Fix: Preserve exit codes from shell commands and workflows

[osterman]

what

• Modified ShellRunner to capture and preserve exit codes from shell commands using interp.ExitStatus.
• Updated CheckErrorPrintAndExit to correctly handle errUtils.ExitCodeError, ensuring preserved exit codes are used for program termination.
• Adjusted workflow error handling to return original errors, thus preserving exit codes from workflow steps.
• Addressed a regression in internal/exec/terraform.go where exit code 2 from terraform plan -detailed-exitcode was not being preserved.
• Introduced comprehensive test cases for custom commands and workflow shell steps to validate exit code preservation.

why

• Fixing ShellRunner: Previously, ShellRunner using the mvdan.cc/sh interpreter would lose specific exit codes, often resulting in a generic exit code of 1 for failures. This change ensures that any non-zero exit code from a shell command is captured and propagated.
• Fixing CheckErrorPrintAndExit: The error handling function was not equipped to recognize or process the ExitCodeError type created by the ShellRunner fix. This update allows CheckErrorPrintAndExit to correctly identify and utilize the preserved exit code for program termination.
• Fixing Workflow Error Handling: Workflow execution was previously masking specific errors by wrapping them in a generic ErrWorkflowStepFailed. This change allows the original error, including its exit code, to be returned, providing more accurate failure reporting.
• Fixing Terraform Exit Code Regression: The refactoring for performance incorrectly handled terraform plan -detailed-exitcode when it returned exit code 2 (indicating changes were detected). This fix ensures that exit code 2 is preserved, allowing subsequent steps to correctly interpret the plan's status.
• Test Coverage: Added dedicated tests to ensure that custom commands and workflow shell steps consistently preserve their exit codes across various scenarios (0, 2, and other non-zero codes). This prevents regressions in exit code handling.

references

• closes #123 (Assuming this fixes an issue, replace Opt in or opt out analytics for how atmos is used #123 with the actual issue number)

Summary by CodeRabbit

• New Features

  • Added documentation for the authentication list command with usage, formats, flags, and examples.

• Bug Fixes

  • Preserve and propagate subcommand exit codes so workflows and commands return correct codes.
  • Improved error messages to display specific exit codes (e.g., "subcommand exited with code X") for clearer troubleshooting.

• Chores

  • Updated build configuration (disk-cleanup hook, build flags, widened platforms) and bumped internal dependencies.

• Tests

  • Added comprehensive tests and fixtures for exit-code handling, shell/workflow execution, and error rendering.

[coderabbitai]

📝 Walkthrough

Walkthrough

Preserves and propagates subprocess exit codes across the CLI: introduces typed exit-code propagation and an OsExit hook, updates shell/terraform/workflow error handling to return and honor real exit codes, centralizes exit plumbing through the errors package, and adds tests/fixtures validating exit-code behavior and messages.

Changes

Cohort / File(s)	Summary
Build / release config .goreleaser.yml	Expand before.hooks with a multi-line disk-freeing script; add builds.flags: -trimpath; add CGO_ENABLED=0, extended GOOS/GOARCH matrix, mod_timestamp, and annotated builds.ldflags.
Dependencies go.mod	Patch-bump multiple AWS SDK v2 modules and related transitive dependencies.
Error utilities & tests errors/error_funcs.go, errors/error_funcs_test.go	Add exported OsExit for test mocking; update exit logic to detect ExitCodeError via errors.As and exit with embedded code; add tests covering exit-code propagation and markdown rendering.
Centralized exit usage cmd/root.go, cmd/root_test.go, cmd/validate_schema.go, internal/exec/terraform_plan_diff.go, internal/exec/terraform_plan_diff_main_test.go, main_plan_diff_integration_test.go	Replace ad-hoc OsExit uses with errUtils.OsExit (errors package) and update tests to mock/restore the new hook.
Shell execution & tests pkg/utils/shell_utils.go, pkg/utils/shell_utils_test.go, internal/exec/shell_utils.go, internal/exec/shell_utils_test.go	Preserve subprocess exit codes by returning typed errUtils.ExitCodeError{Code: N} on non‑zero exits; switch to context.Background(); adjust returns and add comprehensive tests for exit-code wrapping, output capture, env, and parse errors.
Terraform exec & tests internal/exec/terraform.go, internal/exec/terraform_plan_diff_test.go, internal/exec/terraform_exitcode_test.go	Change detailedExitCodeFlag format, attempt workspace creation when workspace select returns code 1, and prioritize typed ExitCodeError for exit-code extraction; preserve exit code 2 for plan uploads; add tests for extraction and workspace handling.
Workflow execution & tests internal/exec/workflow_utils.go, cmd/workflow.go, internal/exec/workflow_test.go	Add IsKnownWorkflowError(err error) bool; preserve and wrap original errors from failing steps (ErrWorkflowStepFailed + original) so exit codes can be unwrapped and honored; adjust tests to expect updated error messages.
Exit-code fixtures & test expectations tests/fixtures/scenarios/exit-codes/*, tests/fixtures/.../workflows/workflows.yaml, tests/test-cases/exit-codes.yaml, tests/test-cases/workflows.yaml, tests/snapshots/*, tests/test-cases/complete.yaml	Add fixtures and test cases exercising commands/workflows that exit with codes 0, 2, 42; update snapshots and expectations to match "subcommand exited with code X" messaging and preserve real exit codes (e.g., 127 for command-not-found).
Documentation website/docs/cli/commands/auth/auth-list.mdx	Add documentation for atmos auth list (usage, flags, formats, examples).

Sequence Diagram(s)

sequenceDiagram
    participant User as CLI user
    participant CLI as atmos CLI
    participant Shell as Shell runner
    participant ErrPkg as errors package (OsExit)
    participant OS as OS process

    User->>CLI: invoke command (workflow/terraform/custom)
    CLI->>Shell: execute subprocess
    Shell->>OS: spawn process
    OS-->>Shell: exits with code N
    alt N == 0
        Shell-->>CLI: success (nil)
        CLI->>ErrPkg: normal flow (no exit)
    else N != 0
        Shell->>Shell: extract code, wrap as ExitCodeError{Code:N}
        Shell-->>CLI: return ExitCodeError
        CLI->>ErrPkg: CheckErrorPrintAndExit / IsKnownWorkflowError
        ErrPkg->>ErrPkg: errors.As -> extract Code N
        ErrPkg-->>OS: OsExit(N)
    end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• DEV-3110: Improve Workflow DX #1229 — related changes to workflow error handling and known-error classification (IsKnownWorkflowError / ExecuteWorkflow).
• fix exit code for each exec command #1065 — related work preserving subprocess exit codes and propagating them through the CLI.
• Improve logging and error handling #1358 — related centralization of error/exit handling and introduction of shared errors utilities.

Suggested labels

patch

Suggested reviewers

• osterman
• mcalhoun

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Linked Issues Check	⚠️ Warning	The linked issue #123 describes adding configurable analytics controls to atmos.yaml, including settings for components_enabled, auto_crash_log_send_enabled, and commands_enabled. The PR makes no changes toward implementing these analytics configuration objectives. Instead, the changeset focuses entirely on exit code preservation through error handling updates across ShellRunner, workflow execution, and exit paths, which is completely unrelated to the analytics configuration requirements. The PR objectives note that issue #123 is a placeholder reference, indicating a potential linking error that should be corrected.	Verify that issue #123 is the correct linked issue for this PR. If this PR is intended to address analytics configuration, implement the required atmos.yaml settings. If analytics configuration is not the objective, link the correct issue(s) or create a new issue for exit code preservation. The PR body comment that "#123 is a placeholder" suggests the linking may be incorrect and should be updated before merge.
Out of Scope Changes Check	⚠️ Warning	Evaluating against the PR's stated objective of preserving exit codes, most changes are reasonably in-scope: the core exit code preservation logic, error handling updates, and related test additions directly support this goal. However, several changes appear tangential: the .goreleaser.yml disk cleanup and build flag additions, AWS SDK v2 dependency bumps in go.mod, and the new documentation file (website/docs/cli/commands/auth/auth-list.mdx) are not directly necessary for exit code preservation. While mentioned as "ancillary" in the PR objectives, these updates lack clear justification for inclusion in an exit code preservation fix.	Consider separating ancillary changes into dedicated PRs or provide clear justification for their inclusion. Specifically, clarify whether the .goreleaser.yml changes are necessary for testing the exit code logic, provide a rationale for the AWS SDK v2 bumps, and confirm whether the auth-list documentation belongs in this fix. This keeps the exit code preservation PR focused and maintainable.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The PR title "Fix: Preserve exit codes from shell commands and workflows" directly and accurately summarizes the primary change across the codebase. The changeset focuses on modifying error handling throughout multiple layers (ShellRunner, workflow execution, error propagation) to capture and preserve specific exit codes rather than normalizing them to 1. The title is concise, clear, and specific enough that a developer reviewing history would immediately understand the main objective without ambiguity.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix-terraform-exit-code-2

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[aknysh]

@coderabbitai full review of all changed files in this PR

[coderabbitai]

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Get the list of changed files in PR #1660
gh pr view 1660 --json files --jq '.files[] | .path'

Length of output: 430

---

🏁 Script executed:

#!/bin/bash
# Get the diff for the PR to see what changed
gh pr diff 1660

Length of output: 65282

---

🏁 Script executed:

#!/bin/bash
# Get PR details to understand context
gh pr view 1660 --json title,body,additions,deletions

Length of output: 2281

---

🏁 Script executed:

#!/bin/bash
# Read the main source files to understand the implementation
echo "=== pkg/utils/shell_utils.go ==="
cat pkg/utils/shell_utils.go

echo -e "\n=== errors/error_funcs.go ==="
cat errors/error_funcs.go

echo -e "\n=== cmd/workflow.go ==="
cat cmd/workflow.go

echo -e "\n=== internal/exec/workflow_utils.go ==="
cat internal/exec/workflow_utils.go

echo -e "\n=== internal/exec/terraform.go ==="
cat internal/exec/terraform.go

Length of output: 40196

---

🏁 Script executed:

#!/bin/bash
# Check the ExitCodeError type definition
echo "=== Finding ExitCodeError definition ==="
rg -n "type ExitCodeError" --type=go

Length of output: 89

---

🏁 Script executed:

#!/bin/bash
# Check test files
echo "=== tests/test-cases/exit-codes.yaml ==="
cat tests/test-cases/exit-codes.yaml

echo -e "\n=== tests/fixtures/scenarios/exit-codes/atmos.yaml ==="
cat tests/fixtures/scenarios/exit-codes/atmos.yaml

echo -e "\n=== tests/fixtures/scenarios/exit-codes/stacks/workflows/workflows.yaml ==="
cat tests/fixtures/scenarios/exit-codes/stacks/workflows/workflows.yaml

Length of output: 3446

---

🏁 Script executed:

#!/bin/bash
# Check the ExitCodeError definition
echo "=== errors/errors.go ExitCodeError ==="
rg -A 10 "type ExitCodeError" errors/errors.go

Length of output: 183

---

🏁 Script executed:

#!/bin/bash
# Check updated test snapshots
echo "=== Checking snapshot updates ==="
cat tests/snapshots/TestCLICommands_atmos_circuit-breaker.stderr.golden | head -50

Length of output: 24401

---

🏁 Script executed:

#!/bin/bash
# Review the complete.yaml test case changes
echo "=== Complete test case changes ==="
cat tests/test-cases/complete.yaml | head -30

Length of output: 874

---

🏁 Script executed:

#!/bin/bash
# Check workflows.yaml test case changes
echo "=== Workflows test case changes ==="
cat tests/test-cases/workflows.yaml | grep -A 10 -B 5 "shell-command-not-found"

Length of output: 1587

---

@aknysh, I'll provide a comprehensive review of all changes in this PR.

📋 Overall Assessment

This is a well-structured PR that addresses a critical issue: preserving exit codes from shell commands and workflows. The implementation is thorough, properly tested, and includes necessary documentation updates.

🔍 Detailed File Review

1. pkg/utils/shell_utils.go ⭐ Core Fix

Changes:

• Modified ShellRunner to detect interp.ExitStatus and wrap it in ExitCodeError
• Preserves specific exit codes instead of converting all failures to exit code 1

Review:

err = runner.Run(context.TODO(), parser)
if err != nil {
    // Check if the error is an interp.ExitStatus and preserve the exit code.
    var exitErr interp.ExitStatus
    if errors.As(err, &exitErr) {
        return errUtils.ExitCodeError{Code: int(exitErr)}
    }
    return err
}

✅ Strengths:

• Uses errors.As for proper error unwrapping
• Maintains backward compatibility (non-exit errors still returned as-is)
• Clean separation of concerns

2. errors/error_funcs.go ⭐ Critical Integration

Changes:

• Added check for ExitCodeError before checking exec.ExitError
• Proper ordering ensures custom exit codes take precedence

Review:

// Check for ExitCodeError (from ShellRunner preserving interp.ExitStatus)
var exitCodeErr ExitCodeError
if errors.As(err, &exitCodeErr) {
    Exit(exitCodeErr.Code)
}

✅ Strengths:

• Correct precedence: ExitCodeError checked before exec.ExitError
• Clean integration with existing error handling
• Well-documented with inline comments

3. cmd/workflow.go ⭐ Workflow Integration

Changes:

• Added exit code preservation for workflow commands
• Falls back to exit code 1 if no ExitCodeError is found

Review:

if e.IsKnownWorkflowError(err) {
    var exitCodeErr errUtils.ExitCodeError
    if errors.As(err, &exitCodeErr) {
        errUtils.Exit(exitCodeErr.Code)
    }
    errUtils.Exit(1)
}

✅ Strengths:

• Proper error chain inspection
• Maintains existing error handling for known workflow errors
• Safe fallback to exit code 1

4. internal/exec/workflow_utils.go ⭐ Error Chain Preservation

Changes:

• Uses errors.Join to preserve both workflow context and exit code
• Changed from returning just ErrWorkflowStepFailed to joining with the original error

Review:

return errors.Join(ErrWorkflowStepFailed, err)

✅ Strengths:

• errors.Join preserves the entire error chain
• Both workflow context and exit code information maintained
• Enables proper error unwrapping with errors.As

⚠️ Minor Consideration:

• Removed unused import "github.com/pkg/errors" - good cleanup
• The new approach is better than the old github.com/pkg/errors wrapping

5. internal/exec/terraform.go ⭐ Terraform Exit Code Fix

Changes:

• Fixed regression where exit code 2 from terraform plan -detailed-exitcode was lost
• Distinguishes between exit code 0 (no changes) and exit code 2 (changes detected)

Review:

if exitCode == 0 {
    return nil
}
if exitCode == 2 {
    // Exit code 2 is success for terraform plan but we must preserve it
    return errUtils.ExitCodeError{Code: 2}
}

✅ Strengths:

• Correctly handles the semantic difference between 0 and 2
• Properly preserves exit code 2 for plan status uploads
• Well-commented to explain the behavior

Important Context:

• Terraform's -detailed-exitcode returns:
  • 0: No changes
  • 1: Error
  • 2: Changes detected (success, but changes present)
• This fix is critical for CI/CD pipelines that check plan status

6. tests/test-cases/exit-codes.yaml ⭐ Comprehensive Test Coverage

New file with 6 test cases:

1. Custom command exit code 2
2. Custom command exit code 42
3. Custom command exit code 0
4. Workflow shell step exit code 2
5. Workflow shell step exit code 42
6. Workflow shell step exit code 0

✅ Strengths:

• Tests both custom commands and workflow shell steps
• Covers success (0), special terraform case (2), and arbitrary codes (42)
• Clear descriptions and expectations

7. tests/test-cases/workflows.yaml ⭐ Updated Test

Changes:

• Updated shell-command-not-found test to expect exit code 127 instead of 1
• Added explanatory comment about POSIX standard

Review:

# Exit code 127 is the standard Unix/POSIX exit code for "command not found".
# This differs from exit code 1 (generic error) and provides more specific information.
# The workflow correctly preserves the shell's actual exit code rather than converting it to 1.
exit_code: 127

✅ Strengths:

• Validates that the fix correctly preserves standard POSIX exit codes
• Excellent documentation explaining the significance of exit code 127

8. tests/test-cases/complete.yaml

Changes:

• Updated error message from 'exit status 1' to 'subcommand exited with code 1'

✅ Consistent with the new ExitCodeError.Error() message format

9. tests/snapshots/ - Updated Golden Files

Changes:

• Updated snapshot to reflect new error message format

✅ Necessary for test consistency

10. .goreleaser.yml - Build Improvements

Changes:

• Added disk space cleanup for GitHub Actions
• Added -trimpath flag for reproducible builds
• Added -s -w flags documentation

✅ Good housekeeping:

• Prevents "no space left on device" errors in CI
• Improves build reproducibility
• Well-documented with inline comments

11. go.mod/go.sum - Dependency Updates

Changes:

• AWS SDK v2 minor version bumps

✅ Standard maintenance - minor version updates are safe

🎯 Key Strengths of This PR

1. Comprehensive Solution: Addresses the issue at every level (shell runner → error handling → workflows → terraform)
2. Excellent Test Coverage: Tests both custom commands and workflows with multiple exit codes
3. Backward Compatible: Existing behavior preserved, only adds new capability
4. Well-Documented: Inline comments explain the rationale
5. Proper Error Handling: Uses Go 1.20+ errors.Join and errors.As correctly

🔧 Potential Considerations

1. Error Message Format Change:

   • Old: "exit status 1"
   • New: "subcommand exited with code 1"
   • This is a user-facing change, but it's more descriptive and consistent

2. ExitCodeError Type Location:

   • Defined in errors/errors.go (verified via ripgrep)
   • Good placement for a custom error type

3. Testing Exit Code 127:

   • The update to expect 127 for "command not found" is correct
   • Validates that actual shell exit codes are preserved

✅ Recommendations

Minor Suggestions:

1. Consider documenting the ExitCodeError type:

// ExitCodeError preserves a specific exit code from a shell command.
// This allows proper exit code propagation through error chains.
type ExitCodeError struct {
    Code int
}

2. Verify error messages in production:
   • The new error format "subcommand exited with code X" is clear
   • Consider if any downstream tools parse these error messages

Test Coverage:

✅ Excellent - Tests cover:

• Custom commands (exit 0, 2, 42)
• Workflow shell steps (exit 0, 2, 42)
• Workflow error propagation (exit 127)
• Terraform plan exit code 2

🎉 Conclusion

This is a well-engineered solution to a critical issue. The implementation:

• ✅ Properly preserves exit codes through the entire chain
• ✅ Maintains backward compatibility
• ✅ Includes comprehensive test coverage
• ✅ Is well-documented
• ✅ Follows Go best practices (errors.As, errors.Join)

The PR is ready for merge with high confidence. The fix addresses the stated problem comprehensively and the test coverage ensures no regressions.

Excellent work! 🚀

✅ Actions performed

Full review triggered.

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

errors/error_funcs.go (1)

54-67: Fix doc comment and comment punctuation to satisfy linters and reflect behavior.

Function may exit with preserved non‑zero codes now; also end comments with periods (godot).

-// CheckErrorPrintAndExit prints an error message and exits with exit code 1.
+// CheckErrorPrintAndExit prints an error message and exits with the best available exit code.

-    // Check for ExitCodeError (from ShellRunner preserving interp.ExitStatus)
+    // Check for ExitCodeError (from ShellRunner preserving interp.ExitStatus).

🧹 Nitpick comments (1)

.goreleaser.yml (1)

19-25: Add go mod tidy to pre-build hooks to avoid surprise diffs and ensure sums are current.

Cleanup alone is fine, but releases often expect tidy state.

       sh -c 'if [ "$GITHUB_ACTIONS" = "true" ]; then
         echo "Freeing disk space..."
         df -h /
         sudo rm -rf /usr/local/lib/android /usr/share/dotnet /opt/ghc 2>/dev/null || true
         df -h /
       fi'
+    - go mod tidy

Confirm other CI steps don’t already tidy before goreleaser; if they do, feel free to skip this.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 48b3837 and 8024caa.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (13)

• .goreleaser.yml (2 hunks)
• cmd/workflow.go (2 hunks)
• errors/error_funcs.go (1 hunks)
• go.mod (2 hunks)
• internal/exec/terraform.go (1 hunks)
• internal/exec/workflow_utils.go (2 hunks)
• pkg/utils/shell_utils.go (2 hunks)
• tests/fixtures/scenarios/exit-codes/atmos.yaml (1 hunks)
• tests/fixtures/scenarios/exit-codes/stacks/workflows/workflows.yaml (1 hunks)
• tests/snapshots/TestCLICommands_atmos_circuit-breaker.stderr.golden (1 hunks)
• tests/test-cases/complete.yaml (1 hunks)
• tests/test-cases/exit-codes.yaml (1 hunks)
• tests/test-cases/workflows.yaml (1 hunks)

🧰 Additional context used

📓 Path-based instructions (7)

**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*.go: All code must pass golangci-lint checks
Follow Go error handling idioms and use meaningful error messages
Wrap errors with context using fmt.Errorf("context: %w", err)
Consider custom error types for domain-specific errors
Follow standard Go coding style; run gofmt and goimports
Use snake_case for environment variables
Document complex logic with inline comments

**/*.go: All Go comments must end with periods; applies to single-line, multi-line, inline, and documentation comments (golangci-lint godot).
Group imports into three sections (stdlib, 3rd-party, Atmos), separated by blank lines; sort alphabetically within each group; preserve existing aliases.
Configuration loading must use Viper with precedence CLI → ENV → files → defaults; bind config name atmos and add path, AutomaticEnv, and ATMOS prefix.
All errors must be wrapped using static errors (defined in errors/errors.go); use errors.Join for multiple errors; fmt.Errorf with %w for context; use errors.Is for checks; never compare error strings.
Distinguish structured logging from UI output: UI prompts/status/errors to stderr; data/results to stdout; never use logging for UI.
Most text UI must go to stderr; only data/results to stdout; prefer utils.PrintfMessageToTUI for UI messages.
All new configurations must support Go templating using existing utilities and available template functions.
Prefer SDKs over external binaries for cross-platform support; use filepath/os/runtime for portability.
For non-standard execution paths, capture telemetry via telemetry.CaptureCmd or telemetry.CaptureCmdString without user data.
80% minimum coverage on new/changed lines and include unit tests for new features; add integration tests for CLI using tests/ fixtures.
Always bind environment variables with viper.BindEnv and provide ATMOS_ alternatives for every env var.
Use structured logging with levels (Fatal>Error>Warn>Debug>Trace); avoid string interpolation and ensure logging does not affect execution.
Prefer re...

Files:

• internal/exec/terraform.go
• internal/exec/workflow_utils.go
• errors/error_funcs.go
• pkg/utils/shell_utils.go
• cmd/workflow.go

**/!(*_test).go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

Document all exported functions, types, and methods with Go doc comments

Add defer perf.Track() to all public functions and critical private functions; include a blank line after the call; use package-prefixed names; pass atmosConfig when present, else nil.

Files:

• internal/exec/terraform.go
• internal/exec/workflow_utils.go
• errors/error_funcs.go
• pkg/utils/shell_utils.go
• cmd/workflow.go

internal/exec/**/*.go

📄 CodeRabbit inference engine (CLAUDE.md)

Place command business logic in internal/exec/ (separate from cmd/ wiring).

Files:

• internal/exec/terraform.go
• internal/exec/workflow_utils.go

tests/{test-cases,testdata}/**

📄 CodeRabbit inference engine (CLAUDE.md)

Never modify files under tests/test-cases/ or tests/testdata/ without explicit instruction; these are golden snapshots.

Files:

• tests/test-cases/complete.yaml
• tests/test-cases/exit-codes.yaml
• tests/test-cases/workflows.yaml

pkg/**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

Place business logic in pkg rather than in cmd

Files:

• pkg/utils/shell_utils.go

cmd/**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

cmd/**/*.go: Use Cobra's recommended command structure with a root command and subcommands
Implement each CLI command in a separate file under cmd/
Use Viper for managing configuration, environment variables, and flags in the CLI
Keep separation of concerns between CLI interface (cmd) and business logic
Use kebab-case for command-line flags
Provide comprehensive help text for all commands and flags
Include examples in Cobra command help
Use Viper for configuration management; support files, env vars, and flags with precedence flags > env > config > defaults
Follow single responsibility; separate command interface from business logic
Provide meaningful user feedback and include progress indicators for long-running operations
Provide clear error messages to users and troubleshooting hints where appropriate

cmd/**/*.go: Use utils.PrintfMarkdown() to render embedded markdown content for CLI command help/examples.
One Cobra command per file in cmd/; keep files focused and small.

Files:

• cmd/workflow.go

go.{mod,sum}

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

go.{mod,sum}: Manage dependencies with Go modules
Keep dependencies up to date

Files:

• go.mod

🧠 Learnings (7)

📚 Learning: 2025-06-02T14:12:02.710Z

Learnt from: milldr
PR: cloudposse/atmos#1229
File: internal/exec/workflow_test.go:0-0
Timestamp: 2025-06-02T14:12:02.710Z
Learning: In the atmos codebase, workflow error handling was refactored to use `PrintErrorMarkdown` followed by returning specific error variables (like `ErrWorkflowNoSteps`, `ErrInvalidFromStep`, `ErrInvalidWorkflowStepType`, `ErrWorkflowStepFailed`) instead of `PrintErrorMarkdownAndExit`. This pattern allows proper error testing without the function terminating the process with `os.Exit`, enabling unit tests to assert on error conditions while maintaining excellent user-facing error formatting.

Applied to files:

• tests/test-cases/exit-codes.yaml
• internal/exec/workflow_utils.go
• errors/error_funcs.go
• cmd/workflow.go

📚 Learning: 2025-02-03T06:00:11.419Z

Learnt from: samtholiya
PR: cloudposse/atmos#959
File: cmd/describe_config.go:20-20
Timestamp: 2025-02-03T06:00:11.419Z
Learning: Commands should use `PrintErrorMarkdownAndExit` with empty title and suggestion (`"", err, ""`) for general error handling. Specific titles like "Invalid Usage" or "File Not Found" should only be used for validation or specific error scenarios.

Applied to files:

• errors/error_funcs.go

📚 Learning: 2025-09-13T18:06:07.674Z

Learnt from: samtholiya
PR: cloudposse/atmos#1466
File: toolchain/list.go:39-42
Timestamp: 2025-09-13T18:06:07.674Z
Learning: In the cloudposse/atmos repository, for UI messages in the toolchain package, use utils.PrintfMessageToTUI instead of log.Error or fmt.Fprintln(os.Stderr, ...). Import pkg/utils with alias "u" to follow the established pattern.

Applied to files:

• pkg/utils/shell_utils.go

📚 Learning: 2025-06-02T14:12:02.710Z

Learnt from: milldr
PR: cloudposse/atmos#1229
File: internal/exec/workflow_test.go:0-0
Timestamp: 2025-06-02T14:12:02.710Z
Learning: In the atmos codebase, workflow error handling was refactored to use `PrintErrorMarkdown` followed by returning the error instead of `PrintErrorMarkdownAndExit`. This pattern allows proper error testing without the function terminating the process with `os.Exit`, enabling unit tests to assert on error conditions.

Applied to files:

• cmd/workflow.go

📚 Learning: 2025-09-23T02:30:42.362Z

Learnt from: CR
PR: cloudposse/atmos#0
File: .cursor/rules/atmos-rules.mdc:0-0
Timestamp: 2025-09-23T02:30:42.362Z
Learning: Applies to cmd/**/*.go : Use Cobra's recommended command structure with a root command and subcommands

Applied to files:

• cmd/workflow.go

📚 Learning: 2025-09-23T02:30:42.362Z

Learnt from: CR
PR: cloudposse/atmos#0
File: .cursor/rules/atmos-rules.mdc:0-0
Timestamp: 2025-09-23T02:30:42.362Z
Learning: Applies to cmd/**/*.go : Provide clear error messages to users and troubleshooting hints where appropriate

Applied to files:

• cmd/workflow.go

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to **/*.go : Ensure Atmos remains portable across Linux, macOS, and Windows; use filepath.Join, os.PathSeparator, and build constraints when necessary.

Applied to files:

• .goreleaser.yml

🧬 Code graph analysis (4)

internal/exec/terraform.go (1)

errors/errors.go (1)

• ExitCodeError (379-381)

errors/error_funcs.go (1)

errors/errors.go (1)

• ExitCodeError (379-381)

pkg/utils/shell_utils.go (1)

errors/errors.go (1)

• ExitCodeError (379-381)

cmd/workflow.go (2)

errors/errors.go (1)

• ExitCodeError (379-381)

errors/error_funcs.go (1)

• Exit (81-83)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: Build (macos-latest, macos)
• GitHub Check: Build (windows-latest, windows)
• GitHub Check: Build (ubuntu-latest, linux)
• GitHub Check: Run pre-commit hooks
• GitHub Check: Analyze (go)
• GitHub Check: Lint (golangci)
• GitHub Check: Summary

🔇 Additional comments (17)

pkg/utils/shell_utils.go (2)

18-18: Import alias addition looks good.

---

103-103: Doc comment update acknowledged. LGTM.

internal/exec/workflow_utils.go (2)

5-5: Importing errors for errors.Join is appropriate. LGTM.

---

207-209: Good: preserve sentinel and cause with errors.Join.

This keeps ErrWorkflowStepFailed for errors.Is while retaining the original error/exit code for errors.As. Nicely aligned with exit-code propagation.

Optionally add/extend a test that:

• asserts errors.Is(err, ErrWorkflowStepFailed) is true, and
• extracts ExitCodeError via errors.As when the step fails with a non-zero shell exit. Based on learnings.

.goreleaser.yml (1)

50-54: Trimpath addition is a solid reproducibility win. LGTM.

go.mod (3)

147-156: No alignment concerns detected—aws-sdk-go-v2 dependencies are correctly resolved.

The dependency tree shows all aws-sdk-go-v2 packages properly resolved and indirect dependencies correctly marked. Varying minor versions across different subpackages is expected behavior; Go's version selection algorithm accommodates this according to semantic versioning. The state is consistent with a successful go mod tidy operation.

---

3-3: <!-- [scratchpad_start]
[task verification_go_directive_complete]
Observations from web search:

• Source 3 (GitHub issue): "using a patch version is more correct!" and "using patch version is actually there more correct usage now. There is no release in go without a patch version anymore!"
• Source 4 (Alex Bozhenko article, Dec 2024): "The version must be a valid Go version, such as 1.20, 1.22.0, or 1.24rc1" and "to indicate that your module needs a released version, you must include the patch release, e.g. go 1.23.0" and "Confirmed by Go team member"
• Source 5 (GitHub issue #62584): "before go 1.21 it was not allowed to specify the patch version in the go.mod" but NOW (Go 1.21+) it IS allowed
• Script output: go.mod line 3 shows "go 1.24.8" which is a valid three-part version
  Analysis: The original review comment is INCORRECT. The go directive DOES support patch versions in Go 1.21+. The format "go 1.24.8" is valid, not invalid. Modern Go tooling (since 1.21) fully supports patch versions in the go directive. This contradicts the review comment's assertion.
  Done: The review comment needs to be marked as .
  [scratchpad_start] -->

The review comment is incorrect.

The go directive accepts valid Go versions such as 1.20, 1.22.0, or 1.24rc1. Before Go 1.21, patch versions were not allowed in the go.mod file, but using a patch version is correct usage now, and there is no release in Go without a patch version anymore, so using 1.24.8 is correct while using just 1.24 would be incomplete.

The go 1.24.8 directive in your code is valid and properly formatted.

Likely an incorrect or invalid review comment.

---

19-27: AWS SDK v2 bumps verified—no transitive conflicts.

Build and tidy completed successfully with all dependencies resolving correctly. The AWS SDK v2 version bumps are consistent and integrate cleanly.

tests/test-cases/complete.yaml (1)

16-16: Test expectation updated appropriately.

The error message now reflects the preserved exit code messaging pattern. This aligns with the exit code preservation changes throughout the codebase.

tests/fixtures/scenarios/exit-codes/stacks/workflows/workflows.yaml (1)

1-21: Clean test fixtures for exit code validation.

The workflow definitions are straightforward and focused—each tests a specific exit code scenario. This complements the comprehensive test coverage added in the test-cases.

cmd/workflow.go (2)

4-5: Good addition for exit code type checking.

Adding the standard library errors import enables proper use of errors.As() for unwrapping ExitCodeError.

---

46-51: Exit code preservation logic looks solid.

The implementation correctly unwraps ExitCodeError and preserves the specific exit code. The fallback to exit code 1 for other known workflow errors maintains backward compatibility.

tests/test-cases/workflows.yaml (1)

55-58: Excellent improvement to test accuracy.

Using exit code 127 for "command not found" is more precise than the generic exit code 1. The inline comments clearly document the reasoning.

tests/fixtures/scenarios/exit-codes/atmos.yaml (1)

1-33: Comprehensive fixture for exit code testing.

The custom commands and configuration provide a solid foundation for validating exit code preservation across different scenarios. The structure is clean and focused.

internal/exec/terraform.go (1)

584-591: Critical fix for terraform plan exit code preservation.

The change correctly preserves exit code 2 from terraform plan -detailed-exitcode (indicating changes detected) while still treating the upload as successful. This restores important signal for downstream tooling that relies on the specific exit code.

tests/test-cases/exit-codes.yaml (1)

1-84: Thorough test coverage for exit code preservation.

The test suite validates exit code handling across both custom commands and workflow shell steps, covering success (0), terraform-specific (2), and arbitrary (42) exit codes. This provides solid validation of the exit code preservation feature.

tests/snapshots/TestCLICommands_atmos_circuit-breaker.stderr.golden (1)

12-66: Snapshot updated to reflect new error messaging.

The consistent replacement of "exit status 1" with "subcommand exited with code 1" throughout the snapshot aligns with the exit code preservation error handling introduced in this PR.

[codecov]

Codecov Report

❌ Patch coverage is 64.78873% with 25 lines in your changes missing coverage. Please review.
✅ Project coverage is 66.08%. Comparing base (8ef47df) to head (dec7a87).
⚠️ Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
internal/exec/terraform.go	31.57%	12 Missing and 1 partial ⚠️
cmd/workflow.go	0.00%	5 Missing ⚠️
internal/exec/workflow_utils.go	70.00%	2 Missing and 1 partial ⚠️
cmd/validate_schema.go	0.00%	2 Missing ⚠️
cmd/root.go	50.00%	1 Missing ⚠️
pkg/utils/shell_utils.go	90.90%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1660      +/-   ##
==========================================
+ Coverage   65.99%   66.08%   +0.09%     
==========================================
  Files         343      343              
  Lines       38686    38736      +50     
==========================================
+ Hits        25532    25600      +68     
+ Misses      11159    11148      -11     
+ Partials     1995     1988       -7     

Flag	Coverage Δ
unittests	66.08% <64.78%> (+0.09%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
errors/error_funcs.go	74.46% <100.00%> (+9.35%)	⬆️
internal/exec/shell_utils.go	38.28% <100.00%> (+12.80%)	⬆️
internal/exec/terraform_plan_diff.go	79.82% <100.00%> (ø)
cmd/root.go	46.76% <50.00%> (ø)
pkg/utils/shell_utils.go	82.43% <90.90%> (+10.55%)	⬆️
cmd/validate_schema.go	40.00% <0.00%> (ø)
internal/exec/workflow_utils.go	73.79% <70.00%> (-0.27%)	⬇️
cmd/workflow.go	43.24% <0.00%> (-5.25%)	⬇️
internal/exec/terraform.go	58.04% <31.57%> (-0.94%)	⬇️

... and 3 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

pkg/utils/shell_utils.go (1)

90-102: Good: preserve exit code and diagnostics.

Using errors.Join with ExitCodeError and switching to context.Background is the right call. Downstream can errors.As for ExitCodeError while keeping the interpreter message.

🧹 Nitpick comments (6)

pkg/utils/shell_utils.go (1)

105-131: Clamp negative ATMOS_SHLVL and add bounds tests.

If ATMOS_SHLVL is negative, we should normalize to 0 to avoid weird recursion semantics. Also consider a small table test for max-depth and negative values.

Apply:

 func GetNextShellLevel() (int, error) {
   defer perf.Track(nil, "utils.GetNextShellLevel")()

   // Create a new viper instance for this operation
   v := viper.New()
   if err := v.BindEnv("atmos_shell_level", "ATMOS_SHLVL"); err != nil {
     return 0, fmt.Errorf("%w: %v", ErrBindingShellLevelEnv, err)
   }

   shellVal := 0
   atmosShellLvl := v.GetString("atmos_shell_level")
   if atmosShellLvl != "" {
     val, err := strconv.Atoi(atmosShellLvl)
     if err != nil {
       return 0, fmt.Errorf("%w: %s", ErrConvertingShellLevel, err)
     }
     shellVal = val
   }
+  // Normalize negatives to 0 to keep SHLVL semantics sane.
+  if shellVal < 0 {
+    shellVal = 0
+  }

   shellVal++

   if shellVal > MaxShellDepth {
     return 0, fmt.Errorf("%w current=%d, max=%d", ErrMaxShellDepthExceeded, shellVal, MaxShellDepth)
   }
   return shellVal, nil
 }

As per coding guidelines.

pkg/utils/shell_utils_test.go (3)

65-86: Also assert stdout for the happy path.

Verify we captured output for the echo case to protect regression on StdIO wiring.

Apply:

- tests := []struct {
+ tests := []struct {
   name        string
   command     string
   expectError bool
   expectCode  int
+  expectOut   string
 }{
   {
     name:        "successful command",
     command:     "echo 'test'",
     expectError: false,
-    expectCode:  0,
+    expectCode:  0,
+    expectOut:   "test\n",
   },
   {
     name:        "command with exit code 0",
     command:     "exit 0",
     expectError: false,
     expectCode:  0,
   },
   ...
 }
 
 ...
   } else {
     assert.NoError(t, err, "Command should succeed: %s", tt.command)
+    if tt.expectOut != "" {
+      assert.Equal(t, tt.expectOut, buf.String(), "stdout should match for: %s", tt.name)
+    }
   }

---

88-104: Avoid brittle string assertions on error text.

Rely on errors.As for ExitCodeError; error strings can change (Go/join formatting, interpreter messages).

Apply:

- // Verify the error message contains diagnostic context from the interpreter.
- // The errors.Join() should preserve both the ExitCodeError and the original error.
- assert.Contains(t, err.Error(), "code 99", "Error message should contain exit code")
+ // Do not assert on error message formatting; type and code checks above are sufficient.

---

105-123: Same: don’t assert on exact error string.

Keep the ExitCodeError assertion; drop the Contains check to reduce flakiness across platforms/interpreter versions.

Apply:

- errStr := err.Error()
- assert.Contains(t, errStr, "code 127", "Error should mention exit code")
- // Note: The exact error message from the interpreter may vary, but it should contain something about the command.
+ // Intentionally avoid asserting on error text; message formats are not stable.

errors/error_funcs_test.go (2)

139-193: Nice subprocess harness for ExitCodeError.

Confirms exact exit codes 2, 42, 127 propagate via CheckErrorPrintAndExit.

Consider a small helper to DRY the subprocess pattern across tests.
Example:

func runAsSubtest(t *testing.T, name, env string) *exec.ExitError { ... }

---

195-220: Precedence is already correct—consider the test as optional regression coverage.

The implementation at lines 63–66 checks ExitCodeError before exec.ExitError (lines 69–71), so precedence is in place. The suggested test would be a useful regression guard, joining both errors to verify ExitCodeError takes precedence when both are present. However, the diff has minor issues (e.g., errors.As(cmd.ProcessState, &ee) is incorrect; ProcessState isn't an error).

If you add this test, clean up the error-creation logic to make the intent clearer.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 8024caa and a5d5b5e.

📒 Files selected for processing (3)

• errors/error_funcs_test.go (1 hunks)
• pkg/utils/shell_utils.go (2 hunks)
• pkg/utils/shell_utils_test.go (1 hunks)

🧰 Additional context used

📓 Path-based instructions (5)

**/*_test.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*_test.go: Every new feature must include comprehensive unit tests
Test both happy paths and error conditions
Use table-driven tests for multiple scenarios

**/*_test.go: Use table-driven unit tests for pure functions and focus on behavior; co-locate tests; target >80% coverage for pkg/ and internal/exec/.
Always use t.Skipf() with a clear reason; never use t.Skip() or t.Skipf without a reason.

Files:

• errors/error_funcs_test.go
• pkg/utils/shell_utils_test.go

**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*.go: All code must pass golangci-lint checks
Follow Go error handling idioms and use meaningful error messages
Wrap errors with context using fmt.Errorf("context: %w", err)
Consider custom error types for domain-specific errors
Follow standard Go coding style; run gofmt and goimports
Use snake_case for environment variables
Document complex logic with inline comments

**/*.go: All Go comments must end with periods; applies to single-line, multi-line, inline, and documentation comments (golangci-lint godot).
Group imports into three sections (stdlib, 3rd-party, Atmos), separated by blank lines; sort alphabetically within each group; preserve existing aliases.
Configuration loading must use Viper with precedence CLI → ENV → files → defaults; bind config name atmos and add path, AutomaticEnv, and ATMOS prefix.
All errors must be wrapped using static errors (defined in errors/errors.go); use errors.Join for multiple errors; fmt.Errorf with %w for context; use errors.Is for checks; never compare error strings.
Distinguish structured logging from UI output: UI prompts/status/errors to stderr; data/results to stdout; never use logging for UI.
Most text UI must go to stderr; only data/results to stdout; prefer utils.PrintfMessageToTUI for UI messages.
All new configurations must support Go templating using existing utilities and available template functions.
Prefer SDKs over external binaries for cross-platform support; use filepath/os/runtime for portability.
For non-standard execution paths, capture telemetry via telemetry.CaptureCmd or telemetry.CaptureCmdString without user data.
80% minimum coverage on new/changed lines and include unit tests for new features; add integration tests for CLI using tests/ fixtures.
Always bind environment variables with viper.BindEnv and provide ATMOS_ alternatives for every env var.
Use structured logging with levels (Fatal>Error>Warn>Debug>Trace); avoid string interpolation and ensure logging does not affect execution.
Prefer re...

Files:

• errors/error_funcs_test.go
• pkg/utils/shell_utils_test.go
• pkg/utils/shell_utils.go

pkg/**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

Place business logic in pkg rather than in cmd

Files:

• pkg/utils/shell_utils_test.go
• pkg/utils/shell_utils.go

pkg/**/*_test.go

📄 CodeRabbit inference engine (CLAUDE.md)

Unit tests for packages live under pkg/ alongside implementation files.

Files:

• pkg/utils/shell_utils_test.go

**/!(*_test).go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

Document all exported functions, types, and methods with Go doc comments

Add defer perf.Track() to all public functions and critical private functions; include a blank line after the call; use package-prefixed names; pass atmosConfig when present, else nil.

Files:

• pkg/utils/shell_utils.go

🧠 Learnings (3)

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to cmd/*/*_test.go : Add tests for new commands under cmd/<command>/<command>_test.go.

Applied to files:

• pkg/utils/shell_utils_test.go

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to internal/exec/*_test.go : Add comprehensive tests for template functions under internal/exec/ with *_test.go files.

Applied to files:

• pkg/utils/shell_utils_test.go

📚 Learning: 2025-09-13T18:06:07.674Z

Learnt from: samtholiya
PR: cloudposse/atmos#1466
File: toolchain/list.go:39-42
Timestamp: 2025-09-13T18:06:07.674Z
Learning: In the cloudposse/atmos repository, for UI messages in the toolchain package, use utils.PrintfMessageToTUI instead of log.Error or fmt.Fprintln(os.Stderr, ...). Import pkg/utils with alias "u" to follow the established pattern.

Applied to files:

• pkg/utils/shell_utils.go

🧬 Code graph analysis (3)

errors/error_funcs_test.go (2)

errors/errors.go (1)

• ExitCodeError (379-381)

errors/error_funcs.go (1)

• CheckErrorPrintAndExit (55-78)

pkg/utils/shell_utils_test.go (2)

pkg/utils/shell_utils.go (1)

• ShellRunner (65-103)

errors/errors.go (1)

• ExitCodeError (379-381)

pkg/utils/shell_utils.go (1)

errors/errors.go (1)

• ExitCodeError (379-381)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: Build (windows-latest, windows)
• GitHub Check: Build (ubuntu-latest, linux)
• GitHub Check: Run pre-commit hooks
• GitHub Check: Analyze (go)
• GitHub Check: Lint (golangci)
• GitHub Check: Summary

🔇 Additional comments (2)

pkg/utils/shell_utils.go (1)

18-18: Imports look tidy.

Grouping and aliasing follow the repo convention. Nice.

pkg/utils/shell_utils_test.go (1)

21-63: Solid coverage for common exit codes.

Good spread (0, 1, 2, 42, 127) and a not-found case. Nice.

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between a5d5b5e and bbee0d8.

📒 Files selected for processing (4)

• errors/error_funcs_test.go (2 hunks)
• internal/exec/shell_utils_test.go (2 hunks)
• pkg/utils/shell_utils_test.go (1 hunks)
• tests/snapshots/TestCLICommands_atmos_circuit-breaker.stderr.golden (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• tests/snapshots/TestCLICommands_atmos_circuit-breaker.stderr.golden

🧰 Additional context used

📓 Path-based instructions (6)

**/*_test.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*_test.go: Every new feature must include comprehensive unit tests
Test both happy paths and error conditions
Use table-driven tests for multiple scenarios

**/*_test.go: Use table-driven unit tests for pure functions and focus on behavior; co-locate tests; target >80% coverage for pkg/ and internal/exec/.
Always use t.Skipf() with a clear reason; never use t.Skip() or t.Skipf without a reason.

Files:

• internal/exec/shell_utils_test.go
• errors/error_funcs_test.go
• pkg/utils/shell_utils_test.go

**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*.go: All code must pass golangci-lint checks
Follow Go error handling idioms and use meaningful error messages
Wrap errors with context using fmt.Errorf("context: %w", err)
Consider custom error types for domain-specific errors
Follow standard Go coding style; run gofmt and goimports
Use snake_case for environment variables
Document complex logic with inline comments

**/*.go: All Go comments must end with periods; applies to single-line, multi-line, inline, and documentation comments (golangci-lint godot).
Group imports into three sections (stdlib, 3rd-party, Atmos), separated by blank lines; sort alphabetically within each group; preserve existing aliases.
Configuration loading must use Viper with precedence CLI → ENV → files → defaults; bind config name atmos and add path, AutomaticEnv, and ATMOS prefix.
All errors must be wrapped using static errors (defined in errors/errors.go); use errors.Join for multiple errors; fmt.Errorf with %w for context; use errors.Is for checks; never compare error strings.
Distinguish structured logging from UI output: UI prompts/status/errors to stderr; data/results to stdout; never use logging for UI.
Most text UI must go to stderr; only data/results to stdout; prefer utils.PrintfMessageToTUI for UI messages.
All new configurations must support Go templating using existing utilities and available template functions.
Prefer SDKs over external binaries for cross-platform support; use filepath/os/runtime for portability.
For non-standard execution paths, capture telemetry via telemetry.CaptureCmd or telemetry.CaptureCmdString without user data.
80% minimum coverage on new/changed lines and include unit tests for new features; add integration tests for CLI using tests/ fixtures.
Always bind environment variables with viper.BindEnv and provide ATMOS_ alternatives for every env var.
Use structured logging with levels (Fatal>Error>Warn>Debug>Trace); avoid string interpolation and ensure logging does not affect execution.
Prefer re...

Files:

• internal/exec/shell_utils_test.go
• errors/error_funcs_test.go
• pkg/utils/shell_utils_test.go

internal/exec/**/*.go

📄 CodeRabbit inference engine (CLAUDE.md)

Place command business logic in internal/exec/ (separate from cmd/ wiring).

Files:

• internal/exec/shell_utils_test.go

internal/exec/*_test.go

📄 CodeRabbit inference engine (CLAUDE.md)

Add comprehensive tests for template functions under internal/exec/ with *_test.go files.

Files:

• internal/exec/shell_utils_test.go

pkg/**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

Place business logic in pkg rather than in cmd

Files:

• pkg/utils/shell_utils_test.go

pkg/**/*_test.go

📄 CodeRabbit inference engine (CLAUDE.md)

Unit tests for packages live under pkg/ alongside implementation files.

Files:

• pkg/utils/shell_utils_test.go

🧠 Learnings (6)

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to internal/exec/*_test.go : Add comprehensive tests for template functions under internal/exec/ with *_test.go files.

Applied to files:

• internal/exec/shell_utils_test.go
• errors/error_funcs_test.go
• pkg/utils/shell_utils_test.go

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to cmd/*/*_test.go : Add tests for new commands under cmd/<command>/<command>_test.go.

Applied to files:

• internal/exec/shell_utils_test.go
• pkg/utils/shell_utils_test.go

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to **/*_test.go : Use table-driven unit tests for pure functions and focus on behavior; co-locate tests; target >80% coverage for pkg/ and internal/exec/.

Applied to files:

• internal/exec/shell_utils_test.go

📚 Learning: 2025-06-02T14:12:02.710Z

Learnt from: milldr
PR: cloudposse/atmos#1229
File: internal/exec/workflow_test.go:0-0
Timestamp: 2025-06-02T14:12:02.710Z
Learning: In the atmos codebase, workflow error handling was refactored to use `PrintErrorMarkdown` followed by returning the error instead of `PrintErrorMarkdownAndExit`. This pattern allows proper error testing without the function terminating the process with `os.Exit`, enabling unit tests to assert on error conditions.

Applied to files:

• errors/error_funcs_test.go

📚 Learning: 2025-06-02T14:12:02.710Z

Learnt from: milldr
PR: cloudposse/atmos#1229
File: internal/exec/workflow_test.go:0-0
Timestamp: 2025-06-02T14:12:02.710Z
Learning: In the atmos codebase, workflow error handling was refactored to use `PrintErrorMarkdown` followed by returning specific error variables (like `ErrWorkflowNoSteps`, `ErrInvalidFromStep`, `ErrInvalidWorkflowStepType`, `ErrWorkflowStepFailed`) instead of `PrintErrorMarkdownAndExit`. This pattern allows proper error testing without the function terminating the process with `os.Exit`, enabling unit tests to assert on error conditions while maintaining excellent user-facing error formatting.

Applied to files:

• errors/error_funcs_test.go

📚 Learning: 2025-02-03T06:00:11.419Z

Learnt from: samtholiya
PR: cloudposse/atmos#959
File: cmd/describe_config.go:20-20
Timestamp: 2025-02-03T06:00:11.419Z
Learning: Commands should use `PrintErrorMarkdownAndExit` with empty title and suggestion (`"", err, ""`) for general error handling. Specific titles like "Invalid Usage" or "File Not Found" should only be used for validation or specific error scenarios.

Applied to files:

• errors/error_funcs_test.go

🧬 Code graph analysis (3)

internal/exec/shell_utils_test.go (2)

pkg/schema/schema.go (1)

• AtmosConfiguration (27-65)

internal/exec/shell_utils.go (2)

• ExecuteShellCommand (23-79)
• ExecuteShell (82-104)

errors/error_funcs_test.go (6)

pkg/ui/markdown/renderer.go (1)

• NewTerminalMarkdownRenderer (247-267)

pkg/schema/schema.go (1)

• AtmosConfiguration (27-65)

errors/error_funcs.go (3)

• CheckErrorAndPrint (29-52)
• InitializeMarkdown (20-26)
• CheckErrorPrintAndExit (55-78)

pkg/logger/global.go (2)

• Default (19-21)
• SetDefault (24-28)

pkg/logger/log.go (3)

• SetOutput (94-96)
• SetLevel (84-86)
• TraceLevel (179-179)

errors/errors.go (1)

• ExitCodeError (379-381)

pkg/utils/shell_utils_test.go (2)

pkg/utils/shell_utils.go (1)

• ShellRunner (65-103)

errors/errors.go (1)

• ExitCodeError (379-381)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: Build (macos-latest, macos)
• GitHub Check: Build (ubuntu-latest, linux)
• GitHub Check: Build (windows-latest, windows)
• GitHub Check: Run pre-commit hooks
• GitHub Check: Analyze (go)
• GitHub Check: Lint (golangci)
• GitHub Check: Summary

🔇 Additional comments (10)

internal/exec/shell_utils_test.go (2)

60-164: Comprehensive test coverage for ExecuteShellCommand.

The test covers dry run, various redirection modes, platform-specific behavior, error conditions, and environment handling. Well done.

---

166-210: Good coverage for ExecuteShell function.

Tests cover the main execution paths including dry run, syntax errors, and environment handling. Solid work.

errors/error_funcs_test.go (3)

100-118: Good coverage for empty title default behavior.

The test properly verifies that an empty title defaults to "Error" in the output.

---

182-216: Solid exit code preservation tests.

The subprocess pattern correctly validates that ExitCodeError codes (2 and 42) propagate through CheckErrorPrintAndExit. Good coverage of the new functionality.

---

218-238: Good coverage for exec.ExitError propagation.

The test validates that exit codes from exec.ExitError properly propagate through the error handling path. Well done.

pkg/utils/shell_utils_test.go (5)

14-76: Excellent exit code preservation tests.

The table-driven approach covers exit codes 0, 1, 2, and 42, verifying both error messages and ExitCodeError wrapping. This thoroughly validates the new exit code preservation behavior.

---

78-84: Good output capture verification.

Simple and focused test that validates ShellRunner properly captures command output.

---

86-93: Solid environment variable test.

Validates that custom environment variables properly propagate to the shell command.

---

95-104: Good working directory test.

The test correctly verifies the working directory behavior without making brittle exact path assertions. Smart approach.

---

106-117: Important parse error validation.

This test ensures parse errors are not incorrectly wrapped as ExitCodeError, which is critical for proper error handling. Good work distinguishing error types.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

errors/error_funcs_test.go (1)

217-238: Solid happy path test for InitializeMarkdown.

This test verifies successful initialization without errors. If you want to boost coverage further, consider adding a test case for initialization failure scenarios in a future PR.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between bbee0d8 and a39db54.

📒 Files selected for processing (1)

• errors/error_funcs_test.go (2 hunks)

🧰 Additional context used

📓 Path-based instructions (2)

**/*_test.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*_test.go: Every new feature must include comprehensive unit tests
Test both happy paths and error conditions
Use table-driven tests for multiple scenarios

**/*_test.go: Use table-driven unit tests for pure functions and focus on behavior; co-locate tests; target >80% coverage for pkg/ and internal/exec/.
Always use t.Skipf() with a clear reason; never use t.Skip() or t.Skipf without a reason.

Files:

• errors/error_funcs_test.go

**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*.go: All code must pass golangci-lint checks
Follow Go error handling idioms and use meaningful error messages
Wrap errors with context using fmt.Errorf("context: %w", err)
Consider custom error types for domain-specific errors
Follow standard Go coding style; run gofmt and goimports
Use snake_case for environment variables
Document complex logic with inline comments

**/*.go: All Go comments must end with periods; applies to single-line, multi-line, inline, and documentation comments (golangci-lint godot).
Group imports into three sections (stdlib, 3rd-party, Atmos), separated by blank lines; sort alphabetically within each group; preserve existing aliases.
Configuration loading must use Viper with precedence CLI → ENV → files → defaults; bind config name atmos and add path, AutomaticEnv, and ATMOS prefix.
All errors must be wrapped using static errors (defined in errors/errors.go); use errors.Join for multiple errors; fmt.Errorf with %w for context; use errors.Is for checks; never compare error strings.
Distinguish structured logging from UI output: UI prompts/status/errors to stderr; data/results to stdout; never use logging for UI.
Most text UI must go to stderr; only data/results to stdout; prefer utils.PrintfMessageToTUI for UI messages.
All new configurations must support Go templating using existing utilities and available template functions.
Prefer SDKs over external binaries for cross-platform support; use filepath/os/runtime for portability.
For non-standard execution paths, capture telemetry via telemetry.CaptureCmd or telemetry.CaptureCmdString without user data.
80% minimum coverage on new/changed lines and include unit tests for new features; add integration tests for CLI using tests/ fixtures.
Always bind environment variables with viper.BindEnv and provide ATMOS_ alternatives for every env var.
Use structured logging with levels (Fatal>Error>Warn>Debug>Trace); avoid string interpolation and ensure logging does not affect execution.
Prefer re...

Files:

• errors/error_funcs_test.go

🧠 Learnings (4)

📚 Learning: 2025-06-02T14:12:02.710Z

Learnt from: milldr
PR: cloudposse/atmos#1229
File: internal/exec/workflow_test.go:0-0
Timestamp: 2025-06-02T14:12:02.710Z
Learning: In the atmos codebase, workflow error handling was refactored to use `PrintErrorMarkdown` followed by returning the error instead of `PrintErrorMarkdownAndExit`. This pattern allows proper error testing without the function terminating the process with `os.Exit`, enabling unit tests to assert on error conditions.

Applied to files:

• errors/error_funcs_test.go

📚 Learning: 2025-06-02T14:12:02.710Z

Learnt from: milldr
PR: cloudposse/atmos#1229
File: internal/exec/workflow_test.go:0-0
Timestamp: 2025-06-02T14:12:02.710Z
Learning: In the atmos codebase, workflow error handling was refactored to use `PrintErrorMarkdown` followed by returning specific error variables (like `ErrWorkflowNoSteps`, `ErrInvalidFromStep`, `ErrInvalidWorkflowStepType`, `ErrWorkflowStepFailed`) instead of `PrintErrorMarkdownAndExit`. This pattern allows proper error testing without the function terminating the process with `os.Exit`, enabling unit tests to assert on error conditions while maintaining excellent user-facing error formatting.

Applied to files:

• errors/error_funcs_test.go

📚 Learning: 2025-02-03T06:00:11.419Z

Learnt from: samtholiya
PR: cloudposse/atmos#959
File: cmd/describe_config.go:20-20
Timestamp: 2025-02-03T06:00:11.419Z
Learning: Commands should use `PrintErrorMarkdownAndExit` with empty title and suggestion (`"", err, ""`) for general error handling. Specific titles like "Invalid Usage" or "File Not Found" should only be used for validation or specific error scenarios.

Applied to files:

• errors/error_funcs_test.go

📚 Learning: 2025-09-23T02:30:42.362Z

Learnt from: CR
PR: cloudposse/atmos#0
File: .cursor/rules/atmos-rules.mdc:0-0
Timestamp: 2025-09-23T02:30:42.362Z
Learning: Applies to **/*_test.go : Test both happy paths and error conditions

Applied to files:

• errors/error_funcs_test.go

🧬 Code graph analysis (1)

errors/error_funcs_test.go (6)

errors/error_funcs.go (3)

• CheckErrorPrintAndExit (55-78)
• CheckErrorAndPrint (29-52)
• InitializeMarkdown (20-26)

errors/errors.go (1)

• ExitCodeError (379-381)

pkg/ui/markdown/renderer.go (1)

• NewTerminalMarkdownRenderer (247-267)

pkg/schema/schema.go (1)

• AtmosConfiguration (27-65)

pkg/logger/global.go (2)

• Default (19-21)
• SetDefault (24-28)

pkg/logger/log.go (3)

• SetOutput (94-96)
• SetLevel (84-86)
• TraceLevel (179-179)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: Build (macos-latest, macos)
• GitHub Check: Build (windows-latest, windows)
• GitHub Check: Build (ubuntu-latest, linux)
• GitHub Check: Analyze (go)
• GitHub Check: Lint (golangci)
• GitHub Check: Summary

🔇 Additional comments (4)

errors/error_funcs_test.go (4)

45-62: Solid test for exit code 1.

This subprocess-based test correctly verifies that CheckErrorPrintAndExit exits with code 1 for a standard error. The pattern is appropriate and the assertions are sound.

---

83-117: Excellent coverage of ExitCodeError preservation.

This test comprehensively verifies that CheckErrorPrintAndExit correctly preserves custom exit codes (2 and 42) from ExitCodeError, which is central to the PR's objectives.

---

119-139: Good coverage for exec.ExitError propagation.

This test validates that CheckErrorPrintAndExit correctly propagates exit codes from exec.ExitError, ensuring the fallback path works as intended.

---

196-214: Good edge case for default title behavior.

This subtest ensures that when an empty title is provided, CheckErrorAndPrint defaults to "Error" as expected. Nice addition for coverage.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (6)

internal/exec/terraform.go (3)

492-511: Workspace auto-create may trigger on unrelated failures (exit code 1 is broad).

Exit code 1 from "terraform workspace select" can be many errors (init not run, backend issues, auth), not only "workspace does not exist". Creating a workspace on any code 1 may mask root causes.

Recommendation:

• Gate creation on both ExitCodeError{Code:1} and a message hint (e.g., contains "workspace" and "does not exist"), or
• Probe with "terraform workspace list" and check membership before creating, or
• Add a config guard (e.g., Components.Terraform.AutoCreateMissingWorkspace, default true) to allow disabling.

Minimal change (safer default): list before create.

Example patch (list check; keeps stderr redirection consistent):

@@
-                err = ExecuteShellCommand(
+                // Verify the workspace truly doesn't exist before creating.
+                // Terraform returns non‑zero if workspace not present.
+                listArgs := []string{"workspace", "list"}
+                if info.RedirectStdErr != "" {
+                    workspaceSelectRedirectStdErr = info.RedirectStdErr
+                }
+                lerr := ExecuteShellCommand(
+                    atmosConfig,
+                    info.Command,
+                    listArgs,
+                    componentPath,
+                    info.ComponentEnvList,
+                    info.DryRun,
+                    workspaceSelectRedirectStdErr,
+                )
+                if lerr != nil {
+                    return err // Preserve original select error; don't hide underlying issues with a create attempt.
+                }
+                // Only create if desired workspace is absent in the listing.
+                // Note: ExecuteShellCommand prints list to stdout; prefer capturing output in the future.
+                // For now, try creating; if it exists, 'workspace new' will fail harmlessly with an informative error.
+                err = ExecuteShellCommand(
                     atmosConfig,
                     info.Command,
                     []string{"workspace", "new", info.TerraformWorkspace},
                     componentPath,
                     info.ComponentEnvList,
                     info.DryRun,
                     info.RedirectStdErr,
                 )

---

565-576: Exit code extraction priority is correct.

Checking errUtils.ExitCodeError before *osexec.ExitError preserves real codes end-to-end.

Consider extracting into a helper for reuse and testability:

// exitCodeFromError returns 0 for nil, preserves errUtils.ExitCodeError,
// falls back to *exec.ExitError, else 1.
func exitCodeFromError(err error) int {
    if err == nil {
        return 0
    }
    var ec errUtils.ExitCodeError
    if errors.As(err, &ec) {
        return ec.Code
    }
    var osErr *osexec.ExitError
    if errors.As(err, &osErr) {
        return osErr.ExitCode()
    }
    return 1
}

Then:

-        var exitCode int
-        if err != nil {
-            // Prefer our typed error to preserve exit codes from subcommands.
-            var ec errUtils.ExitCodeError
-            if errors.As(err, &ec) {
-                exitCode = ec.Code
-            } else {
-                var osErr *osexec.ExitError
-                if errors.As(err, &osErr) {
-                    exitCode = osErr.ExitCode()
-                } else {
-                    exitCode = 1
-                }
-            }
-        } else {
-            exitCode = 0
-        }
+        exitCode := exitCodeFromError(err)

---

591-598: Preserve both exit code and original error context for plan uploads.

Returning only ExitCodeError{2} drops the original error message/context. Join them so callers can unwrap the exit code and still see the command error details.

-            if exitCode == 2 {
-                // Exit code 2 is success for terraform plan but we must preserve it
-                return errUtils.ExitCodeError{Code: 2}
-            }
+            if exitCode == 2 {
+                // Exit code 2 is success for terraform plan; preserve code and context.
+                if err != nil {
+                    return errors.Join(err, errUtils.ExitCodeError{Code: 2})
+                }
+                return errUtils.ExitCodeError{Code: 2}
+            }

internal/exec/terraform_exitcode_test.go (3)

23-40: Test case label mismatch.

Case "ExitCodeError with code 0 (success)" passes nil, not ExitCodeError{0}. Rename for accuracy (or pass ExitCodeError{0}).

-        {
-            name:         "ExitCodeError with code 0 (success)",
-            err:          nil,
-            expectedCode: 0,
-            description:  "No error means exit code 0",
-        },
+        {
+            name:         "nil error returns code 0 (success)",
+            err:          nil,
+            expectedCode: 0,
+            description:  "No error means exit code 0",
+        },

---

49-69: Avoid duplicating production logic in tests; use a helper.

Tests mirror terraform.go’s exit-code extraction. Prefer calling a small helper (e.g., exitCodeFromError) to keep tests resilient to refactors.

If you adopt the helper suggested in terraform.go, simplify this test to:

exitCode := exitCodeFromError(tc.err)
assert.Equal(t, tc.expectedCode, exitCode, tc.description)

---

133-190: Add a negative test for workspace auto-create on non-existence errors.

Since code 1 is broad, add a case where select fails with ExitCodeError{1} but represents a different underlying problem to ensure we don’t attempt creation (e.g., simulate with a sentinel error in chain and assert early return). This will protect against false positives in the auto-create path.

Example test idea:

t.Run("exit code 1 but not missing-workspace message", func(t *testing.T) {
    // Wrap ExitCodeError{1} with a sentinel indicating unrelated failure.
    sentinel := fmt.Errorf("backend not configured")
    err := fmt.Errorf("%w: %w", sentinel, errUtils.ExitCodeError{Code:1})

    var exitCodeErr errUtils.ExitCodeError
    // Current logic only checks code; consider enhancing to also inspect context.
    shouldReturn := !errors.As(err, &exitCodeErr) || exitCodeErr.Code != 1
    assert.True(t, shouldReturn, "Should return immediately and not create workspace")
})

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between b158765 and d69e6ed.

📒 Files selected for processing (5)

• .goreleaser.yml (2 hunks)
• internal/exec/terraform.go (4 hunks)
• internal/exec/terraform_exitcode_test.go (1 hunks)
• internal/exec/workflow_test.go (4 hunks)
• internal/exec/workflow_utils.go (3 hunks)

🧰 Additional context used

📓 Path-based instructions (5)

**/*_test.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*_test.go: Every new feature must include comprehensive unit tests
Test both happy paths and error conditions
Use table-driven tests for multiple scenarios

**/*_test.go: Use table-driven unit tests for pure functions and focus on behavior; co-locate tests; target >80% coverage for pkg/ and internal/exec/.
Always use t.Skipf() with a clear reason; never use t.Skip() or t.Skipf without a reason.

Files:

• internal/exec/workflow_test.go
• internal/exec/terraform_exitcode_test.go

**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*.go: All code must pass golangci-lint checks
Follow Go error handling idioms and use meaningful error messages
Wrap errors with context using fmt.Errorf("context: %w", err)
Consider custom error types for domain-specific errors
Follow standard Go coding style; run gofmt and goimports
Use snake_case for environment variables
Document complex logic with inline comments

**/*.go: All Go comments must end with periods; applies to single-line, multi-line, inline, and documentation comments (golangci-lint godot).
Group imports into three sections (stdlib, 3rd-party, Atmos), separated by blank lines; sort alphabetically within each group; preserve existing aliases.
Configuration loading must use Viper with precedence CLI → ENV → files → defaults; bind config name atmos and add path, AutomaticEnv, and ATMOS prefix.
All errors must be wrapped using static errors (defined in errors/errors.go); use errors.Join for multiple errors; fmt.Errorf with %w for context; use errors.Is for checks; never compare error strings.
Distinguish structured logging from UI output: UI prompts/status/errors to stderr; data/results to stdout; never use logging for UI.
Most text UI must go to stderr; only data/results to stdout; prefer utils.PrintfMessageToTUI for UI messages.
All new configurations must support Go templating using existing utilities and available template functions.
Prefer SDKs over external binaries for cross-platform support; use filepath/os/runtime for portability.
For non-standard execution paths, capture telemetry via telemetry.CaptureCmd or telemetry.CaptureCmdString without user data.
80% minimum coverage on new/changed lines and include unit tests for new features; add integration tests for CLI using tests/ fixtures.
Always bind environment variables with viper.BindEnv and provide ATMOS_ alternatives for every env var.
Use structured logging with levels (Fatal>Error>Warn>Debug>Trace); avoid string interpolation and ensure logging does not affect execution.
Prefer re...

Files:

• internal/exec/workflow_test.go
• internal/exec/workflow_utils.go
• internal/exec/terraform_exitcode_test.go
• internal/exec/terraform.go

internal/exec/**/*.go

📄 CodeRabbit inference engine (CLAUDE.md)

Place command business logic in internal/exec/ (separate from cmd/ wiring).

Files:

• internal/exec/workflow_test.go
• internal/exec/workflow_utils.go
• internal/exec/terraform_exitcode_test.go
• internal/exec/terraform.go

internal/exec/*_test.go

📄 CodeRabbit inference engine (CLAUDE.md)

Add comprehensive tests for template functions under internal/exec/ with *_test.go files.

Files:

• internal/exec/workflow_test.go
• internal/exec/terraform_exitcode_test.go

**/!(*_test).go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

Document all exported functions, types, and methods with Go doc comments

Add defer perf.Track() to all public functions and critical private functions; include a blank line after the call; use package-prefixed names; pass atmosConfig when present, else nil.

Files:

• internal/exec/workflow_utils.go
• internal/exec/terraform.go

🧠 Learnings (4)

📚 Learning: 2025-06-02T14:12:02.710Z

Learnt from: milldr
PR: cloudposse/atmos#1229
File: internal/exec/workflow_test.go:0-0
Timestamp: 2025-06-02T14:12:02.710Z
Learning: In the atmos codebase, workflow error handling was refactored to use `PrintErrorMarkdown` followed by returning specific error variables (like `ErrWorkflowNoSteps`, `ErrInvalidFromStep`, `ErrInvalidWorkflowStepType`, `ErrWorkflowStepFailed`) instead of `PrintErrorMarkdownAndExit`. This pattern allows proper error testing without the function terminating the process with `os.Exit`, enabling unit tests to assert on error conditions while maintaining excellent user-facing error formatting.

Applied to files:

• internal/exec/workflow_test.go
• internal/exec/workflow_utils.go

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to **/*.go : Ensure Atmos remains portable across Linux, macOS, and Windows; use filepath.Join, os.PathSeparator, and build constraints when necessary.

Applied to files:

• .goreleaser.yml

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to internal/exec/*_test.go : Add comprehensive tests for template functions under internal/exec/ with *_test.go files.

Applied to files:

• internal/exec/terraform_exitcode_test.go

📚 Learning: 2024-11-02T15:35:09.958Z

Learnt from: aknysh
PR: cloudposse/atmos#759
File: internal/exec/terraform.go:366-368
Timestamp: 2024-11-02T15:35:09.958Z
Learning: In `internal/exec/terraform.go`, the workspace cleaning code under both the general execution path and within the `case "init":` block is intentionally duplicated because the code execution paths are different. The `.terraform/environment` file should be deleted before executing `terraform init` in both scenarios to ensure a clean state.

Applied to files:

• internal/exec/terraform.go

🧬 Code graph analysis (3)

internal/exec/workflow_utils.go (1)

errors/errors.go (1)

• ExitCodeError (379-381)

internal/exec/terraform_exitcode_test.go (1)

errors/errors.go (1)

• ExitCodeError (379-381)

internal/exec/terraform.go (1)

errors/errors.go (1)

• ExitCodeError (379-381)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: Build (windows-latest, windows)
• GitHub Check: Lint (golangci)
• GitHub Check: Summary

🔇 Additional comments (9)

.goreleaser.yml (2)

3-26: Well-structured disk cleanup hook for GitHub Actions.

The new before.hooks section properly guards the cleanup logic with GITHUB_ACTIONS environment check and uses || true to handle errors gracefully. The detailed rationale (with specific disk sizes) and before/after df output make it clear what's being freed and why. This addresses the common "no space left on device" issue when building for 14 platform combinations.

---

47-54: Solid reproducible-build setup.

Adding -trimpath (with clear documentation about its purpose and precedent) pairs well with the existing -s -w flags to reduce binary size and enable reproducible builds. The comments are helpful for future maintainers.

Verify that the minimum supported Go version for this project includes -trimpath support (available since Go 1.13, so likely not an issue, but worth confirming if you support older versions).

internal/exec/workflow_test.go (1)

126-126: LGTM! Error message expectations updated correctly.

The updated error messages reflect the new exit-code preservation behavior. Line 126 correctly expects the specific exit code 1 from exit 1, while lines 145, 184, and 204 appropriately use the generic "subcommand exited with code" for atmos command failures where the exact code may vary.

Also applies to: 145-145, 184-184, 204-204

internal/exec/workflow_utils.go (3)

3-23: LGTM! Import organization follows guidelines.

The standard library errors import enables the new error-joining and unwrapping behavior. Import grouping (stdlib → 3rd-party → Atmos) aligns with coding guidelines.

---

47-63: LGTM! Well-implemented error classification.

The function correctly treats ExitCodeError as a known (already-reported) error, then checks workflow-specific sentinels. Using errors.As for type checking and errors.Is for sentinel comparison follows Go error handling best practices.

---

215-219: LGTM! Exit-code preservation properly implemented.

The joined error preserves both the workflow sentinel (ErrWorkflowStepFailed) for classification and the underlying error (potentially ExitCodeError) for exit-code unwrapping. This addresses the past review comment and aligns with the PR objectives.

internal/exec/terraform.go (1)

28-28: Correct flag form for Terraform.

Using "-detailed-exitcode" is right. Nice catch.

internal/exec/terraform_exitcode_test.go (2)

73-80: Flag constant assertion looks good.

This guards the single-dash syntax across refactors.

---

82-97: ExitCodeError unwrap behavior verified.

Good coverage of wrapping semantics with errors.As.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

internal/exec/terraform_exitcode_test.go (1)

22-39: Test case name doesn't match the error value.

The test case at lines 34-39 is named "ExitCodeError with code 0 (success)" but uses err: nil instead of errUtils.ExitCodeError{Code: 0}. The logic correctly handles nil → 0, but the name is misleading. Consider renaming to "nil error (success)" or using ExitCodeError{Code: 0} if you want to explicitly test that scenario.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between d69e6ed and dec7a87.

📒 Files selected for processing (1)

• internal/exec/terraform_exitcode_test.go (1 hunks)

🧰 Additional context used

📓 Path-based instructions (4)

**/*_test.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*_test.go: Every new feature must include comprehensive unit tests
Test both happy paths and error conditions
Use table-driven tests for multiple scenarios

**/*_test.go: Use table-driven unit tests for pure functions and focus on behavior; co-locate tests; target >80% coverage for pkg/ and internal/exec/.
Always use t.Skipf() with a clear reason; never use t.Skip() or t.Skipf without a reason.

Files:

• internal/exec/terraform_exitcode_test.go

**/*.go

📄 CodeRabbit inference engine (.cursor/rules/atmos-rules.mdc)

**/*.go: All code must pass golangci-lint checks
Follow Go error handling idioms and use meaningful error messages
Wrap errors with context using fmt.Errorf("context: %w", err)
Consider custom error types for domain-specific errors
Follow standard Go coding style; run gofmt and goimports
Use snake_case for environment variables
Document complex logic with inline comments

**/*.go: All Go comments must end with periods; applies to single-line, multi-line, inline, and documentation comments (golangci-lint godot).
Group imports into three sections (stdlib, 3rd-party, Atmos), separated by blank lines; sort alphabetically within each group; preserve existing aliases.
Configuration loading must use Viper with precedence CLI → ENV → files → defaults; bind config name atmos and add path, AutomaticEnv, and ATMOS prefix.
All errors must be wrapped using static errors (defined in errors/errors.go); use errors.Join for multiple errors; fmt.Errorf with %w for context; use errors.Is for checks; never compare error strings.
Distinguish structured logging from UI output: UI prompts/status/errors to stderr; data/results to stdout; never use logging for UI.
Most text UI must go to stderr; only data/results to stdout; prefer utils.PrintfMessageToTUI for UI messages.
All new configurations must support Go templating using existing utilities and available template functions.
Prefer SDKs over external binaries for cross-platform support; use filepath/os/runtime for portability.
For non-standard execution paths, capture telemetry via telemetry.CaptureCmd or telemetry.CaptureCmdString without user data.
80% minimum coverage on new/changed lines and include unit tests for new features; add integration tests for CLI using tests/ fixtures.
Always bind environment variables with viper.BindEnv and provide ATMOS_ alternatives for every env var.
Use structured logging with levels (Fatal>Error>Warn>Debug>Trace); avoid string interpolation and ensure logging does not affect execution.
Prefer re...

Files:

• internal/exec/terraform_exitcode_test.go

internal/exec/**/*.go

📄 CodeRabbit inference engine (CLAUDE.md)

Place command business logic in internal/exec/ (separate from cmd/ wiring).

Files:

• internal/exec/terraform_exitcode_test.go

internal/exec/*_test.go

📄 CodeRabbit inference engine (CLAUDE.md)

Add comprehensive tests for template functions under internal/exec/ with *_test.go files.

Files:

• internal/exec/terraform_exitcode_test.go

🧠 Learnings (2)

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to internal/exec/*_test.go : Add comprehensive tests for template functions under internal/exec/ with *_test.go files.

Applied to files:

• internal/exec/terraform_exitcode_test.go

📚 Learning: 2025-10-16T15:18:00.319Z

Learnt from: CR
PR: cloudposse/atmos#0
File: CLAUDE.md:0-0
Timestamp: 2025-10-16T15:18:00.319Z
Learning: Applies to **/*_test.go : Use table-driven unit tests for pure functions and focus on behavior; co-locate tests; target >80% coverage for pkg/ and internal/exec/.

Applied to files:

• internal/exec/terraform_exitcode_test.go

🧬 Code graph analysis (1)

internal/exec/terraform_exitcode_test.go (1)

errors/errors.go (1)

• ExitCodeError (379-381)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: Build (macos-latest, macos)
• GitHub Check: Build (windows-latest, windows)
• GitHub Check: Build (ubuntu-latest, linux)
• GitHub Check: Analyze (go)
• GitHub Check: website-deploy-preview
• GitHub Check: Lint (golangci)
• GitHub Check: Summary

🔇 Additional comments (5)

internal/exec/terraform_exitcode_test.go (5)

1-11: Imports look solid.

Package declaration and imports are appropriate for the test. Good use of the errUtils alias for clarity.

---

72-79: Clean validation of Terraform flag syntax.

This test ensures the flag constant matches Terraform's single-dash convention. Simple and effective.

---

81-95: Exit code preservation through wrapping looks good.

This test validates that errors.As correctly extracts ExitCodeError from wrapped errors, which is critical for preserving Terraform's exit code 2 (changes detected) signal.

---

97-130: Priority testing is thorough.

TestExitCodeExtractionPriority clearly validates that ExitCodeError is checked before falling back to generic error handling. Both paths are well covered.

---

132-189: Workspace error handling logic is well tested.

This table-driven test comprehensively validates the workspace creation behavior for different error scenarios. The exit code 0 case (lines 158-162) is a bit artificial for an error path, but testing it defensively is fine.

[github-actions]

These changes were released in v1.195.0-rc.1.