v1.7.3

Generate readme for submodules @goruha (#193)

## what * Generate readme for submodules

why

• Allow all to keep the README updated

references

• https://linear.app/cloudposse/issue/DEV-3521/make-cicd-workflow-support-readmes-in-modules-subfolders

🤖 Automatic Updates

Fix go version in tests @osterman (#191)

## what - Update go `1.24`

why

• Error loading shared library libresolv.so.2 in Go 1.20

References

• https://sweetops.slack.com/archives/G014YEKDH4K/p1746672149263629
• golang/go#59305 (comment)
• cloudposse/terraform-aws-cloudfront-s3-cdn#294

Replace Makefile with atmos.yaml @osterman (#190)

## what - Remove `Makefile` - Add `atmos.yaml`

why

• Replace build-harness with atmos for readme genration

References

• DEV-3229 Migrate from build-harness to atmos

v1.7.2

🤖 Automatic Updates

chore(deps): update terraform cloudposse/stack-config/yaml to v1.8.0 (main) @renovate (#188)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/stack-config/yaml (source)	module	minor	1.6.0 -> 1.8.0

---

Release Notes

cloudposse/terraform-yaml-stack-config (cloudposse/stack-config/yaml)

v1.8.0

Compare Source

🚀 Enhancements

[remote-state] Improve backend compatibility @​Nuru (#​105)

what

• Improve remote-state backend compatibility

Rather than trying to parse the backend configuration, as a general rule we now just pass it through to the data source. This provides future-proof compatibility with all backends supported by Terraform and OpenTofu.

why

• This prevents the need for updates like #​99 to provide configuration for future S3 backends, while eliminating compatibility issues like #​102.
• This also eliminates deprecation warnings caused by forcing configuration to look a certain way.
• Now, users can manage their own remote state configuration to match their toolset.

references

• Closes #​102

v1.7.0: (not recommended)

Compare Source

feat: support for gcs backends @​burnzy (#​95)

what

Simple change to add support for GCS backends

why

Allows GCP users (users with gcs backends) to make use of this remote-state module for sharing data between components.

references

• https://developer.hashicorp.com/terraform/language/settings/backends/gcs
• https://atmos.tools/core-concepts/share-data/#using-remote-state

🚀 Enhancements

Support local backend @​Nuru (#​104)

what

• Support retrieving remote state from local backends
  • NOTE: Using relative paths in local backends is tricky, because the path needs to resolve to the same directory from the source root module directory as from the client root module directory.
• Fix Terratests
  • The spacelift test suite is broken, and we never previously required it to work, so it is now skipped
• Update test suite to use go v1.21 and update dependencies

why

• When running demos and tests, it is more convenient to use local backends
• Maintain some degree of testing
• Closes multiple dependabot PRs:
  • Supersedes and Closes #​82
  • Supersedes and Closes #​83
  • Supersedes and Closes #​84
  • Supersedes and Closes #​87
  • Supersedes and Closes #​88

🤖 Automatic Updates

Bump the go_modules group in /test/src with 5 updates @​dependabot (#​94)

Bumps the go_modules group in /test/src with 5 updates:

Package	From	To
github.com/hashicorp/go-getter	1.7.1	1.7.5
golang.org/x/crypto	0.1.0	0.17.0
golang.org/x/net	0.8.0	0.10.0
google.golang.org/grpc	1.51.0	1.56.3
google.golang.org/protobuf	1.28.1	1.30.0

Updates github.com/hashicorp/go-getter from 1.7.1 to 1.7.5

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.7.5

What's Changed

• Prevent Git Config Alteration on Git Update by @​​dduzgun-security in hashicorp/go-getter#497

New Contributors

• @​​dduzgun-security made their first contribution in hashicorp/go-getter#497

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.4...v1.7.5

v1.7.4

What's Changed

• Escape user-provided strings in git commands hashicorp/go-getter#483
• Fixed a bug in .netrc handling if the file does not exist hashicorp/go-getter#433

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.3...v1.7.4

v1.7.3

What's Changed

• SEC-090: Automated trusted workflow pinning (2023-04-21) by @​​hashicorp-tsccr in hashicorp/go-getter#432
• SEC-090: Automated trusted workflow pinning (2023-09-11) by @​​hashicorp-tsccr in hashicorp/go-getter#454
• SEC-090: Automated trusted workflow pinning (2023-09-18) by @​​hashicorp-tsccr in hashicorp/go-getter#458
• don't change GIT_SSH_COMMAND when there is no sshKeyFile by @​​jbardin in hashicorp/go-getter#459

New Contributors

• @​​hashicorp-tsccr made their first contribution in hashicorp/go-getter#432

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.2...v1.7.3

v1.7.2

What's Changed

• Don't override GIT_SSH_COMMAND when not needed by @​​nl-brett-stime hashicorp/go-getter#300

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.1...v1.7.2

Commits

• 5a63fd9 Merge pull request #​497 from hashicorp/fix-git-update
• 5b7ec5f fetch tags on update and fix tests
• 9906874 recreate git config during update to prevent config alteration
• 268c11c escape user provide string to git (#​483)
• 975961f Merge pull request

v1.7.1

🤖 Automatic Updates

chore(deps): update terraform cloudposse/stack-config/yaml to v1.6.0 (main) @renovate (#184)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/stack-config/yaml (source)	module	minor	1.5.0 -> 1.6.0

---

Release Notes

cloudposse/terraform-yaml-stack-config (cloudposse/stack-config/yaml)

v1.6.0

Compare Source

what

Add options required by S3-compatible backend for Oracle Cloud Infrastructure as described here

why

Some of the options available for S3 backend for Terraform are not supported by remote-state module. However, they are useful when working with cloud providers other than AWS.

references

S3-compatible backend for OCI
Terraform S3 backend

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

v1.7.0

feat(spacelift-policy): add support for file paths @oycyc (#183)

## what

• Adds support for using a local file path as the source of a Spacelift Rego policy
• Adds an example and supporting tests

why

• Policies are not always on a public URL.
• Having a lot of inline policies makes the file hard to manage, plus the code editor won't recognize the syntax because it's not in a .rego file
• Although this can be done on a case by case basis at the root module level, when there is a lot of policies, especially when certain policies uses an URL while others is inline and some uses local file path, it becomes messy. It's cleaner to have it at the module.

🤖 Automatic Updates

Update .github/settings.yml @osterman (#182)

## what - Update `.github/settings.yml` - Drop `.github/auto-release.yml` files

why

• Re-apply .github/settings.yml from org level
• Use organization level auto-release settings

references

• DEV-1242 Add protected tags with Repository Rulesets on GitHub

Update release workflow to allow pull-requests: write @osterman (#180)

## what - Update workflow (`.github/workflows/release.yaml`) to have permission to comment on PR

why

• So we can support commenting on PRs with a link to the release

Update GitHub Workflows to use shared workflows from '.github' repo @osterman (#179)

## what - Update workflows (`.github/workflows`) to use shared workflows from `.github` repo

why

• Reduce nested levels of reusable workflows

Update GitHub Workflows to Fix ReviewDog TFLint Action @osterman (#178)

## what - Update workflows (`.github/workflows`) to add `issue: write` permission needed by ReviewDog `tflint` action

why

• The ReviewDog action will comment with line-level suggestions based on linting failures

Update GitHub workflows @osterman (#177)

## what - Update workflows (`.github/workflows/settings.yaml`)

why

• Support new readme generation workflow.
• Generate banners

Use GitHub Action Workflows from `cloudposse/.github` Repo @osterman (#174)

## what

• Install latest GitHub Action Workflows

why

• Use shared workflows from cldouposse/.github repository
• Simplify management of workflows from centralized hub of configuration

Add GitHub Settings @osterman (#169)

## what - Install a repository config (`.github/settings.yaml`)

why

• Programmatically manage GitHub repo settings

Update README.md and docs @cloudpossebot (#166)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

Update Scaffolding @osterman (#165)

## what - Reran `make readme` to rebuild `README.md` from `README.yaml` - Migrate to square badges - Add scaffolding for repo settings and Mergify

why

• Upstream template changed in the .github repo
• Work better with repository rulesets
• Modernize look & feel

Update README.md and docs @cloudpossebot (#164)

## what This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v1.6.0

feat: adds terraform_workflow_tool var to spacelift_stack 🍜 @Gowiem (#162)

what

• Adds terraform_workflow_tool variable.

why

• Allows usage of OpenTofu with Spacelift 🍜

references

• N/A

v1.5.0

fix `spacelift-stack`: changed resource type from `set(string)` to `list(string)` @milldr (#160)

what

• Change the resource type used for var.context_attachments and var. policy_ids to a list of strings rather than a set of strings

why

• The terraform logic for Spacelift stack attachments (found in attachments.tf) uses a terraform for-loop in the two-symbol form to retrieve the index in each iteration of the loop. This leads to an error as the type of the variables used for these attachments is set(string), which does not support two-symbol loops.

references

• resolves #159
• related to cloudposse/terraform-aws-components#939

v1.4.0

`excluded_context_filters` should be Optional @milldr (#157)

what

• Set default value for var.excluded_context_filters to be empty in spacelift-stacks-from-atmos-config

why

• This input should've been optional

references

• #156

v1.3.0

Disabled Spacelift Provider Tests and `spacelift-config-from-atmos-config` Excluded Context Vars @milldr (#156)

what

• Disabled all tests that require the Spacelift provider
• Remove example_complete tests
• Add optional excluded_context_filters for the spacelift-config-from-atmos-config submodule
• Update READMEs
• Add missing versions.tf for the spacelift-config-from-atmos-config submodule

why

• We do not have a test organization for Spacelift, so we cannot run these tests at this time. Instead we've disabled the tests with t.Skip()
• Each module has its own tests, and examples/complete does not exist
• We want to be able to exclude some specific criteria from the returned results from Atmos configuration
• Build harness README template has been updated

references

• closes #155

v1.2.0

update policy based on new command ordering @mcalhoun (#153)

what

Update the order of comments from /spacelift {preview,deploy} [stackname] to /spacelift [stackname] {preview,deploy}

why

When there are stacks whose ids are substrings of other stacks, both stacks were accidentally triggered because the spacelift policy uses contains(input.pull_request.comment, concat(" ", ["/spacelift", "preview", input.stack.id])) to match the comments from the Pull Request.

references

cloudposse/github-action-atmos-affected-trigger-spacelift PR

v1.1.0

Policy to Trigger on PR Comment @milldr (#152)

what

• Added a new trigger policy

why

• Trigger a spacelift stack when a comment is added to a PR

references

• Related to https://github.com/cloudposse/github-action-atmos-affected-trigger-spacelift