TFE Release v202112-2 (590)
Known Issues
- [February 8, 2022] This release includes a regression that removed default log rotation settings of Docker logs using the
json-file
logging driver (the default driver), affecting log rotation on installations with the new log forwarding feature disabled. If you do not enable the log forwarding feature on your installation, we recommend that you configure global log rotation settings to prevent disk space issues. For more information about configuring log rotation, refer to Log Rotation. This issue is fixed in v202201-2.
APPLICATION LEVEL BUG FIXES SINCE v202112-1:
- Updated the version of the terraform-registry that shipped with the v202112-1 release.
UPCOMING DEPRECATION NOTICE:
- Effective April, 2022 there will be an update to Terraform Enterprise container names. This change may break container monitoring or custom tooling that identifies containers by name. More specific information regarding name changes will be made available in future release notes.
APPLICATION LEVEL BREAKING CHANGES:
None
APPLICATION LEVEL FEATURES:
- SAML certificate signing and digest methods now are configurable.
- Added conditional pagination ability on GET indices for the following: SSH Keys, Parameters (on Policy Sets), Policy Checks (on Runs), Organizations, Policy Checks (on Runs), Oauth Clients, Oauth Tokens, Authentication (User) Tokens, Notification Configurations, Feature Sets, Feature Sets (on Organizations). All results are returned if pagination parameters are not provided.
- Added support for public provider and public module curation.
- Added support for tfc-agent 1.x series.
APPLICATION LEVEL BUG FIXES:
- Fixed a bug where the
tfe-admin
command would set a configuration key to the value''
instead of unsetting the configuration value. - Fixed an issue where custom CA certificates were not injected into the
tfe-fluent-bit
container. - Fixed an issue where Replicated snapshots were not executing for demo mode installations.
- Fixed provider/module APIs to allow prefix searching, also fixes bug where providers were returned for unrelated (but member of) organizations.
- Fixed structured run output to show a less verbose diff for json-encoded array fields.
- Added a fix to prevent the removal of the last owner of an organization via the API. It also gives precedence to returning an error if you are an organization owner and you remove the last owner over removing yourself. If you try to remove yourself and you are the only owner, the error is the same as if you tried to remove the only owner:
You cannot remove yourself from an organization you own
. Therefore, we updated the unit tests for "removing self as owner" to include multiple owners in the organization.
APPLICATION LEVEL SECURITY FIXES:
- The Docker container running Nomad (
ptfe_nomad
) no longer runs with theprivileged
attribute. - Updated the version of the internally-managed Vault server to 1.9.0.
- Updated the version of the internally-managed Nomad server to 1.1.6.
- Updated
tfe-fluent-bit
to use Fluent Bit 1.8.10. - Updated
archivist
to address CVE in direct and indirectjwt-go
dependency. - Ongoing container updates to address reported vulnerabilities in underlying packages / dependencies.