Merge branch 'master' into stacks-v2-send-app-name-for-v1-yaml

api/server/handlers/environment_groups/create.go

@@ -75,15 +75,10 @@ func (c *UpdateEnvironmentGroupHandler) ServeHTTP(w http.ResponseWriter, r *http
 		return
 	}
 
-	secrets := make(map[string][]byte)
-	for k, v := range request.SecretVariables {
-		secrets[k] = []byte(v)
-	}
-
 	envGroup := environment_groups.EnvironmentGroup{
 		Name:            request.Name,
 		Variables:       request.Variables,
-		SecretVariables: secrets,
+		SecretVariables: request.SecretVariables,
 		CreatedAtUTC:    time.Now().UTC(),
 	}
 

api/server/handlers/environment_groups/list.go

@@ -58,7 +58,7 @@ func (c *ListEnvironmentGroupsHandler) ServeHTTP(w http.ResponseWriter, r *http.
 		return
 	}
 
-	allEnvGroupVersions, err := environmentgroups.ListEnvironmentGroups(ctx, agent, environmentgroups.WithNamespace(environmentgroups.Namespace_EnvironmentGroups))
+	allEnvGroupVersions, err := environmentgroups.ListEnvironmentGroups(ctx, agent, environmentgroups.WithNamespace(environmentgroups.Namespace_EnvironmentGroups), environmentgroups.WithoutDefaultAppEnvironmentGroups())
 	if err != nil {
 		err = telemetry.Error(ctx, span, err, "unable to list all environment groups")
 		c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusInternalServerError))

api/server/handlers/porter_app/create_secret_and_open_pr.go

@@ -17,6 +17,7 @@ import (
 	"github.com/porter-dev/porter/internal/auth/token"
 	"github.com/porter-dev/porter/internal/integrations/ci/actions"
 	"github.com/porter-dev/porter/internal/models"
+	"github.com/porter-dev/porter/internal/telemetry"
 )
 
 type OpenStackPRHandler struct {
@@ -34,9 +35,12 @@ func NewOpenStackPRHandler(
 }
 
 func (c *OpenStackPRHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	user, _ := r.Context().Value(types.UserScope).(*models.User)
-	project, _ := r.Context().Value(types.ProjectScope).(*models.Project)
-	cluster, _ := r.Context().Value(types.ClusterScope).(*models.Cluster)
+	ctx, span := telemetry.NewSpan(r.Context(), "serve-open-stack-pr")
+	defer span.End()
+
+	user, _ := ctx.Value(types.UserScope).(*models.User)
+	project, _ := ctx.Value(types.ProjectScope).(*models.Project)
+	cluster, _ := ctx.Value(types.ClusterScope).(*models.Cluster)
 	appName, reqErr := requestutils.GetURLParamString(r, types.URLParamPorterAppName)
 	if reqErr != nil {
 		c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(reqErr, http.StatusBadRequest))
@@ -45,11 +49,14 @@ func (c *OpenStackPRHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 
 	request := &types.CreateSecretAndOpenGHPRRequest{}
 	if ok := c.DecodeAndValidate(w, r, request); !ok {
+		err := telemetry.Error(ctx, span, nil, "error decoding request")
+		c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusBadRequest))
 		return
 	}
 
 	client, err := getGithubClient(c.Config(), request.GithubAppInstallationID)
 	if err != nil {
+		err := telemetry.Error(ctx, span, err, "error creating github client")
 		c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
 		return
 	}
@@ -59,12 +66,16 @@ func (c *OpenStackPRHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		// generate porter jwt token
 		jwt, err := token.GetTokenForAPI(user.ID, project.ID)
 		if err != nil {
-			c.HandleAPIError(w, r, apierrors.NewErrInternal(fmt.Errorf("error getting token for API: %w", err)))
+			err = fmt.Errorf("error getting token for API: %w", err)
+			err := telemetry.Error(ctx, span, err, err.Error())
+			c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
 			return
 		}
 		encoded, err := jwt.EncodeToken(c.Config().TokenConf)
 		if err != nil {
-			c.HandleAPIError(w, r, apierrors.NewErrInternal(fmt.Errorf("error encoding API token: %w", err)))
+			err = fmt.Errorf("error encoding API token: %w", err)
+			err := telemetry.Error(ctx, span, err, err.Error())
+			c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
 			return
 		}
 
@@ -78,7 +89,9 @@ func (c *OpenStackPRHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			request.GithubRepoName,
 		)
 		if err != nil {
-			c.HandleAPIError(w, r, apierrors.NewErrInternal(fmt.Errorf("error generating secret: %w", err)))
+			err = fmt.Errorf("error generating secret: %w", err)
+			err := telemetry.Error(ctx, span, err, err.Error())
+			c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
 			return
 		}
 	}
@@ -113,12 +126,16 @@ func (c *OpenStackPRHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		if unwrappedErr != nil {
 			if errors.Is(unwrappedErr, actions.ErrProtectedBranch) {
 				c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusConflict))
+				return
 			} else if errors.Is(unwrappedErr, actions.ErrCreatePRForProtectedBranch) {
 				c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusPreconditionFailed))
+				return
 			}
 		} else {
-			c.HandleAPIError(w, r, apierrors.NewErrInternal(fmt.Errorf("error setting up application in the github "+
-				"repo: %w", err)))
+			err = fmt.Errorf("error setting up application in the github "+
+				"repo: %w", err)
+			err := telemetry.Error(ctx, span, err, err.Error())
+			c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
 			return
 		}
 	}
@@ -133,7 +150,9 @@ func (c *OpenStackPRHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			// update DB with the PR url
 			porterApp, err := c.Repo().PorterApp().ReadPorterAppByName(cluster.ID, appName)
 			if err != nil {
-				c.HandleAPIError(w, r, apierrors.NewErrInternal(fmt.Errorf("unable to get porter app db: %w", err)))
+				err = fmt.Errorf("unable to get porter app db: %w", err)
+				err := telemetry.Error(ctx, span, err, err.Error())
+				c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
 				return
 			}
 
@@ -141,7 +160,9 @@ func (c *OpenStackPRHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 
 			_, err = c.Repo().PorterApp().UpdatePorterApp(porterApp)
 			if err != nil {
-				c.HandleAPIError(w, r, apierrors.NewErrInternal(fmt.Errorf("unable to write pr url to porter app db: %w", err)))
+				err = fmt.Errorf("unable to write pr url to porter app db: %w", err)
+				err := telemetry.Error(ctx, span, err, err.Error())
+				c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
 				return
 			}
 		}

api/server/handlers/porter_app/get_app_env.go

@@ -131,7 +131,7 @@ func (c *GetAppEnvHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		DeploymentTargetRepository: c.Repo().DeploymentTarget(),
 	}
 
-	envGroups, err := porter_app.AppEnvironmentFromProto(ctx, envFromProtoInp, porter_app.WithEnvGroupFilter(request.EnvGroups), porter_app.WithSecrets())
+	envGroups, err := porter_app.AppEnvironmentFromProto(ctx, envFromProtoInp, porter_app.WithEnvGroupFilter(request.EnvGroups), porter_app.WithSecrets(), porter_app.WithoutDefaultAppEnvGroups())
 	if err != nil {
 		err := telemetry.Error(ctx, span, err, "error getting app environment from revision")
 		c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusInternalServerError))

api/server/handlers/porter_app/update_app_environment_group.go

@@ -201,7 +201,7 @@ func (c *UpdateAppEnvironmentHandler) ServeHTTP(w http.ResponseWriter, r *http.R
 	}
 
 	variables := make(map[string]string)
-	secrets := make(map[string][]byte)
+	secrets := make(map[string]string)
 
 	if !request.HardUpdate {
 		for key, value := range latestEnvironmentGroup.Variables {
@@ -216,7 +216,7 @@ func (c *UpdateAppEnvironmentHandler) ServeHTTP(w http.ResponseWriter, r *http.R
 		variables[key] = value
 	}
 	for key, value := range request.Secrets {
-		secrets[key] = []byte(value)
+		secrets[key] = value
 	}
 
 	envGroup := environment_groups.EnvironmentGroup{

dashboard/src/components/PreflightChecks.tsx

@@ -13,6 +13,7 @@ import Loading from "./Loading";
 type Props = RouteComponentProps & {
   preflightData: any
   provider: 'AWS' | 'GCP' | 'DEFAULT';
+  error?: string;
 
 };
 
@@ -97,10 +98,16 @@ const PreflightChecks: React.FC<Props> = (props) => {
         Porter checks that the account has the right permissions and resources to provision a cluster.
       </Text>
       <Spacer y={1} />
-      {Object.keys(currentMessageConst).map((checkKey) => (
-        <PreflightCheckItem key={checkKey} checkKey={checkKey} />
-      ))}
-    </AppearingDiv>
+      {
+        props.error ?
+          <Error message="Selected region is not available for your account. Please select another region" />
+          :
+          Object.keys(currentMessageConst).map((checkKey) => (
+            <PreflightCheckItem key={checkKey} checkKey={checkKey} />
+          ))
+
+      }
+    </AppearingDiv >
   );
 };
 

dashboard/src/components/ProvisionerSettings.tsx

@@ -133,6 +133,7 @@ const ProvisionerSettings: React.FC<Props> = (props) => {
   const [isLoading, setIsLoading] = useState(false);
   const [preflightData, setPreflightData] = useState(null)
   const [preflightFailed, setPreflightFailed] = useState<boolean>(true)
+  const [preflightError, setPreflightError] = useState<string>("")
 
   const markStepStarted = async (step: string, errMessage?: string) => {
     try {
@@ -480,52 +481,60 @@ const ProvisionerSettings: React.FC<Props> = (props) => {
   useEffect(() => {
     if (!props.clusterId) {
       setStep(1)
-      setPreflightData(null)
       preflightChecks()
     }
   }, [props.selectedClusterVersion, awsRegion]);
 
 
   const preflightChecks = async () => {
-    setIsLoading(true);
-    setPreflightData(null);
 
-    var data = new PreflightCheckRequest({
-      projectId: BigInt(currentProject.id),
-      cloudProvider: EnumCloudProvider.AWS,
-      cloudProviderCredentialsId: props.credentialId,
-      preflightValues: {
-        case: "eksPreflightValues",
-        value: new EKSPreflightValues({
-          region: awsRegion,
-        })
+    try {
+      setIsLoading(true);
+      setPreflightData(null);
+      setPreflightFailed(true)
+      setPreflightError("");
+
+      var data = new PreflightCheckRequest({
+        projectId: BigInt(currentProject.id),
+        cloudProvider: EnumCloudProvider.AWS,
+        cloudProviderCredentialsId: props.credentialId,
+        preflightValues: {
+          case: "eksPreflightValues",
+          value: new EKSPreflightValues({
+            region: awsRegion,
+          })
+        }
+      });
+      const preflightDataResp = await api.preflightCheck(
+        "<token>", data,
+        {
+          id: currentProject.id,
+        }
+      )
+      // Check if any of the preflight checks has a message
+      let hasMessage = false;
+      let errors = "Preflight Checks Failed : ";
+      for (let check in preflightDataResp?.data?.Msg.preflight_checks) {
+        if (preflightDataResp?.data?.Msg.preflight_checks[check]?.message) {
+          hasMessage = true;
+          errors = errors + check + ", "
+        }
       }
-    });
-    const preflightDataResp = await api.preflightCheck(
-      "<token>", data,
-      {
-        id: currentProject.id,
+      // If none of the checks have a message, set setPreflightFailed to false
+      if (hasMessage) {
+        markStepStarted("provisioning-failed", errors);
       }
-    )
-    // Check if any of the preflight checks has a message
-    let hasMessage = false;
-    let errors = "Preflight Checks Failed : ";
-    for (let check in preflightDataResp?.data?.Msg.preflight_checks) {
-      if (preflightDataResp?.data?.Msg.preflight_checks[check]?.message) {
-        hasMessage = true;
-        errors = errors + check + ", "
+      if (!hasMessage) {
+        setPreflightFailed(false);
+        setStep(2);
       }
+      setPreflightData(preflightDataResp?.data?.Msg);
+      setIsLoading(false)
+    } catch (err) {
+      setPreflightError(err)
+      setIsLoading(false)
+      setPreflightFailed(true);
     }
-    // If none of the checks have a message, set setPreflightFailed to false
-    if (hasMessage) {
-      markStepStarted("provisioning-failed", errors);
-    }
-    if (!hasMessage) {
-      setPreflightFailed(false);
-      setStep(2);
-    }
-    setPreflightData(preflightDataResp?.data?.Msg);
-    setIsLoading(false)
 
   }
   const renderAdvancedSettings = () => {
@@ -984,7 +993,7 @@ const ProvisionerSettings: React.FC<Props> = (props) => {
               </Text><Spacer height="10px" /><SelectRow
                 options={regionOptions}
                 width="350px"
-                disabled={isReadOnly}
+                disabled={isReadOnly || isLoading}
                 value={awsRegion}
                 scrollBuffer={true}
                 dropdownMaxHeight="240px"
@@ -997,7 +1006,7 @@ const ProvisionerSettings: React.FC<Props> = (props) => {
               </>
             </>,
             <>
-              <PreflightChecks provider='AWS' preflightData={preflightData} />
+              <PreflightChecks provider='AWS' preflightData={preflightData} error={preflightError} />
               <Spacer y={.5} />
               {(preflightFailed && preflightData) &&
                 <>

dashboard/src/main/home/cluster-dashboard/dashboard/ClusterSettings.tsx

@@ -151,7 +151,7 @@ const ClusterSettings: React.FC<Props> = (props) => {
     </Helper>
   );
 
-  if (!currentCluster?.infra_id || !currentCluster?.service) {
+  if (!currentCluster?.infra_id && !currentProject?.capi_provisioner_enabled || !currentCluster?.service) {
     helperText = (
       <Helper>
         Remove this cluster from Porter. Since this cluster was not provisioned

dashboard/src/main/home/modals/UpdateClusterModal.tsx

@@ -52,7 +52,7 @@ class UpdateClusterModal extends Component<PropsType, StateType> {
           cluster_id: currentCluster.id,
         }
       )
-      .then((_) => {
+      .then(async (_) => {
         if (!currentCluster?.infra_id) {
           // TODO: make this more declarative from the Home component
           this.props.setRefreshClusters(true);
@@ -61,24 +61,34 @@ class UpdateClusterModal extends Component<PropsType, StateType> {
           pushFiltered(this.props, "/dashboard", ["project_id"], {
             tab: "overview",
           });
+
+
+          // Handle destroying infra we've provisioned
+          api
+            .destroyInfra(
+              "<token>",
+              {},
+              {
+                project_id: currentProject.id,
+                infra_id: currentCluster.infra_id,
+              }
+            )
+            .then(() =>
+              console.log("destroyed provisioned infra:", currentCluster.infra_id)
+            )
+            .catch(console.log);
+
+          if (currentProject.simplified_view_enabled) {
+            await api.saveOnboardingState(
+              "<token>",
+              { current_step: "connect_source" },
+              { project_id: currentProject.id }
+            );
+            window.location.reload();
+          }
           return;
         }
 
-        // Handle destroying infra we've provisioned
-        api
-          .destroyInfra(
-            "<token>",
-            {},
-            {
-              project_id: currentProject.id,
-              infra_id: currentCluster.infra_id,
-            }
-          )
-          .then(() =>
-            console.log("destroyed provisioned infra:", currentCluster.infra_id)
-          )
-          .catch(console.log);
-
         this.props.setRefreshClusters(true);
         this.setState({ status: "successful", showDeleteOverlay: false });
         this.context.setCurrentModal(null, null);

internal/kubernetes/environment_groups/create.go

@@ -1,7 +1,6 @@
 package environment_groups
 
 import (
-	"bytes"
 	"context"
 	"fmt"
 	"strconv"
@@ -46,7 +45,7 @@ func CreateOrUpdateBaseEnvironmentGroup(ctx context.Context, a *kubernetes.Agent
 
 	// If any of the secret variables are set to the dummy value (i.e. are unchanged), replace them with the existing value.
 	for k, v := range environmentGroup.SecretVariables {
-		if bytes.Equal(v, []byte(EnvGroupSecretDummyValue)) {
+		if v == EnvGroupSecretDummyValue {
 			existingValue, ok := latestEnvironmentGroup.SecretVariables[k]
 			if !ok {
 				return telemetry.Error(ctx, span, nil, "secret variable does not exist in latest environment group")
@@ -144,6 +143,11 @@ func createVersionedEnvironmentGroupInNamespace(ctx context.Context, a *kubernet
 		return telemetry.Error(ctx, span, err, "unable to create new environment group variables version")
 	}
 
+	secretData := make(map[string][]byte)
+	for k, v := range environmentGroup.SecretVariables {
+		secretData[k] = []byte(v)
+	}
+
 	secret := v1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      fmt.Sprintf("%s.%d", environmentGroup.Name, environmentGroup.Version),
@@ -153,7 +157,10 @@ func createVersionedEnvironmentGroupInNamespace(ctx context.Context, a *kubernet
 				LabelKey_EnvironmentGroupVersion: strconv.Itoa(environmentGroup.Version),
 			},
 		},
-		Data: environmentGroup.SecretVariables,
+		Data: secretData,
+	}
+	for k, v := range additionalLabels {
+		secret.Labels[k] = v
 	}
 
 	err = createSecretWithVersion(ctx, a, secret, environmentGroup.Version)

internal/kubernetes/environment_groups/get.go

@@ -71,9 +71,10 @@ func latestBaseEnvironmentGroup(ctx context.Context, a *kubernetes.Agent, enviro
 // If you are looking for envrionment groups in the base namespace, consider using LatestBaseEnvironmentGroup or ListBaseEnvironmentGroups instead
 type EnvironmentGroupInTargetNamespaceInput struct {
 	// Name is the environment group name which can be found on the configmap label
-	Name      string
-	Version   int
-	Namespace string
+	Name                              string
+	Version                           int
+	Namespace                         string
+	ExcludeDefaultAppEnvironmentGroup bool
 }
 
 // EnvironmentGroupInTargetNamespace checks if an environment group of a specific name and version exists in a target namespace.
@@ -99,7 +100,17 @@ func EnvironmentGroupInTargetNamespace(ctx context.Context, a *kubernetes.Agent,
 		telemetry.AttributeKV{Key: "namespace", Value: inp.Namespace},
 	)
 
-	environmentGroups, err := ListEnvironmentGroups(ctx, a, WithEnvironmentGroupName(inp.Name), WithEnvironmentGroupVersion(inp.Version), WithNamespace(inp.Namespace))
+	opts := []EnvironmentGroupOption{
+		WithEnvironmentGroupName(inp.Name),
+		WithEnvironmentGroupVersion(inp.Version),
+		WithNamespace(inp.Namespace),
+	}
+
+	if inp.ExcludeDefaultAppEnvironmentGroup {
+		opts = append(opts, WithoutDefaultAppEnvironmentGroups())
+	}
+
+	environmentGroups, err := ListEnvironmentGroups(ctx, a, opts...)
 	if err != nil {
 		return eg, telemetry.Error(ctx, span, err, "unable to list environment groups in target namespace")
 	}

internal/kubernetes/environment_groups/list.go

@@ -33,7 +33,7 @@ type EnvironmentGroup struct {
 	// Variables are non-secret values for the EnvironmentGroup. This usually will be a configmap
 	Variables map[string]string `json:"variables,omitempty"`
 	// SecretVariables are secret values for the EnvironmentGroup. This usually will be a Secret on the kubernetes cluster
-	SecretVariables map[string][]byte `json:"secret_variables,omitempty"`
+	SecretVariables map[string]string `json:"secret_variables,omitempty"`
 	// CreatedAt is only used for display purposes and is in UTC Unix time
 	CreatedAtUTC time.Time `json:"created_at"`
 }
@@ -42,7 +42,7 @@ type environmentGroupOptions struct {
 	namespace                          string
 	environmentGroupLabelName          string
 	environmentGroupLabelVersion       int
-	includeDefaultAppEnvironmentGroups bool
+	excludeDefaultAppEnvironmentGroups bool
 }
 
 // EnvironmentGroupOption is a function that modifies ListEnvironmentGroups
@@ -69,10 +69,10 @@ func WithEnvironmentGroupVersion(version int) EnvironmentGroupOption {
 	}
 }
 
-// WithDefaultAppEnvironmentGroup includes default app environment groups in the list
-func WithDefaultAppEnvironmentGroup() EnvironmentGroupOption {
+// WithoutDefaultAppEnvironmentGroups includes default app environment groups in the list
+func WithoutDefaultAppEnvironmentGroups() EnvironmentGroupOption {
 	return func(opts *environmentGroupOptions) {
-		opts.includeDefaultAppEnvironmentGroups = true
+		opts.excludeDefaultAppEnvironmentGroups = true
 	}
 }
 
@@ -133,7 +133,7 @@ func listEnvironmentGroups(ctx context.Context, a *kubernetes.Agent, listOpts ..
 			continue // invalid version label as it should be an int, not an environment group
 		}
 
-		if !opts.includeDefaultAppEnvironmentGroups {
+		if opts.excludeDefaultAppEnvironmentGroups {
 			value := cm.Labels[LabelKey_DefaultAppEnvironment]
 			if value == "true" {
 				continue // do not include default app environment groups
@@ -153,6 +153,11 @@ func listEnvironmentGroups(ctx context.Context, a *kubernetes.Agent, listOpts ..
 	}
 
 	for _, secret := range secretListResp.Items {
+		stringSecret := make(map[string]string)
+		for k, v := range secret.Data {
+			stringSecret[k] = string(v)
+		}
+
 		name, ok := secret.Labels[LabelKey_EnvironmentGroupName]
 		if !ok {
 			continue // missing name label, not an environment group
@@ -166,7 +171,7 @@ func listEnvironmentGroups(ctx context.Context, a *kubernetes.Agent, listOpts ..
 			continue // invalid version label as it should be an int, not an environment group
 		}
 
-		if !opts.includeDefaultAppEnvironmentGroups {
+		if opts.excludeDefaultAppEnvironmentGroups {
 			value, ok := secret.Labels[LabelKey_DefaultAppEnvironment]
 			if ok && value == "true" {
 				continue // do not include default app environment groups
@@ -179,7 +184,7 @@ func listEnvironmentGroups(ctx context.Context, a *kubernetes.Agent, listOpts ..
 		envGroupSet[secret.Name] = EnvironmentGroup{
 			Name:            name,
 			Version:         version,
-			SecretVariables: secret.Data,
+			SecretVariables: stringSecret,
 			Variables:       envGroupSet[secret.Name].Variables,
 			CreatedAtUTC:    secret.CreationTimestamp.Time.UTC(),
 		}
@@ -210,7 +215,7 @@ func ListEnvironmentGroups(ctx context.Context, a *kubernetes.Agent, listOpts ..
 
 	for _, envGroup := range envGroups {
 		for k := range envGroup.SecretVariables {
-			envGroup.SecretVariables[k] = []byte(EnvGroupSecretDummyValue)
+			envGroup.SecretVariables[k] = EnvGroupSecretDummyValue
 		}
 	}
 

internal/porter_app/environment.go

@@ -13,8 +13,9 @@ import (
 )
 
 type envVariarableOptions struct {
-	includeSecrets bool
-	envGroups      []string
+	includeSecrets             bool
+	envGroups                  []string
+	excludeDefaultAppEnvGroups bool
 }
 
 // EnvVariableOption is a function that modifies AppEnvironmentFromProto
@@ -34,6 +35,13 @@ func WithEnvGroupFilter(envGroups []string) EnvVariableOption {
 	}
 }
 
+// WithoutDefaultAppEnvGroups filters out the default app environment groups from the returned list
+func WithoutDefaultAppEnvGroups() EnvVariableOption {
+	return func(opts *envVariarableOptions) {
+		opts.excludeDefaultAppEnvGroups = true
+	}
+}
+
 // AppEnvironmentFromProtoInput is the input struct for AppEnvironmentFromProto
 type AppEnvironmentFromProtoInput struct {
 	ProjectID                  uint
@@ -107,9 +115,10 @@ func AppEnvironmentFromProto(ctx context.Context, inp AppEnvironmentFromProtoInp
 
 	for _, envGroupRef := range filteredEnvGroups {
 		envGroup, err := environment_groups.EnvironmentGroupInTargetNamespace(ctx, inp.K8SAgent, environment_groups.EnvironmentGroupInTargetNamespaceInput{
-			Name:      envGroupRef.GetName(),
-			Version:   int(envGroupRef.GetVersion()),
-			Namespace: namespace,
+			Name:                              envGroupRef.GetName(),
+			Version:                           int(envGroupRef.GetVersion()),
+			Namespace:                         namespace,
+			ExcludeDefaultAppEnvironmentGroup: opts.excludeDefaultAppEnvGroups,
 		})
 		if err != nil {
 			return nil, telemetry.Error(ctx, span, err, "error getting environment group in target namespace")
@@ -119,7 +128,10 @@ func AppEnvironmentFromProto(ctx context.Context, inp AppEnvironmentFromProtoInp
 			envGroup.SecretVariables = nil
 		}
 
-		envGroups = append(envGroups, envGroup)
+		// if envGroup.Name is empty, it means the environment group was a default app environment group and was filtered out
+		if envGroup.Name != "" {
+			envGroups = append(envGroups, envGroup)
+		}
 	}
 
 	return envGroups, nil