentation comments * Address documentation comments * Fix tests * Create PRD for storage rename * Rename storage * Update website documentation * Resolve sha based on git for github * Fix tests * [autofix.ci] apply automated fixes * Rollback generate command * Rollback generate command * PRD for commit statuses (#2206) * PRD for commit statuses * Added checks based on github commit status * Fix tests * [autofix.ci] apply automated fixes * Fix tests * Fix status check url * Fix status check url * Update website docs * Update website docs * Update website docs --------- Co-authored-by: Erik Osterman <erik@cloudposse.com> Co-authored-by: Claude Haiku 4.5 <noreply@anthropic.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

…elpers file to 3 files <600 lines each - Remove dead `varFile string` param from printAndWriteVarFiles (CodeRabbit 🔴 #1) - Remove setupTerraformAuthCreator, reuse defaultAuthManagerCreator (CodeRabbit 🔴 #2) - Split terraform_execute_helpers.go (786 lines) into 3 files all <600 lines (CodeRabbit 🔴 #3): - terraform_execute_helpers.go: auth/env/init/validation helpers (488 lines) - terraform_execute_helpers_args.go: arg builders (156 lines) - terraform_execute_helpers_exec.go: execution pipeline + workspace/TTY/cleanup (320 lines) - Add mutual exclusion comments to buildInitSubcommandArgs + executeTerraformInitPhase (CodeRabbit 🟡 #4) - Document buildInitArgs vs buildInitSubcommandArgs workspace/reconfigure asymmetry (CodeRabbit 🟡 #5) - Restore 'Resolving auth config for terraform command' debug entry log (CodeRabbit 🟡 #6) - Restore 'Stored authenticated identity for hooks' suffix in utils_auth.go (CodeRabbit 🟡 #7) - Extract prepareComponentExecution + executeCommandPipeline from ExecuteTerraform, reducing cyclomatic complexity from 25 → 9 (well below the 15 target) - Add tests: resolveExitCode (nil/ExitCodeError/generic/wrapped), buildWorkspaceSubcommandArgs (delete/select/no-subcommand2), buildTerraformCommandArgs (validate subcommand), prepareComponentExecution (no path error), executeCommandPipeline (TTY error via nil stdin) Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com>

…e test coverage (#2226) * Initial plan * refactor: extract helpers from ExecuteTerraform (complexity 160→26) with unit tests Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com> * docs: add blog post, roadmap entry, CLAUDE.md update for ExecuteTerraform refactor Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com> * [autofix.ci] apply automated fixes * fix: address CodeRabbit issues and improve test coverage for ExecuteTerraform helpers Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com> * fix: address all CodeRabbit issues, reduce complexity to ≤12, split helpers file to 3 files <600 lines each - Remove dead `varFile string` param from printAndWriteVarFiles (CodeRabbit 🔴 #1) - Remove setupTerraformAuthCreator, reuse defaultAuthManagerCreator (CodeRabbit 🔴 #2) - Split terraform_execute_helpers.go (786 lines) into 3 files all <600 lines (CodeRabbit 🔴 #3): - terraform_execute_helpers.go: auth/env/init/validation helpers (488 lines) - terraform_execute_helpers_args.go: arg builders (156 lines) - terraform_execute_helpers_exec.go: execution pipeline + workspace/TTY/cleanup (320 lines) - Add mutual exclusion comments to buildInitSubcommandArgs + executeTerraformInitPhase (CodeRabbit 🟡 #4) - Document buildInitArgs vs buildInitSubcommandArgs workspace/reconfigure asymmetry (CodeRabbit 🟡 #5) - Restore 'Resolving auth config for terraform command' debug entry log (CodeRabbit 🟡 #6) - Restore 'Stored authenticated identity for hooks' suffix in utils_auth.go (CodeRabbit 🟡 #7) - Extract prepareComponentExecution + executeCommandPipeline from ExecuteTerraform, reducing cyclomatic complexity from 25 → 9 (well below the 15 target) - Add tests: resolveExitCode (nil/ExitCodeError/generic/wrapped), buildWorkspaceSubcommandArgs (delete/select/no-subcommand2), buildTerraformCommandArgs (validate subcommand), prepareComponentExecution (no path error), executeCommandPipeline (TTY error via nil stdin) Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com> * [autofix.ci] apply automated fixes * Fix setupTerraformAuth error wrapping and document pre-hook termination behavior Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com> * Add setupTerraformAuth unit tests to fix unused import compile error Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com> * fix(tests): address CodeRabbit Pass 4 feedback — strengthen assertions, add ErrInvalidAuthConfig test, clean up empty section - Add require.Error(t, err) to TestPrepareComponentExecution_NoComponentPath_ReturnsError (was coverage theater: _ = err with no assertion) - Add defaultMergedAuthConfigGetter injectable var to setupTerraformAuth so the ErrInvalidAuthConfig wrap branch is testable without requiring a real MergeComponentAuthFromConfig failure - Add TestSetupTerraformAuth_MergedConfigError_WrapsWithInvalidAuthConfig covering the previously-untested ErrInvalidAuthConfig wrap path (non-ErrInvalidComponent errors) - Remove empty addRegionEnvVarForImport section placeholder from coverage test file (those 3 tests already exist in terraform_execute_helpers_test.go) - Update coverage test file header to reflect the correct list of covered functions Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com> * fix(tests): address CodeRabbit Pass 5 — split oversized test files, fix misleading wsOpts comment, add wsOpts branch test, document defaultMergedAuthConfigGetter injection layers Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com> * [autofix.ci] apply automated fixes * fix(tests): remove unused 'os' import from terraform_execute_helpers_test.go after file split Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com> * fix: audit ExecuteTerraform refactor — lint fixes, test cleanup, fix doc Lint fixes (16 issues): - Fix hugeParam: handleVersionSubcommand now takes pointers - Fix unlambda: defaultMergedAuthConfigGetter uses direct function ref - Fix filepathJoin: split "infra/networking" into separate segments - Fix unparam: remove unused planFile from buildApplySubcommandArgs - Fix forbidigo: add nolint for TF_WORKSPACE (Terraform convention) - Fix nestif: extract handlePlanStatusUpload from executeMainTerraformCommand - Fix argument-limit: add nolint for variadic opts parameter - Fix cyclomatic: extract shouldSkipWorkspaceSetup from runWorkspaceSetup - Fix cyclomatic: extract runPreExecutionSteps from prepareComponentExecution - Fix cyclomatic: extract autoGenerateComponentFiles, provisionComponentSource - Fix cyclomatic/funlen: extract logAndWriteComponentVars, logCliVarsOverrides - Fix add-constant: add subcommandApply/Deploy/Init/Workspace, dirPermissions Test cleanup: - Remove 4 duplicate resolveExitCode tests from _pipeline_test.go - Clarify tautological cleanup test comment - Remove unused writeTestFile helper Add fix doc documenting all audit findings. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: address CodeRabbit audit pass 7 — remove duplicates, add coverage - Remove duplicate TestBuildWorkspaceSubcommandArgs_NoSubCommand2 from _pipeline_test.go - Remove tautological cleanup tests from _args_test.go (real tests in _coverage_test.go) - Remove redundant TestWarnOnConflictingEnvVars_NoConflictsNoError - Add TestAssembleComponentEnvVars_NonNilTenv (tenv != nil branch coverage) - Add TestBuildTerraformCommandArgs_Init (init switch-case dispatch) - Add comment to generateConfigFiles re: double GenerateFilesForComponent invocation - Document logTerraformContext tests as logging-only (not coverage theater) - Update fix doc with all 10 audit pass 7 items and resolutions Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: address audit pass 8 — debug-level branch coverage, final cleanup - Add TestPrintAndWriteVarFiles_DebugLogLevel_Success (item 8) - Add TestPrintAndWriteVarFiles_DebugLogLevel_CliVarsSection (item 8) - Add TestPrintAndWriteVarFiles_TraceLogLevel (item 8) - Validate item 5: storeAutoDetectedIdentity already tested in utils_auth_test.go (gomock strict controller implicitly verifies GetChain not called) - Validate item 10: generateConfigFiles comment already added in previous commit - Update fix doc with all audit pass 8 resolutions Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: address audit pass 9 — explicit identity guard test, call-site comment - Add TestStoreAutoDetectedIdentity_ExistingIdentity_NotOverwritten with explicit GetChain().Times(0) assertion (item 5) - Add double-invocation comment at generateConfigFiles call site in runPreExecutionSteps (item 10) - Update fix doc with pass 9 resolutions Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: address CodeRabbit review — error masking, empty workdir, cross-platform test - Separate provisioning errors from "component does not exist" in resolveAndProvisionComponentPath — propagate original error directly - Guard empty _workdir_path in provisionComponentSource to match prepareInitExecution behavior - Replace Unix-only "false" command with cross-platform "go run" in TestResolveExitCode_OsExecExitError - Remove warnOnConflictingEnvVars coverage theater tests (logging-only function, NotPanics assertions add no value) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: aknysh <andriy.knysh@gmail.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

… stacks Critical #1: Fail closed when --stack filter finds no matching raw manifests Critical #2: Normalize non-glob relative imports to absolute paths in buildImportGraph High #3: Use cfg.TerraformSectionName/cfg.HelmfileSectionName in L-05 High #4: Key L-02 baseVars by '<stack>/<component>' to prevent cross-stack collisions High #5: Add test for ATMOS_LINT_RULE env binding in cmd/lint High #6: Build StackNameToFileIndex in LintStacks for reliable L-08 file attribution Medium #7: Add CohesionMaxGroups to schema for configurable L-05 threshold Medium #8: Add golden test for rulesRelNorm consistency with L-07 relNorm Medium #9: Clarify L-03 depth semantics (node-count vs edge-count) in description Low #12: Add ui.Error call before returning from renderLintJSON error path Update authors.yml to fix duplicate nitrocode entry (RB, CEO @ Infralicious) Co-authored-by: nitrocode <7775707+nitrocode@users.noreply.github.com> Agent-Logs-Url: https://github.com/cloudposse/atmos/sessions/9708e2c0-9c09-48c8-a447-323fe5ad065d

aknysh added 17 commits September 7, 2020 22:35

Add CLI modules

0933d8f

Updates

2e4a9b8

Updates

44ebcfe

Updates

c648b53

Updates

e8a2b53

Updates

b245bd8

Updates

cba8f34

Updates

8ebb1f7

Updates

b98e448

Updates

94b88c6

Updates

482bcdd

Updates

21f063a

Updates

c282c4e

Updates

499bec9

Updates

258a342

Updates

089c5df

Updates

65c42ef

aknysh requested a review from osterman October 11, 2020 03:37

aknysh self-assigned this Oct 11, 2020

aknysh added 2 commits October 11, 2020 13:31

Update README

0628491

Update README

2efb6fd