Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update terraform hashicorp/terraform to v1.6.0 #4373

Merged
merged 1 commit into from
Oct 4, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 4, 2023

Mend Renovate

This PR contains the following updates:

Package Type Update Change
hashicorp/terraform required_version minor 1.5.7 -> 1.6.0

Release Notes

hashicorp/terraform (hashicorp/terraform)

v1.6.0

Compare Source

1.6.0 (October 4, 2023)

UPGRADE NOTES:

  • On macOS, Terraform now requires macOS 10.15 Catalina or later; support for previous versions has been discontinued.
  • On Windows, Terraform now requires at least Windows 10 or Windows Server 2016; support for previous versions has been discontinued.
  • The S3 backend has a number of significant changes to its configuration format in this release, intended to match with recent changes in the hashicorp/aws provider:
    • Configuration settings related to assuming IAM roles now belong to a nested block assume_role. The top-level arguments role_arn, session_name, external_id, assume_role_duration_seconds, assume_role_policy_arns, assume_role_tags, and assume_role_transitive_tag_keys are all now deprecated in favor of the nested equivalents. (#​30495)
    • Configuration settings related to overriding the locations of AWS service endpoints used by the provider now belong to a nested block endpoints. The top-level arguments dynamodb_endpoint, iam_endpoint, endpoint (fir S3), and sts_endpoint are now deprecated in favor of the nested equivalents. (#​30492)
    • The backend now uses the following environment variables for overriding the default locations of AWS service endpoints used by the provider: AWS_ENDPOINT_URL_DYNAMODB, AWS_ENDPOINT_URL_IAM, AWS_ENDPOINT_URL_S3, and AWS_ENDPOINT_URL_STS. The old non-standard names for these environment variables are now deprecated: AWS_DYNAMODB_ENDPOINT, AWS_IAM_ENDPOINT, AWS_S3_ENDPOINT, and AWS_STS_ENDPOINT. (#​30479)
    • The singular shared_credentials_file argument is deprecated in favor of the plural shared_credentials_files.
    • The force_path_style argument is deprecated in favor of use_path_style for consistency with the AWS SDK. (#​30491)

NEW FEATURES:

  • terraform test: The terraform test command is now generally available. This comes with a significant change to how tests are written and executed, based on feedback from the experimental phase.

    Terraform tests are written in .tftest.hcl files, containing a series of run blocks. Each run block executes a Terraform plan and optional apply against the Terraform configuration under test and can check conditions against the resulting plan and state.

ENHANCEMENTS:

  • config: The import block id field now accepts expressions referring to other values such as resource attributes, as long as the value is a string known at plan time. (#​33618)

  • Terraform Cloud integration: Remote plans on Terraform Cloud/Enterprise can now be saved using the -out option, viewed using terraform show, and applied using terraform apply with the saved plan filename. (#​33492)

  • config: Terraform can now track some additional detail about values that won't be known until the apply step, such as the range of possible lengths for a collection or whether an unknown value can possibly be null.

  • core: Provider schemas can now be cached globally for compatible providers, allowing them to be reused throughout core without requesting them for each new provider instance. This can significantly reduce memory usage when there are many instances of the same provider in a single configuration (#​33482)

    When this information is available, Terraform can potentially generate known results for some operations on unknown values. This doesn't mean that Terraform can immediately track that detail in all cases, but the type system now supports that and so over time we can improve the level of detail generated by built-in functions, language operators, Terraform providers, etc. (#​33234)

  • config: The try and can functions can now return more precise and consistent results when faced with unknown arguments (#​33758)

  • terraform show -json: Now includes errored property, indicating whether the planning process halted with an error. An errored plan is not applyable. (#​33372)

  • core: Terraform will now skip requesting the (possibly very large) provider schema from providers which indicate during handshake that they don't require that for correct behavior, in situations where Terraform Core itself does not need the schema. (#​33486)

  • backend/kubernetes: The Kubernetes backend is no longer limited to storing states below 1MiB in size, and can now scale by splitting state across multiple secrets. (#​29678)

  • backend/s3: Various improvements for consistency with hashicorp/aws provider capabilities:

    • assume_role_with_web_identity nested block for assuming a role with dynamic credentials such as a JSON Web Token. (#​31244)
    • Now honors the standard AWS environment variables for credential and configuration files: AWS_CONFIG_FILE and AWS_SHARED_CREDENTIALS_FILE. (#​30493)
    • shared_config_files and shared_credentials_files arguments for specifying credential and configuration files as part of the backend configuration. (#​30493)
    • Internally the backend now uses AWS SDK for Go v2, which should address various other missing behaviors that are handled by the SDK rather than by Terraform itself. (#​30443)
    • custom_ca_bundle argument and support for the corresponding AWS environment variable, AWS_CA_BUNDLE, for providing custom root and intermediate certificates. (#​33689)
    • ec2_metadata_service_endpoint and ec2_metadata_service_endpoint_mode arguments and support for the corresponding AWS environment variables, AWS_EC2_METADATA_SERVICE_ENDPOINT and AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE for setting the EC2 metadata service (IMDS) endpoint. The environment variable AWS_METADATA_URL is also supported for compatibility with the AWS provider, but is deprecated. (#​30444)
    • http_proxy, insecure, use_fips_endpoint, and use_dualstack_endpoint arguments and support for the corresponding environment variables, HTTP_PROXY and HTTPS_PROXY, which enable custom HTTP proxy configurations and the resolution of AWS endpoints with extended capabilities. (#​30496)
    • sts_region argument to use an alternative region for STS operations. (#​33693)
    • retry_mode argument and support for the corresponding AWS_RETRY_MODE environment variable to configure how retries are attempted. (#​33692)
    • allowed_account_ids and forbidden_account_ids arguments to prevent unintended modifications to specified environments. (#​33688)
  • backend/cos: Support custom HTTP(S) endpoint and root domain for the API client. (#​33656)

BUG FIXES:

  • core: Transitive dependencies were lost during apply when the referenced resource expanded into zero instances. (#​33403)
  • cli: Terraform will no longer override SSH settings in local git configuration when installing modules. (#​33592)
  • terraform built-in provider: The upstream dependency that Terraform uses for service discovery of Terraform-native services such as Terraform Cloud/Enterprise state storage was previously not concurrency-safe, but Terraform was treating it as if it was in situations like when a configuration has multiple terraform_remote_state blocks all using the "remote" backend. Terraform is now using a newer version of that library which updates its internal caches in a concurrency-safe way. (#​33364)
  • terraform init: Terraform will no longer allow downloading remote modules to invalid paths. (#​33745)
  • Ignore potential remote terraform version mismatch when running force-unlock (#​28853)
  • cloud: Fixed a bug that would prevent nested symlinks from being dereferenced into the config sent to Terraform Cloud (#​31895)
  • cloud: state snapshots could not be disabled when header x-terraform-snapshot-interval is absent (#​33820)

Previous Releases

For information on prior major and minor releases, see their changelogs:


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the automerge label Oct 4, 2023
@mergery mergery bot merged commit 5c81cc9 into develop Oct 4, 2023
2 checks passed
@mergery mergery bot deleted the renovate/hashicorp-terraform-1.x branch October 4, 2023 18:29
MorrisonCole pushed a commit that referenced this pull request Nov 11, 2023
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants