v13.7.2

uses: op5dev/tf-via-pr@5a4229041e3c90818d85813d4e4a4d44f653d5e9 # v13.7.2

Fixed

• #519 Upload of encrypted plan file for GHE users (thank you, @EmNaveed).
• #522 Only enable booleans with true instead of any non-zero string input (thank you, @jbaldodiego).

Updated

• #512 Dependency actions/upload-artifact from v4.6.2 to v5.0.0 for non-GHE users.
• #521 "To-do" provisioning of interim build artifacts, join discussion (thank you, @slords).

View changelog or v13.7.1...v13.7.2

v13.7.1

uses: op5dev/tf-via-pr@a90a5e0eca088a36ed6bf75b5b4a6f7d07b750cc # v13.7.1

Fixed

• #508 Regression for non-PR event triggers, such as releases (thank you, @birjj and @devantler).
• #509, #510 Deletion of apply PR comment when comment-pr: on-diff is set (thank you, @birjj).

View changelog or v13.7.0...v13.7.1

v13.7.0

uses: op5dev/tf-via-pr@2f33acce007b2ffe06335724294c706680bcf96f # v13.7.0

Improved

• #497, #501 Workflow examples to reflect latest changes (thank you, @jlkravitz).
• #498 Diff only logs output when plan-files differ while plan-parity: true (thank you, @b-).

Fixed

• #493 Matrix job identification when non-matrix job(s) also exist in the workflow (thank you, @ego93).
• #503 For comment-pr and tag-actor arguments, renamed "on-change" to "on-diff" to better reflect the condition upon which they're true, where detailed-exitcode is either 1 an error or 2 a non-empty diff.
  Deprecation: In the next major version, "on-change" option will be dropped.

Secured

• #504 Refactored user-controlled inputs to remediate potential code injection.

View changelog or v13.6.1...v13.7.0

v13.6.1

uses: op5dev/tf-via-pr@8a5419f58e07d28721f4f9c907c85f3c5648c2b1 # v13.6.1

Fixed

• #488 Job ID determination for matrix strategy with names exceeding 100 characters (thank you, @karolba).
• #491 Fallback on 0 by default if PR number could not be determined.

Improved

• #487 Documentation of comment-pr: false option in cron-scheduling workflow example (thank you, @jlkravitz).

View changelog or v13.6.0...v13.6.1

v13.6.0

uses: op5dev/tf-via-pr@17a512ff6f2ec9f5ba7dc80ed26da4c49aa795fa # v13.6.0

Added

• #479 Support for specifying pr-number in case of unsupported workflow trigger (thank you, @gowgopal83).

Fixed

• #478 Paginate gh API calls to handle results beyond the first 100 results (thank you, @jemc).

Improved

• #469 CI tests for provisioning AWS infrastructure via OIDC authentication.
• #471 Include links from Readme to blog posts and references to this project.

View changelog or v13.5.0...v13.6.0

v13.5.0

uses: op5dev/tf-via-pr@04dca87803245791a61752cda2c2181b4ac91693 # v13.5.0

Added

• #458 Support for repository_dispatch, workflow_call, workflow_dispatch, and workflow_run workflow triggers (thank you, @eumpek).

Improved

• #456 Wording around security hardening of GitHub Actions by pinning to specific commit SHA.
• #457 Always set GH_HOST environment variable by dropping the protocol from $GITHUB_SERVER_URL.
• #461 Parsing the diff of a plan with indirect changes (e.g., only moved and imported) used to fail without fallback (thank you, @jemc).
• #464 The "(view log)" used to occasionally link to the step before TF-via-PR due to a race-condition.

Removed

• #462 The label-pr option used to create and attach tf:plan or tf:apply PR labels using the pull-requests: write permission, until GitHub made an un-announced and un-documented change to require issues: write as well.
  Frankly, I think it's a lot to ask of users to trust their infrastructure provisioning to a 3rd party GitHub Action, so every effort is made to reduce TF-via-PR's access footprint and permission scope. To return this behaviour, add the following line to your workflow along with issues: write permission.

  run: gh api /repos/${{ github.repository }}/issues/${{ github.event.number || github.event.issue.number }}/labels --field "labels[]=tf:${{ github.event_name == 'push' && 'apply' || 'plan' }}"

View changelog or v13.4.0...v13.5.0

v13.4.0

View changelog or v13.3.2...v13.4.0

Added

• #454 Support for GitHub Enterprise data residency in the EU for plan-file artifact upload mechanism (thank you, @ArkShocer).

---

uses: op5dev/tf-via-pr@95c08e93862da6848102e6f44654fd12543afc70 # v13.4.0

v13.3.2

View changelog or v13.3.1...v13.3.2

Fixed

• #453 Per recent unannounced change, GitHub API now requires issues: write permission in order to create PR labels. As a GitHub Action, we don't want to extend our access/footprint any more than needed, so this patch suppresses any error from the "Label PR" step until GitHub makes a concrete announcement (thank you, @UncleSamSwiss).

---

uses: op5dev/tf-via-pr@15e61a8f59fb412ccdc97e69a83f648284a12ec0 # v13.3.2

v13.3.1

View changelog or v13.3.0...v13.3.1

Fixed

• #451 For dynamic matrix jobs, retry with exponential backoff until the job ID is found or a timeout occurs (thank you, @jemc).

---

uses: op5dev/tf-via-pr@5788866f735f140e813f781b5f67838f956041b7 # v13.3.1

v13.3.0

View changelog or v13.2.1...v13.3.0

Added

• #449 New input options expand-diff and expand-summary to toggle expanded view of the collapsible sections (thank you, @jemc).

---

uses: op5dev/tf-via-pr@d3a806bd18d5a7ea4e94b506bfb2286aa21e8eb3 # v13.3.0