Terraform Enterprise v202306-1 (713)
Last required release: v202207-2 (642)
RunExternalStatusdata migration now runs in the foreground for visibility. However, if there are a large number of runs this migration can take a long time to complete.
In Terraform Enterprise v202308-1 the server services will be consolidated into a single container named
terraform-enterprise. This container runs as a non-root user and contains the logs for all of the server services. Terraform runs will continue to execute in isolated, short-lived containers but will now run as a non-root user. This change is available now using the optional
consolidated_servicessetting. See the consolidated services documentation for more information on this change.
The following Docker Engine versions are deprecated. Support for them will be removed in Terraform Enterprise v202308-1.
- Docker Engine 19.03
- Terraform Build Workers are now deprecated and have been removed. The base image responsible for executing Terraform runs is now
hashicorp/tfc-agent. If you were using an alternative worker image you must migrate to a new image, using
hashicorp/tfc-agentas the base image. If you are not using an alternative worker image, then you will automatically migrate to the new base image and no futher action is required. For more information, refer to the Custom Agent Image migration guide.
- [Updated: August 2023] The
awsCLI utility is no longer included in the base image. If the
awsCLI utility is needed in your custom agent image, you may install it by following the AWS CLI installation instructions. For more information, refer to the Custom Agent Image migration guide.
- No-code provisioning is now available in Terraform Enterprise. No-code provisioning enables organizations to set up self-service workflows for application developers that need infrastructure but are not familiar with Terraform.
- Docker Engine 23.0 and 24.0 are now supported.
- You can now cancel a passed policy check to unblock runs that are stuck at the policy check step.
- Terraform Enterprise now uses Sentinel v0.22.0 for policy checks, adding support for the
- Prefixed the names of the ephemeral Docker containers that run Terraform plan and apply operations with "tfe-agent-".
- The Run Tasks Integration API payload now includes the
- You can now access Sentinel policy check results through a new and streamlined user interface.
- Added a new Copy Configuration link to copy the full configuration details of a module from its overview page.
tfe-admin retrieve-iactcommand no longer contains trailing whitespace.
- Run tasks and policy sets no longer count discarded workspaces that have yet to be deleted.
- Long workspace notification names are now properly displayed on the notifications page.
- Long workspace run task names and descriptions are now properly displayed on the run tasks page.
- Workspaces using the GitHub App Integration can now renew expiring refresh tokens.
- Workspaces can no longer be assigned an agent pool that is not scoped to that workspace. Affected workspaces will revalidate their assigned agent pool on next save.
- APIs now return project scoped variable set information for all users with the proper permissions.
- Container updates address reported vulnerabilities (CVEs) in underlying packages and dependencies.