Skip to content

v1.535.2

Latest
Latest
Compare
Choose a tag to compare
@cloudposse-releaser cloudposse-releaser released this 04 Jun 15:26
v1.535.2
cf7cf82
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

🤖 Automatic Updates

Update README.md and docs @[cloudposse-releaser[bot]](https://github.com/apps/cloudposse-releaser) (#32) ## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

chore(deps): update terraform cloudposse/stack-config/yaml to v1.8.0 @[renovate[bot]](https://github.com/apps/renovate) (#6) This PR contains the following updates:
Package Type Update Change
cloudposse/stack-config/yaml (source) module minor 1.5.0 -> 1.8.0

Release Notes

cloudposse/terraform-yaml-stack-config (cloudposse/stack-config/yaml)

v1.8.0: [remote-state] Improve backend compatibility

Compare Source

Among other things detailed below, this release enables users to fix deprecation warnings like:

│ Warning: Deprecated Parameters
│ 
│   with module.account_map.data.terraform_remote_state.data_source[0],
│   on .terraform/modules/account_map/modules/remote-state/data-source.tf line 88, in data "terraform_remote_state" "data_source":
│   88: data "terraform_remote_state" "data_source" {
│ 
│ The following parameters have been deprecated. Replace them as follows:
│   * role_arn -> assume_role.role_arn

(cf. #​93 and #​96)

If you are receiving deprecation warnings from remote-state, they can now be resolved by updating your backend/remote_state_backend configuration to match the version of Terraform or Tofu you are using. For example, change

terraform:
  backend:
    s3:
      bucket: my-tfstate-bucket
      dynamodb_table: my-tfstate-lock-table
      role_arn: arn:aws:iam::123456789012:role/my-tfstate-access-role
  remote_state_backend:
    s3:
      role_arn: arn:aws:iam::123456789012:role/my-tfstate-access-read-only-role

to

terraform:
  backend:
    s3:
      bucket: my-tfstate-bucket
      dynamodb_table: my-tfstate-lock-table
      assume_role:
        role_arn: arn:aws:iam::123456789012:role/my-tfstate-access-role
  remote_state_backend:
    s3:
      assume_role:
        role_arn: arn:aws:iam::123456789012:role/my-tfstate-access-read-only-role

🚀 Enhancements

[remote-state] Improve backend compatibility @​Nuru (#​105)

what

  • Improve remote-state backend compatibility

Rather than trying to parse the backend configuration, as a general rule we now just pass it through to the data source. This provides future-proof compatibility with all backends supported by Terraform and OpenTofu.

why

  • This prevents the need for updates like #​99 to provide configuration for future S3 backends, while eliminating compatibility issues like #​102.
  • This also eliminates deprecation warnings caused by forcing configuration to look a certain way.
  • Now, users can manage their own remote state configuration to match their toolset.

references

v1.7.0: (not recommended)

Compare Source

feat: support for gcs backends @​burnzy (#​95)

what

Simple change to add support for GCS backends

why

Allows GCP users (users with gcs backends) to make use of this remote-state module for sharing data between components.

references

🚀 Enhancements

Support local backend @​Nuru (#​104)

what

  • Support retrieving remote state from local backends
    • NOTE: Using relative paths in local backends is tricky, because the path needs to resolve to the same directory from the source root module directory as from the client root module directory.
  • Fix Terratests
    • The spacelift test suite is broken, and we never previously required it to work, so it is now skipped
  • Update test suite to use go v1.21 and update dependencies

why

  • When running demos and tests, it is more convenient to use local backends
  • Maintain some degree of testing
  • Closes multiple dependabot PRs:

🤖 Automatic Updates

Bump the go_modules group in /test/src with 5 updates @​dependabot (#​94) Bumps the go_modules group in /test/src with 5 updates:
Package From To
github.com/hashicorp/go-getter 1.7.1 1.7.5
golang.org/x/crypto 0.1.0 0.17.0
golang.org/x/net 0.8.0 0.10.0
google.golang.org/grpc 1.51.0 1.56.3
google.golang.org/protobuf 1.28.1 1.30.0

Updates github.com/hashicorp/go-getter from 1.7.1 to 1.7.5

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.7.5

What's Changed

New Contributors

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.4...v1.7.5

v1.7.4

What's Changed

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.3...v1.7.4

v1.7.3

What's Changed

New Contributors

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.2...v1.7.3

v1.7.2

What's Changed

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.1...v1.7.2

Commits
  • 5a63fd9 Merge pull request #​497 from hashicorp/fix-git-update
  • 5b7ec5f fetch tags on update and fix tests
  • 9906874 recreate git config during update to prevent config alteration
  • 268c11c escape user provide string to git (#​483)
  • 975961f Merge pull request #​433 from adrian-bl/netrc-fix
  • 0298a22 Merge pull request #​459 from hashicorp/jbardin/setup-git-env
  • c70d9c9 don't change GIT_SSH_COMMAND if there's no keyfile
  • 3d5770f Merge pull request #​458 from hashicorp/tsccr-auto-pinning/trusted/2023-09-18
  • 0688979 Result of tsccr-helper -log-level=info -pin-all-workflows .
  • e66f244 Merge pull request #​454 from hashicorp/tsccr-auto-pinning/trusted/2023-09-11
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.1.0 to 0.17.0

Commits
  • 9d2ee97 ssh: implement strict KEX protocol changes
  • 4e5a261 ssh: close net.Conn on all NewServerConn errors
  • 152cdb1 x509roots/fallback: update bundle
  • fdfe1f8 ssh: defer channel window adjustment
  • b8ffc16 blake2b: drop Go 1.6, Go 1.8 compatibility
  • 7e6fbd8 ssh: wrap errors from client handshake
  • bda2f3f argon2: avoid clobbering BP
  • 325b735 ssh/test: skip TestSSHCLIAuth on Windows
  • 1eadac5 go.mod: update golang.org/x dependencies
  • b2d7c26 ssh: add (*Client).DialContext method
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.8.0 to 0.10.0

Commits
  • daac0ce go.mod: update golang.org/x dependencies
  • 82780d6 http2: don't reuse connections that are experiencing errors
  • 0bfab66 ipv4, ipv6: drop redundant skip checks based on GOOS
  • 938ff15 ipv4, ipv6, nettest: skip unsupported tests on wasip1
  • eb1572c html: another shot at security doc
  • 9001ca7 nettest: re-enable unixpacket tests on netbsd/386
  • 3d5a8ee internal/socks: permit authenticating with an empty password
  • 694cff8 go.mod: update golang.org/x dependencies
  • 6960703 http2: log the correct error when retrying in (*Transport).RoundTripOpt
  • 9f24bb4 http2: properly discard data received after request/response body is closed
  • Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.51.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#​6374)

Release 1.56.1

  • client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

  • client: support channel idleness using WithIdleTimeout dial option (#​6263)
    • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
  • client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#​6306)
  • xds: Add support for Custom LB Policies (gRFC A52) (#​6224)
  • xds: support pick_first Custom LB policy (gRFC A62) (#​6314) (#​6317)
  • client: add support for pickfirst address shuffling (gRFC A62) (#​6311)
  • xds: Add support for String Matcher Header Matcher in RDS (#​6313)
  • xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#​6145)
  • xds: enable RLS in xDS by default (#​6343)
  • orca: add support for application_utilization field and missing range checks on several metrics setters
  • balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#​6241)
  • authz: add conversion of json to RBAC Audit Logging config (#​6192)
  • authz: add support for stdout logger (#​6230 and #​6298)
  • authz: support customizable audit functionality for authorization policy (#​6192 #​6230 #​6298 #​6158 #​6304 and #​6225)

Bug Fixes

  • orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#​6245)
  • xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#​6361)
  • xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#​6361)

API Changes

  • orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#​6223)

Release 1.55.1

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#​6374)

Release 1.55.0

Behavior Changes

  • xds: enable federation support by default (#​6151)
  • status: status.Code and status.FromError handle wrapped errors (#​6031 and #​6150)

... (truncated)

Commits

Updates google.golang.org/protobuf from 1.28.1 to 1.30.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.
Migrate new test account @​osterman (#​103)

what

  • Update .github/settings.yml
  • Update .github/chatops.yml files

why

  • Re-apply .github/settings.yml from org level to get terratest environment
  • Migrate to new test account

References

  • DEV-388 Automate clean up of test account in new organization
  • DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
  • DEV-386 Update terratest to use new testing account with GitHub OIDC
Update .github/settings.yml @​osterman (#​101)

what

  • Update .github/settings.yml
  • Drop .github/auto-release.yml files

why

  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings

references

  • DEV-1242 Add protected tags with Repository Rulesets on GitHub
Update .github/settings.yml @​osterman (#​100)

what

  • Update .github/settings.yml
  • Drop .github/auto-release.yml files

why

  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings

references

  • DEV-1242 Add protected tags with Repository Rulesets on GitHub

v1.6.0: (not recommended)

Compare Source

NOTE: Requires Terraform v1.6.4 or later to work with S3 backends. See #​102

what

Add options required by S3-compatible backend for Oracle Cloud Infrastructure as described here

why

Some of the options available for S3 backend for Terraform are not supported by remote-state module. However, they are useful when working with cloud providers other than AWS.

references

S3-compatible backend for OCI
Terraform S3 backend

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

chore(deps): update terraform cloudposse/ecs-container-definition/aws to v0.61.2 @[renovate[bot]](https://github.com/apps/renovate) (#4) This PR contains the following updates:
Package Type Update Change
cloudposse/ecs-container-definition/aws (source) module minor 0.58.1 -> 0.61.2

Release Notes

cloudposse/terraform-aws-ecs-container-definition (cloudposse/ecs-container-definition/aws)

v0.61.2

Compare Source

feature: Add restart policy and version consistency parameters @​ia9 (#​193)

what

  • Add restartPolicy parameter
  • Add versionConsistency parameter
  • Update docs
  • Update complete example

why

In order to support new parameters added to container definition.

  • restartPolicy parameter
  • versionConsistency parameter added in AWS provider v5.77.0

references

🤖 Automatic Updates

Migrate new test account @​osterman (#​190)

what

  • Update .github/settings.yml
  • Update .github/chatops.yml files

why

  • Re-apply .github/settings.yml from org level to get terratest environment
  • Migrate to new test account

References

  • DEV-388 Automate clean up of test account in new organization
  • DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
  • DEV-386 Update terratest to use new testing account with GitHub OIDC
Update .github/settings.yml @​osterman (#​189)

what

  • Update .github/settings.yml
  • Drop .github/auto-release.yml files

why

  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings

references

  • DEV-1242 Add protected tags with Repository Rulesets on GitHub
Update .github/settings.yml @​osterman (#​187)

what

  • Update .github/settings.yml
  • Drop .github/auto-release.yml files

why

  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings

references

  • DEV-1242 Add protected tags with Repository Rulesets on GitHub
Update GitHub Workflows to use shared workflows from '.github' repo @​osterman (#​186)

what

  • Update workflows (.github/workflows) to use shared workflows from .github repo

why

  • Reduce nested levels of reusable workflows
Update GitHub Workflows to Fix ReviewDog TFLint Action @​osterman (#​185)

what

  • Update workflows (.github/workflows) to add issue: write permission needed by ReviewDog tflint action

why

  • The ReviewDog action will comment with line-level suggestions based on linting failures
Update GitHub workflows @​osterman (#​184)

what

  • Update workflows (.github/workflows/settings.yaml)

why

  • Support new readme generation workflow.
  • Generate banners
Use GitHub Action Workflows from `cloudposse/.github` Repo @​osterman (#​183)

what

  • Install latest GitHub Action Workflows

why

  • Use shared workflows from cldouposse/.github repository
  • Simplify management of workflows from centralized hub of configuration
Add GitHub Settings @​osterman (#​182)

what

  • Install a repository config (.github/settings.yaml)

why

  • Programmatically manage GitHub repo settings
Update Scaffolding @​osterman (#​180)

what

  • Reran make readme to rebuild README.md from README.yaml
  • Migrate to square badges
  • Add scaffolding for repo settings and Mergify

why

  • Upstream template changed in the .github repo
  • Work better with repository rulesets
  • Modernize look & feel

v0.61.1

Compare Source

🚀 Enhancements

Fix: Duplicate name in portMapping fixed & Docs Updated @​Hackerbone (#​171)

what

The portMapping parameter had a duplicate name field occurrence

why

Failure in creating services in the new release v0.61.0

references

I was waiting for the previous PR to get merged since I use this module in my project for a while. Saw CI checks didn't pass so I made a new fix PR.

v0.61.0

Compare Source

chore: add service connect fields to portMapping @​dudymas (#​168)

what

  • added name and appProtocol to portMapping variables

why

  • Service Connect uses these fields

references

v0.60.1

Compare Source

fix: add port mapping name (#​162) @​aaronlake (#​166)

what

  • Add optional variable name to portMappings to allow Service Discovery registration

why

  • Unable to allow ECS container definitions to register with Service Discovery

references

🤖 Automatic Updates

Update README.md and docs @​cloudpossebot (#​167)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v0.60.0

Compare Source

fix: strengthen types, simplify logic (#​154) @​goruha (#​164)

what

  • enable & use optional attributes where AWS API marks fields optional
  • remove redundant lookups
  • strengthen types for log_configuration, repository_credentials, system_controls, container_definition
  • reorder object var attributes to match AWS docs
  • simplify log configuration sanitization/munging
  • simplify secret & environment var sorting
  • expose unencoded container definition output directly without requiring pointless jsonencode/jsondecode cycle

why

  • optional obviates lookup(..., null) calls for objects
  • lookup(o, k) without a default is deprecated in favor of o[k] or direct attr access (o.k)
  • log_configuration, repository_credentials, and system_controls had needlessly opaque any types which hinder DX and make subtle bugs more likely (e.g. in the types of log_configuration.options values)
  • since all attributes of container_definition are now typed there's no reason not to type it as well
  • following the AWS documentation's field order makes types easier to verify for completeness & correctness
  • typing log_configuration appropriately obviates explicit tostring & null handling; resolves #​151
  • env/secret map sorting can be dramatically simplified since for-expressions iterate over maps & objects by key in lexicographic order
  • jsonencode-ing the final container definition only to jsondecode for json_map_object is redundant

Refs

  • #​154
  • @​obataku
Sync github @​max-lobur (#​161)

Sync github from the template

v0.59.0

Compare Source

  • No changes

v0.58.3

Compare Source

🚀 Enhancements

fix: eternal churn of environment variables @​kevcube (#​159)

what

  • Maybe the AWS container definition API changed but applying a container constructed from this module will post with environment = null which amazon translates to environment = []
  • So every subsequent apply will have changes in terraform like environment = [] ~> null

why

  • if we match what amazon translates to, then the terraform state stays consistent

v0.58.2

Compare Source

Remove unused provider @​pguinard-public-com (#​157)
what
  • Remove unused provider
why
references
git.io->cloudposse.tools update @​dylanbannon (#​152)
what and why

Change all references to git.io/build-harness into cloudposse.tools/build-harness, since git.io redirects will stop working on April 29th, 2022.

References
  • DEV-143
🤖 Automatic Updates
Update README.md and docs @​cloudpossebot (#​155)
what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Assets 2
Loading