Skip to content
This repository has been archived by the owner on Feb 18, 2024. It is now read-only.

Update Terraform tls to v4 #20

Merged
merged 1 commit into from
Dec 24, 2023
Merged

Update Terraform tls to v4 #20

merged 1 commit into from
Dec 24, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Dec 24, 2023

Mend Renovate

This PR contains the following updates:

Package Type Update Change
tls (source) required_provider major 3.1.0 -> 4.0.5

Release Notes

hashicorp/terraform-provider-tls (tls)

v4.0.5

Compare Source

NOTES:

  • This release introduces no functional changes. It does however include dependency updates which address upstream CVEs. (#​432)

v4.0.4

Compare Source

BUG FIXES:

  • resource/tls_locally_signed_cert: Ensure terraform refresh updates state when cert is ready for renewal (#​278).
  • resource/tls_self_signed_cert: Ensure terraform refresh updates state when cert is ready for renewal (#​278).

v4.0.3

Compare Source

BUG FIXES:

  • resource/tls_locally_signed_cert: Prevented Config Read Error with Terraform version 1.3.0 and later
  • resource/tls_self_signed_cert: Prevented Config Read Error with Terraform version 1.3.0 and later

v4.0.2

Compare Source

BUG FIXES:

  • resource/tls_cert_request: Fix regexp in attribute plan modifier to correctly match PEM (#​255).
  • resource/tls_locally_signed_cert: Fix regexp in attribute plan modifier to correctly match PEM (#​255).
  • resource/tls_self_signed_cert: Fix regexp in attribute plan modifier to correctly match PEM (#​255).

v4.0.1

Compare Source

BUG FIXES:

  • data-source/tls_certificate: Prevented empty list of object error with certificates attribute (#​244).

v4.0.0

Compare Source

NOTES:

  • Provider has been re-written using the new terraform-plugin-framework (#​215).

  • resource/tls_cert_request: private_key_pem attribute is now stored in the state as-is; first apply may result in an update-in-place (#​87, #​215).

  • resource/tls_self_signed_cert: private_key_pem attribute is now stored in the state as-is; first apply may result in an update-in-place (#​87, #​215).

  • resource/tls_locally_signed_cert: cert_request_pem, ca_private_key_pem and ca_cert_pem attributes are now stored in the state as-is; first apply may result in an update-in-place (#​87, #​215).

  • resource/tls_private_key: private_key_pem_pkcs8, private_key_openssh and public_key_fingerprint_sha256 attributes are now retro-fitted, depending on version being updated; first apply may result in an update-in-place (#​210, #​225)).

ENHANCEMENTS:

BREAKING CHANGES:

  • resource/tls_cert_request: Attribute key_algorithm is now read-only, as it's inferred from private_key_pem (#​174, #​215).

  • resource/tls_self_signed_cert: Attribute private_key_pem is stored (and returned) as-is (in accordance with guidelines) (#​87, #​215).

  • resource/tls_self_signed_cert: Attribute key_algorithm is now read-only, as it's inferred from private_key_pem (#​174, #​215).

  • resource/tls_self_signed_cert: Setting an unsupported value in allowed_uses attribute, will now return an error instead of just a warning (#​185, #​215).

  • resource/tls_self_signed_cert: Attribute private_key_pem is stored (and returned) as-is (in accordance with guidelines) (#​87, #​215).

  • resource/tls_locally_signed_cert: Attribute ca_key_algorithm is now read-only, as it's inferred from ca_private_key_pem (#​174, #​215).

  • resource/tls_locally_signed_cert: Setting an unsupported value in allowed_uses attribute, will now return an error instead of just a warning (#​185, #​215).

  • resource/tls_locally_signed_cert: Attributes cert_request_pem, ca_private_key_pem, ca_cert_pem are stored (and returned) as-is (in accordance with guidelines) (#​87, #​215).

  • provider: Default value for proxy.from_env is now true, and relies upon httpproxy.FromEnvironment (#​224).

v3.4.0

Compare Source

NEW FEATURES:

  • data-source/tls_certificate: New attribute content that can be used in alternative to url, to provide the certificate in PEM format (#​189).

  • data-source/tls_certificate: Objects in the certificates chain attribute expose a new attribute cert_pem (PEM format) (#​208).

  • resource/tls_self_signed_cert: New attribute set_authority_key_id to make the generated certificate include an authority key identifier (#​212).

ENHANCEMENTS:

  • resource/tls_locally_signed_cert: If CA provided via ca_cert_pem is not an actual CA, a warning will be raised, but the certificate will still be created (#​209).

NOTES:

  • data-source/tls_certificate: The id attribute has changed to the hashing of all certificates information in the chain. The first apply of this updated data source may show this difference (#​189).

BUG FIXES:

  • data-source/tls_certificate: Prevent plan differences with the id attribute (#​79, #​189).

  • resource/tls_cert_request: Allow for absent or empty subject block (#​209).

  • resource/tls_self_signed_cert: Allow for absent or empty subject block (#​209).

v3.3.0

Compare Source

NEW FEATURES:

  • provider: Added (opt-in) HTTP proxy configuration (#​179).

  • data-source/tls_certificate: Support for tls:// scheme in url argument. When used, the provider will fetch certificates via a direct Secure Socket (i.e. ignores proxy) (#​179).

ENHANCEMENTS:

  • data-source/tls_certificate: When proxy is configured on provider, certificates fetched via url with scheme https:// will go through the specified HTTP proxy (#​179).

  • resource/tls_locally_signed_cert: Validate allowed_uses contains documented values, but raise warning instead of error when it does not (#​184).

v3.2.1

Compare Source

BUG FIXES:

v3.2.0

Compare Source

NEW FEATURES:

  • resource/tls_private_key: Added support for ED25519 key algorithm (#​151).

  • data-source/tls_public_key: Added support for ED25519 key algorithm (#​160).

  • resource/tls_cert_request: Added support for ED25519 key algorithm (#​173).

  • resource/tls_self_signed_cert: Added support for ED25519 key algorithm (#​173).

  • resource/tls_locally_signed_cert: Added support for ED25519 key algorithm (#​173).

ENHANCEMENTS:

  • resource/tls_private_key: New attributes private_key_openssh (OpenSSH PEM format) and public_key_fingerprint_sha256 (#​151).

  • data-source/tls_public_key: Can now be configured by passing a private key either via private_key_pem or private_key_openssh (#​160).

  • resource/tls_locally_signed_cert: Validate validity_period_hours and early_renewal_hours are greater or equal then zero (#​169).

  • resource/tls_locally_signed_cert: Validate allowed_uses contains documented values, instead of silently ignoring unknowns (#​169).

  • resource/tls_locally_signed_cert: ca_key_algorithm is now optional and deprecated, as it's now inferred from ca_private_key_pem. It will be read-only in the next major release (#​173).

  • resource/tls_self_signed_cert: Validate validity_period_hours and early_renewal_hours are greater or equal then zero (#​169).

  • resource/tls_self_signed_cert: Validate allowed_uses contains documented values, instead of silently ignoring unknowns (#​169).

  • resource/tls_self_signed_cert: key_algorithm is now optional and deprecated, as it's now inferred from private_key_pem. It will be read-only in the next major release (#​173).

  • resource/tls_cert_request: key_algorithm is now optional and deprecated, as it's now inferred from private_key_pem. It will be read-only in the next major release (#​173).

NOTES:


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@Smana Smana merged commit 8dc276c into main Dec 24, 2023
2 checks passed
@Smana Smana deleted the renovate/tls-4.x branch December 24, 2023 12:12
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant