fix: Resolve assume role issues and improve error handling

[aknysh]

what

• Fix panic when using !terraform.output with authentication enabled
• Fix silent/confusing errors when referenced component is missing in template functions
• Add comprehensive documentation for env template function behavior
• Document base_path behavior change as a breaking change in changelog

why

Issue #1921: Panic in !terraform.output with Authentication

When using !terraform.output with AWS SSO authentication, Atmos panicked with:

panic: authContextWrapper.GetChain should not be called

Root Cause: The authContextWrapper.GetChain() method was implemented as a panic stub, but the auth system evolution now calls this method during nested component resolution.

Fix: Changed GetChain() to return an empty slice instead of panicking. An empty chain means no inherited identity from the wrapper, so nested components use their own defaults.

Issue #1030: Missing Component Results in Silent Failure

When using template functions like atmos.Component() or !terraform.output to reference components that are removed from configuration, Atmos produced confusing errors or silent failures.

Root Cause: The ErrInvalidComponent error chain was preserved when wrapping errors from DescribeComponent. This caused the component type fallback logic (detectComponentType()) to incorrectly trigger, producing misleading "component not found as Helmfile/Packer" errors instead of clear "referenced component missing" errors.

Fix: Added WrapComponentDescribeError() helper in errors/error_funcs.go that breaks the ErrInvalidComponent chain using %v instead of %w formatting, ensuring errors about referenced components are returned immediately with clear messages.

Env Template Function Analysis (Not a Bug)

Investigated user report that env template function returns empty strings while .vars.* works correctly. Analysis confirmed this is expected behavior:

• The env function is from Sprig and calls os.Getenv()

• When an env var is NOT set, it returns empty string (standard Go behavior)

• .vars.* works because it comes from stack YAML config passed to template

• User needs to ensure env vars are set before running atmos commands

• Generated files (backend.tf.json) looking correct is from cached runs when vars WERE set

• Closes Invalid role ARN composed: Template env() values are empty when rendering assume_role #1909

Document base_path Behavior Change

A recent Atmos CLI change (v1.202.0) altered how base_path is interpreted in atmos.yaml. Previously, base_path: "" was implicitly treated as the current directory. Now it triggers git root discovery.

Impact: Users with multiple Atmos projects in a single repo, or where the Atmos project root differs from the git root, must update their configuration:

# Before (no longer works as expected)
base_path: ""

# After (explicit current directory)
base_path: "."

Fix: Added breaking change blog post to the changelog documenting:

• The behavior change and affected versions
• Who is affected (multi-project repos, non-git-root configs)
• Migration steps with examples
• Path resolution semantics table

references

closes #1030
closes #1921

Testing

1. Unit tests: All new functionality covered with tests
2. Error chain verification: Tests use assert.NotErrorIs() to verify chain is broken
3. Regression test: TestAuthContextWrapper_GetChain_NoLongerPanics prevents future panics
4. Env function tests: Document expected behavior when env vars are/aren't set

Summary by CodeRabbit

• Bug Fixes

  • Prevented incorrect error propagation when describing missing components and eliminated panics during authenticated Terraform output handling, improving error stability and clarity.

• Tests

  • Added regression tests for component error wrapping, auth-chain behavior, and template env-var rendering (populated and unset scenarios).

• Documentation

  • Added a troubleshooting guide for Terraform output issues and a blog post explaining base_path behavior changes and migration guidance.

• Diagnostics

  • Added debug logging for YAML/template function errors.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues found.

Scanned Files

None

[coderabbitai]

📝 Walkthrough

Walkthrough

Breaks ErrInvalidComponent error chains for Describe/terraform output paths, prevents a panic by making authContextWrapper.GetChain return an empty slice, and adds documentation and tests for missing-component and auth-related Terraform output failures.

Changes

Cohort / File(s)	Summary
Documentation docs/fixes/terraform-output-issues.md	New doc describing issues #1030 and #1921, root causes, fixes, and test coverage.
Terraform output executor pkg/terraform/output/executor.go, pkg/terraform/output/executor_test.go	Add wrapDescribeError and use it in GetOutput/fetchAndCacheOutputs; tests ensure ErrInvalidComponent is not propagated and ErrDescribeComponent is present.
Component template handling internal/exec/template_funcs_component.go, internal/exec/template_funcs_component_test.go	Wrap DescribeComponent errors using error helpers to break ErrInvalidComponent chains; add tests verifying chain-breaking behavior.
Auth context safety internal/exec/terraform_output_utils.go, internal/exec/terraform_output_utils_test.go	authContextWrapper.GetChain() now returns an empty slice instead of panicking; tests updated/added to assert non-panicking behavior.
YAML func logging & env template tests internal/exec/yaml_func_utils.go, internal/exec/template_env_function_test.go	Emit a debug log when YAML function processing errors occur; add tests for Sprig env function with/without env vars.
Error helpers errors/error_funcs.go	Add WrapComponentDescribeError(component, stack, err, context) to wrap Describe errors and intentionally break ErrInvalidComponent chains.

Sequence Diagram(s)

(omitted)

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• fix: Improve HCL syntax error messages and prevent masking #1866 — Related error-handling changes around DescribeComponent/terraform errors and ErrInvalidComponent propagation.
• Update atmos.Component template function for helmfile components #1217 — Modifications to componentFunc and component error propagation similar to this PR.
• Clean Terraform workspace before executing terraform init in the atmos.Component template function #775 — Prior edits to componentFunc and component-template behavior relevant to error handling.

Suggested reviewers

• osterman

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 57.14% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main changes: fixing assume role/auth issues and improving error handling for missing components.
Linked Issues check	✅ Passed	The PR fully addresses both linked issues: #1030 (missing component errors now surfaced via WrapComponentDescribeError) and #1921 (authContextWrapper.GetChain panic fixed by returning empty slice).
Out of Scope Changes check	✅ Passed	The base_path behavior change documentation and env function tests are related but somewhat peripheral to the core auth/component-error fixes; they appear to be included for completeness in addressing overall output handling issues.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch aknysh/fix-assume-role

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

internal/exec/template_funcs_component_test.go (1)

3-18: Unused import detected.

The log import on line 15 doesn't appear to be used in this test file. Consider removing it.

🔎 Proposed fix

 import (
 	"errors"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"testing"

 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"

 	errUtils "github.com/cloudposse/atmos/errors"
 	cfg "github.com/cloudposse/atmos/pkg/config"
-	log "github.com/cloudposse/atmos/pkg/logger"
 	"github.com/cloudposse/atmos/pkg/schema"
 	u "github.com/cloudposse/atmos/pkg/utils"
 )

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 80c7937 and f4ff1af.

📒 Files selected for processing (9)

• docs/fixes/terraform-output-issues.md
• internal/exec/template_env_function_test.go
• internal/exec/template_funcs_component.go
• internal/exec/template_funcs_component_test.go
• internal/exec/terraform_output_utils.go
• internal/exec/terraform_output_utils_test.go
• internal/exec/yaml_func_utils.go
• pkg/terraform/output/executor.go
• pkg/terraform/output/executor_test.go

🧰 Additional context used

📓 Path-based instructions (3)

**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*.go: Use Viper for managing configuration, environment variables, and flags in CLI commands
Use interfaces for external dependencies to facilitate mocking and consider using testify/mock for creating mock implementations
All code must pass golangci-lint checks
Follow Go's error handling idioms: use meaningful error messages, wrap errors with context using fmt.Errorf("context: %w", err), and consider using custom error types for domain-specific errors
Follow standard Go coding style: use gofmt and goimports to format code, prefer short descriptive variable names, use kebab-case for command-line flags, and snake_case for environment variables
Document all exported functions, types, and methods following Go's documentation conventions
Document complex logic with inline comments in Go code
Support configuration via files, environment variables, and flags following the precedence order: flags > environment variables > config file > defaults
Provide clear error messages to users, include troubleshooting hints when appropriate, and log detailed errors for debugging

**/*.go: All comments must end with periods (enforced by godot linter) in Go code
Organize imports into three groups separated by blank lines, sorted alphabetically: Go stdlib, 3rd-party (NOT cloudposse/atmos), then Atmos packages with maintained aliases (cfg, log, u, errUtils)
All errors MUST be wrapped using static errors defined in errors/errors.go - use errors.Join for combining errors, fmt.Errorf with %w for context, and errors.Is() for error checking
Never manually create mocks - use go.uber.org/mock/mockgen with //go:generate directives in Go code
Keep files small and focused - under 600 lines with one cmd/impl per file, co-locate tests, never use //revive:disable:file-length-limit
Use colors from pkg/ui/theme/colors.go for all UI theming in Go code
Code must be compatible with Linux, macOS, and Windows - use SDKs over binaries, use filepath.Join() instead of h...

Files:

• internal/exec/terraform_output_utils_test.go
• internal/exec/template_funcs_component.go
• internal/exec/terraform_output_utils.go
• pkg/terraform/output/executor_test.go
• pkg/terraform/output/executor.go
• internal/exec/yaml_func_utils.go
• internal/exec/template_env_function_test.go
• internal/exec/template_funcs_component_test.go

**/*_test.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*_test.go: Every new feature must include comprehensive unit tests targeting >80% code coverage for all packages
Use table-driven tests for testing multiple scenarios in Go
Include integration tests for command flows and test CLI end-to-end when possible with test fixtures

Prefer unit tests with mocks over integration tests - use interfaces and dependency injection for testability, generate mocks with go.uber.org/mock/mockgen, use table-driven tests, target >80% coverage

Files:

• internal/exec/terraform_output_utils_test.go
• pkg/terraform/output/executor_test.go
• internal/exec/template_env_function_test.go
• internal/exec/template_funcs_component_test.go

**/{pkg,internal,cmd}/**/*.go

📄 CodeRabbit inference engine (CLAUDE.md)

Add defer perf.Track(atmosConfig, "pkg.FuncName")() plus blank line to all public functions, using nil if no atmosConfig param - exceptions: trivial getters/setters, command constructors, simple factories, functions delegating to tracked functions

Files:

• internal/exec/terraform_output_utils_test.go
• internal/exec/template_funcs_component.go
• internal/exec/terraform_output_utils.go
• pkg/terraform/output/executor_test.go
• pkg/terraform/output/executor.go
• internal/exec/yaml_func_utils.go
• internal/exec/template_env_function_test.go
• internal/exec/template_funcs_component_test.go

🧠 Learnings (58)

📓 Common learnings

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: errors/errors.go:184-203
Timestamp: 2025-12-13T06:10:13.688Z
Learning: cloudposse/atmos: For toolchain work, duplicate/unused error sentinels in errors/errors.go should be cleaned up in a separate refactor PR and not block feature PRs; canonical toolchain sentinels live under toolchain/registry with re-exports in toolchain/errors.go.

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1185
File: internal/exec/yaml_func_store.go:71-72
Timestamp: 2025-04-04T02:03:21.906Z
Learning: The codebase currently uses `log.Fatal` for error handling in library functions, which terminates the program. There is a plan to refactor this approach in a separate PR to improve API design by returning error messages instead of terminating execution.

📚 Learning: 2025-12-21T04:10:29.030Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1891
File: internal/exec/describe_affected.go:468-468
Timestamp: 2025-12-21T04:10:29.030Z
Learning: In Go, package-level declarations (constants, variables, types, and functions) are visible to all files in the same package without imports. During reviews in cloudposse/atmos (and similar Go codebases), before suggesting to declare a new identifier, first check if it already exists in another file of the same package. If it exists, you can avoid adding a new declaration; if not, proceed with a proper package-level declaration. 

Applied to files:

• internal/exec/terraform_output_utils_test.go
• internal/exec/template_funcs_component.go
• internal/exec/terraform_output_utils.go
• pkg/terraform/output/executor_test.go
• pkg/terraform/output/executor.go
• internal/exec/yaml_func_utils.go
• internal/exec/template_env_function_test.go
• internal/exec/template_funcs_component_test.go

📚 Learning: 2025-03-18T12:26:25.329Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 1149
File: tests/snapshots/TestCLICommands_atmos_vendor_pull_ssh.stderr.golden:7-7
Timestamp: 2025-03-18T12:26:25.329Z
Learning: In the Atmos project, typos or inconsistencies in test snapshot files (such as "terrafrom" instead of "terraform") may be intentional as they capture the exact output of commands and should not be flagged as issues requiring correction.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2024-12-03T03:49:30.395Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 810
File: website/docs/core-concepts/stacks/yaml-functions/terraform.output.mdx:104-110
Timestamp: 2024-12-03T03:49:30.395Z
Learning: In the documentation for `!terraform.output`, warnings about template variable availability are already covered in other sections, so no need to suggest adding them here.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-12-13T06:07:37.766Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: docs/prd/tool-dependencies-integration.md:58-64
Timestamp: 2025-12-13T06:07:37.766Z
Learning: cloudposse/atmos: For PRD docs (docs/prd/*.md), markdownlint issues like MD040/MD010/MD034 can be handled in a separate documentation cleanup commit and should not block the current PR.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-10-10T23:51:36.597Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1599
File: internal/exec/terraform.go:394-402
Timestamp: 2025-10-10T23:51:36.597Z
Learning: In Atmos (internal/exec/terraform.go), when adding OpenTofu-specific flags like `--var-file` for `init`, do not gate them based on command name (e.g., checking if `info.Command == "tofu"` or `info.Command == "opentofu"`) because command names don't reliably indicate the actual binary being executed (symlinks, aliases). Instead, document the OpenTofu requirement in code comments and documentation, trusting users who enable the feature (e.g., `PassVars`) to ensure their terraform command points to an OpenTofu binary.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-01-25T03:51:57.689Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 934
File: tests/fixtures/scenarios/docs-generate/README.md.gotmpl:99-118
Timestamp: 2025-01-25T03:51:57.689Z
Learning: For the cloudposse/atmos repository, changes to template contents should be handled in dedicated PRs and are typically considered out of scope for PRs focused on other objectives.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2024-12-03T04:01:16.446Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 810
File: website/docs/core-concepts/stacks/yaml-functions/terraform.output.mdx:0-0
Timestamp: 2024-12-03T04:01:16.446Z
Learning: In the `terraform.output.mdx` documentation file (`website/docs/core-concepts/stacks/yaml-functions/terraform.output.mdx`), the cache invalidation and cache scope behavior for the `!terraform.output` function are already described.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-12-24T04:29:23.938Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1891
File: pkg/ci/terraform/templates/apply.md:17-17
Timestamp: 2025-12-24T04:29:23.938Z
Learning: In the cloudposse/atmos repository, Terraform CI templates (pkg/ci/terraform/templates/*.md) are rendered using TerraformTemplateContext (defined in pkg/ci/terraform/context.go), not the base ci.TemplateContext. TerraformTemplateContext provides top-level fields: .Resources (ci.ResourceCounts), .HasChanges() method, and .HasDestroy field, which are correctly accessed directly in templates without a .Result prefix.

Applied to files:

• docs/fixes/terraform-output-issues.md
• internal/exec/template_env_function_test.go

📚 Learning: 2024-12-01T00:33:20.298Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 810
File: examples/tests/stacks/catalog/terraform/template-functions-test2/defaults.yaml:28-32
Timestamp: 2024-12-01T00:33:20.298Z
Learning: In `examples/tests/stacks/catalog/terraform/template-functions-test2/defaults.yaml`, `!exec atmos terraform output` is used in examples to demonstrate its usage, even though `!terraform.output` is the recommended approach according to the documentation.

Applied to files:

• docs/fixes/terraform-output-issues.md
• internal/exec/template_env_function_test.go

📚 Learning: 2025-09-30T19:03:50.738Z

Learnt from: Cerebrovinny
Repo: cloudposse/atmos PR: 1560
File: pkg/utils/string_utils.go:43-64
Timestamp: 2025-09-30T19:03:50.738Z
Learning: In the Atmos codebase, YAML tags like !terraform.output rely on positional arguments, so the SplitStringByDelimiter function in pkg/utils/string_utils.go must preserve empty strings (even after trimming quotes) to maintain the correct number of positional arguments. Filtering out empty values after trimming would collapse the array and break these function calls.

Applied to files:

• docs/fixes/terraform-output-issues.md
• internal/exec/yaml_func_utils.go

📚 Learning: 2025-06-23T02:14:30.937Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1327
File: cmd/terraform.go:111-117
Timestamp: 2025-06-23T02:14:30.937Z
Learning: In cmd/terraform.go, flags for the DescribeAffected function are added dynamically at runtime when info.Affected is true. This is intentional to avoid exposing internal flags like "file", "format", "verbose", "include-spacelift-admin-stacks", "include-settings", and "upload" in the terraform command interface, while still providing them for the shared DescribeAffected function used by both `atmos describe affected` and `atmos terraform apply --affected`.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-01-17T00:18:57.769Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 944
File: go.mod:206-206
Timestamp: 2025-01-17T00:18:57.769Z
Learning: For indirect dependencies with license compliance issues in the cloudposse/atmos repository, the team prefers to handle them in follow-up PRs rather than blocking the current changes, as these issues often require deeper investigation of the dependency tree.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2024-11-22T12:38:33.132Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 768
File: internal/exec/vendor_utils.go:496-513
Timestamp: 2024-11-22T12:38:33.132Z
Learning: In the Atmos project, continue to flag path traversal issues in code reviews but acknowledge when they are expected and acceptable in specific cases.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-04-04T02:03:23.676Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1185
File: internal/exec/yaml_func_store.go:26-26
Timestamp: 2025-04-04T02:03:23.676Z
Learning: The Atmos codebase currently uses `log.Fatal` for error handling in multiple places. The maintainers are aware this isn't an ideal pattern (should only be used in main() or init() functions) and plan to address it comprehensively in a separate PR. CodeRabbit should not flag these issues or push for immediate changes until that refactoring is complete.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2024-10-23T21:36:40.262Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 740
File: cmd/cmd_utils.go:340-359
Timestamp: 2024-10-23T21:36:40.262Z
Learning: In the Go codebase for Atmos, when reviewing functions like `checkAtmosConfig` in `cmd/cmd_utils.go`, avoid suggesting refactoring to return errors instead of calling `os.Exit` if such changes would significantly increase the scope due to the need to update multiple call sites.

Applied to files:

• docs/fixes/terraform-output-issues.md
• internal/exec/template_funcs_component.go
• internal/exec/template_funcs_component_test.go

📚 Learning: 2025-12-13T06:10:13.688Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: errors/errors.go:184-203
Timestamp: 2025-12-13T06:10:13.688Z
Learning: cloudposse/atmos: For toolchain work, duplicate/unused error sentinels in errors/errors.go should be cleaned up in a separate refactor PR and not block feature PRs; canonical toolchain sentinels live under toolchain/registry with re-exports in toolchain/errors.go.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2024-12-03T05:18:49.169Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 810
File: internal/exec/terraform_utils.go:40-213
Timestamp: 2024-12-03T05:18:49.169Z
Learning: In the context of the Atmos project, it's acceptable for functions like `execTerraformOutput` to remain as single functions if they perform a single purpose, such as retrieving Terraform outputs for a component in a stack, even if the function is lengthy.

Applied to files:

• docs/fixes/terraform-output-issues.md
• internal/exec/template_funcs_component.go

📚 Learning: 2024-11-12T03:16:02.910Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 775
File: internal/exec/template_funcs_component.go:157-159
Timestamp: 2024-11-12T03:16:02.910Z
Learning: In the Go code for `componentFunc` in `internal/exec/template_funcs_component.go`, the function `cleanTerraformWorkspace` does not return errors, and it's acceptable if the file does not exist. Therefore, error handling for `cleanTerraformWorkspace` is not needed.

Applied to files:

• internal/exec/template_funcs_component.go
• pkg/terraform/output/executor.go
• internal/exec/template_env_function_test.go
• internal/exec/template_funcs_component_test.go

📚 Learning: 2025-09-29T02:20:11.636Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1540
File: internal/exec/validate_component.go:117-118
Timestamp: 2025-09-29T02:20:11.636Z
Learning: The ValidateComponent function in internal/exec/validate_component.go had its componentSection parameter type refined from `any` to `map[string]any` without adding new parameters. This is a type safety improvement, not a signature change requiring call site updates.

Applied to files:

• internal/exec/template_funcs_component.go
• internal/exec/template_funcs_component_test.go

📚 Learning: 2026-01-04T00:55:21.698Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-01-04T00:55:21.698Z
Learning: Applies to **/{pkg,internal,cmd}/**/*.go : Add `defer perf.Track(atmosConfig, "pkg.FuncName")()` plus blank line to all public functions, using `nil` if no atmosConfig param - exceptions: trivial getters/setters, command constructors, simple factories, functions delegating to tracked functions

Applied to files:

• internal/exec/template_funcs_component.go
• internal/exec/yaml_func_utils.go
• internal/exec/template_env_function_test.go

📚 Learning: 2025-06-02T14:12:02.710Z

Learnt from: milldr
Repo: cloudposse/atmos PR: 1229
File: internal/exec/workflow_test.go:0-0
Timestamp: 2025-06-02T14:12:02.710Z
Learning: In the atmos codebase, workflow error handling was refactored to use `PrintErrorMarkdown` followed by returning specific error variables (like `ErrWorkflowNoSteps`, `ErrInvalidFromStep`, `ErrInvalidWorkflowStepType`, `ErrWorkflowStepFailed`) instead of `PrintErrorMarkdownAndExit`. This pattern allows proper error testing without the function terminating the process with `os.Exit`, enabling unit tests to assert on error conditions while maintaining excellent user-facing error formatting.

Applied to files:

• internal/exec/template_funcs_component.go
• pkg/terraform/output/executor_test.go
• internal/exec/template_funcs_component_test.go

📚 Learning: 2024-11-13T21:37:07.852Z

Learnt from: Cerebrovinny
Repo: cloudposse/atmos PR: 764
File: internal/exec/describe_stacks.go:289-295
Timestamp: 2024-11-13T21:37:07.852Z
Learning: In the `internal/exec/describe_stacks.go` file of the `atmos` project written in Go, avoid extracting the stack name handling logic into a helper function within the `ExecuteDescribeStacks` method, even if the logic appears duplicated.

Applied to files:

• internal/exec/template_funcs_component.go

📚 Learning: 2024-12-07T16:16:13.038Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 825
File: internal/exec/helmfile_generate_varfile.go:28-31
Timestamp: 2024-12-07T16:16:13.038Z
Learning: In `internal/exec/helmfile_generate_varfile.go`, the `--help` command (`./atmos helmfile generate varfile --help`) works correctly without requiring stack configurations, and the only change needed was to make `ProcessCommandLineArgs` exportable by capitalizing its name.

Applied to files:

• internal/exec/template_funcs_component.go

📚 Learning: 2025-06-02T14:12:02.710Z

Learnt from: milldr
Repo: cloudposse/atmos PR: 1229
File: internal/exec/workflow_test.go:0-0
Timestamp: 2025-06-02T14:12:02.710Z
Learning: In the atmos codebase, workflow error handling was refactored to use `PrintErrorMarkdown` followed by returning the error instead of `PrintErrorMarkdownAndExit`. This pattern allows proper error testing without the function terminating the process with `os.Exit`, enabling unit tests to assert on error conditions.

Applied to files:

• internal/exec/template_funcs_component.go

📚 Learning: 2025-09-13T18:06:07.674Z

Learnt from: samtholiya
Repo: cloudposse/atmos PR: 1466
File: toolchain/list.go:39-42
Timestamp: 2025-09-13T18:06:07.674Z
Learning: In the cloudposse/atmos repository, for UI messages in the toolchain package, use utils.PrintfMessageToTUI instead of log.Error or fmt.Fprintln(os.Stderr, ...). Import pkg/utils with alias "u" to follow the established pattern.

Applied to files:

• internal/exec/template_funcs_component.go
• internal/exec/yaml_func_utils.go
• internal/exec/template_funcs_component_test.go

📚 Learning: 2024-12-05T22:33:40.955Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 820
File: cmd/list_components.go:53-54
Timestamp: 2024-12-05T22:33:40.955Z
Learning: In the Atmos CLI Go codebase, using `u.LogErrorAndExit` within completion functions is acceptable because it logs the error and exits the command execution.

Applied to files:

• internal/exec/template_funcs_component.go
• internal/exec/template_funcs_component_test.go

📚 Learning: 2024-12-11T18:40:12.808Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 844
File: cmd/helmfile.go:37-37
Timestamp: 2024-12-11T18:40:12.808Z
Learning: In the atmos project, `cliConfig` is initialized within the `cmd` package in `root.go` and can be used in other command files.

Applied to files:

• internal/exec/template_funcs_component.go

📚 Learning: 2024-12-05T22:33:54.807Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 820
File: cmd/list_stacks.go:55-56
Timestamp: 2024-12-05T22:33:54.807Z
Learning: In the atmos project, the `u.LogErrorAndExit` function logs the error and exits the command execution appropriately within flag completion functions.

Applied to files:

• internal/exec/template_funcs_component.go

📚 Learning: 2025-11-08T19:56:18.660Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1697
File: internal/exec/oci_utils.go:0-0
Timestamp: 2025-11-08T19:56:18.660Z
Learning: In the Atmos codebase, when a function receives an `*schema.AtmosConfiguration` parameter, it should read configuration values from `atmosConfig.Settings` fields rather than using direct `os.Getenv()` or `viper.GetString()` calls. The Atmos pattern is: viper.BindEnv in cmd/root.go binds environment variables → Viper unmarshals into atmosConfig.Settings via mapstructure → business logic reads from the Settings struct. This provides centralized config management, respects precedence, and enables testability. Example: `atmosConfig.Settings.AtmosGithubToken` instead of `os.Getenv("ATMOS_GITHUB_TOKEN")` in functions like `getGHCRAuth` in internal/exec/oci_utils.go.

Applied to files:

• internal/exec/template_funcs_component.go
• internal/exec/template_env_function_test.go
• internal/exec/template_funcs_component_test.go

📚 Learning: 2025-12-13T04:37:25.223Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: cmd/root.go:0-0
Timestamp: 2025-12-13T04:37:25.223Z
Learning: In Atmos cmd/root.go Execute(), after cfg.InitCliConfig, we must call both toolchainCmd.SetAtmosConfig(&atmosConfig) and toolchain.SetAtmosConfig(&atmosConfig) so the CLI wrapper and the toolchain package receive configuration; missing either can cause nil-pointer panics in toolchain path resolution.

Applied to files:

• internal/exec/template_funcs_component.go

📚 Learning: 2024-12-03T05:29:07.718Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 810
File: internal/exec/terraform_utils.go:145-146
Timestamp: 2024-12-03T05:29:07.718Z
Learning: In the Atmos project, a 5-minute timeout in the `execTerraformOutput` function is acceptable for retrieving `terraform output` for a component in a stack.

Applied to files:

• internal/exec/template_funcs_component.go

📚 Learning: 2025-04-26T15:54:10.506Z

Learnt from: haitham911
Repo: cloudposse/atmos PR: 1195
File: internal/exec/terraform_clean.go:99-99
Timestamp: 2025-04-26T15:54:10.506Z
Learning: The error variable `ErrRelPath` is defined in `internal/exec/terraform_clean_util.go` and is used across files in the `exec` package, including in `terraform_clean.go`. This is part of an approach to standardize error handling in the codebase.

Applied to files:

• pkg/terraform/output/executor.go

📚 Learning: 2025-11-24T17:35:37.209Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: .cursor/rules/atmos-rules.mdc:0-0
Timestamp: 2025-11-24T17:35:37.209Z
Learning: Applies to **/*.go : Follow Go's error handling idioms: use meaningful error messages, wrap errors with context using `fmt.Errorf("context: %w", err)`, and consider using custom error types for domain-specific errors

Applied to files:

• pkg/terraform/output/executor.go

📚 Learning: 2026-01-04T00:55:21.698Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-01-04T00:55:21.698Z
Learning: Applies to **/*.go : All errors MUST be wrapped using static errors defined in `errors/errors.go` - use `errors.Join` for combining errors, `fmt.Errorf` with `%w` for context, and `errors.Is()` for error checking

Applied to files:

• pkg/terraform/output/executor.go

📚 Learning: 2025-02-21T20:56:05.539Z

Learnt from: samtholiya
Repo: cloudposse/atmos PR: 1077
File: pkg/downloader/custom_github_detector.go:0-0
Timestamp: 2025-02-21T20:56:05.539Z
Learning: The `github.com/charmbracelet/log` package should be imported with the alias `log` according to the project's import alias configuration.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2024-11-19T23:00:45.899Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 795
File: internal/exec/stack_processor_utils.go:378-386
Timestamp: 2024-11-19T23:00:45.899Z
Learning: In the `ProcessYAMLConfigFile` function within `internal/exec/stack_processor_utils.go`, directory traversal in stack imports is acceptable and should not be restricted.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-02-21T20:56:20.761Z

Learnt from: samtholiya
Repo: cloudposse/atmos PR: 1077
File: pkg/downloader/custom_github_detector_test.go:0-0
Timestamp: 2025-02-21T20:56:20.761Z
Learning: The `github.com/charmbracelet/log` package should be imported with the alias `log`, not `clog`.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-01-25T04:01:58.095Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 934
File: internal/exec/docs_generate.go:98-101
Timestamp: 2025-01-25T04:01:58.095Z
Learning: In the `generateSingleReadme` function of the docs generation feature (internal/exec/docs_generate.go), errors from `fetchAndParseYAML` should be logged and skipped rather than causing early returns. This is by design to process all inputs and collect all errors, instead of failing fast on the first error.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-11-09T19:06:58.470Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1752
File: pkg/profile/list/formatter_table.go:27-29
Timestamp: 2025-11-09T19:06:58.470Z
Learning: In the cloudposse/atmos repository, performance tracking with `defer perf.Track()` is enforced on all functions via linting, including high-frequency utility functions, formatters, and renderers. This is a repository-wide policy to maintain consistency and avoid making case-by-case judgment calls about which functions should have profiling.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-02-06T13:38:07.216Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 984
File: internal/exec/copy_glob.go:0-0
Timestamp: 2025-02-06T13:38:07.216Z
Learning: The `u.LogTrace` function in the `cloudposse/atmos` repository accepts `atmosConfig` as its first parameter, followed by the message string.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-07-05T20:59:02.914Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1363
File: internal/exec/template_utils.go:18-18
Timestamp: 2025-07-05T20:59:02.914Z
Learning: In the Atmos project, gomplate v4 is imported with a blank import (`_ "github.com/hairyhenderson/gomplate/v4"`) alongside v3 imports to resolve AWS SDK version conflicts. V3 uses older AWS SDK versions that conflict with newer AWS modules used by Atmos. A full migration to v4 requires extensive refactoring due to API changes and should be handled in a separate PR.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2024-10-28T01:51:30.811Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 727
File: internal/exec/terraform_clean.go:329-332
Timestamp: 2024-10-28T01:51:30.811Z
Learning: In the Atmos Go code, when deleting directories or handling file paths (e.g., in `terraform_clean.go`), always resolve the absolute path using `filepath.Abs` and use the logger `u.LogWarning` for logging messages instead of using `fmt.Printf`.

Applied to files:

• internal/exec/yaml_func_utils.go
• internal/exec/template_funcs_component_test.go

📚 Learning: 2026-01-04T00:55:21.698Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-01-04T00:55:21.698Z
Learning: Applies to **/*.go : Organize imports into three groups separated by blank lines, sorted alphabetically: Go stdlib, 3rd-party (NOT cloudposse/atmos), then Atmos packages with maintained aliases (`cfg`, `log`, `u`, `errUtils`)

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-11-30T04:16:24.155Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1821
File: pkg/merge/deferred.go:34-48
Timestamp: 2025-11-30T04:16:24.155Z
Learning: In the cloudposse/atmos repository, the `defer perf.Track()` guideline applies to functions that perform meaningful work (I/O, computation, external calls), but explicitly excludes trivial accessors/mutators (e.g., simple getters, setters with single integer increments, string joins, or map appends) where the tracking overhead would exceed the actual method cost and provide no actionable performance data. Hot-path methods called in tight loops should especially avoid perf.Track() if they perform only trivial operations.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2024-12-17T07:08:41.288Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 863
File: internal/exec/yaml_func_terraform_output.go:34-38
Timestamp: 2024-12-17T07:08:41.288Z
Learning: In the `processTagTerraformOutput` function within `internal/exec/yaml_func_terraform_output.go`, parameters are separated by spaces and do not contain spaces. Therefore, using `strings.Fields()` for parsing is acceptable, and there's no need to handle parameters with spaces.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2024-11-30T22:07:08.610Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 810
File: internal/exec/yaml_func_terraform_output.go:35-40
Timestamp: 2024-11-30T22:07:08.610Z
Learning: In the Go function `processTagTerraformOutput` in `internal/exec/yaml_func_terraform_output.go`, parameters cannot contain spaces. The code splits the input by spaces, and if the parameters contain spaces, `len(parts) != 3` will fail and show an error to the user.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-04-24T01:40:13.576Z

Learnt from: haitham911
Repo: cloudposse/atmos PR: 1202
File: pkg/config/process_yaml.go:0-0
Timestamp: 2025-04-24T01:40:13.576Z
Learning: When processing YAML nodes with custom directives in Go using gopkg.in/yaml.v3, setting node.Tag = "" is sufficient to prevent re-processing of the node. It's not necessary to also clear node.Value after updating the configuration store (e.g., Viper), as the original value doesn't affect subsequent operations once the tag is removed.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-01-25T03:49:03.951Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 934
File: internal/exec/template_utils.go:268-271
Timestamp: 2025-01-25T03:49:03.951Z
Learning: The `ProcessTmplWithDatasourcesGomplate` function in `internal/exec/template_utils.go` is used for documentation generation purposes, where simple environment variable handling is acceptable and thread-safety concerns are not critical.

Applied to files:

• internal/exec/template_env_function_test.go

📚 Learning: 2026-01-04T00:55:21.698Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-01-04T00:55:21.698Z
Learning: New config templates support Go templating with `FuncMap()` from `internal/exec/template_funcs.go`

Applied to files:

• internal/exec/template_env_function_test.go

📚 Learning: 2025-12-13T06:10:25.156Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: internal/exec/workflow_utils.go:0-0
Timestamp: 2025-12-13T06:10:25.156Z
Learning: Atmos workflows: In internal/exec/workflow_utils.go ExecuteWorkflow, non-identity steps intentionally use baseWorkflowEnv, which is constructed from the parent environment with PATH modifications for the toolchain. Avoid appending os.Environ() again; prefer documenting this behavior and testing that standard environment variables are preserved.

Applied to files:

• internal/exec/template_env_function_test.go

📚 Learning: 2025-11-11T03:47:59.576Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: toolchain/which_test.go:166-223
Timestamp: 2025-11-11T03:47:59.576Z
Learning: In the cloudposse/atmos repo, tests that manipulate environment variables should use testing.T.Setenv for automatic setup/teardown instead of os.Setenv/Unsetenv.

Applied to files:

• internal/exec/template_env_function_test.go
• internal/exec/template_funcs_component_test.go

📚 Learning: 2025-11-11T03:47:45.878Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: toolchain/add_test.go:67-77
Timestamp: 2025-11-11T03:47:45.878Z
Learning: In the cloudposse/atmos codebase, tests should prefer t.Setenv for environment variable setup/teardown instead of os.Setenv/Unsetenv to ensure test-scoped isolation.

Applied to files:

• internal/exec/template_env_function_test.go

📚 Learning: 2024-11-02T15:35:09.958Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 759
File: internal/exec/terraform.go:366-368
Timestamp: 2024-11-02T15:35:09.958Z
Learning: In `internal/exec/terraform.go`, the workspace cleaning code under both the general execution path and within the `case "init":` block is intentionally duplicated because the code execution paths are different. The `.terraform/environment` file should be deleted before executing `terraform init` in both scenarios to ensure a clean state.

Applied to files:

• internal/exec/template_env_function_test.go

📚 Learning: 2025-08-15T14:43:41.030Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1352
File: pkg/store/artifactory_store_test.go:108-113
Timestamp: 2025-08-15T14:43:41.030Z
Learning: In test files for the atmos project, it's acceptable to ignore errors from os.Setenv/Unsetenv operations during test environment setup and teardown, as these are controlled test scenarios.

Applied to files:

• internal/exec/template_env_function_test.go
• internal/exec/template_funcs_component_test.go

📚 Learning: 2025-11-24T17:35:37.209Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: .cursor/rules/atmos-rules.mdc:0-0
Timestamp: 2025-11-24T17:35:37.209Z
Learning: Applies to **/*_test.go : Include integration tests for command flows and test CLI end-to-end when possible with test fixtures

Applied to files:

• internal/exec/template_funcs_component_test.go

📚 Learning: 2025-04-11T22:06:46.999Z

Learnt from: samtholiya
Repo: cloudposse/atmos PR: 1147
File: internal/exec/validate_schema.go:42-57
Timestamp: 2025-04-11T22:06:46.999Z
Learning: The "ExecuteAtmosValidateSchemaCmd" function in internal/exec/validate_schema.go has been reviewed and confirmed to have acceptable cognitive complexity despite static analysis warnings. The function uses a clean structure with only three if statements for error handling and delegates complex operations to helper methods.

Applied to files:

• internal/exec/template_funcs_component_test.go

📚 Learning: 2025-08-16T23:32:40.412Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1405
File: internal/exec/describe_dependents_test.go:455-456
Timestamp: 2025-08-16T23:32:40.412Z
Learning: In the cloudposse/atmos Go codebase, `InitCliConfig` returns a `schema.AtmosConfiguration` value (not a pointer), while `ExecuteDescribeDependents` expects a `*schema.AtmosConfiguration` pointer parameter. Therefore, when passing the result of `InitCliConfig` to `ExecuteDescribeDependents`, use `&atmosConfig` to pass the address of the value.

Applied to files:

• internal/exec/template_funcs_component_test.go

🧬 Code graph analysis (5)

internal/exec/terraform_output_utils_test.go (1)

pkg/schema/schema.go (2)

• AuthContext (663-673)
• AWSAuthContext (677-692)

pkg/terraform/output/executor_test.go (2)

errors/errors.go (3)

• ErrInvalidComponent (271-271)
• ErrTerraformStateNotProvisioned (111-111)
• ErrDescribeComponent (105-105)

cmd/cmd_utils.go (1)

• Contains (1303-1310)

pkg/terraform/output/executor.go (1)

errors/errors.go (2)

• ErrInvalidComponent (271-271)
• ErrDescribeComponent (105-105)

internal/exec/yaml_func_utils.go (1)

pkg/logger/log.go (1)

• Debug (24-26)

internal/exec/template_funcs_component_test.go (1)

errors/errors.go (2)

• ErrInvalidComponent (271-271)
• ErrDescribeComponent (105-105)

🪛 LanguageTool

docs/fixes/terraform-output-issues.md

[typographical] ~85-~85: To join two clauses or introduce examples, consider using an em dash.
Context: .../terraform/output/executor.go| ✅ Fixed - addedwrapDescribeError()| |!terraf...

(DASH_RULE)

---

[typographical] ~86-~86: To join two clauses or introduce examples, consider using an em dash.
Context: ...form_state_utils.go| ✅ Already correct - uses%vinstead of%w| |atmos.Com...

(DASH_RULE)

---

[typographical] ~87-~87: To join two clauses or introduce examples, consider using an em dash.
Context: ...c/template_funcs_component.go| ✅ Fixed - addedwrapComponentFuncError()` | ####...

(DASH_RULE)

---

[grammar] ~165-~165: Please add a punctuation mark at the end of paragraph.
Context: ...compatible) - Errors properly propagate up The issue was that the **component typ...

(PUNCTUATION_PARAGRAPH_END)

---

[grammar] ~175-~175: Ensure spelling is correct
Context: ...dposse/atmos/issues/1921 Reporter: leoagueci Status: Complete ### Problem Statemen...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

---

[style] ~200-~200: Since ownership is already implied, this phrasing may be redundant.
Context: ...omponent. When a nested component has its own auth configuration with a default: tru...

(PRP_OWN)

---

[style] ~248-~248: Since ownership is already implied, this phrasing may be redundant.
Context: ...apper, so the nested component will use its own default identity configuration. This is...

(PRP_OWN)

🪛 markdownlint-cli2 (0.18.1)

docs/fixes/terraform-output-issues.md

7-7: Bare URL used

(MD034, no-bare-urls)

---

60-60: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

173-173: Bare URL used

(MD034, no-bare-urls)

---

183-183: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

216-216: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

273-273: Bare URL used

(MD034, no-bare-urls)

⏰ Context from checks skipped due to timeout of 900000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Acceptance Tests (linux)
• GitHub Check: Acceptance Tests (windows)
• GitHub Check: Acceptance Tests (macos)
• GitHub Check: Summary

🔇 Additional comments (16)

internal/exec/yaml_func_utils.go (2)

7-7: LGTM - Import follows conventions.

The logger import with alias log follows the project's import conventions.

---

77-81: Good addition for debugging YAML function failures.

The debug logging provides useful context (value, stack, error) when YAML function processing fails. This will help troubleshoot issues like the ones described in #1030 and #1921.

docs/fixes/terraform-output-issues.md (1)

1-295: Excellent technical documentation.

This documentation is comprehensive and well-structured, covering:

• Clear problem statements for both issues
• Detailed root cause analysis with code examples
• Solution design with implementation details
• Files modified and testing approach

The technical depth is appropriate and will help future maintainers understand the context of these fixes.

Note: Static analysis flagged some markdown linting issues (bare URLs, missing code block language specifiers). Based on project learnings, these can be addressed in a separate documentation cleanup PR and shouldn't block this fix.

internal/exec/terraform_output_utils.go (1)

75-83: Clean fix for the panic issue (#1921).

Returning an empty slice instead of panicking is the correct behavior. When resolveAuthManagerForNestedComponent calls GetChain(), an empty slice indicates no inherited identity, allowing the component to use its own defaults. The comment clearly explains this.

internal/exec/terraform_output_utils_test.go (2)

74-96: Solid regression test for issue #1921.

The test properly validates that GetChain() no longer panics and returns an empty slice as expected. The comment clearly documents the regression scenario and the fix.

---

139-143: Good update to reflect behavioral change.

Updating the panic test to expect an empty slice for GetChain() correctly reflects the fix. The comment explains why this method behaves differently from the others.

pkg/terraform/output/executor_test.go (1)

661-728: Excellent regression test for error chain breaking (#1030).

This table-driven test comprehensively validates the wrapDescribeError behavior:

• Verifies ErrInvalidComponent chain is properly broken to prevent component type fallback
• Confirms other errors preserve their chains
• Uses assert.NotErrorIs to explicitly verify chain breaking

The test scenarios cover the key cases mentioned in the documentation.

internal/exec/template_funcs_component_test.go (1)

96-156: Solid regression test for issue #1030.

Good table-driven structure covering the key scenarios:

1. Direct ErrInvalidComponent chain breaking
2. Wrapped ErrInvalidComponent chain breaking
3. Non-ErrInvalidComponent error passthrough

The use of assert.NotErrorIs to verify chain-breaking is the right approach.

internal/exec/template_funcs_component.go (3)

21-32: Clean chain-breaking implementation.

Using err.Error() with %s instead of %w effectively breaks the error chain while preserving the message. This prevents errors.Is(result, ErrInvalidComponent) from returning true downstream.

The asymmetry is intentional - ErrInvalidComponent gets special handling to prevent component-type fallback, while other errors preserve their chain.

---

76-78: Proper error wrapping for component description failures.

This addresses the core issue where ErrInvalidComponent was triggering component-type fallback behavior. Good fix.

---

97-100: Consistent error context for terraform output failures.

Using %w here preserves the full error chain from ExecuteWithSections, which is appropriate since the component has already been described successfully at this point.

pkg/terraform/output/executor.go (3)

37-51: Parallel chain-breaking pattern to wrapComponentFuncError.

Mirrors the approach in internal/exec/template_funcs_component.go. Both helpers serve the same purpose but live in different packages - this isn't duplication, it's necessary separation.

The slight message format difference ("component 'x' in stack 'y'" vs "atmos.Component(x, y)") makes sense for the respective contexts.

---

267-270: Correct error wrapping in GetOutput.

Addresses the chain-breaking requirement for YAML function processing (!terraform.output) when referencing missing components.

---

341-344: Consistent error handling in fetchAndCacheOutputs.

Same chain-breaking pattern applied. Good consistency across both code paths that call DescribeComponent.

internal/exec/template_env_function_test.go (2)

12-81: Good documentation test for Sprig env behavior.

Uses t.Setenv correctly per guidelines. The detailed doc comments serve as living documentation for the expected behavior.

---

83-155: Valuable documentation test.

This effectively documents the "empty string on unset" behavior. The extensive comments will help during issue triage when users report similar concerns.

Consider adding a note about requiredEnv as an alternative if strict validation is needed - but that's optional.

[codecov]

Codecov Report

❌ Patch coverage is 88.23529% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 74.00%. Comparing base (80c7937) to head (29bc0d5).
⚠️ Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
internal/exec/template_funcs_component.go	50.00%	1 Missing ⚠️
pkg/terraform/output/executor.go	75.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1938      +/-   ##
==========================================
+ Coverage   73.99%   74.00%   +0.01%     
==========================================
  Files         769      769              
  Lines       69276    69288      +12     
==========================================
+ Hits        51260    51280      +20     
+ Misses      14606    14601       -5     
+ Partials     3410     3407       -3     

Flag	Coverage Δ
unittests	74.00% <88.23%> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
errors/error_funcs.go	71.42% <100.00%> (+0.95%)	⬆️
internal/exec/terraform_output_utils.go	100.00% <100.00%> (ø)
internal/exec/yaml_func_utils.go	90.19% <100.00%> (+0.50%)	⬆️
internal/exec/template_funcs_component.go	75.00% <50.00%> (ø)
pkg/terraform/output/executor.go	85.32% <75.00%> (+0.11%)	⬆️

... and 5 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR addresses silent failures when referencing missing components in Terraform outputs and template functions by introducing error-wrapping helpers to break error chains and provide clear error messages. It also fixes a panic in authContextWrapper.GetChain and adds debug logging for YAML processing errors.

Changes

Cohort / File(s)	Summary
Error Wrapping Helpers pkg/terraform/output/executor.go, internal/exec/template_funcs_component.go	Added wrapDescribeError() and wrapComponentFuncError() helpers to convert ErrInvalidComponent chains into ErrDescribeComponent, preventing fallback behavior for missing components and providing clear error messages.
Error Wrapping Tests pkg/terraform/output/executor_test.go, internal/exec/template_funcs_component_test.go	New tests verify that error chains are properly broken for both !terraform.output and atmos.Component() usage, covering scenarios with joined/wrapped errors and unrelated errors.
Auth Context Panic Fix internal/exec/terraform_output_utils.go, internal/exec/terraform_output_utils_test.go	GetChain() on authContextWrapper now returns an empty slice instead of panicking, with tests confirming no panic occurs for nested auth contexts.
YAML Function Logging internal/exec/yaml_func_utils.go	Added debug logging when YAML function processing encounters errors, capturing input value, stack, and error details.
Environment Variable Template Tests internal/exec/template_env_function_test.go	New test file with two tests verifying Sprig env function integration: one for successful resolution and one demonstrating behavior with unset environment variables.
Documentation docs/fixes/terraform-output-issues.md	Documents the error chaining fixes and their impact on component reference resolution.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• fix: Improve HCL syntax error messages and prevent masking #1866: Modifies error handling around DescribeComponent and ErrInvalidComponent to prevent masking/fallbacks in the same error-sentinel flow.
• fix: Improve AWS credential isolation and auth error propagation #1712: Both modify internal/exec/template_funcs_component.go and Terraform output error paths with auth-context-aware output retrieval logic.
• feat: Add multiple terraform output formats for CI integration #1885: Changes Terraform output execution and template component error handling with error-wrapping adjustments to pkg/terraform/output/executor.go.

Suggested reviewers

• osterman
• milldr

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 53.85% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly addresses the main fix: resolving assume role panics and improving error handling through wrapDescribeError and wrapComponentFuncError helpers.
Linked Issues check	✅ Passed	Changes successfully address both issues: #1921 (panic fix via authContextWrapper.GetChain returning empty slice) and #1030 (error chain breaking via wrapDescribeError/wrapComponentFuncError).
Out of Scope Changes check	✅ Passed	All changes align with the linked issues. Added debug logging for YAML errors and env function tests support the error handling improvements.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch aknysh/fix-assume-role

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

internal/exec/template_funcs_component.go (1)

21-32: Consider consolidating duplicate error wrappers.

wrapComponentFuncError here and wrapDescribeError in pkg/terraform/output/executor.go have nearly identical structure and logic. You could create a shared helper that both can use, reducing duplication.

Example consolidation approach

Create a shared helper in a common location (e.g., errors/errors.go or a new errors/component_errors.go):

// WrapComponentDescribeError breaks the ErrInvalidComponent chain to prevent fallback.
func WrapComponentDescribeError(component, stack string, err error, context string) error {
	if errors.Is(err, ErrInvalidComponent) {
		return fmt.Errorf("%w: %s(%s, %s): %s",
			ErrDescribeComponent, context, component, stack, err.Error())
	}
	return fmt.Errorf("%s(%s, %s) failed: %w", context, component, stack, err)
}

Then use it in both locations:

// In template_funcs_component.go
return nil, errUtils.WrapComponentDescribeError(component, stack, err, "atmos.Component")

// In executor.go
return nil, errUtils.WrapComponentDescribeError(component, stack, err, "component")

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 80c7937 and f4ff1af.

📒 Files selected for processing (9)

• docs/fixes/terraform-output-issues.md
• internal/exec/template_env_function_test.go
• internal/exec/template_funcs_component.go
• internal/exec/template_funcs_component_test.go
• internal/exec/terraform_output_utils.go
• internal/exec/terraform_output_utils_test.go
• internal/exec/yaml_func_utils.go
• pkg/terraform/output/executor.go
• pkg/terraform/output/executor_test.go

🧰 Additional context used

📓 Path-based instructions (3)

**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*.go: Use Viper for managing configuration, environment variables, and flags in CLI commands
Use interfaces for external dependencies to facilitate mocking and consider using testify/mock for creating mock implementations
All code must pass golangci-lint checks
Follow Go's error handling idioms: use meaningful error messages, wrap errors with context using fmt.Errorf("context: %w", err), and consider using custom error types for domain-specific errors
Follow standard Go coding style: use gofmt and goimports to format code, prefer short descriptive variable names, use kebab-case for command-line flags, and snake_case for environment variables
Document all exported functions, types, and methods following Go's documentation conventions
Document complex logic with inline comments in Go code
Support configuration via files, environment variables, and flags following the precedence order: flags > environment variables > config file > defaults
Provide clear error messages to users, include troubleshooting hints when appropriate, and log detailed errors for debugging

**/*.go: All comments must end with periods (enforced by godot linter) in Go code
Organize imports into three groups separated by blank lines, sorted alphabetically: Go stdlib, 3rd-party (NOT cloudposse/atmos), then Atmos packages with maintained aliases (cfg, log, u, errUtils)
All errors MUST be wrapped using static errors defined in errors/errors.go - use errors.Join for combining errors, fmt.Errorf with %w for context, and errors.Is() for error checking
Never manually create mocks - use go.uber.org/mock/mockgen with //go:generate directives in Go code
Keep files small and focused - under 600 lines with one cmd/impl per file, co-locate tests, never use //revive:disable:file-length-limit
Use colors from pkg/ui/theme/colors.go for all UI theming in Go code
Code must be compatible with Linux, macOS, and Windows - use SDKs over binaries, use filepath.Join() instead of h...

Files:

• internal/exec/terraform_output_utils.go
• internal/exec/terraform_output_utils_test.go
• internal/exec/template_funcs_component_test.go
• pkg/terraform/output/executor_test.go
• internal/exec/yaml_func_utils.go
• internal/exec/template_env_function_test.go
• pkg/terraform/output/executor.go
• internal/exec/template_funcs_component.go

**/{pkg,internal,cmd}/**/*.go

📄 CodeRabbit inference engine (CLAUDE.md)

Add defer perf.Track(atmosConfig, "pkg.FuncName")() plus blank line to all public functions, using nil if no atmosConfig param - exceptions: trivial getters/setters, command constructors, simple factories, functions delegating to tracked functions

Files:

• internal/exec/terraform_output_utils.go
• internal/exec/terraform_output_utils_test.go
• internal/exec/template_funcs_component_test.go
• pkg/terraform/output/executor_test.go
• internal/exec/yaml_func_utils.go
• internal/exec/template_env_function_test.go
• pkg/terraform/output/executor.go
• internal/exec/template_funcs_component.go

**/*_test.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*_test.go: Every new feature must include comprehensive unit tests targeting >80% code coverage for all packages
Use table-driven tests for testing multiple scenarios in Go
Include integration tests for command flows and test CLI end-to-end when possible with test fixtures

Prefer unit tests with mocks over integration tests - use interfaces and dependency injection for testability, generate mocks with go.uber.org/mock/mockgen, use table-driven tests, target >80% coverage

Files:

• internal/exec/terraform_output_utils_test.go
• internal/exec/template_funcs_component_test.go
• pkg/terraform/output/executor_test.go
• internal/exec/template_env_function_test.go

🧠 Learnings (60)

📓 Common learnings

Learnt from: Listener430
Repo: cloudposse/atmos PR: 934
File: tests/fixtures/scenarios/docs-generate/README.md.gotmpl:99-118
Timestamp: 2025-01-25T03:51:57.689Z
Learning: For the cloudposse/atmos repository, changes to template contents should be handled in dedicated PRs and are typically considered out of scope for PRs focused on other objectives.

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1185
File: internal/exec/yaml_func_store.go:71-72
Timestamp: 2025-04-04T02:03:21.906Z
Learning: The codebase currently uses `log.Fatal` for error handling in library functions, which terminates the program. There is a plan to refactor this approach in a separate PR to improve API design by returning error messages instead of terminating execution.

Learnt from: milldr
Repo: cloudposse/atmos PR: 1229
File: internal/exec/workflow_test.go:0-0
Timestamp: 2025-06-02T14:12:02.710Z
Learning: In the atmos codebase, workflow error handling was refactored to use `PrintErrorMarkdown` followed by returning specific error variables (like `ErrWorkflowNoSteps`, `ErrInvalidFromStep`, `ErrInvalidWorkflowStepType`, `ErrWorkflowStepFailed`) instead of `PrintErrorMarkdownAndExit`. This pattern allows proper error testing without the function terminating the process with `os.Exit`, enabling unit tests to assert on error conditions while maintaining excellent user-facing error formatting.

Learnt from: Listener430
Repo: cloudposse/atmos PR: 934
File: internal/exec/docs_generate.go:98-101
Timestamp: 2025-01-25T04:01:58.095Z
Learning: In the `generateSingleReadme` function of the docs generation feature (internal/exec/docs_generate.go), errors from `fetchAndParseYAML` should be logged and skipped rather than causing early returns. This is by design to process all inputs and collect all errors, instead of failing fast on the first error.

Learnt from: Benbentwo
Repo: cloudposse/atmos PR: 1475
File: internal/exec/terraform.go:269-272
Timestamp: 2025-10-03T18:02:08.535Z
Learning: In internal/exec/terraform.go, when auth.TerraformPreHook fails, the error is logged but execution continues. This is a deliberate design choice to allow Terraform commands to proceed even if authentication setup fails, rather than failing fast.

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1185
File: internal/exec/yaml_func_store.go:26-26
Timestamp: 2025-04-04T02:03:23.676Z
Learning: The Atmos codebase currently uses `log.Fatal` for error handling in multiple places. The maintainers are aware this isn't an ideal pattern (should only be used in main() or init() functions) and plan to address it comprehensively in a separate PR. CodeRabbit should not flag these issues or push for immediate changes until that refactoring is complete.

Learnt from: Cerebrovinny
Repo: cloudposse/atmos PR: 1560
File: pkg/utils/string_utils.go:43-64
Timestamp: 2025-09-30T19:03:50.738Z
Learning: In the Atmos codebase, YAML tags like !terraform.output rely on positional arguments, so the SplitStringByDelimiter function in pkg/utils/string_utils.go must preserve empty strings (even after trimming quotes) to maintain the correct number of positional arguments. Filtering out empty values after trimming would collapse the array and break these function calls.

Learnt from: aknysh
Repo: cloudposse/atmos PR: 775
File: internal/exec/template_funcs_component.go:157-159
Timestamp: 2024-11-12T03:16:02.910Z
Learning: In the Go code for `componentFunc` in `internal/exec/template_funcs_component.go`, the function `cleanTerraformWorkspace` does not return errors, and it's acceptable if the file does not exist. Therefore, error handling for `cleanTerraformWorkspace` is not needed.

Learnt from: milldr
Repo: cloudposse/atmos PR: 1229
File: internal/exec/workflow_test.go:0-0
Timestamp: 2025-06-02T14:12:02.710Z
Learning: In the atmos codebase, workflow error handling was refactored to use `PrintErrorMarkdown` followed by returning the error instead of `PrintErrorMarkdownAndExit`. This pattern allows proper error testing without the function terminating the process with `os.Exit`, enabling unit tests to assert on error conditions.

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: errors/errors.go:184-203
Timestamp: 2025-12-13T06:10:13.688Z
Learning: cloudposse/atmos: For toolchain work, duplicate/unused error sentinels in errors/errors.go should be cleaned up in a separate refactor PR and not block feature PRs; canonical toolchain sentinels live under toolchain/registry with re-exports in toolchain/errors.go.

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: .cursor/rules/atmos-rules.mdc:0-0
Timestamp: 2025-11-24T17:35:37.209Z
Learning: Applies to **/*.go : Provide clear error messages to users, include troubleshooting hints when appropriate, and log detailed errors for debugging

📚 Learning: 2025-12-21T04:10:29.030Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1891
File: internal/exec/describe_affected.go:468-468
Timestamp: 2025-12-21T04:10:29.030Z
Learning: In Go, package-level declarations (constants, variables, types, and functions) are visible to all files in the same package without imports. During reviews in cloudposse/atmos (and similar Go codebases), before suggesting to declare a new identifier, first check if it already exists in another file of the same package. If it exists, you can avoid adding a new declaration; if not, proceed with a proper package-level declaration. 

Applied to files:

• internal/exec/terraform_output_utils.go
• internal/exec/terraform_output_utils_test.go
• internal/exec/template_funcs_component_test.go
• pkg/terraform/output/executor_test.go
• internal/exec/yaml_func_utils.go
• internal/exec/template_env_function_test.go
• pkg/terraform/output/executor.go
• internal/exec/template_funcs_component.go

📚 Learning: 2025-12-10T18:32:51.237Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1808
File: cmd/terraform/backend/backend_delete_test.go:9-23
Timestamp: 2025-12-10T18:32:51.237Z
Learning: In cmd subpackages (e.g., cmd/terraform/backend/), tests cannot use cmd.NewTestKit(t) due to Go's test visibility rules (NewTestKit is in a parent package test file). These tests only need TestKit if they execute commands through RootCmd or modify RootCmd state. Structural tests that only verify command structure/flags without touching RootCmd don't require TestKit cleanup.

Applied to files:

• internal/exec/terraform_output_utils_test.go

📚 Learning: 2025-09-29T02:20:11.636Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1540
File: internal/exec/validate_component.go:117-118
Timestamp: 2025-09-29T02:20:11.636Z
Learning: The ValidateComponent function in internal/exec/validate_component.go had its componentSection parameter type refined from `any` to `map[string]any` without adding new parameters. This is a type safety improvement, not a signature change requiring call site updates.

Applied to files:

• internal/exec/template_funcs_component_test.go
• internal/exec/template_funcs_component.go
• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-11-24T17:35:37.209Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: .cursor/rules/atmos-rules.mdc:0-0
Timestamp: 2025-11-24T17:35:37.209Z
Learning: Applies to **/*_test.go : Every new feature must include comprehensive unit tests targeting >80% code coverage for all packages

Applied to files:

• internal/exec/template_funcs_component_test.go

📚 Learning: 2025-11-24T17:35:37.209Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: .cursor/rules/atmos-rules.mdc:0-0
Timestamp: 2025-11-24T17:35:37.209Z
Learning: Applies to **/*_test.go : Include integration tests for command flows and test CLI end-to-end when possible with test fixtures

Applied to files:

• internal/exec/template_funcs_component_test.go
• internal/exec/template_env_function_test.go

📚 Learning: 2024-11-12T03:16:02.910Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 775
File: internal/exec/template_funcs_component.go:157-159
Timestamp: 2024-11-12T03:16:02.910Z
Learning: In the Go code for `componentFunc` in `internal/exec/template_funcs_component.go`, the function `cleanTerraformWorkspace` does not return errors, and it's acceptable if the file does not exist. Therefore, error handling for `cleanTerraformWorkspace` is not needed.

Applied to files:

• internal/exec/template_funcs_component_test.go
• internal/exec/template_env_function_test.go
• pkg/terraform/output/executor.go
• internal/exec/template_funcs_component.go
• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-11-24T17:35:37.209Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: .cursor/rules/atmos-rules.mdc:0-0
Timestamp: 2025-11-24T17:35:37.209Z
Learning: Applies to **/*.go : Use interfaces for external dependencies to facilitate mocking and consider using testify/mock for creating mock implementations

Applied to files:

• internal/exec/template_funcs_component_test.go

📚 Learning: 2024-10-23T21:36:40.262Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 740
File: cmd/cmd_utils.go:340-359
Timestamp: 2024-10-23T21:36:40.262Z
Learning: In the Go codebase for Atmos, when reviewing functions like `checkAtmosConfig` in `cmd/cmd_utils.go`, avoid suggesting refactoring to return errors instead of calling `os.Exit` if such changes would significantly increase the scope due to the need to update multiple call sites.

Applied to files:

• internal/exec/template_funcs_component_test.go
• internal/exec/template_funcs_component.go
• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-09-13T18:06:07.674Z

Learnt from: samtholiya
Repo: cloudposse/atmos PR: 1466
File: toolchain/list.go:39-42
Timestamp: 2025-09-13T18:06:07.674Z
Learning: In the cloudposse/atmos repository, for UI messages in the toolchain package, use utils.PrintfMessageToTUI instead of log.Error or fmt.Fprintln(os.Stderr, ...). Import pkg/utils with alias "u" to follow the established pattern.

Applied to files:

• internal/exec/template_funcs_component_test.go
• internal/exec/yaml_func_utils.go
• internal/exec/template_funcs_component.go

📚 Learning: 2025-04-11T22:06:46.999Z

Learnt from: samtholiya
Repo: cloudposse/atmos PR: 1147
File: internal/exec/validate_schema.go:42-57
Timestamp: 2025-04-11T22:06:46.999Z
Learning: The "ExecuteAtmosValidateSchemaCmd" function in internal/exec/validate_schema.go has been reviewed and confirmed to have acceptable cognitive complexity despite static analysis warnings. The function uses a clean structure with only three if statements for error handling and delegates complex operations to helper methods.

Applied to files:

• internal/exec/template_funcs_component_test.go

📚 Learning: 2025-11-11T03:47:59.576Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: toolchain/which_test.go:166-223
Timestamp: 2025-11-11T03:47:59.576Z
Learning: In the cloudposse/atmos repo, tests that manipulate environment variables should use testing.T.Setenv for automatic setup/teardown instead of os.Setenv/Unsetenv.

Applied to files:

• internal/exec/template_funcs_component_test.go
• internal/exec/template_env_function_test.go

📚 Learning: 2024-10-28T01:51:30.811Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 727
File: internal/exec/terraform_clean.go:329-332
Timestamp: 2024-10-28T01:51:30.811Z
Learning: In the Atmos Go code, when deleting directories or handling file paths (e.g., in `terraform_clean.go`), always resolve the absolute path using `filepath.Abs` and use the logger `u.LogWarning` for logging messages instead of using `fmt.Printf`.

Applied to files:

• internal/exec/template_funcs_component_test.go
• internal/exec/yaml_func_utils.go

📚 Learning: 2025-11-08T19:56:18.660Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1697
File: internal/exec/oci_utils.go:0-0
Timestamp: 2025-11-08T19:56:18.660Z
Learning: In the Atmos codebase, when a function receives an `*schema.AtmosConfiguration` parameter, it should read configuration values from `atmosConfig.Settings` fields rather than using direct `os.Getenv()` or `viper.GetString()` calls. The Atmos pattern is: viper.BindEnv in cmd/root.go binds environment variables → Viper unmarshals into atmosConfig.Settings via mapstructure → business logic reads from the Settings struct. This provides centralized config management, respects precedence, and enables testability. Example: `atmosConfig.Settings.AtmosGithubToken` instead of `os.Getenv("ATMOS_GITHUB_TOKEN")` in functions like `getGHCRAuth` in internal/exec/oci_utils.go.

Applied to files:

• internal/exec/template_funcs_component_test.go
• internal/exec/template_env_function_test.go
• internal/exec/template_funcs_component.go

📚 Learning: 2024-12-05T22:33:40.955Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 820
File: cmd/list_components.go:53-54
Timestamp: 2024-12-05T22:33:40.955Z
Learning: In the Atmos CLI Go codebase, using `u.LogErrorAndExit` within completion functions is acceptable because it logs the error and exits the command execution.

Applied to files:

• internal/exec/template_funcs_component_test.go
• internal/exec/template_funcs_component.go

📚 Learning: 2025-08-15T14:43:41.030Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1352
File: pkg/store/artifactory_store_test.go:108-113
Timestamp: 2025-08-15T14:43:41.030Z
Learning: In test files for the atmos project, it's acceptable to ignore errors from os.Setenv/Unsetenv operations during test environment setup and teardown, as these are controlled test scenarios.

Applied to files:

• internal/exec/template_funcs_component_test.go
• internal/exec/template_env_function_test.go

📚 Learning: 2025-08-16T23:32:40.412Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1405
File: internal/exec/describe_dependents_test.go:455-456
Timestamp: 2025-08-16T23:32:40.412Z
Learning: In the cloudposse/atmos Go codebase, `InitCliConfig` returns a `schema.AtmosConfiguration` value (not a pointer), while `ExecuteDescribeDependents` expects a `*schema.AtmosConfiguration` pointer parameter. Therefore, when passing the result of `InitCliConfig` to `ExecuteDescribeDependents`, use `&atmosConfig` to pass the address of the value.

Applied to files:

• internal/exec/template_funcs_component_test.go

📚 Learning: 2025-06-02T14:12:02.710Z

Learnt from: milldr
Repo: cloudposse/atmos PR: 1229
File: internal/exec/workflow_test.go:0-0
Timestamp: 2025-06-02T14:12:02.710Z
Learning: In the atmos codebase, workflow error handling was refactored to use `PrintErrorMarkdown` followed by returning specific error variables (like `ErrWorkflowNoSteps`, `ErrInvalidFromStep`, `ErrInvalidWorkflowStepType`, `ErrWorkflowStepFailed`) instead of `PrintErrorMarkdownAndExit`. This pattern allows proper error testing without the function terminating the process with `os.Exit`, enabling unit tests to assert on error conditions while maintaining excellent user-facing error formatting.

Applied to files:

• internal/exec/template_funcs_component_test.go
• pkg/terraform/output/executor_test.go
• internal/exec/template_funcs_component.go
• docs/fixes/terraform-output-issues.md

📚 Learning: 2024-11-19T23:00:45.899Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 795
File: internal/exec/stack_processor_utils.go:378-386
Timestamp: 2024-11-19T23:00:45.899Z
Learning: In the `ProcessYAMLConfigFile` function within `internal/exec/stack_processor_utils.go`, directory traversal in stack imports is acceptable and should not be restricted.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-04-24T01:40:13.576Z

Learnt from: haitham911
Repo: cloudposse/atmos PR: 1202
File: pkg/config/process_yaml.go:0-0
Timestamp: 2025-04-24T01:40:13.576Z
Learning: When processing YAML nodes with custom directives in Go using gopkg.in/yaml.v3, setting node.Tag = "" is sufficient to prevent re-processing of the node. It's not necessary to also clear node.Value after updating the configuration store (e.g., Viper), as the original value doesn't affect subsequent operations once the tag is removed.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-01-25T04:01:58.095Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 934
File: internal/exec/docs_generate.go:98-101
Timestamp: 2025-01-25T04:01:58.095Z
Learning: In the `generateSingleReadme` function of the docs generation feature (internal/exec/docs_generate.go), errors from `fetchAndParseYAML` should be logged and skipped rather than causing early returns. This is by design to process all inputs and collect all errors, instead of failing fast on the first error.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-02-21T20:56:05.539Z

Learnt from: samtholiya
Repo: cloudposse/atmos PR: 1077
File: pkg/downloader/custom_github_detector.go:0-0
Timestamp: 2025-02-21T20:56:05.539Z
Learning: The `github.com/charmbracelet/log` package should be imported with the alias `log` according to the project's import alias configuration.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-11-24T17:35:37.209Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: .cursor/rules/atmos-rules.mdc:0-0
Timestamp: 2025-11-24T17:35:37.209Z
Learning: Applies to **/*.go : Provide clear error messages to users, include troubleshooting hints when appropriate, and log detailed errors for debugging

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-02-21T20:56:20.761Z

Learnt from: samtholiya
Repo: cloudposse/atmos PR: 1077
File: pkg/downloader/custom_github_detector_test.go:0-0
Timestamp: 2025-02-21T20:56:20.761Z
Learning: The `github.com/charmbracelet/log` package should be imported with the alias `log`, not `clog`.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-01-30T16:56:43.004Z

Learnt from: mcalhoun
Repo: cloudposse/atmos PR: 980
File: pkg/utils/log_utils.go:62-63
Timestamp: 2025-01-30T16:56:43.004Z
Learning: In pkg/utils/log_utils.go, LogTrace is intentionally redirected to LogDebug since charmbracelet logger doesn't support Trace level, maintaining backward compatibility with the original LogTrace functionality.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2026-01-04T00:55:21.698Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-01-04T00:55:21.698Z
Learning: Applies to **/{pkg,internal,cmd}/**/*.go : Add `defer perf.Track(atmosConfig, "pkg.FuncName")()` plus blank line to all public functions, using `nil` if no atmosConfig param - exceptions: trivial getters/setters, command constructors, simple factories, functions delegating to tracked functions

Applied to files:

• internal/exec/yaml_func_utils.go
• internal/exec/template_env_function_test.go

📚 Learning: 2025-09-30T19:03:50.738Z

Learnt from: Cerebrovinny
Repo: cloudposse/atmos PR: 1560
File: pkg/utils/string_utils.go:43-64
Timestamp: 2025-09-30T19:03:50.738Z
Learning: In the Atmos codebase, YAML tags like !terraform.output rely on positional arguments, so the SplitStringByDelimiter function in pkg/utils/string_utils.go must preserve empty strings (even after trimming quotes) to maintain the correct number of positional arguments. Filtering out empty values after trimming would collapse the array and break these function calls.

Applied to files:

• internal/exec/yaml_func_utils.go
• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-11-09T19:06:58.470Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1752
File: pkg/profile/list/formatter_table.go:27-29
Timestamp: 2025-11-09T19:06:58.470Z
Learning: In the cloudposse/atmos repository, performance tracking with `defer perf.Track()` is enforced on all functions via linting, including high-frequency utility functions, formatters, and renderers. This is a repository-wide policy to maintain consistency and avoid making case-by-case judgment calls about which functions should have profiling.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-02-06T13:38:07.216Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 984
File: internal/exec/copy_glob.go:0-0
Timestamp: 2025-02-06T13:38:07.216Z
Learning: The `u.LogTrace` function in the `cloudposse/atmos` repository accepts `atmosConfig` as its first parameter, followed by the message string.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-07-05T20:59:02.914Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1363
File: internal/exec/template_utils.go:18-18
Timestamp: 2025-07-05T20:59:02.914Z
Learning: In the Atmos project, gomplate v4 is imported with a blank import (`_ "github.com/hairyhenderson/gomplate/v4"`) alongside v3 imports to resolve AWS SDK version conflicts. V3 uses older AWS SDK versions that conflict with newer AWS modules used by Atmos. A full migration to v4 requires extensive refactoring due to API changes and should be handled in a separate PR.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2026-01-04T00:55:21.698Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-01-04T00:55:21.698Z
Learning: Applies to **/*.go : Organize imports into three groups separated by blank lines, sorted alphabetically: Go stdlib, 3rd-party (NOT cloudposse/atmos), then Atmos packages with maintained aliases (`cfg`, `log`, `u`, `errUtils`)

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-11-30T04:16:24.155Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1821
File: pkg/merge/deferred.go:34-48
Timestamp: 2025-11-30T04:16:24.155Z
Learning: In the cloudposse/atmos repository, the `defer perf.Track()` guideline applies to functions that perform meaningful work (I/O, computation, external calls), but explicitly excludes trivial accessors/mutators (e.g., simple getters, setters with single integer increments, string joins, or map appends) where the tracking overhead would exceed the actual method cost and provide no actionable performance data. Hot-path methods called in tight loops should especially avoid perf.Track() if they perform only trivial operations.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2024-12-17T07:08:41.288Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 863
File: internal/exec/yaml_func_terraform_output.go:34-38
Timestamp: 2024-12-17T07:08:41.288Z
Learning: In the `processTagTerraformOutput` function within `internal/exec/yaml_func_terraform_output.go`, parameters are separated by spaces and do not contain spaces. Therefore, using `strings.Fields()` for parsing is acceptable, and there's no need to handle parameters with spaces.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2024-11-30T22:07:08.610Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 810
File: internal/exec/yaml_func_terraform_output.go:35-40
Timestamp: 2024-11-30T22:07:08.610Z
Learning: In the Go function `processTagTerraformOutput` in `internal/exec/yaml_func_terraform_output.go`, parameters cannot contain spaces. The code splits the input by spaces, and if the parameters contain spaces, `len(parts) != 3` will fail and show an error to the user.

Applied to files:

• internal/exec/yaml_func_utils.go

📚 Learning: 2025-01-25T03:49:03.951Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 934
File: internal/exec/template_utils.go:268-271
Timestamp: 2025-01-25T03:49:03.951Z
Learning: The `ProcessTmplWithDatasourcesGomplate` function in `internal/exec/template_utils.go` is used for documentation generation purposes, where simple environment variable handling is acceptable and thread-safety concerns are not critical.

Applied to files:

• internal/exec/template_env_function_test.go

📚 Learning: 2026-01-04T00:55:21.698Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-01-04T00:55:21.698Z
Learning: New config templates support Go templating with `FuncMap()` from `internal/exec/template_funcs.go`

Applied to files:

• internal/exec/template_env_function_test.go
• internal/exec/template_funcs_component.go

📚 Learning: 2025-12-13T06:10:25.156Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: internal/exec/workflow_utils.go:0-0
Timestamp: 2025-12-13T06:10:25.156Z
Learning: Atmos workflows: In internal/exec/workflow_utils.go ExecuteWorkflow, non-identity steps intentionally use baseWorkflowEnv, which is constructed from the parent environment with PATH modifications for the toolchain. Avoid appending os.Environ() again; prefer documenting this behavior and testing that standard environment variables are preserved.

Applied to files:

• internal/exec/template_env_function_test.go

📚 Learning: 2025-11-11T03:47:45.878Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: toolchain/add_test.go:67-77
Timestamp: 2025-11-11T03:47:45.878Z
Learning: In the cloudposse/atmos codebase, tests should prefer t.Setenv for environment variable setup/teardown instead of os.Setenv/Unsetenv to ensure test-scoped isolation.

Applied to files:

• internal/exec/template_env_function_test.go

📚 Learning: 2024-12-07T16:16:13.038Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 825
File: internal/exec/helmfile_generate_varfile.go:28-31
Timestamp: 2024-12-07T16:16:13.038Z
Learning: In `internal/exec/helmfile_generate_varfile.go`, the `--help` command (`./atmos helmfile generate varfile --help`) works correctly without requiring stack configurations, and the only change needed was to make `ProcessCommandLineArgs` exportable by capitalizing its name.

Applied to files:

• internal/exec/template_env_function_test.go
• docs/fixes/terraform-output-issues.md

📚 Learning: 2024-11-13T21:37:07.852Z

Learnt from: Cerebrovinny
Repo: cloudposse/atmos PR: 764
File: internal/exec/describe_stacks.go:289-295
Timestamp: 2024-11-13T21:37:07.852Z
Learning: In the `internal/exec/describe_stacks.go` file of the `atmos` project written in Go, avoid extracting the stack name handling logic into a helper function within the `ExecuteDescribeStacks` method, even if the logic appears duplicated.

Applied to files:

• internal/exec/template_env_function_test.go

📚 Learning: 2024-12-01T00:33:20.298Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 810
File: examples/tests/stacks/catalog/terraform/template-functions-test2/defaults.yaml:28-32
Timestamp: 2024-12-01T00:33:20.298Z
Learning: In `examples/tests/stacks/catalog/terraform/template-functions-test2/defaults.yaml`, `!exec atmos terraform output` is used in examples to demonstrate its usage, even though `!terraform.output` is the recommended approach according to the documentation.

Applied to files:

• internal/exec/template_env_function_test.go
• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-12-24T04:29:23.938Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1891
File: pkg/ci/terraform/templates/apply.md:17-17
Timestamp: 2025-12-24T04:29:23.938Z
Learning: In the cloudposse/atmos repository, Terraform CI templates (pkg/ci/terraform/templates/*.md) are rendered using TerraformTemplateContext (defined in pkg/ci/terraform/context.go), not the base ci.TemplateContext. TerraformTemplateContext provides top-level fields: .Resources (ci.ResourceCounts), .HasChanges() method, and .HasDestroy field, which are correctly accessed directly in templates without a .Result prefix.

Applied to files:

• internal/exec/template_env_function_test.go

📚 Learning: 2025-04-26T15:54:10.506Z

Learnt from: haitham911
Repo: cloudposse/atmos PR: 1195
File: internal/exec/terraform_clean.go:99-99
Timestamp: 2025-04-26T15:54:10.506Z
Learning: The error variable `ErrRelPath` is defined in `internal/exec/terraform_clean_util.go` and is used across files in the `exec` package, including in `terraform_clean.go`. This is part of an approach to standardize error handling in the codebase.

Applied to files:

• pkg/terraform/output/executor.go
• internal/exec/template_funcs_component.go
• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-11-24T17:35:37.209Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: .cursor/rules/atmos-rules.mdc:0-0
Timestamp: 2025-11-24T17:35:37.209Z
Learning: Applies to **/*.go : Follow Go's error handling idioms: use meaningful error messages, wrap errors with context using `fmt.Errorf("context: %w", err)`, and consider using custom error types for domain-specific errors

Applied to files:

• pkg/terraform/output/executor.go

📚 Learning: 2026-01-04T00:55:21.698Z

Learnt from: CR
Repo: cloudposse/atmos PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-01-04T00:55:21.698Z
Learning: Applies to **/*.go : All errors MUST be wrapped using static errors defined in `errors/errors.go` - use `errors.Join` for combining errors, `fmt.Errorf` with `%w` for context, and `errors.Is()` for error checking

Applied to files:

• pkg/terraform/output/executor.go

📚 Learning: 2024-12-11T18:40:12.808Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 844
File: cmd/helmfile.go:37-37
Timestamp: 2024-12-11T18:40:12.808Z
Learning: In the atmos project, `cliConfig` is initialized within the `cmd` package in `root.go` and can be used in other command files.

Applied to files:

• internal/exec/template_funcs_component.go

📚 Learning: 2024-12-05T22:33:54.807Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 820
File: cmd/list_stacks.go:55-56
Timestamp: 2024-12-05T22:33:54.807Z
Learning: In the atmos project, the `u.LogErrorAndExit` function logs the error and exits the command execution appropriately within flag completion functions.

Applied to files:

• internal/exec/template_funcs_component.go

📚 Learning: 2025-12-13T04:37:25.223Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: cmd/root.go:0-0
Timestamp: 2025-12-13T04:37:25.223Z
Learning: In Atmos cmd/root.go Execute(), after cfg.InitCliConfig, we must call both toolchainCmd.SetAtmosConfig(&atmosConfig) and toolchain.SetAtmosConfig(&atmosConfig) so the CLI wrapper and the toolchain package receive configuration; missing either can cause nil-pointer panics in toolchain path resolution.

Applied to files:

• internal/exec/template_funcs_component.go

📚 Learning: 2025-09-25T01:02:48.697Z

Learnt from: Benbentwo
Repo: cloudposse/atmos PR: 1475
File: pkg/auth/manager.go:304-312
Timestamp: 2025-09-25T01:02:48.697Z
Learning: The auth manager in pkg/auth/manager.go should remain cloud-agnostic and not contain AWS-specific logic or references to specific cloud providers. Keep the manager generic and extensible.

Applied to files:

• internal/exec/template_funcs_component.go

📚 Learning: 2024-12-03T05:29:07.718Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 810
File: internal/exec/terraform_utils.go:145-146
Timestamp: 2024-12-03T05:29:07.718Z
Learning: In the Atmos project, a 5-minute timeout in the `execTerraformOutput` function is acceptable for retrieving `terraform output` for a component in a stack.

Applied to files:

• internal/exec/template_funcs_component.go

📚 Learning: 2024-12-03T05:18:49.169Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 810
File: internal/exec/terraform_utils.go:40-213
Timestamp: 2024-12-03T05:18:49.169Z
Learning: In the context of the Atmos project, it's acceptable for functions like `execTerraformOutput` to remain as single functions if they perform a single purpose, such as retrieving Terraform outputs for a component in a stack, even if the function is lengthy.

Applied to files:

• internal/exec/template_funcs_component.go
• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-06-02T14:12:02.710Z

Learnt from: milldr
Repo: cloudposse/atmos PR: 1229
File: internal/exec/workflow_test.go:0-0
Timestamp: 2025-06-02T14:12:02.710Z
Learning: In the atmos codebase, workflow error handling was refactored to use `PrintErrorMarkdown` followed by returning the error instead of `PrintErrorMarkdownAndExit`. This pattern allows proper error testing without the function terminating the process with `os.Exit`, enabling unit tests to assert on error conditions.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2024-12-07T16:19:01.683Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 825
File: internal/exec/terraform.go:30-30
Timestamp: 2024-12-07T16:19:01.683Z
Learning: In `internal/exec/terraform.go`, skipping stack validation when help flags are present is not necessary.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-01-17T00:18:57.769Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 944
File: go.mod:206-206
Timestamp: 2025-01-17T00:18:57.769Z
Learning: For indirect dependencies with license compliance issues in the cloudposse/atmos repository, the team prefers to handle them in follow-up PRs rather than blocking the current changes, as these issues often require deeper investigation of the dependency tree.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-01-25T03:51:57.689Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 934
File: tests/fixtures/scenarios/docs-generate/README.md.gotmpl:99-118
Timestamp: 2025-01-25T03:51:57.689Z
Learning: For the cloudposse/atmos repository, changes to template contents should be handled in dedicated PRs and are typically considered out of scope for PRs focused on other objectives.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2024-11-22T12:38:33.132Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 768
File: internal/exec/vendor_utils.go:496-513
Timestamp: 2024-11-22T12:38:33.132Z
Learning: In the Atmos project, continue to flag path traversal issues in code reviews but acknowledge when they are expected and acceptable in specific cases.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-03-18T12:26:25.329Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 1149
File: tests/snapshots/TestCLICommands_atmos_vendor_pull_ssh.stderr.golden:7-7
Timestamp: 2025-03-18T12:26:25.329Z
Learning: In the Atmos project, typos or inconsistencies in test snapshot files (such as "terrafrom" instead of "terraform") may be intentional as they capture the exact output of commands and should not be flagged as issues requiring correction.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-12-13T06:07:37.766Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: docs/prd/tool-dependencies-integration.md:58-64
Timestamp: 2025-12-13T06:07:37.766Z
Learning: cloudposse/atmos: For PRD docs (docs/prd/*.md), markdownlint issues like MD040/MD010/MD034 can be handled in a separate documentation cleanup commit and should not block the current PR.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-04-04T02:03:23.676Z

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1185
File: internal/exec/yaml_func_store.go:26-26
Timestamp: 2025-04-04T02:03:23.676Z
Learning: The Atmos codebase currently uses `log.Fatal` for error handling in multiple places. The maintainers are aware this isn't an ideal pattern (should only be used in main() or init() functions) and plan to address it comprehensively in a separate PR. CodeRabbit should not flag these issues or push for immediate changes until that refactoring is complete.

Applied to files:

• docs/fixes/terraform-output-issues.md

📚 Learning: 2025-12-13T06:10:13.688Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: errors/errors.go:184-203
Timestamp: 2025-12-13T06:10:13.688Z
Learning: cloudposse/atmos: For toolchain work, duplicate/unused error sentinels in errors/errors.go should be cleaned up in a separate refactor PR and not block feature PRs; canonical toolchain sentinels live under toolchain/registry with re-exports in toolchain/errors.go.

Applied to files:

• docs/fixes/terraform-output-issues.md

🧬 Code graph analysis (6)

internal/exec/terraform_output_utils_test.go (1)

pkg/schema/schema.go (2)

• AuthContext (663-673)
• AWSAuthContext (677-692)

internal/exec/template_funcs_component_test.go (1)

errors/errors.go (2)

• ErrInvalidComponent (271-271)
• ErrDescribeComponent (105-105)

pkg/terraform/output/executor_test.go (1)

errors/errors.go (3)

• ErrInvalidComponent (271-271)
• ErrTerraformStateNotProvisioned (111-111)
• ErrDescribeComponent (105-105)

internal/exec/yaml_func_utils.go (1)

pkg/logger/log.go (1)

• Debug (24-26)

pkg/terraform/output/executor.go (1)

errors/errors.go (2)

• ErrInvalidComponent (271-271)
• ErrDescribeComponent (105-105)

internal/exec/template_funcs_component.go (1)

errors/errors.go (2)

• ErrInvalidComponent (271-271)
• ErrDescribeComponent (105-105)

🪛 LanguageTool

docs/fixes/terraform-output-issues.md

[typographical] ~85-~85: To join two clauses or introduce examples, consider using an em dash.
Context: .../terraform/output/executor.go| ✅ Fixed - addedwrapDescribeError()| |!terraf...

(DASH_RULE)

---

[typographical] ~86-~86: To join two clauses or introduce examples, consider using an em dash.
Context: ...form_state_utils.go| ✅ Already correct - uses%vinstead of%w| |atmos.Com...

(DASH_RULE)

---

[typographical] ~87-~87: To join two clauses or introduce examples, consider using an em dash.
Context: ...c/template_funcs_component.go| ✅ Fixed - addedwrapComponentFuncError()` | ####...

(DASH_RULE)

---

[grammar] ~165-~165: Please add a punctuation mark at the end of paragraph.
Context: ...compatible) - Errors properly propagate up The issue was that the **component typ...

(PUNCTUATION_PARAGRAPH_END)

---

[grammar] ~175-~175: Ensure spelling is correct
Context: ...dposse/atmos/issues/1921 Reporter: leoagueci Status: Complete ### Problem Statemen...

(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)

---

[style] ~200-~200: Since ownership is already implied, this phrasing may be redundant.
Context: ...omponent. When a nested component has its own auth configuration with a default: tru...

(PRP_OWN)

---

[style] ~248-~248: Since ownership is already implied, this phrasing may be redundant.
Context: ...apper, so the nested component will use its own default identity configuration. This is...

(PRP_OWN)

🪛 markdownlint-cli2 (0.18.1)

docs/fixes/terraform-output-issues.md

7-7: Bare URL used

(MD034, no-bare-urls)

---

60-60: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

173-173: Bare URL used

(MD034, no-bare-urls)

---

183-183: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

216-216: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

273-273: Bare URL used

(MD034, no-bare-urls)

⏰ Context from checks skipped due to timeout of 900000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Summary

🔇 Additional comments (17)

internal/exec/terraform_output_utils.go (1)

75-83: Solid fix for the GetChain panic.

Returning an empty slice instead of panicking solves the Issue #1921 crash when resolveAuthManagerForNestedComponent inherits identity. The comments clearly explain that an empty chain signals no inherited identity, allowing components to use their defaults.

internal/exec/yaml_func_utils.go (1)

77-81: Good addition for observability.

Debug logging when YAML function processing fails provides useful context (value, stack, error) without changing the error handling flow. Helpful for troubleshooting template function issues.

internal/exec/terraform_output_utils_test.go (2)

74-96: Excellent regression test coverage.

TestAuthContextWrapper_GetChain_NoLongerPanics directly addresses Issue #1921 and documents the fix well. The test clearly validates that GetChain returns an empty slice instead of panicking.

---

139-143: Good update to reflect the behavioral change.

Correctly updated the test to verify GetChain returns an empty slice rather than panicking, with a clear comment explaining the fix.

internal/exec/template_funcs_component.go (3)

21-32: Well-designed error wrapper to break the fallback chain.

Using err.Error() instead of %w for the inner error intentionally breaks the ErrInvalidComponent chain, preventing detectComponentType from attempting fallback when a referenced component is missing. The comments clearly explain this critical behavior.

---

77-77: Correct usage of the wrapper.

Properly wraps the DescribeComponent error to break the ErrInvalidComponent chain.

---

99-99: Good error context for terraform output failures.

Clear error message identifies the component, stack, and operation that failed.

pkg/terraform/output/executor.go (3)

37-51: Well-documented error wrapper for DescribeComponent failures.

The wrapper correctly breaks the ErrInvalidComponent chain to prevent component type fallback. Comments clearly explain the !terraform.output use case and why the original error message is preserved using err.Error().

---

269-269: Proper error wrapping on DescribeComponent failure.

Correctly uses wrapDescribeError to break the error chain and provide clear context.

---

343-343: Consistent error handling in fetchAndCacheOutputs.

Properly wraps the DescribeComponent error, matching the pattern in GetOutput.

internal/exec/template_funcs_component_test.go (2)

3-18: Imports organized correctly.

The import organization follows the coding guidelines with proper grouping and the standard errUtils alias.

---

96-156: Solid regression test for error chain breaking.

The test comprehensively validates that wrapComponentFuncError correctly breaks the ErrInvalidComponent chain to prevent component type fallback. The use of assert.NotErrorIs on line 146 is the critical assertion ensuring the chain is broken.

pkg/terraform/output/executor_test.go (1)

660-728: Comprehensive test validates selective error chain breaking.

This test correctly verifies that wrapDescribeError only breaks ErrInvalidComponent chains while preserving other error chains like ErrTerraformStateNotProvisioned. The additional test scenario (lines 694-699) demonstrates the fix is surgical and doesn't break legitimate error propagation.

docs/fixes/terraform-output-issues.md (2)

5-169: Excellent documentation of the error chain issue.

The root cause analysis (lines 38-68) clearly explains how ErrInvalidComponent contamination triggered incorrect component type fallback. The error chain diagram (lines 60-68) effectively illustrates the problem. The solution design correctly identifies all affected functions and notes that !terraform.state already used the correct pattern.

---

171-267: Clear explanation of the authentication panic fix.

The call chain diagram (lines 216-230) effectively shows how nested component processing triggers GetChain() on the wrapper. The solution correctly identifies that returning an empty slice is the right behavior for a wrapper that doesn't track authentication chains.

internal/exec/template_env_function_test.go (2)

12-81: Solid test for env template function with proper setup.

The test correctly uses t.Setenv for environment variable management (lines 25-26) following coding guidelines. The comprehensive function comment clearly explains the Sprig env function behavior and its integration with the template system.

---

83-155: Documents env function behavior for user education.

This test effectively documents that unset environment variables return empty strings, which is expected os.Getenv() behavior. The comprehensive comment (lines 86-99) clarifies this is intentional, not a bug, helping users understand they must set required environment variables before running Atmos.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI Agents

In @website/blog/2025-12-15-base-path-behavior-change.md:
- Line 50: Two fenced code blocks in the markdown (the blocks at the snippets
around "The atmos.yaml CLI config file specifies..." and "atmos exited with code
1") are missing a language identifier; update each opening fence from ``` to
```text so they comply with MD040 (e.g., change the two occurrences of ``` to
```text for those code blocks) and keep the closing fences as ``` unchanged.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between ddffb19 and cfeb4ee.

📒 Files selected for processing (1)

• website/blog/2025-12-15-base-path-behavior-change.md

🧰 Additional context used

📓 Path-based instructions (1)

website/**

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

website/**: Update website documentation in the website/ directory when adding new features, ensure consistency between CLI help text and website documentation, and follow the website's documentation structure and style
Keep website code in the website/ directory, follow the existing website architecture and style, and test website changes locally before committing
Keep CLI documentation and website documentation in sync and document new features on the website with examples and use cases

Files:

• website/blog/2025-12-15-base-path-behavior-change.md

🧠 Learnings (6)

📓 Common learnings

Learnt from: Listener430
Repo: cloudposse/atmos PR: 934
File: tests/fixtures/scenarios/docs-generate/README.md.gotmpl:99-118
Timestamp: 2025-01-25T03:51:57.689Z
Learning: For the cloudposse/atmos repository, changes to template contents should be handled in dedicated PRs and are typically considered out of scope for PRs focused on other objectives.

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: docs/prd/tool-dependencies-integration.md:58-64
Timestamp: 2025-12-13T06:07:37.766Z
Learning: cloudposse/atmos: For PRD docs (docs/prd/*.md), markdownlint issues like MD040/MD010/MD034 can be handled in a separate documentation cleanup commit and should not block the current PR.

Learnt from: Benbentwo
Repo: cloudposse/atmos PR: 1475
File: internal/exec/terraform.go:269-272
Timestamp: 2025-10-03T18:02:08.535Z
Learning: In internal/exec/terraform.go, when auth.TerraformPreHook fails, the error is logged but execution continues. This is a deliberate design choice to allow Terraform commands to proceed even if authentication setup fails, rather than failing fast.

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1540
File: internal/exec/validate_component.go:117-118
Timestamp: 2025-09-29T02:20:11.636Z
Learning: The ValidateComponent function in internal/exec/validate_component.go had its componentSection parameter type refined from `any` to `map[string]any` without adding new parameters. This is a type safety improvement, not a signature change requiring call site updates.

📚 Learning: 2024-11-22T12:38:33.132Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 768
File: internal/exec/vendor_utils.go:496-513
Timestamp: 2024-11-22T12:38:33.132Z
Learning: In the Atmos project, continue to flag path traversal issues in code reviews but acknowledge when they are expected and acceptable in specific cases.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2024-10-23T22:11:41.077Z

Learnt from: haitham911
Repo: cloudposse/atmos PR: 727
File: internal/exec/path_utils.go:145-146
Timestamp: 2024-10-23T22:11:41.077Z
Learning: In the `atmos` project, the preference is to print relative paths in log messages instead of full paths.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2025-09-13T16:39:20.007Z

Learnt from: samtholiya
Repo: cloudposse/atmos PR: 1466
File: cmd/markdown/atmos_toolchain_aliases.md:2-4
Timestamp: 2025-09-13T16:39:20.007Z
Learning: In the cloudposse/atmos repository, CLI documentation files in cmd/markdown/ follow a specific format that uses " $ atmos command" (with leading space and dollar sign prompt) in code blocks. This is the established project convention and should not be changed to comply with standard markdownlint rules MD040 and MD014.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2025-12-13T06:07:37.766Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: docs/prd/tool-dependencies-integration.md:58-64
Timestamp: 2025-12-13T06:07:37.766Z
Learning: cloudposse/atmos: For PRD docs (docs/prd/*.md), markdownlint issues like MD040/MD010/MD034 can be handled in a separate documentation cleanup commit and should not block the current PR.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2025-12-04T02:40:45.489Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1588
File: website/blog/2025-10-18-auth-tutorials-geodesic-leapp.md:21-21
Timestamp: 2025-12-04T02:40:45.489Z
Learning: In Docusaurus documentation for the cloudposse/atmos repository, page routing uses the `id` field from frontmatter, not the filename. For example, `auth-login.mdx` with `id: login` is accessible at `/cli/commands/auth/login`, not `/cli/commands/auth/auth-login`.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

🪛 LanguageTool

website/blog/2025-12-15-base-path-behavior-change.md

[typographical] ~12-~12: Consider using a typographic opening quote here.
Context: ... from the git root, must explicitly set base_path: ".". ## What Changed ...

(EN_QUOTES)

---

[typographical] ~36-~36: Consider using a typographic opening quote here.
Context: ...ivalent. An empty base_path now means "find the git repository root and use tha...

(EN_QUOTES)

---

[typographical] ~36-~36: Consider using a typographic close quote here.
Context: ...ind the git repository root and use that", while "." explicitly means "use the ...

(EN_QUOTES)

---

[typographical] ~36-~36: Consider using a typographic close quote here.
Context: ...it repository root and use that", while "." explicitly means "use the directory ...

(EN_QUOTES)

---

[typographical] ~36-~36: Consider using a typographic opening quote here.
Context: ...use that", while "." explicitly means "use the directory where atmos.yaml is ...

(EN_QUOTES)

---

[typographical] ~36-~36: Consider using a typographic close quote here.
Context: ... directory where atmos.yaml is located". ## Who Is Affected You may be affect...

(EN_QUOTES)

---

[typographical] ~100-~100: Consider using a typographic close quote here.
Context: ...-----------|-------------|----------| | "" (empty/unset) | Git repo root, fallba...

(EN_QUOTES)

---

[typographical] ~100-~100: To join two clauses or introduce examples, consider using an em dash.
Context: ...o root, fallback to config dir | Default - single project at repo root | | "." | ...

(DASH_RULE)

---

[typographical] ~101-~101: Consider using a typographic close quote here.
Context: ...fault - single project at repo root | | "." | Directory containing atmos.yaml ...

(EN_QUOTES)

---

[typographical] ~102-~102: Consider using a typographic close quote here.
Context: ...l| Explicit config-relative paths | |".."` | Parent of config directory | Conf...

(EN_QUOTES)

---

[typographical] ~103-~103: Consider using a typographic close quote here.
Context: ... directory | Config in subdirectory | | "./foo" | config-dir/foo | Explicit rela...

(EN_QUOTES)

---

[typographical] ~104-~104: Consider using a typographic close quote here.
Context: ...ig-dir/foo | Explicit relative path | | "foo" | git-root/foo with fallback | Sim...

(EN_QUOTES)

---

[typographical] ~105-~105: Consider using a typographic close quote here.
Context: ...ith fallback | Simple relative path | | "/absolute/path" | As specified | Absolu...

(EN_QUOTES)

---

[typographical] ~115-~115: Consider using a typographic opening quote here.
Context: ...-standard project layouts, the explicit base_path: "." provides the previous behavior. ## ...

(EN_QUOTES)

🪛 markdownlint-cli2 (0.18.1)

website/blog/2025-12-15-base-path-behavior-change.md

50-50: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

57-57: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

⏰ Context from checks skipped due to timeout of 900000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: Acceptance Tests (windows)
• GitHub Check: Acceptance Tests (linux)
• GitHub Check: Summary

🔇 Additional comments (1)

website/blog/2025-12-15-base-path-behavior-change.md (1)

1-10: Documentation structure is clear and well-organized.

The front matter is correct, the breaking change is clearly explained with before/after examples, and the remediation guidance covers common scenarios effectively. The path resolution semantics table provides quick reference value.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

website/blog/2025-12-15-base-path-behavior-change.md (1)

12-12: Optional: Consider smart quotes for enhanced typography.

Static analysis flagged several locations using straight quotes (") where typographic (curly) quotes might enhance readability in a blog post context. Examples include line 12, 36, and throughout the table at lines 98–105. This is a style preference and not required, but if your project adopts smart quotes for blog content, you'd update:

- must explicitly set `base_path: "."`.
+ must explicitly set `base_path: "."`.

This is entirely optional and deferred to your style preferences.

Also applies to: 36-36, 100-100, 101-101, 102-102, 103-103, 104-104, 105-105, 115-115

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between cfeb4ee and 47f3bbf.

📒 Files selected for processing (1)

• website/blog/2025-12-15-base-path-behavior-change.md

🧰 Additional context used

📓 Path-based instructions (1)

website/**

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

website/**: Update website documentation in the website/ directory when adding new features, ensure consistency between CLI help text and website documentation, and follow the website's documentation structure and style
Keep website code in the website/ directory, follow the existing website architecture and style, and test website changes locally before committing
Keep CLI documentation and website documentation in sync and document new features on the website with examples and use cases

Files:

• website/blog/2025-12-15-base-path-behavior-change.md

🧠 Learnings (12)

📓 Common learnings

Learnt from: Benbentwo
Repo: cloudposse/atmos PR: 1475
File: internal/exec/terraform.go:269-272
Timestamp: 2025-10-03T18:02:08.535Z
Learning: In internal/exec/terraform.go, when auth.TerraformPreHook fails, the error is logged but execution continues. This is a deliberate design choice to allow Terraform commands to proceed even if authentication setup fails, rather than failing fast.

Learnt from: aknysh
Repo: cloudposse/atmos PR: 1540
File: internal/exec/validate_component.go:117-118
Timestamp: 2025-09-29T02:20:11.636Z
Learning: The ValidateComponent function in internal/exec/validate_component.go had its componentSection parameter type refined from `any` to `map[string]any` without adding new parameters. This is a type safety improvement, not a signature change requiring call site updates.

📚 Learning: 2024-11-22T12:38:33.132Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 768
File: internal/exec/vendor_utils.go:496-513
Timestamp: 2024-11-22T12:38:33.132Z
Learning: In the Atmos project, continue to flag path traversal issues in code reviews but acknowledge when they are expected and acceptable in specific cases.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2024-10-23T22:11:41.077Z

Learnt from: haitham911
Repo: cloudposse/atmos PR: 727
File: internal/exec/path_utils.go:145-146
Timestamp: 2024-10-23T22:11:41.077Z
Learning: In the `atmos` project, the preference is to print relative paths in log messages instead of full paths.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2025-09-13T16:39:20.007Z

Learnt from: samtholiya
Repo: cloudposse/atmos PR: 1466
File: cmd/markdown/atmos_toolchain_aliases.md:2-4
Timestamp: 2025-09-13T16:39:20.007Z
Learning: In the cloudposse/atmos repository, CLI documentation files in cmd/markdown/ follow a specific format that uses " $ atmos command" (with leading space and dollar sign prompt) in code blocks. This is the established project convention and should not be changed to comply with standard markdownlint rules MD040 and MD014.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2025-12-13T06:07:37.766Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1686
File: docs/prd/tool-dependencies-integration.md:58-64
Timestamp: 2025-12-13T06:07:37.766Z
Learning: cloudposse/atmos: For PRD docs (docs/prd/*.md), markdownlint issues like MD040/MD010/MD034 can be handled in a separate documentation cleanup commit and should not block the current PR.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2025-02-18T13:13:11.497Z

Learnt from: samtholiya
Repo: cloudposse/atmos PR: 1068
File: tests/snapshots/TestCLICommands_atmos_terraform_help.stdout.golden:59-64
Timestamp: 2025-02-18T13:13:11.497Z
Learning: For Atmos CLI help text, angle brackets in command examples and flag descriptions should be escaped using HTML entities (e.g., `<component>`) rather than converted to backticks or other markdown formatting.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2025-03-18T12:26:25.329Z

Learnt from: Listener430
Repo: cloudposse/atmos PR: 1149
File: tests/snapshots/TestCLICommands_atmos_vendor_pull_ssh.stderr.golden:7-7
Timestamp: 2025-03-18T12:26:25.329Z
Learning: In the Atmos project, typos or inconsistencies in test snapshot files (such as "terrafrom" instead of "terraform") may be intentional as they capture the exact output of commands and should not be flagged as issues requiring correction.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2024-12-02T21:26:32.337Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 808
File: pkg/config/config.go:478-483
Timestamp: 2024-12-02T21:26:32.337Z
Learning: In the 'atmos' project, when reviewing Go code like `pkg/config/config.go`, avoid suggesting file size checks after downloading remote configs if such checks aren't implemented elsewhere in the codebase.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2024-12-12T15:17:45.245Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 808
File: examples/demo-atmos.d/atmos.d/tools/helmfile.yml:10-10
Timestamp: 2024-12-12T15:17:45.245Z
Learning: In `examples/demo-atmos.d/atmos.d/tools/helmfile.yml`, when suggesting changes to `kubeconfig_path`, ensure that the values use valid Go template syntax.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2025-09-24T22:20:39.209Z

Learnt from: osterman
Repo: cloudposse/atmos PR: 1505
File: website/docs/cli/commands/completion.mdx:124-127
Timestamp: 2025-09-24T22:20:39.209Z
Learning: In Docusaurus (specifically the cloudposse/atmos repository), backticks render correctly as code formatting even when used inside HTML elements like <dl>/<dt>/<dd> tags in MDX files. No need to replace with <code> tags.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2025-01-19T15:49:15.593Z

Learnt from: samtholiya
Repo: cloudposse/atmos PR: 955
File: tests/snapshots/TestCLICommands_atmos_validate_editorconfig_--help.stdout.golden:0-0
Timestamp: 2025-01-19T15:49:15.593Z
Learning: In future commits, the help text for Atmos CLI commands should be limited to only show component and stack parameters for commands that actually use them. This applies to the example usage section in command help text.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

📚 Learning: 2025-09-24T20:45:40.401Z

Learnt from: Benbentwo
Repo: cloudposse/atmos PR: 1475
File: tests/fixtures/scenarios/atmos-auth/stacks/deploy/nonprod.yaml:3-4
Timestamp: 2025-09-24T20:45:40.401Z
Learning: In Atmos stack files, the correct syntax for importing other stack files is `import:` (singular), not `imports:` (plural). All stack files in the Atmos codebase consistently use `import:` followed by a list of paths to import.

Applied to files:

• website/blog/2025-12-15-base-path-behavior-change.md

🪛 LanguageTool

website/blog/2025-12-15-base-path-behavior-change.md

[typographical] ~12-~12: Consider using a typographic opening quote here.
Context: ... from the git root, must explicitly set base_path: ".". ## What Changed ...

(EN_QUOTES)

---

[typographical] ~36-~36: Consider using a typographic opening quote here.
Context: ...ivalent. An empty base_path now means "find the git repository root and use tha...

(EN_QUOTES)

---

[typographical] ~36-~36: Consider using a typographic close quote here.
Context: ...ind the git repository root and use that", while "." explicitly means "use the ...

(EN_QUOTES)

---

[typographical] ~36-~36: Consider using a typographic close quote here.
Context: ...it repository root and use that", while "." explicitly means "use the directory ...

(EN_QUOTES)

---

[typographical] ~36-~36: Consider using a typographic opening quote here.
Context: ...use that", while "." explicitly means "use the directory where atmos.yaml is ...

(EN_QUOTES)

---

[typographical] ~36-~36: Consider using a typographic close quote here.
Context: ... directory where atmos.yaml is located". ## Who Is Affected You may be affect...

(EN_QUOTES)

---

[typographical] ~100-~100: Consider using a typographic close quote here.
Context: ...-----------|-------------|----------| | "" (empty/unset) | Git repo root, fallba...

(EN_QUOTES)

---

[typographical] ~100-~100: To join two clauses or introduce examples, consider using an em dash.
Context: ...o root, fallback to config dir | Default - single project at repo root | | "." | ...

(DASH_RULE)

---

[typographical] ~101-~101: Consider using a typographic close quote here.
Context: ...fault - single project at repo root | | "." | Directory containing atmos.yaml ...

(EN_QUOTES)

---

[typographical] ~102-~102: Consider using a typographic close quote here.
Context: ...l| Explicit config-relative paths | |".."` | Parent of config directory | Conf...

(EN_QUOTES)

---

[typographical] ~103-~103: Consider using a typographic close quote here.
Context: ... directory | Config in subdirectory | | "./foo" | config-dir/foo | Explicit rela...

(EN_QUOTES)

---

[typographical] ~104-~104: Consider using a typographic close quote here.
Context: ...ig-dir/foo | Explicit relative path | | "foo" | git-root/foo with fallback | Sim...

(EN_QUOTES)

---

[typographical] ~105-~105: Consider using a typographic close quote here.
Context: ...ith fallback | Simple relative path | | "/absolute/path" | As specified | Absolu...

(EN_QUOTES)

---

[typographical] ~115-~115: Consider using a typographic opening quote here.
Context: ...-standard project layouts, the explicit base_path: "." provides the previous behavior. ## ...

(EN_QUOTES)

⏰ Context from checks skipped due to timeout of 900000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Acceptance Tests (macos)
• GitHub Check: Acceptance Tests (windows)
• GitHub Check: Acceptance Tests (linux)
• GitHub Check: Summary

🔇 Additional comments (2)

website/blog/2025-12-15-base-path-behavior-change.md (2)

50-53: Code blocks properly formatted with language identifiers.

The fenced code blocks now correctly specify text as the language identifier, resolving the previous markdownlint feedback (MD040). This ensures consistent formatting across the blog post.

Also applies to: 57-59

---

1-122: Clear, well-structured documentation of breaking change.

The blog post effectively communicates the base_path behavior change with:

• Concrete before/after examples showing the semantic shift
• Clear audience targeting (who is affected)
• Practical remediation paths with multiple options
• A helpful reference table for path resolution semantics

The structure follows good documentation patterns for breaking changes. The references section links to related PRs and issues, providing context for deeper investigation.

[github-actions]

These changes were released in v1.204.0-rc.2.