Commit Graph

482 Commits

Author SHA1 Message Date
dependabot[bot]
a9355a2607
Bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.5.1 (#2179)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-19 18:16:50 +01:00
Tibo Beijen
26fd6394c7
Bumped go-cty-yaml to v1.1.0 (#2044)
Signed-off-by: Tibo Beijen <tibobeijen@gmail.com>
2024-10-04 10:12:25 -04:00
Christian Mesh
3c45c30249
Move varhcl (body variable inspection) into hcl fork (#1919)
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
2024-08-23 10:01:07 -04:00
Tony Yin
cccd8c85b4
Bump apparentlymart/go-versions to 1.0.2 to fix NOT prerelease constraint issue. (#1859)
Signed-off-by: Tony Yin <chang.yu.yin@fmr.com>
2024-07-25 12:07:23 +02:00
Mikel Olasagasti Uranga
8ed42dd715
Bump github.com/hashicorp/go-retryablehttp to fix CVE-2024-6104 (#1752)
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
2024-07-02 12:58:14 +02:00
Mikel Olasagasti Uranga
79e29ca7bc
Bump github.com/hashicorp/go-getter to fix CVE-2024-6257 (#1751)
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
2024-07-02 12:58:06 +02:00
dependabot[bot]
f31de2d6bc
Bump golang.org/x/net from 0.21.0 to 0.23.0 (#1542)
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Kuba Martin <kubam@spacelift.io>
Signed-off-by: Jakub Martin <kubam@spacelift.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kuba Martin <kubam@spacelift.io>
2024-04-24 12:32:47 +02:00
dependabot[bot]
4f2408d6c8
Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 (#1541)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 12:16:26 +02:00
Christian Mesh
a69d19d9f3
Allow configured providers to provide additional functions. (#1491)
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
2024-04-18 15:11:38 +02:00
Mikel Olasagasti Uranga
0ea88633d0
Merge pull request from GHSA-vq52-9g87-p577
Module `github.com/hashicorp/go-getter` is vulnerable to argument injection when executing Git to discover remote branches.

More info:

https://nvd.nist.gov/vuln/detail/CVE-2024-3817
https://discuss.hashicorp.com/t/hcsec-2024-09-hashicorp-go-getter-vulnerable-to-argument-injection-when-fetching-remote-default-git-branches/66040

Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
2024-04-18 12:56:23 +02:00
Christian Mesh
b868012192
Integrate provider functions (#1439)
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
2024-04-10 08:04:08 -04:00
Oleksandr Levchenkov
e1e182987b
add OpenBao as key provider for state encryption (#1436)
Signed-off-by: ollevche <ollevche@gmail.com>
2024-04-08 13:38:17 +01:00
Syasusu
bdab86962f
feat: init and get command support json format output (#1453)
Signed-off-by: Syasusu <syasusu@163.com>
2024-04-02 12:32:37 -04:00
Oleksandr Levchenkov
8c6e334b39
upgrade go cty to v1.14.4 (#1446)
Signed-off-by: ollevche <ollevche@gmail.com>
2024-03-29 08:30:04 -04:00
Christian Mesh
63252aa2da
Update to tfplugin proto 5.5 and 6.5 (#1435)
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
2024-03-26 14:36:26 -04:00
dependabot[bot]
12e7b4a440
Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 (#1393)
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: James Humphries <james@james-humphries.co.uk>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Humphries <james@james-humphries.co.uk>
2024-03-14 12:09:28 +00:00
Christian Mesh
07a9185767
Initial implementation of aws_kms encryption.key_provider (#1349)
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
Signed-off-by: James Humphries <james@james-humphries.co.uk>
Co-authored-by: James Humphries <james@james-humphries.co.uk>
2024-03-13 13:19:20 -04:00
Mikel Olasagasti Uranga
9b37edd359
Switch from mitchellh/mapstructure to go-viper/mapstructure/v2 (#1330)
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
2024-03-06 13:26:22 +01:00
Mikel Olasagasti Uranga
ceaa079937
Update to latest github.com/bmatcuk/doublestar (#1194)
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
2024-01-25 17:52:20 +01:00
dependabot[bot]
43ffeb3b4b
Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 (#1192)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-25 15:56:19 +01:00
Mikel Olasagasti Uranga
f84f773e64
Add Solaris and AIX console support (#632)
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
2024-01-03 12:32:31 -05:00
Mikel Olasagasti Uranga
bba61a9640
Drop dep on github.com/coreos/pkg (#629)
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
2024-01-03 12:15:27 -05:00
Mikel Olasagasti Uranga
a7b48eec51
Use github.com/cli/browser (#602)
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
2024-01-03 11:32:55 -05:00
Kuba Martin
5880b49645
Update aws-sdk-go-base and fix resulting type errors. (#957)
Signed-off-by: Jakub Martin <kubam@spacelift.io>
2023-12-01 16:37:31 +01:00
Dmitry Kisler
70dd385136
Add no_proxy and https_proxy attributes to s3 backend schema (#896)
Signed-off-by: Dmitry Kisler <admin@dkisler.com>
2023-11-20 14:37:59 +01:00
Dmitry Kisler
54e1741ee6
Update hcl version to v2.19.1 (#852)
Signed-off-by: Dmitry Kisler <admin@dkisler.com>
2023-11-10 13:31:15 +01:00
Thiago Padilha
25b52ba736
Update go-tfe to 1.36.0 (#844)
Signed-off-by: Thiago Padilha <thiago@padilha.cc>
2023-11-09 15:40:58 +01:00
James Humphries
9c24b6183a
Revert PRs that introduced propogating contexts (#835)
Co-authored-by: Dmitry Kisler <admin@dkisler.com>
2023-11-08 21:09:14 +00:00
Tomas
b2069bb0bb
Backend/S3: Update the Put method (#795)
Signed-off-by: tomasmik <tomasmik@protonmail.com>
2023-11-06 09:49:19 +02:00
Elbaz
f4402d2d2a
Upgrade AWS SDK (#701)
Signed-off-by: Elbaz <eranelbaz97+github@gmail.com>
Signed-off-by: tomasmik <tomasmik@protonmail.com>
Co-authored-by: tomasmik <tomasmik@protonmail.com>
2023-10-19 15:00:36 +03:00
James Humphries
f661d47a29
Build using golang 1.21 (#718) 2023-10-16 10:21:19 +01:00
James Humphries
1f910a5078
Bump versions for hashicorp/hcl hashicorp/go-getter zclconf/go-cty (#717) 2023-10-13 16:05:20 +01:00
Elbaz
0b66f6296a
Upgrade go-slug / go-tfe (#697)
Signed-off-by: Elbaz <eranelbaz97+github@gmail.com>
Signed-off-by: RLRabinowitz <rlrabinowitz2@gmail.com>
2023-10-12 13:32:51 +03:00
Kuba Martin
50703c0292
Fix unknown conditional with sensitive branches erroring. (#659)
Signed-off-by: Jakub Martin <kubam@spacelift.io>
2023-10-05 12:43:55 +02:00
RLRabinowitz
e0ecd2ebb3
Use registry.opentofu.org as the default registry (#379)
Signed-off-by: RLRabinowitz <rlrabinowitz2@gmail.com>
2023-10-03 10:49:38 +03:00
aimuz
be4f7fad88
dump: golang.org/x/tools/cmd/cover deprecated (#572) 2023-09-27 12:08:52 +03:00
Patrick Decat
787b1db878
feat: add license checks on dependencies (#310)
Co-authored-by: Roni Frantchi <roni-frantchi@users.noreply.github.com>
2023-09-13 19:10:41 +03:00
Marcin Wyszynski
a92455198a
Remove checkpoint code - less is more (#151) 2023-08-23 16:42:50 +02:00
Brandon Croft
b1d4f18a9b
Create provisional configuration version when saving cloud plan 2023-08-07 11:35:48 -06:00
CJ Horton
4c834e0831 go get github.com/hashicorp/go-getter@v1.7.2 2023-07-26 18:10:52 -07:00
Nick Fagerlund
b3f254e08d Upgrade to go-tfe v1.29.0 (for saved plan run support) 2023-07-24 14:07:16 -04:00
Martin Atkins
a7807dac16 main: Optionally configure an OpenTelemetry OTLP exporter
Terraform CLI is sometimes used as part of a larger distributed system, in
which case it would be helpful to be able to gather telemetry from it
as part of the larger request it's being run in response to.

We'll now support optionally enabling an OTLP exporter by setting the
environment variable OTEL_TRACES_EXPORTER=otlp (a standard OpenTelemetry
convention). As of this commit there isn't actually anything emitting
traces to the specified collector, but we'll gradually add tracing
instrumentation to parts of Terraform CLI and Core in later commits.
2023-07-14 10:24:10 -07:00
Martin Atkins
9e6cc4ae6f go.mod: go get google.golang.org/grpc@v1.53.0
This is to upgrade past the vulnerability described here:
    https://github.com/advisories/GHSA-cfgp-2977-2fmm

Terraform does not seem to be significantly affected by it since our use
is primarily between Terraform Core and provider plugins where at worst
a provider could just make its own connection to Terraform malfunction.
However, this also appears to be a relatively low-risk upgrade.

This does force upgrading some of the Google Cloud Platform dependencies,
which the "gcs" (Google Cloud Storage) backend depends on, so there is
some minor risk to that backend but the upstream changes to those
dependencies do not seem to be significant.
2023-07-06 13:14:07 -07:00
Brandon Croft
2173aff852
Run go mod tidy 2023-06-22 11:14:21 -06:00
Brandon Croft
63124e0cb7
Merge pull request #33336 from hashicorp/TF-7056-uploading-state-directly-to-hosted-state-upload-url-when-available
cloud: when saving state, utilize new 'pending' state version
2023-06-22 11:11:00 -06:00
Liam Cervante
1fe57d457d
upgrade golang.org/x/crypto/openpgp to github.com/ProtoMail/go-crypto (#33406) 2023-06-22 08:32:12 +02:00
Brandon Croft
9fe3f7a7b4
cloud: when saving state, create a pending state version then upload
Create a pending state version followed by a separate state upload

When this version of the endpoint fails (It is not yet generally available, or when using with Terraform Enterprise) Fall back to the original call with state content included in the request.

This strategy will reduce the amount of save failures due to network latency and gateway timeouts.
2023-06-21 12:30:32 -06:00
Martin Atkins
237877f170 go.mod: go get github.com/hashicorp/terraform-svchost@v0.1.1
This includes a change to make svchost.Disco and the caching credentials
source both safe for concurrent calls.
2023-06-14 07:36:45 -07:00
CJ Horton
8213513e2b
Merge pull request #33278 from hashicorp/radditude/cloud-config-generation
plannable import: allow writing generated config when using the cloud integration
2023-05-31 12:00:37 -07:00
Martin Atkins
1962b1167c go.mod: go get github.com/hashicorp/hcl/v2@v2.17.0
This introduces HCL's own updates to generate refinements for unknown
results from some operations.
2023-05-31 10:14:13 -07:00