Terraform Enterprise v202411-1 (804)
Last required release: v202406-1 (776)
Flexible Deployment Options terraform-enterprise
container digest: amd64/linux sha256:a6bca2bcd65866a519b2bf6380b070a119bfd0176b8793ec301da7d3ba2eca79
Terraform Enterprise v202411-1
Known Issues
- [Updated October 28, 2024] A minor issue with Azure Kubernetes Service (AKS) workload identity authentication may prevent Terraform Enterprise from using the service consistently. To work around this issue, you must set
TFE_OBJECT_STORAGE_AZURE_ACCOUNT_KEY
in youroverrides.yaml
file to a non empty string. You must also set theTFE_OBJECT_STORAGE_AZURE_USE_MSI
setting tofalse
:
TFE_OBJECT_STORAGE_AZURE_ACCOUNT_KEY: a25vd25faXNzdWUK # Set to any non empty string. TFE_OBJECT_STORAGE_AZURE_USE_MSI: false
- [Updated December 16, 2024] Starting in v202411-1, some Sentinel executions passed when they should have failed. This issue is now resolved in v202411-2.
Deprecations
The
terraform-build-worker-plan-timeout
andterraform-build-worker-apply-timeout
attributes in the admin organization and general settings API have been deprecated and will be removed in a future release of Terraform Enterprise. Use the newplan-timeout
andapply-timeout
attributes instead.Terraform Enterprise now supports new deployment options and will end support for the Replicated Native Scheduler option. The final Replicated release of Terraform Enterprise will be in November 2024. HashiCorp will support this release until April 1, 2026.
To ensure you continue to receive the latest features and fixes, including security updates, please plan to migrate to a new deployment option by November 2024. For more information, check out Flexible Deployment Options or contact your HashiCorp account representative.
The variables API endpoint,
/vars
, is deprecated and will be removed in a future release. All existing integrations with this API should transition to the workspace variables API/workspaces/:workspace_id/vars
.PostgreSQL v12 will reach end of life on November 12, 2024 and will no longer be supported in Terraform Enterprise after that date. Please refer to PostgreSQL Requirements for Terraform Enterprise for a complete list of supported versions.
Features
- Support upload part size and upload concurrency for S3 connections. This is not supported on the Replicated deployment option.
- Redis Enterprise is now supported when using two, non-clustered (single-shard) databases. More information can be found on the Redis data page.
Improvements
- Listing Policy Evaluations and Outcomes should now be faster in the Run details page.
- Users may enable the Automatically cancel speculative plans for outdated commits option in the organization's settings page.
- The introduction of the
logwatch
utility improves how Terraform Enterprise coalesces log files from individual services. Logs will not be properly captured starting when the container is up and will clearly indicate when the application has successfully started.
Bug Fixes
- A memory leak has been fixed which will dramatically reduce memory consumption over time, reducing the need for frequent restarts due to out of memory errors.
- You can now configure Azure storage with workload identity. Previously a non-empty account key was required although not used.
- A module's address in the Private Registry is now completely case-insensitive. Previously some differences in capitalization could return different lists of available versions.
- Corrected a rare concurrency error that would sometimes caused Agents and Agent Jobs requests to fail.
- When a Run terminates before the run logs are written, the UI will now display a message indicating that no run logs are available instead of 'undefined'.
- Resolves a bug where restarting the
terraform-enterprise
process could result in some template files being incorrectly written, resulting in failures from upstream services. - HA Postgres failovers will no longer cause incorrect Vault token behavior in the Atlas process.
- Terraform Enterprise will no longer crash as a result of failed Redis connectivity.
Security
- Container and binary updates address reported vulnerabilities (CVEs) in underlying base images, packages, and dependencies.