Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update terraform cloudposse/stack-config/yaml to v1.8.0 #5

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Dec 4, 2024

This PR contains the following updates:

Package Type Update Change
cloudposse/stack-config/yaml (source) module minor 1.5.0 -> 1.8.0

Release Notes

cloudposse/terraform-yaml-stack-config (cloudposse/stack-config/yaml)

v1.8.0: [remote-state] Improve backend compatibility

Compare Source

Among other things detailed below, this release enables users to fix deprecation warnings like:

│ Warning: Deprecated Parameters
│ 
│   with module.account_map.data.terraform_remote_state.data_source[0],
│   on .terraform/modules/account_map/modules/remote-state/data-source.tf line 88, in data "terraform_remote_state" "data_source":
│   88: data "terraform_remote_state" "data_source" {
│ 
│ The following parameters have been deprecated. Replace them as follows:
│   * role_arn -> assume_role.role_arn

(cf. #​93 and #​96)

If you are receiving deprecation warnings from remote-state, they can now be resolved by updating your backend/remote_state_backend configuration to match the version of Terraform or Tofu you are using. For example, change

terraform:
  backend:
    s3:
      bucket: my-tfstate-bucket
      dynamodb_table: my-tfstate-lock-table
      role_arn: arn:aws:iam::123456789012:role/my-tfstate-access-role
  remote_state_backend:
    s3:
      role_arn: arn:aws:iam::123456789012:role/my-tfstate-access-read-only-role

to

terraform:
  backend:
    s3:
      bucket: my-tfstate-bucket
      dynamodb_table: my-tfstate-lock-table
      assume_role:
        role_arn: arn:aws:iam::123456789012:role/my-tfstate-access-role
  remote_state_backend:
    s3:
      assume_role:
        role_arn: arn:aws:iam::123456789012:role/my-tfstate-access-read-only-role

🚀 Enhancements

[remote-state] Improve backend compatibility @​Nuru (#​105)

what

  • Improve remote-state backend compatibility

Rather than trying to parse the backend configuration, as a general rule we now just pass it through to the data source. This provides future-proof compatibility with all backends supported by Terraform and OpenTofu.

why

  • This prevents the need for updates like #​99 to provide configuration for future S3 backends, while eliminating compatibility issues like #​102.
  • This also eliminates deprecation warnings caused by forcing configuration to look a certain way.
  • Now, users can manage their own remote state configuration to match their toolset.

references

v1.7.0: (not recommended)

Compare Source

feat: support for gcs backends @​burnzy (#​95)

what

Simple change to add support for GCS backends

why

Allows GCP users (users with gcs backends) to make use of this remote-state module for sharing data between components.

references

🚀 Enhancements

Support local backend @​Nuru (#​104)

what

  • Support retrieving remote state from local backends
    • NOTE: Using relative paths in local backends is tricky, because the path needs to resolve to the same directory from the source root module directory as from the client root module directory.
  • Fix Terratests
    • The spacelift test suite is broken, and we never previously required it to work, so it is now skipped
  • Update test suite to use go v1.21 and update dependencies

why

  • When running demos and tests, it is more convenient to use local backends
  • Maintain some degree of testing
  • Closes multiple dependabot PRs:

🤖 Automatic Updates

Bump the go_modules group in /test/src with 5 updates @​dependabot (#​94) Bumps the go_modules group in /test/src with 5 updates:
Package From To
github.com/hashicorp/go-getter 1.7.1 1.7.5
golang.org/x/crypto 0.1.0 0.17.0
golang.org/x/net 0.8.0 0.10.0
google.golang.org/grpc 1.51.0 1.56.3
google.golang.org/protobuf 1.28.1 1.30.0

Updates github.com/hashicorp/go-getter from 1.7.1 to 1.7.5

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.7.5

What's Changed

New Contributors

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.4...v1.7.5

v1.7.4

What's Changed

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.3...v1.7.4

v1.7.3

What's Changed

New Contributors

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.2...v1.7.3

v1.7.2

What's Changed

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.1...v1.7.2

Commits
  • 5a63fd9 Merge pull request #​497 from hashicorp/fix-git-update
  • 5b7ec5f fetch tags on update and fix tests
  • 9906874 recreate git config during update to prevent config alteration
  • 268c11c escape user provide string to git (#​483)
  • 975961f Merge pull request #​433 from adrian-bl/netrc-fix
  • 0298a22 Merge pull request #​459 from hashicorp/jbardin/setup-git-env
  • c70d9c9 don't change GIT_SSH_COMMAND if there's no keyfile
  • 3d5770f Merge pull request #​458 from hashicorp/tsccr-auto-pinning/trusted/2023-09-18
  • 0688979 Result of tsccr-helper -log-level=info -pin-all-workflows .
  • e66f244 Merge pull request #​454 from hashicorp/tsccr-auto-pinning/trusted/2023-09-11
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.1.0 to 0.17.0

Commits
  • 9d2ee97 ssh: implement strict KEX protocol changes
  • 4e5a261 ssh: close net.Conn on all NewServerConn errors
  • 152cdb1 x509roots/fallback: update bundle
  • fdfe1f8 ssh: defer channel window adjustment
  • b8ffc16 blake2b: drop Go 1.6, Go 1.8 compatibility
  • 7e6fbd8 ssh: wrap errors from client handshake
  • bda2f3f argon2: avoid clobbering BP
  • 325b735 ssh/test: skip TestSSHCLIAuth on Windows
  • 1eadac5 go.mod: update golang.org/x dependencies
  • b2d7c26 ssh: add (*Client).DialContext method
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.8.0 to 0.10.0

Commits
  • daac0ce go.mod: update golang.org/x dependencies
  • 82780d6 http2: don't reuse connections that are experiencing errors
  • 0bfab66 ipv4, ipv6: drop redundant skip checks based on GOOS
  • 938ff15 ipv4, ipv6, nettest: skip unsupported tests on wasip1
  • eb1572c html: another shot at security doc
  • 9001ca7 nettest: re-enable unixpacket tests on netbsd/386
  • 3d5a8ee internal/socks: permit authenticating with an empty password
  • 694cff8 go.mod: update golang.org/x dependencies
  • 6960703 http2: log the correct error when retrying in (*Transport).RoundTripOpt
  • 9f24bb4 http2: properly discard data received after request/response body is closed
  • Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.51.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#​6374)

Release 1.56.1

  • client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

  • client: support channel idleness using WithIdleTimeout dial option (#​6263)
    • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
  • client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#​6306)
  • xds: Add support for Custom LB Policies (gRFC A52) (#​6224)
  • xds: support pick_first Custom LB policy (gRFC A62) (#​6314) (#​6317)
  • client: add support for pickfirst address shuffling (gRFC A62) (#​6311)
  • xds: Add support for String Matcher Header Matcher in RDS (#​6313)
  • xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#​6145)
  • xds: enable RLS in xDS by default (#​6343)
  • orca: add support for application_utilization field and missing range checks on several metrics setters
  • balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#​6241)
  • authz: add conversion of json to RBAC Audit Logging config (#​6192)
  • authz: add support for stdout logger (#​6230 and #​6298)
  • authz: support customizable audit functionality for authorization policy (#​6192 #​6230 #​6298 #​6158 #​6304 and #​6225)

Bug Fixes

  • orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#​6245)
  • xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#​6361)
  • xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#​6361)

API Changes

  • orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#​6223)

Release 1.55.1

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#​6374)

Release 1.55.0

Behavior Changes

  • xds: enable federation support by default (#​6151)
  • status: status.Code and status.FromError handle wrapped errors (#​6031 and #​6150)

... (truncated)

Commits

Updates google.golang.org/protobuf from 1.28.1 to 1.30.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.
Migrate new test account @​osterman (#​103)

what

  • Update .github/settings.yml
  • Update .github/chatops.yml files

why

  • Re-apply .github/settings.yml from org level to get terratest environment
  • Migrate to new test account

References

  • DEV-388 Automate clean up of test account in new organization
  • DEV-387 Update terratest to work on a shared workflow instead of a dispatch action
  • DEV-386 Update terratest to use new testing account with GitHub OIDC
Update .github/settings.yml @​osterman (#​101)

what

  • Update .github/settings.yml
  • Drop .github/auto-release.yml files

why

  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings

references

  • DEV-1242 Add protected tags with Repository Rulesets on GitHub
Update .github/settings.yml @​osterman (#​100)

what

  • Update .github/settings.yml
  • Drop .github/auto-release.yml files

why

  • Re-apply .github/settings.yml from org level
  • Use organization level auto-release settings

references

  • DEV-1242 Add protected tags with Repository Rulesets on GitHub

v1.6.0: (not recommended)

Compare Source

NOTE: Requires Terraform v1.6.4 or later to work with S3 backends. See #​102

what

Add options required by S3-compatible backend for Oracle Cloud Infrastructure as described here

why

Some of the options available for S3 backend for Terraform are not supported by remote-state module. However, they are useful when working with cloud providers other than AWS.

references

S3-compatible backend for OCI
Terraform S3 backend


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner December 4, 2024 02:57
Copy link

mergify bot commented Dec 4, 2024

/terratest

@mergify mergify bot added auto-update This PR was automatically generated needs-test Needs testing labels Dec 4, 2024
Copy link

mergify bot commented Dec 20, 2024

Merge Protections

Your pull request matches the following merge protections and will not be merged until they are valid.

🟠 Require terratest

Waiting checks: test/terratest.

This rule require terratest status

  • check-success = test/terratest

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
auto-update This PR was automatically generated needs-test Needs testing
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants