atlantis icon indicating copy to clipboard operation
atlantis copied to clipboard
verified publisher icon runatlantis

Bug: Atlantis v0.38 no longer does a new merge before plan when the branch commit hasn't changed

Open peikk0 opened this issue 3 weeks ago • 1 comments

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request. Searching for pre-existing feature requests helps us consolidate datapoints for identical requirements into a single place, thank you!
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment.

Overview of the Issue

We set ATLANTIS_CHECKOUT_STRATEGY=merge so that all Terraform plans include the latest changes from the main branch.

Since v0.38 Atlantis no longer does a new merge if the branch hasn't changed and new commits have been added to the main branch since the initial plan, resulting in a plan reverting the latest changes from the main branch.

I suspect this bug was introduced in https://github.com/runatlantis/atlantis/pull/6005

Reproduction Steps

  • Open a PR/MR for a new branch
  • Run atlantis plan
  • Add commits to the main branch with new Terraform changes
  • Run atlantis plan again in the PR/MR without rebasing or adding commits
  • Observe the plan reverting the changes added to the main branch

Logs

Logs 
{"level":"debug","ts":"2025-12-12T01:45:02.544Z","caller":"events/working_dir.go:111","msg":"clone directory '/atlantis-data/repos/foo/bar/123/default' already exists, checking if it's at the right commit","json":{"repo":"foo/bar","pull":"123"}
{"level":"debug","ts":"2025-12-12T01:45:02.547Z","caller":"events/working_dir.go:317","msg":"Comparing PR ref \"49a02aaa8ad79b8eef185ababe9aeab99c8f558b\" to local ref \"49a02aaa8ad79b8eef185ababe9aeab99c8f558b\"","json":{"repo":"foo/bar","pull":"123"}}
{"level":"info","ts":"2025-12-12T01:45:02.547Z","caller":"events/working_dir.go:119","msg":"repo is at correct commit \"49a02aaa8ad79b8eef185ababe9aeab99c8f558b\" so will not re-clone","json":{"repo":"foo/bar","pull":"123"}}

Environment details

Atlantis v0.38

ATLANTIS_CHECKOUT_STRATEGY=merge

Additional Context

peikk0 avatar Dec 12 '25 01:12 peikk0

Hi @peikk0! I'm Dosu and I’m helping the atlantis team.

You're right that this behavior is tied to recent changes in Atlantis. In v0.38, PR #6005 updated the merge checkout logic to address issues with stale base branches when using --single-branch clones. Now, Atlantis checks if the base branch exists locally and reclones if it doesn't, but if the PR branch commit hasn't changed and the base branch is still present, it skips recloning—even if new commits landed on the base branch. This can result in plans that don't reflect the latest main branch changes, as you observed, and may even revert them if applied [PR #6005].

The intended behavior is for Atlantis to always merge the latest base branch into the PR branch before planning, but the current logic only triggers a reclone if the base branch is missing, not if it's simply outdated. This means new main branch commits won't be merged unless the PR branch itself changes or the base branch ref is missing locally [working_dir.go].

There is discussion and confirmation that this is a known issue, and the fix in #6005 was meant to address a related but slightly different bug. For now, there isn't a built-in workaround for PR workflows—manual intervention (like rebasing or force-updating the PR branch) is needed to trigger a fresh merge. For non-PR/API-triggered plans, switching to ATLANTIS_CHECKOUT_STRATEGY=branch avoids merge logic issues, but that's not suitable for PRs that need the latest main branch [issue #6009].

Keep an eye on future releases or discussions for a more robust fix that ensures the base branch is always up to date before planning.

To reply, just mention @dosu.

How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other

Chat with Dosu Open in Cursor Join Discord Share on X

dosubot[bot] avatar Dec 12 '25 02:12 dosubot[bot]

Do you know if you saw see this issue on 0.37.1? I ask because #6005 makes it more likely to pick up changes from main, since it reclones. I would be interested to know if this happens in 0.37.1 (and not 0.36.X), since then it would likely have been caused by #5895 behavior.

Also, do you have the undiverged requirement set? https://www.runatlantis.io/docs/command-requirements.html#undiverged That is specifically supposed to detect this situation (commits to main after a plan).

lukemassa avatar Dec 14 '25 18:12 lukemassa

If I'm reading https://www.runatlantis.io/docs/checkout-strategy.html#merge correctly, I believe what you're describing is the documented behavior. Specifically

WARNING: Atlantis only performs this merge during the terraform plan phase. If another commit is pushed to main after Atlantis runs plan, nothing will happen.

I think what might be happening is that pre #5895, because we would do a reclone in more situations, we'd implicitly pick up these changes to main before doing the merge. So we, albeit unknowingly, "fixed" this to align more with the intended behavior.

Again I think undiverged requirement is the appropriate guard against this problem. Happy to dig in more though.

lukemassa avatar Dec 14 '25 18:12 lukemassa