TFE Release v202112-1 (588)

UPCOMING DEPRECATION NOTICE:

  1. Effective April, 2022 there will be an update to Terraform Enterprise container names. This change may break container monitoring or custom tooling that identifies containers by name. More specific information regarding name changes will be made available in future release notes.

»APPLICATION LEVEL FEATURES:

  1. SAML certificate signing and digest methods now are configurable
  2. Added conditional pagination ability on GET indices for the following: SSH Keys, Parameters (on Policy Sets), Policy Checks (on Runs), Organizations, Policy Checks (on Runs), Oauth Clients, Oauth Tokens, Authentication (User) Tokens, Notification Configurations, Feature Sets, Feature Sets (on Organizations). If pagination parameters are not provided all results will be returned.
  3. Added support for public provider and public module curation
  4. Added support for tfc-agent 1.x series

»APPLICATION LEVEL BUG FIXES:

  1. Fixed a bug where the tfe-admin command would set a configuration key to the value '' instead of unsetting the configuration value.
  2. Fixed an issue where custom CA certificates were not injected into the tfe-fluent-bit container.
  3. Fixed an issue where Replicated snapshots were not executing for demo mode installations.
  4. Fixed provider/module APIs to allow prefix searching, also fixes bug where providers were returned for unrelated (but member of) organizations.
  5. Fixed structured run output to show a less verbose diff for json-encoded array fields
  6. Added a fix to prevent the removal of the last owner of an organization via the API. It also gives precedence to returning an error if you remove the last owner over removing yourself (if you are an owner of the organization). Meaning that even though if you try to remove yourself (and you happen to be the only owner), the error that you’ll receive is the same as if one tried to remove the only owner. You’ll only receive the error message: You cannot remove yourself from an organization you own if you try to remove yourself and are not the only owner of an organization. Therefore the unit tests for “removing self as owner” had to be updated to include multiple owners in the organization.

»APPLICATION LEVEL SECURITY FIXES:

  1. The Docker container running Nomad ( ptfe_nomad ) no longer runs with the privileged attribute.
  2. Updated the version of the internally-managed Vault server to 1.9.0
  3. Updated the version of the internally-managed Nomad server to 1.1.6
  4. Updated tfe-fluent-bit to use Fluent Bit 1.8.10.
  5. Updated archivist to address CVE in direct and indirect jwt-go dependency.
  6. Ongoing container updates to address reported vulnerabilities in underlying packages / dependencies.