Terraform Enterprise v202212-2 (667)
Last required release: v202207-2 (642)
VCS-managed Sentinel policies will fail with
"getent": executable file not found in $PATH. This will be fixed in Terraform Enterprise v202301-1.
The logging for some services (tfe-atlas and tfe-sidekiq) are set to
debugcausing an increase in logging output. This is corrected in v202301-2.
- The Certificate Authority (CA) bundle is now injected into the
tfe-task-workercontainer, fixing an issue where Sentinel policies would return x509 errors when connecting to HTTPS endpoints.
The following operating systems are deprecated, and Terraform Enterprise will stop supporting them following the February 2023 release (v202302-1).
- Debian 8, 9
- Ubuntu 14.04, 16.04
- Amazon Linux 2014.03, 2014.09, 2015.03, 2015.09, 2016.03, 2016.09, 2017.03, 2017.09, 2018.03
The following PostgreSQL server versions are deprecated, and Terraform Enterprise will stop supporting them following the February 2023 release (v202302-1).
- PostgreSQL 11
tfe-nomadcontainer has been removed and replaced with a new
tfe-task-workercontainer is now responsible for running
plan-exportertasks. Logs for these tasks can now be found in the
tfe-task-workercontainer logs. This change is part of a larger effort to refresh the architecture of Terraform Enterprise, improve performance and reliability of runs, and support future application-level features.
- A new
tfe-atlas-uicontainer has been added to serve the Terraform Enterprise frontend and static assets.
- Terraform Enterprise no longer starts when connected to an unsupported PostgreSQL server version to prevent potential database incompatibility issues when upgrading. The entry
PostgreSQL version X does not meet PostgreSQL version requirementswill appear in the logs.
- Terraform Enterprise now supports Run tasks in the Pre-plan and Pre-apply stages of a run. Run tasks are custom integrations that can send run data to external services. They can either produce warnings or stop runs, depending on your workspace settings.
- For Terraform versions 1.2+, Terraform Enterprise hides data sources reads in the plan UI by default. Use the filter checkbox to show them when necessary.
- The List Workspaces API endpoint now supports wildcard matching. For example, searching with
search[wildcard-name]=*-prodreturns all workspaces ending in
- Improved the performance of a data migration added in Terraform Enterprise v202207-1 for installations with large amounts of configuration versions.
- You no longer need to confirm plans with no infrastructure changes that Terraform created with the
allow-empty-applyoption. You may want to use this option when you upgrade your workspace's state to a new Terraform version.
- The users administration page now displays a warning next to accounts with an unconfirmed email address.
- Terraform Enterprise no longer occasionally fails to save outputs associated with a new state.
tfe-registry-workernow consistently cleans up the temp disk space that it used during module ingress.
- Using the the API to create a module version beginning with
vno longer prevents the registry from displaying other module versions. Versions like
v1.0.3previously caused failures.
- You can now download Sentinel mocks for older Terraform runs.
- When you cancel a Terraform run during the apply process, Terraform Enterprise now displays the resource state as
Unknown. Previously, the UI showed a message incorrectly implying that Terraform was still attempting to complete the apply.
- The VCS provider settings no longer displays a blank page for organizations with large numbers of VCS providers.
- Failed attempts to reauthorize VCS providers no longer prevent new reauthorization workflows.
- OAuth clients that the
tfe-provideris managing can no longer start VCS provider reauthorization.
- Public GitHub avatars will no longer be used for private provider logos when the namespace for the private provider matches a GitHub username.
- Container updates address reported vulnerabilities (CVEs) in underlying packages and dependencies.