v1.7.5

1.7.5 (March 13, 2024)

BUG FIXES:

• backend/s3: When using s3 backend and encountering a network issue, the retry code would fail with "failed to rewind transport stream for retry". Now the retry should be successful. (#34796)

v1.8.0-beta1

1.8.0-beta1 (March 6, 2024)

UPGRADE NOTES:

If you are upgrading from Terraform v1.7 or earlier, please refer to
the Terraform v1.8 Upgrade Guide.

• backend/s3: The use_legacy_workflow argument has been removed to encourage consistency with the AWS SDKs. The backend will now search for credentials in the same order as the default provider chain in the AWS SDKs and AWS CLI.

NEW FEATURES:

• Providers can now implement functions which can be used from within the Terraform configuration language. The syntax for calling a provider supplied function is provider::provider_name::function_name(). (#34394)
• Providers can now implement move operations between resource types, both from resource types defined by the provider and defined by other providers. Check provider documentation for supported cross-resource-type moves.
• issensitive function added to detect if a value is marked as sensitive

ENHANCEMENTS:

• terraform show's JSON rendering of a plan now includes two explicit flags "applyable" and "complete", which both summarize characteristics of a plan that were previously only inferrable by consumers replicating some of Terraform Core's own logic. (#34642)

  "applyable" means that it makes sense for a wrapping automation to offer to apply this plan.

  "complete" means that applying this plan is expected to achieve convergence between desired and actual state. If this flag is present and set to false then wrapping automations should ideally encourage an operator to run another plan/apply round to continue making progress toward convergence.

• Improved plan diff rendering for lists to display item-level differences on lists with unchanged length.

• terraform provider lock accepts a new boolean option -enable-plugin-cache. If specified, and if a global plugin cache is configured Terraform will use the cache in the provider lock process. (#34632)

• terraform test: File-level variables can now reference global variables. (#34699)

• In import-generated code represent JSON values in HCL instead of as strings

• built-in "terraform" provider: new tfvarsdecode, tfvarsencode, and exprencode functions, for unusual situations where it's helpful to manually generate or read from Terraform's "tfvars" format. (#34718)

BUG FIXES:

• core: Sensitive values will now be tracked more accurately in state and plans, preventing unexpected updates with no apparent changes (#34567)
• core: Fix incorrect error message when using in invalid iterator within a dynamic block (#34751)
• core: Fixed edge-case bug that could cause loss of floating point precision when round-tripping due to incorrectly using a MessagePack integer to represent a large non-integral number (#24576)
• config: Converting from an unknown map value to an object type now correctly handles the situation where the map element type disagrees with an optional attribute of the target type, since when a map value is unknown we don't yet know which keys it has and thus cannot predict what subset of the elements will get converted as attributes in the resulting object (#34756)
• cloud: Fixed unparsed color codes in policy failure error messages (#34473)

Previous Releases

For information on prior major and minor releases, see their changelogs:

• v1.7
• v1.6
• v1.5
• v1.4
• v1.3
• v1.2
• v1.1
• v1.0
• v0.15
• v0.14
• v0.13
• v0.12
• v0.11 and earlier

v1.8.0-alpha20240228

1.8.0-alpha20240228 (February 28, 2024)

UPGRADE NOTES:

• The first plan after upgrading may show resource updates with no apparent changes if -refresh-only or -refresh=false is used. The fix introduced for #34567 may require rewriting the state for some resources, which will be done automatically during the first normal plan and apply operation.

NEW FEATURES:

• Providers can now implement functions which can be used from within the Terraform configuration language. The syntax for calling a provider supplied function is provider::provider_name::function_name(). (#34394)
• Providers can now implement move operations between resource types, both from resource types defined by the provider and defined by other providers. Check provider documentation for supported cross-resource-type moves.
• issensitive function added to detect if a value is marked as sensitive

ENHANCEMENTS:

• terraform show's JSON rendering of a plan now includes two explicit flags "applyable" and "complete", which both summarize characteristics of a plan that were previously only inferrable by consumers replicating some of Terraform Core's own logic. (#34642)

  "applyable" means that it makes sense for a wrapping automation to offer to apply this plan.

  "complete" means that applying this plan is expected to achieve convergence between desired and actual state. If this flag is present and set to false then wrapping automations should ideally encourage an operator to run another plan/apply round to continue making progress toward convergence.

• Improved plan diff rendering for lists to display item-level differences on lists with unchanged length.

• terraform provider lock accepts a new boolean option -enable-plugin-cache. If specified, and if a global plugin cache is configured Terraform will use the cache in the provider lock process. (#34632)

• terraform test: File-level variables can now reference global variables. (#34699)

• In import-generated code represent JSON values in HCL instead of as strings

• built-in "terraform" provider: new tfvarsdecode, tfvarsencode, and exprencode functions, for unusual situations where it's helpful to manually generate or read from Terraform's "tfvars" format. (#34718)

BUG FIXES:

• core: Sensitive values will now be tracked more accurately in state and plans, preventing unexpected updates with no apparent changes (#34567)
• cloud: Fixed unparsed color codes in policy failure error messages #34473

EXPERIMENTS:

Experiments are only enabled in alpha releases of Terraform CLI. The following features are not yet available in stable releases.

• terraform test accepts a new option -junit-xml=FILENAME. If specified, and if the test configuration is valid enough to begin executing, then Terraform writes a JUnit XML test result report to the given filename, describing similar information as included in the normal test output. (#34291)

• The new command terraform rpcapi exposes some Terraform Core functionality through an RPC interface compatible with go-plugin. The exact RPC API exposed here is currently subject to change at any time, because it's here primarily as a vehicle to support the Terraform Stacks private preview and so will be broken if necessary to respond to feedback from private preview participants, or possibly for other reasons. Do not use this mechanism yet outside of Terraform Stacks private preview.

• The language-level experiment unknown_instances permits count and for_each arguments in module, resource, and data blocks to have unknown values.

  This is at an early stage and so currently setting these arguments to unknown values will only yield broken behavior, and so it's not yet useful to participate in this experiment. Future work will improve support for this new possibility, gradually making this experiment viable.

Previous Releases

For information on prior major and minor releases, see their changelogs:

• v1.7
• v1.6
• v1.5
• v1.4
• v1.3
• v1.2
• v1.1
• v1.0
• v0.15
• v0.14
• v0.13
• v0.12
• v0.11 and earlier

v1.7.4

1.7.4 (February 21, 2024)

BUG FIXES:

• terraform test: Fix automatic loading of variable files within the test directory on windows platforms. (#34666)
• plan renderer: Very large numbers (> 2^63) will no longer be truncated in the human-readable plan. (#34702)

v1.8.0-alpha20240216

1.8.0-alpha20240216 (February 16, 2024)

UPGRADE NOTES:

• The first plan after upgrading may show resource updates with no apparent changes if -refresh-only or -refresh=false is used. The fix introduced for #34567 may require rewriting the state for some resources, which will be done automatically during the first normal plan and apply operation.

NEW FEATURES:

• Providers can now implement functions which can be used from within the Terraform configuration language. The syntax for calling a provider supplied function is provider::provider_name::function_name(). [GH-34394]
• Providers can now implement move operations between resource types, both from resource types defined by the provider and defined by other providers. Check provider documentation for supported cross-resource-type moves.
• issensitive function added to detect if a value is marked as sensitive

ENHANCEMENTS:

• terraform show's JSON rendering of a plan now includes two explicit flags "applyable" and "complete", which both summarize characteristics of a plan that were previously only inferrable by consumers replicating some of Terraform Core's own logic. [GH-34642]

  "applyable" means that it makes sense for a wrapping automation to offer to apply this plan.

  "complete" means that applying this plan is expected to achieve convergence between desired and actual state. If this flag is set, wrapping automations should ideally encourage an operator to run another plan/apply round to continue making progress toward convergence.

• Improve plan UI for lists to display item-level diffs on lists with unchanged length

BUG FIXES:

• core: Sensitive values will now be tracked more accurately in state and plans, preventing unexpected updates with no apparent changes [GH-34567]

EXPERIMENTS:

Experiments are only enabled in alpha releases of Terraform CLI. The following features are not yet available in stable releases.

• terraform test accepts a new option -junit-xml=FILENAME. If specified, and if the test configuration is valid enough to begin executing, then Terraform writes a JUnit XML test result report to the given filename, describing similar information as included in the normal test output. (#34291)

• The new command terraform rpcapi exposes some Terraform Core functionality through an RPC interface compatible with go-plugin. The exact RPC API exposed here is currently subject to change at any time, because it's here primarily as a vehicle to support the Terraform Stacks private preview and so will be broken if necessary to respond to feedback from private preview participants, or possibly for other reasons. Do not use this mechanism yet outside of Terraform Stacks private preview.

• The language-level experiment unknown_instances permits count and for_each arguments in module, resource, and data blocks to have unknown values.

  This is at an early stage and so currently setting these arguments to unknown values will only yield broken behavior, and so it's not yet useful to participate in this experiment. Future work will improve support for this new possibility, gradually making this experiment viable.

• terraform provider lock accepts a new boolean option -enable-plugin-cache. If specified, and if a global plugin cache is configured Terraform will use the cache in the provider lock process.

ENHANCEMENTS:

• In import-generated code represent JSON values in HCL instead of as strings

Previous Releases

For information on prior major and minor releases, see their changelogs:

• v1.7
• v1.6
• v1.5
• v1.4
• v1.3
• v1.2
• v1.1
• v1.0
• v0.15
• v0.14
• v0.13
• v0.12
• v0.11 and earlier

v1.8.0-alpha20240214

1.8.0-alpha20240214 (February 14, 2024)

UPGRADE NOTES:

• The first plan after upgrading may show resource updates with no apparent changes if -refresh-only or -refresh=false is used. The fix introduced for #34567 may require rewriting the state for some resources, which will be done automatically during the first normal plan and apply operation.

NEW FEATURES:

• Providers can now implement functions which can be used from within the Terraform configuration language. The syntax for calling a provider supplied function is provider::provider_name::function_name(). [GH-34394]
• Providers can now implement move operations between resource types, both from resource types defined by the provider and defined by other providers. Check provider documentation for supported cross-resource-type moves.
• issensitive function added to detect if a value is marked as sensitive

ENHANCEMENTS:

• terraform show's JSON rendering of a plan now includes two explicit flags "applyable" and "complete", which both summarize characteristics of a plan that were previously only inferrable by consumers replicating some of Terraform Core's own logic. [GH-34642]

  "applyable" means that it makes sense for a wrapping automation to offer to apply this plan.

  "complete" means that applying this plan is expected to achieve convergence between desired and actual state. If this flag is set, wrapping automations should ideally encourage an operator to run another plan/apply round to continue making progress toward convergence.

BUG FIXES:

• core: Sensitive values will now be tracked more accurately in state and plans, preventing unexpected updates with no apparent changes [GH-34567]

EXPERIMENTS:

Experiments are only enabled in alpha releases of Terraform CLI. The following features are not yet available in stable releases.

• terraform test accepts a new option -junit-xml=FILENAME. If specified, and if the test configuration is valid enough to begin executing, then Terraform writes a JUnit XML test result report to the given filename, describing similar information as included in the normal test output. (#34291)

• The new command terraform rpcapi exposes some Terraform Core functionality through an RPC interface compatible with go-plugin. The exact RPC API exposed here is currently subject to change at any time, because it's here primarily as a vehicle to support the Terraform Stacks private preview and so will be broken if necessary to respond to feedback from private preview participants, or possibly for other reasons. Do not use this mechanism yet outside of Terraform Stacks private preview.

• The language-level experiment unknown_instances permits count and for_each arguments in module, resource, and data blocks to have unknown values.

  This is at an early stage and so currently setting these arguments to unknown values will only yield broken behavior, and so it's not yet useful to participate in this experiment. Future work will improve support for this new possibility, gradually making this experiment viable.

• terraform provider lock accepts a new boolean option -enable-plugin-cache. If specified, and if a global plugin cache is configured Terraform will use the cache in the provider lock process.

ENHANCEMENTS:

• In import-generated code represent JSON values in HCL instead of as strings

Previous Releases

For information on prior major and minor releases, see their changelogs:

• v1.7
• v1.6
• v1.5
• v1.4
• v1.3
• v1.2
• v1.1
• v1.0
• v0.15
• v0.14
• v0.13
• v0.12
• v0.11 and earlier

v1.7.3

1.7.3 (February 7, 2024)

BUG FIXES:

• terraform test: Fix crash when dynamic-typed attributes are not assigned values in mocks. (#34610)
• provisioners/file: Fix panic when source is null. (#34621)
• import: Throw helpful error message if an import block is configured with an empty ID (34625)

v1.8.0-alpha20240131

1.8.0-alpha20240131 (January 31, 2024)

UPGRADE NOTES:

• The first plan after upgrading may show resource updates with no apparent changes if -refresh-only or -refresh=false is used. The fix introduced for #34567 may require rewriting the state for some resources, which will be done automatically during the first normal plan and apply operation.

BUG FIXES:

• core: Sensitive values will now be tracked more accurately in state and plans, preventing unexpected updates with no apparent changes [GH-34567]

EXPERIMENTS:

Experiments are only enabled in alpha releases of Terraform CLI. The following features are not yet available in stable releases.

• terraform test accepts a new option -junit-xml=FILENAME. If specified, and if the test configuration is valid enough to begin executing, then Terraform writes a JUnit XML test result report to the given filename, describing similar information as included in the normal test output. (#34291)

• The new command terraform rpcapi exposes some Terraform Core functionality through an RPC interface compatible with go-plugin. The exact RPC API exposed here is currently subject to change at any time, because it's here primarily as a vehicle to support the Terraform Stacks private preview and so will be broken if necessary to respond to feedback from private preview participants, or possibly for other reasons. Do not use this mechanism yet outside of Terraform Stacks private preview.

• The language-level experiment unknown_instances permits count and for_each arguments in module, resource, and data blocks to have unknown values.

  This is at an early stage and so currently setting these arguments to unknown values will only yield broken behavior, and so it's not yet useful to participate in this experiment. Future work will improve support for this new possibility, gradually making this experiment viable.

Previous Releases

For information on prior major and minor releases, see their changelogs:

• v1.7
• v1.6
• v1.5
• v1.4
• v1.3
• v1.2
• v1.1
• v1.0
• v0.15
• v0.14
• v0.13
• v0.12
• v0.11 and earlier

v1.7.2

1.7.2 (January 31, 2024)

BUG FIXES:

• backend/s3: No longer returns error when IAM user or role does not have access to the default workspace prefix env:. (#34511)
• cloud: When triggering a run, the .terraform/modules directory was being excluded from the configuration upload causing Terraform Cloud to try (and sometimes fail) to re-download the modules. (#34543)

ENHANCEMENTS:

• terraform fmt: Terraform mock data files (.tfmock.hcl) will now be included when executing the format command. (#34580)
• Add additional diagnostics when a generated provider block that fails schema validation requires explicit configuration. (#34595)

v1.7.1

1.7.1 (January 24, 2024)

BUG FIXES:

• terraform test: Fix crash when referencing variables or functions within the file level variables block. (#34531)
• terraform test: Fix crash when override_module block was missing the outputs attribute. (#34563)