Terraform
Terraform Enterprise v202210-1 (659)
Updated October 6, 2022
Last required release: v202207-2 (642)
Known Issues
- [Updated August 14, 2024] Runs that rely on dynamic provider credentials and workload identity will fail after a certain number of signing key rotations. This problem is fixed in v202407-1, and you can avoid it by upgrading v202407-1 or above. For details on additional workarounds, including manually trimming keys, refer to our support article.
Breaking Changes
PostgreSQL server version 10 is no longer supported. If you are using an external PostgreSQL server with your Terraform Enterprise installation, you must upgrade to PostgreSQL server version 11 or later. However, we recommend upgrading to PostgreSQL server version 12 or later instead of PostgreSQL server version 11 since PostgreSQL server version 11 is deprecated.
Deprecations
The following operating systems are deprecated, and will no longer be supported following the February Terraform Enterprise release (v202302-1).
- Debian 8, 9
- Ubuntu 14.04, 16.04
- Amazon Linux 2014.03, 2014.09, 2015.03, 2015.09, 2016.03, 2016.09, 2017.03, 2017.09, 2018.03
The following PostgreSQL server versions are deprecated, and will no longer be supported following the February Terraform Enterprise release (v202302-1).
- PostgreSQL 11
Highlights
- This release contains a data migration that will lengthen the upgrade process. You can expect it to take roughly 1-2 minutes per 5,000 organizations.
Features
- You can now query by
name
andemail
when listing organizations using the Organizations API endpoint. - You can now forcefully cancel policy checks on Terraform runs.
Improvements
- The State Versions API endpoint now accepts an optional
json-state
attribute when creating a state version. Thejson-state
attribute is a Base64 encoded string containing the JSON format of the Terraform state file as expressed byterraform show -json
. Runs using Terraform version 1.3+ will set thisjson-state
attribute when creating a state version which can then be used by Terraform Enterprise integrations.
Bug Fixes
- When comparing JSON-encoded arrays with null values, the structured run output now displays the resource diff under the
plan finished
tab without errors. Previously, the structured run output contained errors foraws_ecs_task_definition
resources with emptycontainer_definitions
. - Resource status badges are now vertically aligned in structured run output, regardless of the length of the resource name.
- The UI now displays output from apply operations without depending on the actual values of sensitive data. Previously, run logs contained the plaintext value of sensitive outputs. Terraform version 1.4+ omits all sensitive output values in the downloaded run logs.
- Enabling workload identity in workspaces with policy checks no longer causes runs to stop responding and eventually fail.
- Run tasks now timeout after 10 minutes, preventing runs from staying in a pending state indefinitely.
- Workspace outputs of type
object
with keys containing dashes will no longer benull
when you view them usingterraform output
. - Terraform Enterprise provides more informative errors when it cannot archive a configuration version.
Security
- Container updates address reported vulnerabilities (CVEs) in underlying packages and dependencies.
- Fluent Bit is updated to version 1.9.7.