Skip to content

Releases: DevSecTop/TF-via-PR

v10.5.0

26 May 20:10
@RDhar RDhar
v10.5.0
5281cb5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v10.5.0 Latest
Marketplace
Latest
Marketplace

Fixed

  • Ignore TFplan outline if plan exits unsuccessfully.

Commits changelog: v10.4.0...v10.5.0

Assets 2

v10.4.0

19 May 18:03
@RDhar RDhar
v10.4.0
85327f7
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v10.4.0
Marketplace
Marketplace

Added

  • Append outline of planned changes to the PR comment, truncated to the first 12,000 characters (e.g., random_pet.name[0] will be created).

Commits changelog: v10.3.0...v10.4.0

Assets 2

v10.3.0

15 May 11:00
@RDhar RDhar
v10.3.0
2db47a4
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v10.3.0
Marketplace
Marketplace

Added

  • Output comment_summary of TF output (e.g., "Plan: 1 to add, 0 to change, 0 to destroy.")
    • Requires checks: write permission.
  • Copy TF output to the job summary for easier access within GitHub Actions > Jobs.

Changed

  • (meta) Dependabot configuration to keep Terraform dependencies up-to-date in a group (until OpenTofu catches up).
  • (meta) Formatted yml → yaml workflows for consistency and legibility.

Security

Commits changelog: v10.2.0...v10.3.0

Assets 2

v10.2.0

23 Apr 10:38
@RDhar RDhar
v10.2.0
6e6a337
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v10.2.0
Marketplace
Marketplace

Added

  • Example workflow using tenv proxy (thank you @dvaumoron and @kvendingoldo!).
  • Output comment_id of the PR comment created or updated by the workflow.
  • Markdown comments <!-- pre_output --> and <!-- post_output --> within PR comment to enable user-driven replacements.

Changed

  • Rename repository from "TF-via-PR-Comments" to "TF-via-PR" to better indicate the wider scope of PR-based automation.
  • Amend default recreate_comment from false to true.
  • Amend default validate_enable from true to false.
  • Example workflows use Actions with simpler pinned tags for legibility.

Fixed

  • Argument input -concise gets pass to -tf=plan as expected.
  • (meta) Path filters to only trigger tf_test.yml workflow on changes to specific (sub-)directories.

Commits changelog: v10.1.0...v10.2.0

Contributors

dvaumoron and kvendingoldo
Assets 2

v10.1.0

03 Apr 16:19
@RDhar RDhar
v10.1.0
7c71896
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v10.1.0
Marketplace
Marketplace

Fixed

  • Reference path to github-script files.

Changed

  • Moved reference workflows into "examples/" directory to prevent mistriggers.

Commits changelog: v10...v10.1.0

Assets 2

v10: Run TF directly via workflow input in addition to PR comments

28 Mar 06:03
@RDhar RDhar
v10
069fd20
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v10: Run TF directly via workflow input in addition to PR comments
Marketplace
Marketplace

Highlight

In addition to the existing PR comment trigger, support TF execution directly via command_input within the workflow to enable more flexible and dynamic use-cases, including parallel runs in matrix strategy.

Added

  • Support TF execution directly via command_input string.
  • Multiple workflow examples with associated permissions and triggers for usage clarity.
  • Cache TF plugins to speed up workflow run times, optionally.
  • TF Tests workflow to validate GitHub Action against various sample Terraform configurations.
  • Badges/shields at the top of the README to show(-off) notable metrics and metadata.
  • Support recreate_comment boolean flag to optionally delete and re-add PR comments after any updates/commits made on the PR branch to make the conversation easier to follow.
  • Support -concise flag to reduce verbosity of OpenTofu output.

Changed

  • Streamline calls to "github-script" with await require(...) one-liner.
  • Rename GitHub Action to prioritise/emphasise OpenTofu support.
  • Bump up character limits of TF output (51200 → 66000) and format diff (10240 → 12000).
  • Set default values for boolean inputs to reduce usage ambiguity.

Fixed

  • Support -or-create flag for more appropriate TF workspace creation via CI.

Deprecated

  • Explicit requirement on defining cli_uses input in favour of assuming it automatically from the prior TF-setup step with the wrapper enabled.

Secured

  • Document best practices for using 3rd party GitHub Actions in a secure manner.
  • Support v10.X and above.

Commits changelog: v9.1.0...v10

Assets 2
0 Join discussion

v9.1.0

20 Feb 20:59
@RDhar RDhar
v9.1.0
dc6ce44
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.1.0
Marketplace
Marketplace

Changed

  • Separate out github-scripts to external files by @RDhar in #187
  • chore(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in #185
  • chore(deps): bump aws-actions/configure-aws-credentials from 4.0.1 to 4.0.2 by @dependabot in #186

Commits changelog: v9.0.3...v9.1.0

Contributors

RDhar and dependabot
Assets 2

v9.1.0-rc.2

20 Feb 20:47
@RDhar RDhar
v9.1.0-rc.2
dc6ce44
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.1.0-rc.2 Pre-release
Marketplace
Pre-release
Marketplace

Changed

  • Separate out github-scripts to external files by @RDhar in #187
  • chore(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in #185
  • chore(deps): bump aws-actions/configure-aws-credentials from 4.0.1 to 4.0.2 by @dependabot in #186

Commits changelog: v9.0.3...v9.1.0-rc.2

Contributors

RDhar and dependabot
Assets 2

v9.0.3

02 Feb 13:54
@RDhar RDhar
v9.0.3
af816bc
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.0.3
Marketplace
Marketplace

Changed

  • chore(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in #183
  • chore(deps): bump opentofu/setup-opentofu from 1.0.1 to 1.0.2 by @dependabot in #184

Commits changelog: v9.0.2...v9.0.3

Contributors

dependabot
Assets 2

v9.0.2

19 Jan 21:12
@RDhar RDhar
v9.0.2
050de16
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.0.2
Marketplace
Marketplace

Changed

  • remove sample lock files by @RDhar in #180
  • chore(deps): bump actions/upload-artifact from 3.1.3 to 4.2.0 by @dependabot in #182

Commits changelog: v9.0.1...v9.0.2

Contributors

RDhar and dependabot
Assets 2