Terraform
TFE Release v202112-1 (588)
Known Issues
- [February 8, 2022] This release includes a regression that removed default log rotation settings of Docker logs using the
json-file
logging driver (the default driver), affecting log rotation on installations with the new log forwarding feature disabled. If you do not enable the log forwarding feature on your installation, we recommend that you configure global log rotation settings to prevent disk space issues. For more information about configuring log rotation, refer to Log Rotation. This issue is fixed in v202201-2.
UPCOMING DEPRECATION NOTICE:
- Effective April, 2022 there will be an update to Terraform Enterprise container names. This change may break container monitoring or custom tooling that identifies containers by name. More specific information regarding name changes will be made available in future release notes.
APPLICATION LEVEL FEATURES:
- SAML certificate signing and digest methods now are configurable
- Added conditional pagination ability on GET indices for the following: SSH Keys, Parameters (on Policy Sets), Policy Checks (on Runs), Organizations, Policy Checks (on Runs), Oauth Clients, Oauth Tokens, Authentication (User) Tokens, Notification Configurations, Feature Sets, Feature Sets (on Organizations). If pagination parameters are not provided all results will be returned.
- Added support for public provider and public module curation
- Added support for tfc-agent 1.x series
APPLICATION LEVEL BUG FIXES:
- Fixed a bug where the
tfe-admin
command would set a configuration key to the value''
instead of unsetting the configuration value. - Fixed an issue where custom CA certificates were not injected into the
tfe-fluent-bit
container. - Fixed an issue where Replicated snapshots were not executing for demo mode installations.
- Fixed provider/module APIs to allow prefix searching, also fixes bug where providers were returned for unrelated (but member of) organizations.
- Fixed structured run output to show a less verbose diff for json-encoded array fields
- Added a fix to prevent the removal of the last owner of an organization via the API. It also gives precedence to returning an error if you remove the last owner over removing yourself (if you are an owner of the organization). Meaning that even though if you try to remove yourself (and you happen to be the only owner), the error that you'll receive is the same as if one tried to remove the only owner. You'll only receive the error message:
You cannot remove yourself from an organization you own
if you try to remove yourself and are not the only owner of an organization. Therefore the unit tests for "removing self as owner" had to be updated to include multiple owners in the organization.
APPLICATION LEVEL SECURITY FIXES:
- The Docker container running Nomad (
ptfe_nomad
) no longer runs with theprivileged
attribute. - Updated the version of the internally-managed Vault server to 1.9.0
- Updated the version of the internally-managed Nomad server to 1.1.6
- Updated
tfe-fluent-bit
to use Fluent Bit 1.8.10. - Updated
archivist
to address CVE in direct and indirectjwt-go
dependency. - Ongoing container updates to address reported vulnerabilities in underlying packages / dependencies.