From 5a87a31031c4c84bcdd565eba0b47b11fdfb4b23 Mon Sep 17 00:00:00 2001 From: skj-skj Date: Thu, 13 Nov 2025 14:59:55 +0530 Subject: [PATCH 01/17] added release notes for 1.0.3 --- .../docs/enterprise/releases/1.0.x/index.mdx | 23 +++++- .../terraform-enterprise/releases/1.0.3.md | 71 +++++++++++++++++++ 2 files changed, 93 insertions(+), 1 deletion(-) create mode 100644 content/terraform-enterprise/releases/1.0.3.md diff --git a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx index 443c08115c..48b0309969 100644 --- a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx @@ -14,6 +14,7 @@ Below is a list of the most recent Terraform Enterprise Releases that can deploy | Version | Linked
Terraform CLI\** | Sentinel | Tested Kubernetes Versions (EKS, AKS, GKE) | Helm Chart Version | | ----------------- | ------------------------------------------------------------------- | --------------------------------------------------------------------------- | ------------------------------ | ------------------ | +| [1.0.3](#1-0-3) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [1.33](https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html), [1.33](https://learn.microsoft.com/en-us/azure/aks/supported-kubernetes-versions?tabs=azure-cli#aks-kubernetes-release-calendar), [1.32](https://cloud.google.com/kubernetes-engine/docs/release-notes) | [1.6.5](https://github.com/hashicorp/terraform-enterprise-helm/releases/tag/v1.6.5) | | [1.0.2](#1-0-2) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [1.33](https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html), [1.33](https://learn.microsoft.com/en-us/azure/aks/supported-kubernetes-versions?tabs=azure-cli#aks-kubernetes-release-calendar), [1.32](https://cloud.google.com/kubernetes-engine/docs/release-notes) | [1.6.5](https://github.com/hashicorp/terraform-enterprise-helm/releases/tag/v1.6.5) | | [1.0.1](#1-0-1) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [1.33](https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html), [1.33](https://learn.microsoft.com/en-us/azure/aks/supported-kubernetes-versions?tabs=azure-cli#aks-kubernetes-release-calendar), [1.32](https://cloud.google.com/kubernetes-engine/docs/release-notes) | [1.6.5](https://github.com/hashicorp/terraform-enterprise-helm/releases/tag/v1.6.5) | | [1.0.0](#1-0-0) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [1.33](https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html), [1.33](https://learn.microsoft.com/en-us/azure/aks/supported-kubernetes-versions?tabs=azure-cli#aks-kubernetes-release-calendar), [1.32](https://cloud.google.com/kubernetes-engine/docs/release-notes) | [1.6.5](https://github.com/hashicorp/terraform-enterprise-helm/releases/tag/v1.6.5) | @@ -26,6 +27,7 @@ Below is a list of the most recent Terraform Enterprise Releases that can deploy | Version | Linked
Terraform CLI\** | Sentinel | Recommended Docker Compose version | | ----------------- | ------------------------------------------------------------------- | --------------------------------------------------------------------------- | ---------------------------------- | +| [1.0.3](#1-0-3) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [V2](https://docs.docker.com/compose/migrate/) | | [1.0.2](#1-0-2) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [V2](https://docs.docker.com/compose/migrate/) | | [1.0.1](#1-0-1) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [V2](https://docs.docker.com/compose/migrate/) | | [1.0.0](#1-0-0) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [V2](https://docs.docker.com/compose/migrate/) | @@ -38,6 +40,7 @@ Below is a list of the most recent Terraform Enterprise Releases that can deploy | Version | Linked
Terraform CLI\** | Sentinel | Tested Podman version | | ----------------- | ------------------------------------------------------------------- | --------------------------------------------------------------------------- | ---------------------------------- | +| [1.0.3](#1-0-3) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [v5](https://github.com/containers/podman/releases/tag/v5.0.0) | | [1.0.2](#1-0-2) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [v5](https://github.com/containers/podman/releases/tag/v5.0.0) | | [1.0.1](#1-0-1) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [v5](https://github.com/containers/podman/releases/tag/v5.0.0) | | [1.0.0](#1-0-0) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [v5](https://github.com/containers/podman/releases/tag/v5.0.0) | @@ -50,6 +53,7 @@ Below is a list of the most recent Terraform Enterprise Releases that can deploy | Version | Linked
Terraform CLI\** | Sentinel | Tested Nomad versions | Min supported version | | ----------------- | ------------------------------------------------------------------- | --------------------------------------------------------------------------- | --------------------------- | --------------------- | +| [1.0.3](#1-0-3) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | 1.7 | 1.5 | | [1.0.2](#1-0-2) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | 1.7 | 1.5 | | [1.0.1](#1-0-1) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | 1.7 | 1.5 | | [1.0.0](#1-0-0) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | 1.7 | 1.5 | @@ -61,12 +65,29 @@ Below is a list of the most recent Terraform Enterprise Releases that can deploy \** The release package contains this version of the Terraform CLI, but you can install older and newer versions of the Terraform CLI as needed via the Admin [UI](/terraform/enterprise/application-administration/resources#managing-terraform-versions) or [API](/terraform/enterprise/api-docs/admin/terraform-versions). +## 1.0.3 +2025-11-13 + +Last required release: [v202406-1 (776)](/terraform/enterprise/releases/2024/v202406-1) + +Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux `sha256:852169f2c90c0266bdaf3cf588593c68b6e246b5fc38094da322ba94662985d4`, arm64/linux `sha256:431ebdf2f36b33427b991a2dfcf469cd10e1e7c43691c141964ee25952e2dacc` + +## Improvements +1. Terraform Enterprise will return current version via new `X-TFE-Current-Version` header, additionally `X-TFE-Version` will continue to return monthly release version for backward compatibility. + +## Bug Fixes +1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. +1. Terraform Enterprise will now attempt to read and write from blob storage as a startup check, prior to running database migrations. + +## Security +1. Security vulnerabilities have been addressed and resolved in this update to enhance overall system protection. + ## 1.0.2 2025-10-15 Last required release: [v202406-1 (776)](/terraform/enterprise/releases/2024/v202406-1) -Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux `sha256:edc06293b395e5beb3dfbbda4e89341334ab184c5895b81cf31c074dadc43ff7`, arm64/linux `sha256:7d7dfa2b283f252b8a65b1689a49db2b3a0b81fcaefd11a560a93baf8ad6041f` +Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux `sha256:45b38984be21aee297342c32a81df807aa667e53caf636c01a6a5af4ff3eeb51`, arm64/linux `sha256:21e0cb0962838565aae8f77c542ec413459bc3907dc97eade2a139771896477b` ## Bug Fixes 1. Plan output will now be rendered when Structured Run Output (SRO) is enabled. Previously, the output from `terraform plan` and `terraform apply` was not displayed as expected when SRO was active. diff --git a/content/terraform-enterprise/releases/1.0.3.md b/content/terraform-enterprise/releases/1.0.3.md new file mode 100644 index 0000000000..b2f3150d17 --- /dev/null +++ b/content/terraform-enterprise/releases/1.0.3.md @@ -0,0 +1,71 @@ +# Terraform Enterprise 1.0.3 + +- **App Deadline Date:** Thursday, November 13, 2025 +- **Release Branch:** release/1.0.x +- **Release Slack Channel:** #proj-tfe-releases + +## Contributor Sign Off + +Congratulations, if your name is on this list that means you contributed to this release. You must sign off on your +contributions by checking the box in front of your username. The number in front of your username is the number of pull +requests authored by you that are going into this release. + +Please review the changelog entries for your contributions. Your changelog entries should be **feature-focused**, define +the **what** and **why**, and include any necessary information for customers. Each entry should make it clear why the +customer should care about the change. More information on +[how to write release notes can be found in confluence](https://hashicorp.atlassian.net/wiki/spaces/TFENG/pages/2369355816/How+to+Write+Release+Notes+for+TFE). + + + +## Known Issues + +## Breaking Changes + +## Deprecations + +## Highlights + +## Features + +## Improvements + +## Bug Fixes + +## Security + + + +### Generated Changelog + +The changelog below was generated by `scripts/changelog.rb`. It includes PRs merged from each repository in `app_repos.yaml`. The purpose of this generated changelog is to serve as starting place for constructing the customer facing changelog above. + +#### Possible Customer Impacting Changes + +These PRs included a changelog line the PR body. This changelog line has been used as the message below. + +1. Terraform Enterprise will return current version via new `X-TFE-Current-Version` header, additionally `X-TFE-Version` will continue to return monthly release version for backward compatibility. -- **@skj-skj** [atlas#25296](https://github.com/hashicorp/atlas/pull/25296) +1. Terraform Enterprise will return current version via new `X-TFE-Current-Version` header, additionally `X-TFE-Version` will continue to return monthly release version for backward compatibility. -- **@hc-tfe-release-bot** [atlas#25298](https://github.com/hashicorp/atlas/pull/25298) +1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. -- **@mkam** [atlas#25409](https://github.com/hashicorp/atlas/pull/25409) +1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. -- **@hc-tfe-release-bot** [atlas#25468](https://github.com/hashicorp/atlas/pull/25468) +1. Terraform Enterprise will now attempt to read and write from blob storage as a startup check, prior to running database migrations. -- **@p0pr0ck5** [terraform-enterprise#3290](https://github.com/hashicorp/terraform-enterprise/pull/3290) +1. updating atlas tag which fixes sidekiq to default to redis client id if sidekiq client id is not specified in env. **@kkavish** [terraform-enterprise#3379](https://github.com/hashicorp/terraform-enterprise/pull/3379) +1. Upgrades redis-server version to `7.4.2`. -- **@theoskolnik** [terraform-enterprise#2976](https://github.com/hashicorp/terraform-enterprise/pull/2976) +1. Upgrades redis-server version to `7.4.2`. -- **@hc-tfe-release-bot** [terraform-enterprise#3391](https://github.com/hashicorp/terraform-enterprise/pull/3391) + +#### Possible Non Customer Facing Changes + +These PRs did not include a changelog line in the PR body. The PR title has been used as the message below. + +1. 1.0.x backport - optimized TFE usage reporter patterns (#24954) -- **@p0pr0ck5** [atlas#25290](https://github.com/hashicorp/atlas/pull/25290) +1. Correct name of TFEUsageReporterWorker in schedule-enterprise.yml -- **@RWJMurphy** [atlas#25381](https://github.com/hashicorp/atlas/pull/25381) +1. Backport of Correct name of TFEUsageReporterWorker in schedule-enterprise.yml into release/1.0.x -- **@hc-tfe-release-bot** [atlas#25395](https://github.com/hashicorp/atlas/pull/25395) +1. Azure Passwordless: Sidekiq should pick client ID from redis config if sidekiq config does not specify it -- **@kkavish** [atlas#25390](https://github.com/hashicorp/atlas/pull/25390) +1. Addresses CVE-2025-59830 -- **@nicsnet** [atlas#24902](https://github.com/hashicorp/atlas/pull/24902) +1. Backport of Addresses CVE-2025-59830 into release/1.0.x -- **@hc-tfe-release-bot** [atlas#25493](https://github.com/hashicorp/atlas/pull/25493) +1. Bump Rack to 2.2.19 to resolve various CVEs -- **@james-warren0** [atlas#25038](https://github.com/hashicorp/atlas/pull/25038) +1. bump atlas for purr backport -- **@p0pr0ck5** [terraform-enterprise#3339](https://github.com/hashicorp/terraform-enterprise/pull/3339) +1. app deadline preparation completed -- **@harshitchaudhary94** [terraform-enterprise#3386](https://github.com/hashicorp/terraform-enterprise/pull/3386) +1. Bump Redis version to patch critical CVE, Vault version to patch high CVE -- **@james-warren0** [terraform-enterprise#3196](https://github.com/hashicorp/terraform-enterprise/pull/3196) +1. Backport of Bump Redis version to patch critical CVE, Vault version to patch high CVE into release/1.0.x -- **@hc-tfe-release-bot** [terraform-enterprise#3389](https://github.com/hashicorp/terraform-enterprise/pull/3389) +1. bump atlas to the latest in release/1.0.x to remediate critical vulns -- **@vmacdougal-hc** [terraform-enterprise#3393](https://github.com/hashicorp/terraform-enterprise/pull/3393) +1. Use the latest TFE base image -- **@vmacdougal-hc** [terraform-enterprise#3395](https://github.com/hashicorp/terraform-enterprise/pull/3395) From bed08e13e6c905150dd1b0f4c50b14b1b98040c7 Mon Sep 17 00:00:00 2001 From: theoskolnik Date: Thu, 13 Nov 2025 10:24:39 -0800 Subject: [PATCH 02/17] includes redis version bump note --- content/terraform-enterprise/releases/1.0.3.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/terraform-enterprise/releases/1.0.3.md b/content/terraform-enterprise/releases/1.0.3.md index b2f3150d17..a439ade6c2 100644 --- a/content/terraform-enterprise/releases/1.0.3.md +++ b/content/terraform-enterprise/releases/1.0.3.md @@ -28,6 +28,7 @@ customer should care about the change. More information on ## Features ## Improvements +The redis-server version has been upgraded to `7.4.2`. ## Bug Fixes From 88a46f83ef144ea518f541ff90a5a1b12e294348 Mon Sep 17 00:00:00 2001 From: Sripal K Jain Date: Fri, 14 Nov 2025 08:49:43 +0530 Subject: [PATCH 03/17] Update content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx Co-authored-by: Nikolas Rieble --- .../1.0.x/docs/enterprise/releases/1.0.x/index.mdx | 1 + 1 file changed, 1 insertion(+) diff --git a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx index 48b0309969..a6e088511d 100644 --- a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx @@ -76,6 +76,7 @@ Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux 1. Terraform Enterprise will return current version via new `X-TFE-Current-Version` header, additionally `X-TFE-Version` will continue to return monthly release version for backward compatibility. ## Bug Fixes +1. License reporting no longer generates heavy database load and memory usage. This issue was introduced in v202507-1. 1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. 1. Terraform Enterprise will now attempt to read and write from blob storage as a startup check, prior to running database migrations. From 6266ecc12098bc83222d787e0f40d384bebd4564 Mon Sep 17 00:00:00 2001 From: skj-skj Date: Fri, 14 Nov 2025 11:54:28 +0530 Subject: [PATCH 04/17] added redis version bump note --- .../1.0.x/docs/enterprise/releases/1.0.x/index.mdx | 1 + content/terraform-enterprise/releases/1.0.3.md | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx index a6e088511d..8b2013095c 100644 --- a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx @@ -74,6 +74,7 @@ Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux ## Improvements 1. Terraform Enterprise will return current version via new `X-TFE-Current-Version` header, additionally `X-TFE-Version` will continue to return monthly release version for backward compatibility. +1. The redis-server version has been upgraded to `7.4.6`. ## Bug Fixes 1. License reporting no longer generates heavy database load and memory usage. This issue was introduced in v202507-1. diff --git a/content/terraform-enterprise/releases/1.0.3.md b/content/terraform-enterprise/releases/1.0.3.md index a439ade6c2..bece821c1f 100644 --- a/content/terraform-enterprise/releases/1.0.3.md +++ b/content/terraform-enterprise/releases/1.0.3.md @@ -28,7 +28,7 @@ customer should care about the change. More information on ## Features ## Improvements -The redis-server version has been upgraded to `7.4.2`. +The redis-server version has been upgraded to `7.4.6`. ## Bug Fixes From f472942055941c577e50351d85050bbed8ef9614 Mon Sep 17 00:00:00 2001 From: kumarkavish Date: Fri, 14 Nov 2025 14:20:37 +0530 Subject: [PATCH 05/17] mentioning Bug Fixes in 1.0.3 --- .../1.0.x/docs/enterprise/releases/1.0.x/index.mdx | 1 + content/terraform-enterprise/releases/1.0.3.md | 2 ++ 2 files changed, 3 insertions(+) diff --git a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx index 8b2013095c..5d242408c6 100644 --- a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx @@ -80,6 +80,7 @@ Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux 1. License reporting no longer generates heavy database load and memory usage. This issue was introduced in v202507-1. 1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. 1. Terraform Enterprise will now attempt to read and write from blob storage as a startup check, prior to running database migrations. +1. `TFE_REDIS_SIDEKIQ_PASSWORDLESS_AZURE_CLIENT_ID` if not specified, will now default to `TFE_REDIS_PASSWORDLESS_AZURE_CLIENT_ID` for Azure Passwordless authentication in Redis. ## Security 1. Security vulnerabilities have been addressed and resolved in this update to enhance overall system protection. diff --git a/content/terraform-enterprise/releases/1.0.3.md b/content/terraform-enterprise/releases/1.0.3.md index bece821c1f..352d3e328a 100644 --- a/content/terraform-enterprise/releases/1.0.3.md +++ b/content/terraform-enterprise/releases/1.0.3.md @@ -32,6 +32,8 @@ The redis-server version has been upgraded to `7.4.6`. ## Bug Fixes +1. `TFE_REDIS_SIDEKIQ_PASSWORDLESS_AZURE_CLIENT_ID` if not specified, will now default to `TFE_REDIS_PASSWORDLESS_AZURE_CLIENT_ID` for Azure Passwordless authentication in Redis. + ## Security From bf33e84f1eef37ae5aa4e6f49a5aaf76dd20d9d6 Mon Sep 17 00:00:00 2001 From: Melissa Kam Date: Fri, 14 Nov 2025 09:37:35 -0600 Subject: [PATCH 06/17] Update with state version permission bug --- .../1.0.x/docs/enterprise/releases/1.0.x/index.mdx | 1 + content/terraform-enterprise/releases/1.0.3.md | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx index 5d242408c6..6e00cae3d4 100644 --- a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx @@ -83,6 +83,7 @@ Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux 1. `TFE_REDIS_SIDEKIQ_PASSWORDLESS_AZURE_CLIENT_ID` if not specified, will now default to `TFE_REDIS_PASSWORDLESS_AZURE_CLIENT_ID` for Azure Passwordless authentication in Redis. ## Security +1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. 1. Security vulnerabilities have been addressed and resolved in this update to enhance overall system protection. ## 1.0.2 diff --git a/content/terraform-enterprise/releases/1.0.3.md b/content/terraform-enterprise/releases/1.0.3.md index 352d3e328a..b9481f5278 100644 --- a/content/terraform-enterprise/releases/1.0.3.md +++ b/content/terraform-enterprise/releases/1.0.3.md @@ -36,6 +36,8 @@ The redis-server version has been upgraded to `7.4.6`. ## Security +1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. + ### Generated Changelog @@ -48,7 +50,6 @@ These PRs included a changelog line the PR body. This changelog line has been us 1. Terraform Enterprise will return current version via new `X-TFE-Current-Version` header, additionally `X-TFE-Version` will continue to return monthly release version for backward compatibility. -- **@skj-skj** [atlas#25296](https://github.com/hashicorp/atlas/pull/25296) 1. Terraform Enterprise will return current version via new `X-TFE-Current-Version` header, additionally `X-TFE-Version` will continue to return monthly release version for backward compatibility. -- **@hc-tfe-release-bot** [atlas#25298](https://github.com/hashicorp/atlas/pull/25298) -1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. -- **@mkam** [atlas#25409](https://github.com/hashicorp/atlas/pull/25409) 1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. -- **@hc-tfe-release-bot** [atlas#25468](https://github.com/hashicorp/atlas/pull/25468) 1. Terraform Enterprise will now attempt to read and write from blob storage as a startup check, prior to running database migrations. -- **@p0pr0ck5** [terraform-enterprise#3290](https://github.com/hashicorp/terraform-enterprise/pull/3290) 1. updating atlas tag which fixes sidekiq to default to redis client id if sidekiq client id is not specified in env. **@kkavish** [terraform-enterprise#3379](https://github.com/hashicorp/terraform-enterprise/pull/3379) From 181a86b6a0c4659c484d2377f5d04f7a17b39716 Mon Sep 17 00:00:00 2001 From: skj-skj Date: Mon, 17 Nov 2025 16:53:26 +0530 Subject: [PATCH 07/17] updated 1.0.x release notes under 1.1.x --- .../docs/enterprise/releases/1.0.x/index.mdx | 27 ++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx index 443c08115c..6e00cae3d4 100644 --- a/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx @@ -14,6 +14,7 @@ Below is a list of the most recent Terraform Enterprise Releases that can deploy | Version | Linked
Terraform CLI\** | Sentinel | Tested Kubernetes Versions (EKS, AKS, GKE) | Helm Chart Version | | ----------------- | ------------------------------------------------------------------- | --------------------------------------------------------------------------- | ------------------------------ | ------------------ | +| [1.0.3](#1-0-3) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [1.33](https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html), [1.33](https://learn.microsoft.com/en-us/azure/aks/supported-kubernetes-versions?tabs=azure-cli#aks-kubernetes-release-calendar), [1.32](https://cloud.google.com/kubernetes-engine/docs/release-notes) | [1.6.5](https://github.com/hashicorp/terraform-enterprise-helm/releases/tag/v1.6.5) | | [1.0.2](#1-0-2) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [1.33](https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html), [1.33](https://learn.microsoft.com/en-us/azure/aks/supported-kubernetes-versions?tabs=azure-cli#aks-kubernetes-release-calendar), [1.32](https://cloud.google.com/kubernetes-engine/docs/release-notes) | [1.6.5](https://github.com/hashicorp/terraform-enterprise-helm/releases/tag/v1.6.5) | | [1.0.1](#1-0-1) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [1.33](https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html), [1.33](https://learn.microsoft.com/en-us/azure/aks/supported-kubernetes-versions?tabs=azure-cli#aks-kubernetes-release-calendar), [1.32](https://cloud.google.com/kubernetes-engine/docs/release-notes) | [1.6.5](https://github.com/hashicorp/terraform-enterprise-helm/releases/tag/v1.6.5) | | [1.0.0](#1-0-0) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [1.33](https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html), [1.33](https://learn.microsoft.com/en-us/azure/aks/supported-kubernetes-versions?tabs=azure-cli#aks-kubernetes-release-calendar), [1.32](https://cloud.google.com/kubernetes-engine/docs/release-notes) | [1.6.5](https://github.com/hashicorp/terraform-enterprise-helm/releases/tag/v1.6.5) | @@ -26,6 +27,7 @@ Below is a list of the most recent Terraform Enterprise Releases that can deploy | Version | Linked
Terraform CLI\** | Sentinel | Recommended Docker Compose version | | ----------------- | ------------------------------------------------------------------- | --------------------------------------------------------------------------- | ---------------------------------- | +| [1.0.3](#1-0-3) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [V2](https://docs.docker.com/compose/migrate/) | | [1.0.2](#1-0-2) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [V2](https://docs.docker.com/compose/migrate/) | | [1.0.1](#1-0-1) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [V2](https://docs.docker.com/compose/migrate/) | | [1.0.0](#1-0-0) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [V2](https://docs.docker.com/compose/migrate/) | @@ -38,6 +40,7 @@ Below is a list of the most recent Terraform Enterprise Releases that can deploy | Version | Linked
Terraform CLI\** | Sentinel | Tested Podman version | | ----------------- | ------------------------------------------------------------------- | --------------------------------------------------------------------------- | ---------------------------------- | +| [1.0.3](#1-0-3) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [v5](https://github.com/containers/podman/releases/tag/v5.0.0) | | [1.0.2](#1-0-2) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [v5](https://github.com/containers/podman/releases/tag/v5.0.0) | | [1.0.1](#1-0-1) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [v5](https://github.com/containers/podman/releases/tag/v5.0.0) | | [1.0.0](#1-0-0) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | [v5](https://github.com/containers/podman/releases/tag/v5.0.0) | @@ -50,6 +53,7 @@ Below is a list of the most recent Terraform Enterprise Releases that can deploy | Version | Linked
Terraform CLI\** | Sentinel | Tested Nomad versions | Min supported version | | ----------------- | ------------------------------------------------------------------- | --------------------------------------------------------------------------- | --------------------------- | --------------------- | +| [1.0.3](#1-0-3) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | 1.7 | 1.5 | | [1.0.2](#1-0-2) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | 1.7 | 1.5 | | [1.0.1](#1-0-1) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | 1.7 | 1.5 | | [1.0.0](#1-0-0) | [1.12.1](https://github.com/hashicorp/terraform/releases/tag/v1.12.1) | [0.40.0](https://developer.hashicorp.com/sentinel/docs/changelog#0-40-0-may-12-2025) | 1.7 | 1.5 | @@ -61,12 +65,33 @@ Below is a list of the most recent Terraform Enterprise Releases that can deploy \** The release package contains this version of the Terraform CLI, but you can install older and newer versions of the Terraform CLI as needed via the Admin [UI](/terraform/enterprise/application-administration/resources#managing-terraform-versions) or [API](/terraform/enterprise/api-docs/admin/terraform-versions). +## 1.0.3 +2025-11-13 + +Last required release: [v202406-1 (776)](/terraform/enterprise/releases/2024/v202406-1) + +Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux `sha256:852169f2c90c0266bdaf3cf588593c68b6e246b5fc38094da322ba94662985d4`, arm64/linux `sha256:431ebdf2f36b33427b991a2dfcf469cd10e1e7c43691c141964ee25952e2dacc` + +## Improvements +1. Terraform Enterprise will return current version via new `X-TFE-Current-Version` header, additionally `X-TFE-Version` will continue to return monthly release version for backward compatibility. +1. The redis-server version has been upgraded to `7.4.6`. + +## Bug Fixes +1. License reporting no longer generates heavy database load and memory usage. This issue was introduced in v202507-1. +1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. +1. Terraform Enterprise will now attempt to read and write from blob storage as a startup check, prior to running database migrations. +1. `TFE_REDIS_SIDEKIQ_PASSWORDLESS_AZURE_CLIENT_ID` if not specified, will now default to `TFE_REDIS_PASSWORDLESS_AZURE_CLIENT_ID` for Azure Passwordless authentication in Redis. + +## Security +1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. +1. Security vulnerabilities have been addressed and resolved in this update to enhance overall system protection. + ## 1.0.2 2025-10-15 Last required release: [v202406-1 (776)](/terraform/enterprise/releases/2024/v202406-1) -Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux `sha256:edc06293b395e5beb3dfbbda4e89341334ab184c5895b81cf31c074dadc43ff7`, arm64/linux `sha256:7d7dfa2b283f252b8a65b1689a49db2b3a0b81fcaefd11a560a93baf8ad6041f` +Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux `sha256:45b38984be21aee297342c32a81df807aa667e53caf636c01a6a5af4ff3eeb51`, arm64/linux `sha256:21e0cb0962838565aae8f77c542ec413459bc3907dc97eade2a139771896477b` ## Bug Fixes 1. Plan output will now be rendered when Structured Run Output (SRO) is enabled. Previously, the output from `terraform plan` and `terraform apply` was not displayed as expected when SRO was active. From db39bf67eccb4ca25c7096cebbd974d696b60c5f Mon Sep 17 00:00:00 2001 From: skj-skj Date: Mon, 17 Nov 2025 18:20:24 +0530 Subject: [PATCH 08/17] updated date --- .../1.0.x/docs/enterprise/releases/1.0.x/index.mdx | 2 +- .../1.1.x/docs/enterprise/releases/1.0.x/index.mdx | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx index 6e00cae3d4..d05f75548b 100644 --- a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx @@ -66,7 +66,7 @@ Below is a list of the most recent Terraform Enterprise Releases that can deploy \** The release package contains this version of the Terraform CLI, but you can install older and newer versions of the Terraform CLI as needed via the Admin [UI](/terraform/enterprise/application-administration/resources#managing-terraform-versions) or [API](/terraform/enterprise/api-docs/admin/terraform-versions). ## 1.0.3 -2025-11-13 +2025-11-17 Last required release: [v202406-1 (776)](/terraform/enterprise/releases/2024/v202406-1) diff --git a/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx index 6e00cae3d4..d05f75548b 100644 --- a/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx @@ -66,7 +66,7 @@ Below is a list of the most recent Terraform Enterprise Releases that can deploy \** The release package contains this version of the Terraform CLI, but you can install older and newer versions of the Terraform CLI as needed via the Admin [UI](/terraform/enterprise/application-administration/resources#managing-terraform-versions) or [API](/terraform/enterprise/api-docs/admin/terraform-versions). ## 1.0.3 -2025-11-13 +2025-11-17 Last required release: [v202406-1 (776)](/terraform/enterprise/releases/2024/v202406-1) From 63acad3a547871bfd83046df1ddf2656fb1d9b8f Mon Sep 17 00:00:00 2001 From: Sripal K Jain Date: Mon, 17 Nov 2025 21:22:38 +0530 Subject: [PATCH 09/17] Update content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --- .../1.0.x/docs/enterprise/releases/1.0.x/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx index d05f75548b..f59b567023 100644 --- a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx @@ -73,7 +73,7 @@ Last required release: [v202406-1 (776)](/terraform/enterprise/releases/2024/v20 Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux `sha256:852169f2c90c0266bdaf3cf588593c68b6e246b5fc38094da322ba94662985d4`, arm64/linux `sha256:431ebdf2f36b33427b991a2dfcf469cd10e1e7c43691c141964ee25952e2dacc` ## Improvements -1. Terraform Enterprise will return current version via new `X-TFE-Current-Version` header, additionally `X-TFE-Version` will continue to return monthly release version for backward compatibility. +1. Terraform Enterprise returns the current version in the new `X-TFE-Current-Version` header. For backward compatibility, the `X-TFE-Version` header continues to return the monthly release version. 1. The redis-server version has been upgraded to `7.4.6`. ## Bug Fixes From 7e68a1e2bd38dbbd7996dff7a32fae4f4c9e3731 Mon Sep 17 00:00:00 2001 From: Sripal K Jain Date: Mon, 17 Nov 2025 21:22:52 +0530 Subject: [PATCH 10/17] Update content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --- .../1.0.x/docs/enterprise/releases/1.0.x/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx index f59b567023..1dab647790 100644 --- a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx @@ -74,7 +74,7 @@ Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux ## Improvements 1. Terraform Enterprise returns the current version in the new `X-TFE-Current-Version` header. For backward compatibility, the `X-TFE-Version` header continues to return the monthly release version. -1. The redis-server version has been upgraded to `7.4.6`. +1. The `redis-server` version has been upgraded to `7.4.6`. ## Bug Fixes 1. License reporting no longer generates heavy database load and memory usage. This issue was introduced in v202507-1. From 084c1aaf0d4a04f708a8131792b009620e44f460 Mon Sep 17 00:00:00 2001 From: Sripal K Jain Date: Mon, 17 Nov 2025 21:23:13 +0530 Subject: [PATCH 11/17] Update content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --- .../1.0.x/docs/enterprise/releases/1.0.x/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx index 1dab647790..628b456855 100644 --- a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx @@ -79,7 +79,7 @@ Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux ## Bug Fixes 1. License reporting no longer generates heavy database load and memory usage. This issue was introduced in v202507-1. 1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. -1. Terraform Enterprise will now attempt to read and write from blob storage as a startup check, prior to running database migrations. +1. Terraform Enterprise now attempts to read and write from blob storage as a startup check before running database migrations. 1. `TFE_REDIS_SIDEKIQ_PASSWORDLESS_AZURE_CLIENT_ID` if not specified, will now default to `TFE_REDIS_PASSWORDLESS_AZURE_CLIENT_ID` for Azure Passwordless authentication in Redis. ## Security From 355ea86c9ddb58106fe6d61f1112600f2bacfce8 Mon Sep 17 00:00:00 2001 From: Sripal K Jain Date: Mon, 17 Nov 2025 21:23:52 +0530 Subject: [PATCH 12/17] Update content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --- .../1.0.x/docs/enterprise/releases/1.0.x/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx index 628b456855..f1284369ed 100644 --- a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx @@ -80,7 +80,7 @@ Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux 1. License reporting no longer generates heavy database load and memory usage. This issue was introduced in v202507-1. 1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. 1. Terraform Enterprise now attempts to read and write from blob storage as a startup check before running database migrations. -1. `TFE_REDIS_SIDEKIQ_PASSWORDLESS_AZURE_CLIENT_ID` if not specified, will now default to `TFE_REDIS_PASSWORDLESS_AZURE_CLIENT_ID` for Azure Passwordless authentication in Redis. +1. When `TFE_REDIS_SIDEKIQ_PASSWORDLESS_AZURE_CLIENT_ID` is unspecified, Terraform Enterprise now defaults to `TFE_REDIS_PASSWORDLESS_AZURE_CLIENT_ID` for Azure passwordless authentication in Redis. ## Security 1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. From 586d4ee2faeeff8c4cba4fee4addaf9888bb4e6c Mon Sep 17 00:00:00 2001 From: Sripal K Jain Date: Mon, 17 Nov 2025 21:24:19 +0530 Subject: [PATCH 13/17] Update content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --- .../1.1.x/docs/enterprise/releases/1.0.x/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx index d05f75548b..f59b567023 100644 --- a/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx @@ -73,7 +73,7 @@ Last required release: [v202406-1 (776)](/terraform/enterprise/releases/2024/v20 Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux `sha256:852169f2c90c0266bdaf3cf588593c68b6e246b5fc38094da322ba94662985d4`, arm64/linux `sha256:431ebdf2f36b33427b991a2dfcf469cd10e1e7c43691c141964ee25952e2dacc` ## Improvements -1. Terraform Enterprise will return current version via new `X-TFE-Current-Version` header, additionally `X-TFE-Version` will continue to return monthly release version for backward compatibility. +1. Terraform Enterprise returns the current version in the new `X-TFE-Current-Version` header. For backward compatibility, the `X-TFE-Version` header continues to return the monthly release version. 1. The redis-server version has been upgraded to `7.4.6`. ## Bug Fixes From 1bd7e20e215e19e8f7c93f5b55c8602e98522219 Mon Sep 17 00:00:00 2001 From: Sripal K Jain Date: Mon, 17 Nov 2025 21:24:29 +0530 Subject: [PATCH 14/17] Update content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --- .../1.1.x/docs/enterprise/releases/1.0.x/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx index f59b567023..1dab647790 100644 --- a/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx @@ -74,7 +74,7 @@ Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux ## Improvements 1. Terraform Enterprise returns the current version in the new `X-TFE-Current-Version` header. For backward compatibility, the `X-TFE-Version` header continues to return the monthly release version. -1. The redis-server version has been upgraded to `7.4.6`. +1. The `redis-server` version has been upgraded to `7.4.6`. ## Bug Fixes 1. License reporting no longer generates heavy database load and memory usage. This issue was introduced in v202507-1. From fbbab48ee1899b03a683aed333f7bd40f2e936ce Mon Sep 17 00:00:00 2001 From: Sripal K Jain Date: Mon, 17 Nov 2025 21:24:50 +0530 Subject: [PATCH 15/17] Update content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --- .../1.1.x/docs/enterprise/releases/1.0.x/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx index 1dab647790..628b456855 100644 --- a/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx @@ -79,7 +79,7 @@ Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux ## Bug Fixes 1. License reporting no longer generates heavy database load and memory usage. This issue was introduced in v202507-1. 1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. -1. Terraform Enterprise will now attempt to read and write from blob storage as a startup check, prior to running database migrations. +1. Terraform Enterprise now attempts to read and write from blob storage as a startup check before running database migrations. 1. `TFE_REDIS_SIDEKIQ_PASSWORDLESS_AZURE_CLIENT_ID` if not specified, will now default to `TFE_REDIS_PASSWORDLESS_AZURE_CLIENT_ID` for Azure Passwordless authentication in Redis. ## Security From 329e5faeba654d15c4e14d616c48d725bcfdc721 Mon Sep 17 00:00:00 2001 From: Sripal K Jain Date: Mon, 17 Nov 2025 21:25:02 +0530 Subject: [PATCH 16/17] Update content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> --- .../1.1.x/docs/enterprise/releases/1.0.x/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx index 628b456855..f1284369ed 100644 --- a/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.1.x/docs/enterprise/releases/1.0.x/index.mdx @@ -80,7 +80,7 @@ Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux 1. License reporting no longer generates heavy database load and memory usage. This issue was introduced in v202507-1. 1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. 1. Terraform Enterprise now attempts to read and write from blob storage as a startup check before running database migrations. -1. `TFE_REDIS_SIDEKIQ_PASSWORDLESS_AZURE_CLIENT_ID` if not specified, will now default to `TFE_REDIS_PASSWORDLESS_AZURE_CLIENT_ID` for Azure Passwordless authentication in Redis. +1. When `TFE_REDIS_SIDEKIQ_PASSWORDLESS_AZURE_CLIENT_ID` is unspecified, Terraform Enterprise now defaults to `TFE_REDIS_PASSWORDLESS_AZURE_CLIENT_ID` for Azure passwordless authentication in Redis. ## Security 1. State versions could be created or removed with a combination of permissions that should not have allowed write access. This bug has been resolved, and only write permissions to the workspace or state versions should grant access to modify state versions. From facdbafca3a8a5709d9c72894458c52378eccfef Mon Sep 17 00:00:00 2001 From: Harshit Date: Mon, 17 Nov 2025 22:25:35 +0530 Subject: [PATCH 17/17] Sha is updated for the latest release --- .../1.0.x/docs/enterprise/releases/1.0.x/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx index f1284369ed..2413799001 100644 --- a/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx +++ b/content/terraform-enterprise/1.0.x/docs/enterprise/releases/1.0.x/index.mdx @@ -70,7 +70,7 @@ Below is a list of the most recent Terraform Enterprise Releases that can deploy Last required release: [v202406-1 (776)](/terraform/enterprise/releases/2024/v202406-1) -Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux `sha256:852169f2c90c0266bdaf3cf588593c68b6e246b5fc38094da322ba94662985d4`, arm64/linux `sha256:431ebdf2f36b33427b991a2dfcf469cd10e1e7c43691c141964ee25952e2dacc` +Flexible Deployment Options `terraform-enterprise` container digest: amd64/linux `sha256:ff6bcfe76993e5f779854ed11d179f8e127268fe4bc5964b53703f7f8e8222df`, arm64/linux `sha256:e2f13dd9a82c6c2aad86ae86fc3c04537f73fd09a69243babb3e47d4a7674a3d` ## Improvements 1. Terraform Enterprise returns the current version in the new `X-TFE-Current-Version` header. For backward compatibility, the `X-TFE-Version` header continues to return the monthly release version.