Releases: DevSecTop/TF-via-PR
Releases · DevSecTop/TF-via-PR
v10.5.0
v10.4.0
Added
- Append outline of planned changes to the PR comment, truncated to the first 12,000 characters (e.g.,
random_pet.name[0] will be created
).
Commits changelog: v10.3.0...v10.4.0
v10.3.0
Added
- Output
comment_summary
of TF output (e.g., "Plan: 1 to add, 0 to change, 0 to destroy.")- Requires
checks: write
permission.
- Requires
- Copy TF output to the job summary for easier access within GitHub Actions > Jobs.
Changed
- (meta) Dependabot configuration to keep Terraform dependencies up-to-date in a group (until OpenTofu catches up).
- (meta) Formatted yml → yaml workflows for consistency and legibility.
Security
- Explicitly list all 3 GitHub Actions used by this workflow and the steps taken to prevent supply chain attacks from upstream dependencies:
Commits changelog: v10.2.0...v10.3.0
v10.2.0
Added
- Example workflow using
tenv
proxy (thank you @dvaumoron and @kvendingoldo!). - Output
comment_id
of the PR comment created or updated by the workflow. - Markdown comments
<!-- pre_output -->
and<!-- post_output -->
within PR comment to enable user-driven replacements.
Changed
- Rename repository from "TF-via-PR-Comments" to "TF-via-PR" to better indicate the wider scope of PR-based automation.
- Amend default
recreate_comment
fromfalse
totrue
. - Amend default
validate_enable
fromtrue
tofalse
. - Example workflows use Actions with simpler pinned tags for legibility.
Fixed
- Argument input
-concise
gets pass to-tf=plan
as expected. - (meta) Path filters to only trigger
tf_test.yml
workflow on changes to specific (sub-)directories.
Commits changelog: v10.1.0...v10.2.0
v10.1.0
Fixed
- Reference path to github-script files.
Changed
- Moved reference workflows into "examples/" directory to prevent mistriggers.
Commits changelog: v10...v10.1.0
v10: Run TF directly via workflow input in addition to PR comments
Highlight
In addition to the existing PR comment trigger, support TF execution directly via command_input
within the workflow to enable more flexible and dynamic use-cases, including parallel runs in matrix strategy.
Added
- Support TF execution directly via
command_input
string. - Multiple workflow examples with associated permissions and triggers for usage clarity.
- Cache TF plugins to speed up workflow run times, optionally.
- TF Tests workflow to validate GitHub Action against various sample Terraform configurations.
- Badges/shields at the top of the README to show(-off) notable metrics and metadata.
- Support
recreate_comment
boolean flag to optionally delete and re-add PR comments after any updates/commits made on the PR branch to make the conversation easier to follow. - Support
-concise
flag to reduce verbosity of OpenTofu output.
Changed
- Streamline calls to "github-script" with
await require(...)
one-liner. - Rename GitHub Action to prioritise/emphasise OpenTofu support.
- Bump up character limits of TF output (51200 → 66000) and format diff (10240 → 12000).
- Set default values for boolean inputs to reduce usage ambiguity.
Fixed
- Support
-or-create
flag for more appropriate TF workspace creation via CI.
Deprecated
- Explicit requirement on defining
cli_uses
input in favour of assuming it automatically from the prior TF-setup step with the wrapper enabled.
Secured
- Document best practices for using 3rd party GitHub Actions in a secure manner.
- Support v10.X and above.
Commits changelog: v9.1.0...v10
v9.1.0
Changed
- Separate out github-scripts to external files by @RDhar in #187
- chore(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in #185
- chore(deps): bump aws-actions/configure-aws-credentials from 4.0.1 to 4.0.2 by @dependabot in #186
Commits changelog: v9.0.3...v9.1.0
v9.1.0-rc.2
Changed
- Separate out github-scripts to external files by @RDhar in #187
- chore(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in #185
- chore(deps): bump aws-actions/configure-aws-credentials from 4.0.1 to 4.0.2 by @dependabot in #186
Commits changelog: v9.0.3...v9.1.0-rc.2
v9.0.3
Changed
- chore(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in #183
- chore(deps): bump opentofu/setup-opentofu from 1.0.1 to 1.0.2 by @dependabot in #184
Commits changelog: v9.0.2...v9.0.3
v9.0.2
Changed
- remove sample lock files by @RDhar in #180
- chore(deps): bump actions/upload-artifact from 3.1.3 to 4.2.0 by @dependabot in #182
Commits changelog: v9.0.1...v9.0.2