v1.36.0

Delete GitHub scaffolding for Terraform @osterman (#386)

what

• Delete the template/terraform/.github scaffolding files

why

• They are out of date
• We predominantly use template repos now instead
• Migrations in cloudposse/.github repo are used to update scaffolding

related

• cloudposse/docs#610

v1.35.0

Packages rename default branch to `main` @goruha (#385)

what

• Packages rename default branch to main

why

• cloudposse/packages#4650

Auto release fix @goruha (#384)

What

• Use auto relesase shared workflow

Why

• https://cloudposse.atlassian.net/browse/DEV-1747

v1.34.0

Ignore lockfiles while building Terraform docs @Nuru (#383)

what

• Ignore lockfiles while building Terraform docs

why

• By default, terraform-docs takes into account any version pinning present in the automatically generated .terraform.lock.hcl. However, Cloud Posse modules do not use the lock files for version pinning, which means that different people can get different results when creating the documentation, which causes problems. By ignoring the lock files, we make the documentation easier to reproduce.

v1.33.0

Upgrade go to 1.21.7, terraform to 1.5.6 @Nuru (#382)

what

• Upgrade go 1.20.13 to 1.21.7
• Upgrade terraform 1.0.11 to 1.5.7

why

• go 1.21.7 is the current stable version, and is needed by test-harness to run current terratest tests
• terraform 1.5.7 has many features used by Cloud Posse modules that are not available in 1.0.11, while being still licensed under a standard open source license

v1.32.2 See breaking changes in 1.32.1

🐛 Bug Fixes

Do not clobber custom README *template* file @Nuru (#380)

what

• Do not clobber custom README template file

why

• The default README template is now stored remotely, so we have to fetch it every time to ensure it is fresh (or else implement some more complicated test). However, if the make is not using the default README, we do not want to clobber the template it is using

references

• Supersedes and closes #379
• #368

v1.32.1 Breaking change: use PACKAGES_INSTALL_PATH instead of INSTALL_PATH

Our apologies for introducing a breaking change in a patch release. We did not realize it was a breaking change when we made it.

With this version, build-harness is no longer influenced by the setting of the INSTALL_PATH environment variable. We made this change because INSTALL_PATH is generic and used by other projects for other purposes. Instead, build-harness now uses the new environment variable PACKAGES_INSTALL_PATH to determine where to install any tools it automatically installs.

If you were using something like:

INSTALL_PATH=${GITHUB_WORKSPACE:-/usr/local}/bin make packages/install/terraform-docs

to install a command (terraform-docs in this example), all you need to do is replace INSTALL_PATH with PACKAGES_INSTALL_PATH

🐛 Bug Fixes

Disambiguate packages install path from other uses of INSTALL_PATH @Nuru (#377)

what

• Use PACKAGES_INSTALL_PATH instead of INSTALL_PATH to determine where build-harness installs its tools

why

• Other Makefiles use INSTALL_PATH to determine where to install their build artifacts (typically /usr/local/bin) but that does not mean build-harness should be installing its tools there

v1.32.0

Fix make/readme when github_repo has quotes @osterman (#376)

what

• Use tr to delete quote characters

why

• repos will never have special shell characters in their name
• it breaks readme generation due to spurious quotes

references

• #374 (introduced bug)

v1.31.3

Consolidate auto-release workflow @goruha (#372)

what

• Use cloudposse/github-action-auto-release in auto-release.yaml workflow

why

• Solve old nodejs warning
• Reduce duplication of code

🐛 Bug Fixes

Use installed packages, segregate executables by platform @Nuru (#375)

what

• Workaround an issue in some versions of Gnu Make (notably v3.81 distributed by Apple in macOS) where changes to PATH do not affect simple recipes
• Segregate installed binaries by platform
• Fix typo in #374

why

• After installing needed tools, the tools were not accessible
• Ensure that tools installed for one platform do not clobber tools needed for a different platform
• Dependency misspelled, breaking auto-readme

references

• Supersedes #373

v1.31.2 safe-directory -> git-safe-directory

Previously, there was a make target named safe-directory which effectively restored the vulnerability (CVE-2022-24765) that was mitigated in git v2.35.2. In this release, we replace that with git-safe-directory which only operates on $GITHUB_WORKSPACE which is set when running on a GitHub Action Runner and which is expected to need to be trusted.

v1.31.1

Docker build fixes @Nuru (#369)

what

• Update tool versions
• Force Docker build platform linux/amd64
• Update docker and vhs workflows to use Node v20 actions
• Add concurrency check to docker workflow

why

• Stay current with features and bugfixes
• Docker image is based on Alpine, and Cloud Posse packages for Alpine are only available for amd64 (no ARM support)
• Node 16 is deprecated
• Cancel builds that are superseded

Update template with support for .github/banner.png @osterman (#367)

what

• Update readme to display banner, if available
• Add a banner

why

• Spruce up our repos

relates to

• cloudposse/.github#20

🐛 Bug Fixes

Properly scope Docker build flags for build-harness project @Nuru (#370)

what

• Scope default setting of DOCKER_BUILD_FLAGS to the build-harness project only

why

• Bug introduced in #369: Setting DOCKER_BUILD_FLAGS where it did affects all projects using build-harness, which includes most people's custom Geodesic images. It was intended to only affect the build of build-harness images.