TFE Release v202109-1 (565)
Known Issues
- [February 8, 2022] This release includes a regression that removed default log rotation settings of Docker logs using the
json-file
logging driver (the default driver), affecting log rotation on installations in which the new log forwarding feature is disabled. If the log forwarding feature is not enabled on your installation, it is recommended that you configure global log rotation settings to prevent disk space issues. For more information about configuring log rotation, please refer to https://terraform.io/enterprise/before-installing#log-rotation. This issue is fixed in v202201-2.
Deprecation Notice
The following operating systems are no longer supported:
- Ubuntu 14
- Debian 7
Docker logs using the json-file
logging driver (the default driver) will no longer be automatically rotated. Please refer to the log rotation documentation for details on how to configure log rotation.
Application Level Features
- Added Terraform CLI versions up through 1.1.0-alpha20210811 to Terraform Enterprise.
- Added 'capacity_cpus' Replicated configuration option to limit the number of CPU cores available to individual Terraform runs.
- Changed structured run UI to always show error logs immediately.
- Changed apply UI to show "no changes" for runs which only change outputs.
- Changed apply UI to hide output values by default, and improved display of complex values.
- Added advanced UI for Terraform Plan, including an interactive diff.
- Added support for Terraform Cloud Agents.
- Added support for forwarding Terraform Enterprise logs to one or more external destinations.
Application Level Bug Fixes
- Fixed sidekiq admin panel to be accessible to Configuration and Support admin RBAC roles.
- Changed apply progress UI for to clarify the final state of replaced resources.
- Updated Nomad to 1.1.4
- Updated Vault to 1.8.2
- Fixed registry modules with errors so that they are accessible.
- Updated Sentinel to 0.18.4
- Updated Telegraf to 1.19.3 to fix a
panic: runtime error: slice bounds out of range
error. - Updated InfluxDB to 1.8.9.
Application Level Security Fixes
- Hid the upload-url attribute on ConfigurationVersion API resources after the initial create action in order to prevent a privilege escalation.
- Mitigated a potential Host header injection vulnerability.
- Ongoing container updates to address reported vulnerabilities in underlying packages / dependencies.
API
- Introduced the State Version Outputs endpoint to retrieve the Outputs for a given State Version
- Breaking Security fix to Configuration versions: upload-url attribute for uploading configuration files is now only available on the create response.