Skip to main content

Pipelines as Code (Dinghy) starts with multipleBranchesEnabled- true even though it has been explicitly set to false

Issue

When disabling multiple branches for Pipelines as Code as described under https://docs.armory.io/plugins/pipelines-as-code/install/configure/#multiple-branches, It may be noticed that the configuration multipleBranchesEnabled is never set to false even though it is set to false under the Dinghy profiles settings. This may cause dinghyfile changes on the master/main branch to be pushed to Spinnaker unexpectedly. 

Cause

As per the current structure, the configuration multipleBranchesEnabled is set to true by default unless it is explicitly set to false. However, there has been an issue that has been identified where disabling multipleBranchesEnabled does not have any effect and is always set to true when Dinghy starts up. This can be seen in the Dinghy startup logs, which are similar to the logs shown below

time="2023-12-11T15:47:19Z" level=info msg="Configured with settings from file: /opt/spinnaker/config/spinnaker.yml"
time="2023-12-11T15:47:19Z" level=info msg="Configured with settings from file: /opt/spinnaker/config/dinghy.yml"
time="2023-12-11T15:47:19Z" level=info msg="Configured with settings from file: /opt/spinnaker/config/spinnaker-local.yml"
time="2023-12-11T15:47:19Z" level=info msg="Configured with settings from file: /opt/spinnaker/config/dinghy-local.yml"
time="2023-12-11T15:47:19Z" level=info msg="The following settings have been loaded: {\"instanceId\":\"dinghy\",\"templateOrg\":\"anonymous\",\"templateRepo\":\"spinnaker-kustomize-patches\",\"dinghyFilename\":\"dinghyfile\",\"autoLockPipelines\":\"false\",\"githubCredsPath\":\"/home/spinnaker/.armory/cache/github-creds.txt\",\"githubToken\":\"**REDACTED**\",\"githubEndpoint\":\"https://api.github.com\",\"stashCredsPath\":\"/home/spinnaker/.armory/cache/stash-creds.txt\",\"stashEndpoint\":\"http://localhost:7990/rest/api/1.0\",\"fiatUser\":\"dinghyserviceaccount\",\"logging\":{\"remote\":{\"enabled\":false,\"endpoint\":\"https://debug.armory.io/v1/logs\",\"customerId\":\"99fb5f10-ff80-4f54-be7b-ce098c0fdaa3\",\"version\":\"2.30.3\"}},\"secrets\":{\"vault\":{\"enabled\":true,\"url\":\"http://10.100.146.32:8200\",\"authMethod\":\"KUBERNETES\",\"role\":\"spinnaker\",\"path\":\"kubernetes\",\"username\":\"\",\"password\":\"\",\"userAuthPath\":\"\",\"namespace\":\"\",\"Token\":\"\"}},\"parserFormat\":\"json\",\"jsonValidationDisabled\":true,\"repoConfig\":[{\"provider\":\"github\",\"repo\":\"dinghy_implementation\",\"branch\":\"template-testing\"},{\"provider\":\"github\",\"repo\":\"dinghy_implementation\",\"branch\":\"template-testing-1\"}],\"orca\":{\"enabled\":\"true\",\"baseUrl\":\"http://spin-orca.anon-operator-spin:8083\"},\"front50\":{\"enabled\":\"true\",\"baseUrl\":\"http://spin-front50.anon-operator-spin:8080\"},\"deck\":{},\"echo\":{\"baseUrl\":\"http://spin-echo.anon-operator-spin:8089\"},\"gate\":{},\"fiat\":{\"authUser\":\"dinghyserviceaccount\",\"enabled\":\"true\",\"baseUrl\":\"http://spin-fiat.anon-operator-spin:7003\"},\"redis\":{\"baseUrl\":\"redis://spin-redis.anon-operator-spin:6379\"},\"server\":{\"Host\":\"\",\"Port\":8081,\"Ssl\":{\"Enabled\":false,\"CertFile\":\"\",\"KeyFile\":\"\",\"KeyPassword\":\"\",\"CAcertFile\":\"\",\"ClientAuth\":\"\"}},\"http\":{\"CacertFile\":\"\",\"ClientCertFile\":\"\",\"ClientKeyFile\":\"\",\"ClientKeyPassword\":\"\"},\"LogEventTTLMinutes\":1440,\"sql\":{\"baseUrl\":\"anon-spin-mysql-db-instance-1.cddfke67dweh.us-east-2.rds.amazonaws.com:3306\",\"user\":\"admin\",\"password\":\"**REDACTED**\",\"databaseName\":\"dinghy\",\"eventlogsOnly\":false},\"dinghyIgnoreRegexp2Enabled\":true,\"userWritePermissionsCheckEnabled\":false,\"ignoreUsersWritePermissions\":null,\"multipleBranchesEnabled\":true,\"upsertPipelineUsingOrcaTaskEnabled\":false}"

It may be noticed that dinghy-local.yml mounted onto the Dinghy pod still has the correct configs. This issue is currently being investigated further by Armory Engineering and is tied to the below versions 2.30.32.30.42.30.5 2.31.0 is not affected by this issue