Releases: hashicorp/terraform
v1.5.6
v1.6.0-alpha20230816
1.6.0-alpha20230816 (Unreleased)
NEW FEATURES:
-
terraform test
: The previously experimentalterraform test
command has been moved out of experimental. This comes with a significant change in how Terraform tests are written and executed.Terraform tests are now written within
.tftest.hcl
files, controlled by a series ofrun
blocks. Eachrun
block will execute a Terraform plan or apply command against the Terraform configuration under test and can execute conditions against the resultant plan and state.
ENHANCEMENTS:
- config: Terraform can now track some additional detail about values that won't be known until the apply step, such as the range of possible lengths for a collection or whether an unknown value can possibly be null. When this information is available, Terraform can potentially generate known results for some operations on unknown values. This doesn't mean that Terraform can immediately track that detail in all cases, but the type system now contains the facility for that and so over time we will improve the level of detail generated by built-in functions, language operators, Terraform providers, etc. (#33234)
- jsonplan: Added
errored
field to JSON plan output, indicating whether a plan errored. (#33372) - cloud: Remote plans on Terraform Cloud/Enterprise can now be saved using the
-out
flag, referenced in theshow
command, and applied by specifying the plan file name. (#33492) - config: The
import
blockid
field now accepts an expression referencing other values such as resource attributes, as long as the value is a string known at plan time. (#33618)
BUG FIXES:
- The upstream dependency that Terraform uses for service discovery of Terraform-native services such as Terraform Cloud/Enterprise state storage was previously not concurrency-safe, but Terraform was treating it as if it was in situations like when a configuration has multiple
terraform_remote_state
blocks all using the "remote" backend. Terraform is now using a newer version of that library which updates its internal caches in a concurrency-safe way. (#33364) - Transitive dependencies were lost during apply when the referenced resource expanded into zero instances (#33403)
- Terraform will no longer override SSH settings in local git configuration when installing modules. (#33592)
Previous Releases
For information on prior major and minor releases, see their changelogs:
v1.5.5
v1.6.0-alpha20230802
1.6.0-alpha20230802 (August 02, 2023)
NEW FEATURES:
-
terraform test
: The previously experimentalterraform test
command has been moved out of experimental. This comes with a significant change in how Terraform tests are written and executed.Terraform tests are now written within
.tftest.hcl
files, controlled by a series ofrun
blocks. Eachrun
block will execute a Terraform plan or apply command against the Terraform configuration under test and can execute conditions against the resultant plan and state.
ENHANCEMENTS:
- config: Terraform can now track some additional detail about values that won't be known until the apply step, such as the range of possible lengths for a collection or whether an unknown value can possibly be null. When this information is available, Terraform can potentially generate known results for some operations on unknown values. This doesn't mean that Terraform can immediately track that detail in all cases, but the type system now contains the facility for that and so over time we will improve the level of detail generated by built-in functions, language operators, Terraform providers, etc. (#33234)
- jsonplan: Added
errored
field to JSON plan output, indicating whether a plan errored. (#33372) - cloud: Remote plans on Terraform Cloud/Enterprise can now be saved using the
-out
flag, referenced in theshow
command, and applied by specifying the plan file name. (#33492) - cloud: Terraform now supports setting the Terraform Cloud project via the cloud block and
TF_CLOUD_PROJECT
environment variable. When a cloud configuration creates a new workspace it will be created in the given project. If the project does not exist it will be created. terraform workspace list will also respect listing matching workspaces in the configured project. - config: The
import
blockid
field now accepts an expression referencing other values such as resource attributes, as long as the value is a string known at plan time. (#33618)
BUG FIXES:
- The upstream dependency that Terraform uses for service discovery of Terraform-native services such as Terraform Cloud/Enterprise state storage was previously not concurrency-safe, but Terraform was treating it as if it was in situations like when a configuration has multiple
terraform_remote_state
blocks all using the "remote" backend. Terraform is now using a newer version of that library which updates its internal caches in a concurrency-safe way. (#33364) - Transitive dependencies were lost during apply when the referenced resource expanded into zero instances (#33403)
- Terraform will no longer override SSH settings in local git configuration when installing modules. (#33592)
Previous Releases
For information on prior major and minor releases, see their changelogs:
v1.5.4
v1.6.0-alpha20230719
1.6.0-alpha20230719 (Unreleased)
NEW FEATURES:
-
terraform test
: The previously experimentalterraform test
command has been moved out of experimental. This comes with a significant change in how Terraform tests are written and executed.Terraform tests are now written within
.tftest
files, controlled by a series ofrun
blocks. Eachrun
block will execute a Terraform plan or apply command against the Terraform configuration under test and can execute conditions against the resultant plan and state.
ENHANCEMENTS:
- config: Terraform can now track some additional detail about values that won't be known until the apply step, such as the range of possible lengths for a collection or whether an unknown value can possibly be null. When this information is available, Terraform can potentially generate known results for some operations on unknown values. This doesn't mean that Terraform can immediately track that detail in all cases, but the type system now contains the facility for that and so over time we will improve the level of detail generated by built-in functions, language operators, Terraform providers, etc. [GH-33234]
- jsonplan: Added
errored
field to JSON plan output, indicating whether a plan errored. [GH-33372]
BUG FIXES:
- The upstream dependency that Terraform uses for service discovery of Terraform-native services such as Terraform Cloud/Enterprise state storage was previously not concurrency-safe, but Terraform was treating it as if it was in situations like when a configuration has multiple
terraform_remote_state
blocks all using the "remote" backend. Terraform is now using a newer version of that library which updates its internal caches in a concurrency-safe way. [GH-33364] - Transitive dependencies were lost during apply when the referenced resource expanded into zero instances [GH-33403]
Previous Releases
For information on prior major and minor releases, see their changelogs:
v1.5.3
1.5.3 (July 12, 2023)
BUG FIXES:
- core: Terraform could fail to evaluate module outputs when they are used in a provider configuration during a destroy operation (#33462)
- backend/consul: When failing to save state,
consul CAS failed with transaction errors
no longer shows an error instance memory address, but an actual error message. (#33108) - plan renderer: Fixes crash when rendering the plan if a relevant attribute contains an integer index specified as a string. (#33475)
v1.5.2
v1.5.1
v1.5.0
1.5.0 (June 12, 2023)
NEW FEATURES:
-
check
blocks for validating infrastructure: Module and configuration authors can now write independent check blocks within their configuration to validate assertions about their infrastructure.The new independent
check
blocks must specify at least oneassert
block, but possibly many, each one with acondition
expression and anerror_message
expression matching the existing Custom Condition Checks.
Additionally, check blocks can optionally load a scoped data source. Scoped data sources match the existing data sources with the exception that they can only be referenced from within their check block.Unlike the existing
precondition
andpostcondition
blocks, Terraform will not halt execution should the scoped data block fail or error or if any of the assertions fail.
This allows practitioners to continually validate the state of their infrastructure outside the usual lifecycle management cycle. -
import
blocks for importing infrastructure: Root module authors can now use theimport
block to declare their intent that Terraform adopt an existing resource.Import is now a configuration-driven, plannable action, and is processed as part of a normal plan. Running
terraform plan
will show a summary of the resources that Terraform has planned to import, along with any other plan changes.The existing
terraform import
CLI command has not been modified.This is an early version of the
import
block feature, for which we are actively seeking user feedback to shape future development. Theimport
block currently does not support interpolation in theid
field, which must be a string. -
Generating configuration for imported resources: in conjunction with the
import
block, this feature enables easy templating of configuration when importing existing resources into Terraform. A new flag-generate-config-out=PATH
is added toterraform plan
. When this flag is set, Terraform will generate HCL configuration for any resource included in animport
block that does not already have associated configuration, and write it to a new file atPATH
. Before applying, review the generated configuration and edit it as necessary. -
Adds a new
plantimestamp
function that returns the timestamp at plan time. This is similar to thetimestamp
function which returns the timestamp at apply time (#32980). -
Adds a new
strcontains
function that checks whether a given string contains a given substring. (#33069)
UPGRADE NOTES:
-
This is the last version of Terraform for which macOS 10.13 High Sierra or 10.14 Mojave are officially supported. Future Terraform versions may not function correctly on these older versions of macOS.
-
This is the last version of Terraform for which Windows 7, 8, Server 2008, and Server 2012 are supported by Terraform's main implementation language, Go. We already ended explicit support for versions earlier than Windows 10 in Terraform v0.15.0, but future Terraform versions may malfunction in more significant ways on these older Windows versions.
-
On Linux (and some other non-macOS Unix platforms we don't officially support), Terraform will now notice the
trust-ad
option in/etc/resolv.conf
and, if set, will set the "authentic data" option in outgoing DNS requests in order to better match the behavior of the GNU libc resolver.Terraform does not pay any attention to the corresponding option in responses, but some DNSSEC-aware recursive resolvers return different responses when the request option isn't set. This should therefore avoid some potential situations where a DNS request from Terraform might get a different response than a similar request from other software on your system.
ENHANCEMENTS:
- Terraform CLI's local operations mode will now attempt to persist state snapshots to the state storage backend periodically during the apply step, thereby reducing the window for lost data if the Terraform process is aborted unexpectedly. (#32680)
- If Terraform CLI receives SIGINT (or its equivalent on non-Unix platforms) during the apply step then it will immediately try to persist the latest state snapshot to the state storage backend, with the assumption that a graceful shutdown request often typically followed by a hard abort some time later if the graceful shutdown doesn't complete fast enough. (#32680)
pg
backend: Now supports thePG_CONN_STR
,PG_SCHEMA_NAME
,PG_SKIP_SCHEMA_CREATION
,PG_SKIP_TABLE_CREATION
andPG_SKIP_INDEX_CREATION
environment variables. (#33045)
BUG FIXES:
terraform init
: Fixed crash with invalid blank module name. (#32781)moved
blocks: Fixed a typo in the error message that Terraform raises when you use-target
to exclude an object that has been moved. (#33149)
Previous Releases
For information on prior major and minor releases, see their changelogs: